Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/e6b-37trYV0s6WUXe9Esu4eYOHs.roa
File:                     e6b-37trYV0s6WUXe9Esu4eYOHs.roa (raw, json)
Hash identifier:          5wZkoKdahP/Mge6qCCUBndIX10+rAk/TKfZw2cQHLEo=
Subject key identifier:   7B:A6:FE:DF:BB:6B:61:5D:2C:E9:65:17:7B:D1:2C:BB:87:98:38:7B
Certificate issuer:       /CN=cfd3a3f1069fcd512da514f66d6ee34ba3debb0f
Certificate serial:       0184EB70F9CE49AF357367F5BB5352330974
Authority key identifier: CF:D3:A3:F1:06:9F:CD:51:2D:A5:14:F6:6D:6E:E3:4B:A3:DE:BB:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z9Oj8QafzVEtpRT2bW7jS6Peuw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/e6b-37trYV0s6WUXe9Esu4eYOHs.roa
Signing time:             Wed 07 Dec 2022 07:16:00 +0000
ROA not before:           Wed 07 Dec 2022 07:16:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59975
IP address blocks:        176.107.230.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:eb:70:f9:ce:49:af:35:73:67:f5:bb:53:52:33:09:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfd3a3f1069fcd512da514f66d6ee34ba3debb0f
        Validity
            Not Before: Dec  7 07:16:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7ba6fedfbb6b615d2ce965177bd12cbb8798387b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:57:e8:16:80:a1:a8:64:a3:c9:58:66:f7:5e:
                    af:74:78:ec:ab:6f:58:55:14:96:80:04:dd:d1:43:
                    93:26:41:84:87:d6:15:d2:27:61:92:0f:e7:23:9a:
                    86:a6:89:ef:f6:e4:29:a4:7c:29:3e:2e:8d:e6:0b:
                    37:2e:2e:67:46:7f:18:55:39:4f:f4:df:2a:ab:82:
                    c5:5a:78:2d:aa:0f:ba:ae:47:ed:97:33:11:22:20:
                    be:3a:cf:dc:41:ba:76:32:20:50:9f:5c:a0:4a:66:
                    93:df:d6:bd:24:26:f9:a8:32:4d:a3:af:24:b6:b6:
                    d9:a2:20:84:9a:45:4c:76:d0:58:2a:9a:b0:7a:7b:
                    e3:7d:b5:8e:dc:f5:8c:4e:ac:8d:b8:b0:78:db:1b:
                    0a:80:a0:48:bd:d3:f1:84:87:fe:79:39:98:95:ea:
                    aa:3b:0e:b7:a5:d4:e5:f1:8f:57:f0:e7:10:c2:ad:
                    ba:65:2a:43:16:b1:8e:26:19:c1:ab:1e:ed:34:bd:
                    92:ed:96:fc:43:bf:50:52:c4:d7:30:6a:cd:a1:22:
                    4e:05:06:d3:ed:36:99:e8:4a:45:ba:cf:aa:27:33:
                    3f:76:2f:e4:52:2b:21:c3:47:55:03:e8:09:f5:3b:
                    59:5a:07:27:a9:a3:e9:1d:34:03:8b:0f:2b:7d:71:
                    64:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:A6:FE:DF:BB:6B:61:5D:2C:E9:65:17:7B:D1:2C:BB:87:98:38:7B
            X509v3 Authority Key Identifier:
