Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/13b0cd-5992-4561-9729-b30fe058d162/1/8oy7CLlMFa3CelRN9GYwjNfPu8k.roa
File:                     8oy7CLlMFa3CelRN9GYwjNfPu8k.roa (raw, json)
Hash identifier:          HFoDFU4eqMgQJIkU6LYKCYzqX1s1SDXajcY8EAupw38=
Subject key identifier:   F2:8C:BB:08:B9:4C:15:AD:C2:7A:54:4D:F4:66:30:8C:D7:CF:BB:C9
Certificate issuer:       /CN=92e0c2470eb0a69b4efa585b9cb2c067612b379e
Certificate serial:       0612F130
Authority key identifier: 92:E0:C2:47:0E:B0:A6:9B:4E:FA:58:5B:9C:B2:C0:67:61:2B:37:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kuDCRw6wpptO-lhbnLLAZ2ErN54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/13b0cd-5992-4561-9729-b30fe058d162/1/8oy7CLlMFa3CelRN9GYwjNfPu8k.roa
Signing time:             Sat 01 Jan 2022 01:52:41 +0000
ROA not before:           Sat 01 Jan 2022 01:52:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207411
IP address blocks:        2001:678:c38::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 101904688 (0x612f130)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92e0c2470eb0a69b4efa585b9cb2c067612b379e
        Validity
            Not Before: Jan  1 01:52:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f28cbb08b94c15adc27a544df466308cd7cfbbc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:af:53:a9:a4:bc:c0:eb:3e:5d:e8:fb:b6:69:
                    9d:46:df:bb:ee:80:33:79:c5:e3:b7:13:be:11:0d:
                    46:47:02:cf:06:4a:4d:c9:05:ab:a3:e1:c1:dc:30:
                    86:2a:3c:6c:98:f6:96:5d:d7:6a:4d:62:46:3d:de:
                    98:8c:d3:41:9c:b8:82:d1:de:ad:0a:dd:c8:a8:b1:
                    b6:10:83:06:a2:d6:9b:e7:b4:1c:86:24:84:f6:cc:
                    00:83:f4:86:b7:fc:e6:e1:90:83:b2:6a:3c:b7:35:
                    b7:8a:6e:2f:63:03:c3:c2:f3:70:26:5b:35:86:29:
                    6d:08:35:46:25:1d:21:d1:26:f6:e4:16:32:0a:54:
                    f0:42:29:ec:a1:6b:c1:bc:69:39:43:64:04:bd:96:
                    50:1b:d4:f6:f7:fd:f5:81:7e:29:59:aa:f0:43:a8:
                    1e:3a:0d:da:b6:a1:8f:c7:69:2f:be:92:a0:33:42:
                    c6:6c:27:fe:c3:9c:ee:46:e4:72:53:fc:3c:bd:f9:
                    f6:a8:16:a0:f7:3a:25:dc:63:5e:df:f1:90:23:66:
                    30:5c:ab:4a:fb:73:58:c1:07:9b:44:6e:de:a0:37:
                    fb:fa:7c:92:84:7d:9b:6c:cb:ad:54:33:db:77:58:
                    cd:a0:04:8f:97:96:68:34:34:2b:5b:42:9b:61:91:
                    1a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:8C:BB:08:B9:4C:15:AD:C2:7A:54:4D:F4:66:30:8C:D7:CF:BB:C9
            X509v3 Authority Key Identifier:
                keyid:92:E0:C2:47:0E:B0:A6:9B:4E:FA:58:5B:9C:B2:C0:67:61:2B:37:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kuDCRw6wpptO-lhbnLLAZ2ErN54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/13b0cd-5992-4561-9729-b30fe058d162/1/8oy7CLlMFa3CelRN9GYwjNfPu8k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/13b0cd-5992-4561-9729-b30fe058d162/1/kuDCRw6wpptO-lhbnLLAZ2ErN54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:c38::/48