                keyid:CF:D3:A3:F1:06:9F:CD:51:2D:A5:14:F6:6D:6E:E3:4B:A3:DE:BB:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9Oj8QafzVEtpRT2bW7jS6Peuw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/e6b-37trYV0s6WUXe9Esu4eYOHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/z9Oj8QafzVEtpRT2bW7jS6Peuw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.107.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         87:c7:51:0d:db:2b:40:ab:44:e3:cc:ac:ba:d7:72:6b:5c:ea:
         c5:73:ac:ed:07:16:f1:10:43:2b:83:a4:48:77:56:88:a3:77:
         6e:10:da:be:c8:84:6b:01:7d:e0:30:b1:58:83:70:78:d1:33:
         a3:6f:d8:c3:13:fc:35:06:50:4c:8a:de:f7:00:a7:fb:1e:e0:
         a4:41:ea:55:52:31:00:68:4a:ad:62:77:a0:99:1e:9f:93:f1:
         dc:90:a9:40:3a:02:58:30:38:53:89:e5:be:92:ed:47:37:6e:
         15:ba:1e:45:98:8e:c7:46:5d:6b:ae:2e:e0:5d:38:ea:aa:93:
         1f:28:0a:59:b7:83:ae:73:ba:34:e7:ff:0f:e2:ca:18:ad:4e:
         2b:58:61:79:94:bf:de:3a:48:e3:8f:c8:48:85:93:67:73:43:
         2b:dd:e9:77:02:15:1b:11:4a:78:23:d6:3f:8d:88:96:56:d1:
         31:e2:38:dd:68:d2:fe:f4:5f:d2:0a:12:ca:18:a3:29:fe:2a:
         23:ab:40:f3:c9:8c:4f:24:be:30:53:52:cc:b6:9b:74:c8:76:
         31:48:fa:78:70:4b:1a:91:c4:5a:10:e3:8f:55:96:ae:18:63:
         b3:16:c2:69:0b:e1:a0:d9:4e:3b:a4:2e:94:2b:9e:61:00:60:
         06:ed:ff:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTrcPnOSa81c2f1u1NSMwl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZDNhM2YxMDY5ZmNkNTEyZGE1MTRmNjZkNmVlMzRiYTNk
ZWJiMGYwHhcNMjIxMjA3MDcxNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmE2ZmVkZmJiNmI2MTVkMmNlOTY1MTc3YmQxMmNiYjg3OTgzODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VfoFoChqGSjyVhm916vdHjsq29Y
VRSWgATd0UOTJkGEh9YV0idhkg/nI5qGponv9uQppHwpPi6N5gs3Li5nRn8YVTlP
9N8qq4LFWngtqg+6rkftlzMRIiC+Os/cQbp2MiBQn1ygSmaT39a9JCb5qDJNo68k
trbZoiCEmkVMdtBYKpqwenvjfbWO3PWMTqyNuLB42xsKgKBIvdPxhIf+eTmYleqq
Ow63pdTl8Y9X8OcQwq26ZSpDFrGOJhnBqx7tNL2S7Zb8Q79QUsTXMGrNoSJOBQbT
7TaZ6EpFus+qJzM/di/kUishw0dVA+gJ9TtZWgcnqaPpHTQDiw8rfXFk4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHum/t+7a2FdLOllF3vRLLuHmDh7MB8GA1UdIwQY
MBaAFM/To/EGn81RLaUU9m1u40uj3rsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlPajhRYWZ6VkV0cFJUMmJXN2pTNlBldXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iM2Y4MjUtZGEzOC00OTg5LTk2Mjkt
MzgyOTIwMTU1ZmZiLzEvZTZiLTM3dHJZVjBzNldVWGU5RXN1NGVZT0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iM2Y4MjUtZGEzOC00OTg5LTk2MjktMzgyOTIwMTU1ZmZi
LzEvejlPajhRYWZ6VkV0cFJUMmJXN2pTNlBldXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsGvmMA0G
CSqGSIb3DQEBCwUAA4IBAQCHx1EN2ytAq0TjzKy613JrXOrFc6ztBxbxEEMrg6RI
d1aIo3duENq+yIRrAX3gMLFYg3B40TOjb9jDE/w1BlBMit73AKf7HuCkQepVUjEA
aEqtYnegmR6fk/HckKlAOgJYMDhTieW+ku1HN24Vuh5FmI7HRl1rri7gXTjqqpMf
KApZt4Ouc7o05/8P4soYrU4rWGF5lL/eOkjjj8hIhZNnc0Mr3el3AhUbEUp4I9Y/
jYiWVtEx4jjdaNL+9F/SChLKGKMp/iojq0DzyYxPJL4wU1LMtpt0yHYxSPp4cEsa
kcRaEOOPVZauGGOzFsJpC+Gg2U47pC6UK55hAGAG7f9E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org