    Signature Algorithm: sha256WithRSAEncryption
         22:8c:85:0c:4f:34:8b:21:5b:b1:67:a4:46:fb:cc:fd:ce:29:
         47:70:39:1e:e6:59:2e:90:b7:45:b3:71:bf:b6:0c:43:a7:ed:
         c7:1f:b3:d3:07:8e:2e:8b:21:3a:78:b9:6b:a0:4a:27:1a:b9:
         83:ff:52:38:56:f7:5b:b8:8f:ed:8c:c2:9e:43:f4:3b:80:86:
         3f:27:5c:87:bb:a3:64:f6:b4:6e:5e:c5:6c:30:43:e1:f2:1d:
         30:f8:ae:cf:a2:b9:a5:3e:c8:6c:13:07:d7:ad:74:06:f3:24:
         f6:4a:88:14:2c:55:06:e6:2a:18:f7:d8:9b:7b:a6:81:3f:cd:
         90:77:f1:1e:d9:d2:e4:68:59:cc:bb:15:c0:e5:6c:8d:dc:e9:
         50:e2:ae:4f:80:4b:3e:58:ab:b2:00:4c:86:4c:d5:d3:08:df:
         1f:65:ee:68:97:28:5a:8a:f3:af:be:1e:20:05:9a:c0:8c:74:
         88:a7:98:2c:61:c5:c2:77:fa:d1:38:98:a8:55:cf:b5:65:78:
         36:b6:11:37:df:c7:15:2a:bf:62:28:c9:a4:24:f2:b8:54:5a:
         ca:65:b9:24:f6:0a:4c:3f:a6:b7:50:66:d0:aa:37:fb:d6:77:
         7b:09:9f:63:fe:54:a6:84:24:61:19:2b:17:3f:0b:02:2b:1f:
         af:4d:9a:91
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBhLxMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmUwYzI0NzBlYjBhNjliNGVmYTU4NWI5Y2IyYzA2NzYxMmIzNzllMB4XDTIyMDEw
MTAxNTI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI4Y2JiMDhiOTRj
MTVhZGMyN2E1NDRkZjQ2NjMwOGNkN2NmYmJjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOvU6mkvMDrPl3o+7ZpnUbfu+6AM3nF47cTvhENRkcCzwZK
TckFq6Phwdwwhio8bJj2ll3Xak1iRj3emIzTQZy4gtHerQrdyKixthCDBqLWm+e0
HIYkhPbMAIP0hrf85uGQg7JqPLc1t4puL2MDw8LzcCZbNYYpbQg1RiUdIdEm9uQW
MgpU8EIp7KFrwbxpOUNkBL2WUBvU9vf99YF+KVmq8EOoHjoN2rahj8dpL76SoDNC
xmwn/sOc7kbkclP8PL359qgWoPc6JdxjXt/xkCNmMFyrSvtzWMEHm0Ru3qA3+/p8
koR9m2zLrVQz23dYzaAEj5eWaDQ0K1tCm2GRGpECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTyjLsIuUwVrcJ6VE30ZjCM18+7yTAfBgNVHSMEGDAWgBSS4MJHDrCmm076
WFucssBnYSs3njAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t1RENSdzZ3cHB0Ty1saGJuTExBWjJFck41NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvMTNiMGNkLTU5OTItNDU2MS05NzI5LWIzMGZlMDU4ZDE2Mi8x
LzhveTdDTGxNRmEzQ2VsUk45R1l3ak5mUHU4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
MTNiMGNkLTU5OTItNDU2MS05NzI5LWIzMGZlMDU4ZDE2Mi8xL2t1RENSdzZ3cHB0
Ty1saGJuTExBWjJFck41NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngMODANBgkqhkiG9w0BAQsF
AAOCAQEAIoyFDE80iyFbsWekRvvM/c4pR3A5HuZZLpC3RbNxv7YMQ6ftxx+z0weO
LoshOni5a6BKJxq5g/9SOFb3W7iP7YzCnkP0O4CGPydch7ujZPa0bl7FbDBD4fId
MPiuz6K5pT7IbBMH1610BvMk9kqIFCxVBuYqGPfYm3umgT/NkHfxHtnS5GhZzLsV
wOVsjdzpUOKuT4BLPlirsgBMhkzV0wjfH2XuaJcoWorzr74eIAWawIx0iKeYLGHF
wnf60TiYqFXPtWV4NrYRN9/HFSq/YijJpCTyuFRaymW5JPYKTD+mt1Bm0Ko3+9Z3
ewmfY/5UpoQkYRkrFz8LAisfr02akQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:43 2024 by rpki-client on console-fra.rpki-client.org