Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/eWfLbj73Gy-iwYyROoWZTA1xlCY.roa
File:                     eWfLbj73Gy-iwYyROoWZTA1xlCY.roa (raw, json)
Hash identifier:          hyiElipkttSDSOuPo8PF5PjJWJ5cdpNNYtfVhMtbmQg=
Subject key identifier:   79:67:CB:6E:3E:F7:1B:2F:A2:C1:8C:91:3A:85:99:4C:0D:71:94:26
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0182FDD750B06833143DE7A846EFB230910E
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/eWfLbj73Gy-iwYyROoWZTA1xlCY.roa
Signing time:             Fri 02 Sep 2022 10:55:22 +0000
ROA not before:           Fri 02 Sep 2022 10:55:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     138687
IP address blocks:        64.137.114.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:fd:d7:50:b0:68:33:14:3d:e7:a8:46:ef:b2:30:91:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Sep  2 10:55:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7967cb6e3ef71b2fa2c18c913a85994c0d719426
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:9d:3e:4c:f1:6d:1a:bd:60:23:80:22:ff:b7:
                    34:91:53:5b:d7:78:c6:98:8f:19:cb:f8:5a:93:fb:
                    59:0d:73:bb:f1:3f:df:f8:13:b2:35:73:71:25:28:
                    d7:f3:95:9b:68:40:78:10:9a:b9:b5:77:1f:a3:0c:
                    ec:cd:95:36:6e:f9:16:40:09:14:e4:6b:c1:2f:6b:
                    a2:a6:ab:0c:a9:d8:ba:a1:90:8f:05:f0:e4:0d:25:
                    6b:67:99:71:56:05:d6:fe:1c:f9:b5:75:b8:4b:d6:
                    88:ca:a7:ca:8f:0f:d9:23:ac:f0:ab:8f:cb:eb:29:
                    0f:34:d3:45:47:95:77:2b:2a:de:8d:75:db:a6:ba:
                    18:7c:eb:47:b4:88:99:77:e9:de:05:21:c5:a8:75:
                    6e:f8:36:43:2a:b4:7b:9a:1c:16:6c:13:04:8b:76:
                    a9:c4:14:d1:8d:7d:10:f6:be:7e:a2:5f:92:d0:8b:
                    ef:81:3c:a8:36:c0:3b:ec:6c:68:09:49:b0:c9:15:
                    e1:0a:42:c5:14:b4:79:f9:24:7c:9c:78:ee:e7:92:
                    e5:d8:fd:c1:ae:52:18:73:c7:98:61:3c:7b:06:f3:
                    c6:c5:f3:a6:16:60:77:31:6e:72:a2:e0:ec:d2:3c:
                    f1:de:cd:fe:5e:24:6b:1c:c9:5a:09:77:fa:11:d7:
                    64:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:67:CB:6E:3E:F7:1B:2F:A2:C1:8C:91:3A:85:99:4C:0D:71:94:26
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/eWfLbj73Gy-iwYyROoWZTA1xlCY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:d8:e8:52:60:13:83:30:37:ea:3c:3e:5c:f5:5f:7a:08:04:
         c0:a9:22:61:fd:e6:3d:d0:51:f7:e4:d6:d0:2c:05:4f:45:83:
         25:d7:52:f6:09:61:fc:1f:a6:a7:36:4f:ea:0f:fb:31:15:e5:
         ad:4b:74:95:e3:31:08:a4:e7:f6:72:96:5c:d2:d9:df:d8:c5:
         4f:03:5e:c8:34:3e:e7:3c:93:ab:68:1f:95:3b:a3:55:de:e2:
         0f:f5:1c:40:e5:25:77:77:6f:46:3f:6c:4e:2c:8a:66:c3:92:
         de:23:d9:fb:e6:08:0e:15:5d:ab:be:0f:c2:bf:45:22:3a:eb:
         8d:77:2c:d3:3a:25:f5:79:2f:69:5f:53:14:84:44:d5:79:1f:
         b5:c4:10:23:fa:e5:f9:bd:2e:46:be:3e:30:3d:11:fa:14:d5:
         30:42:b1:d5:a2:8f:63:01:b0:22:33:83:72:6e:9d:a2:b4:56:
         f3:e9:a1:94:6b:c5:5a:19:ea:82:d6:d6:1b:55:3f:2c:0f:d3:
         1b:cf:4a:9f:7b:52:fc:79:3a:4d:d0:c8:20:80:2e:7e:00:09:
         e6:c6:9b:2f:e2:55:75:09:72:86:bd:2a:61:39:a9:e8:19:23:
         48:3a:b9:17:35:ec:ad:01:ba:a4:1f:03:ba:0e:2f:e8:f3:4f:
         e0:2f:97:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL911CwaDMUPeeoRu+yMJEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIwOTAyMTA1NTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTY3Y2I2ZTNlZjcxYjJmYTJjMThjOTEzYTg1OTk0YzBkNzE5NDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop0+TPFtGr1gI4Ai/7c0kVNb13jG
mI8Zy/hak/tZDXO78T/f+BOyNXNxJSjX85WbaEB4EJq5tXcfowzszZU2bvkWQAkU
5GvBL2uipqsMqdi6oZCPBfDkDSVrZ5lxVgXW/hz5tXW4S9aIyqfKjw/ZI6zwq4/L
6ykPNNNFR5V3KyrejXXbproYfOtHtIiZd+neBSHFqHVu+DZDKrR7mhwWbBMEi3ap
xBTRjX0Q9r5+ol+S0IvvgTyoNsA77GxoCUmwyRXhCkLFFLR5+SR8nHju55Ll2P3B
rlIYc8eYYTx7BvPGxfOmFmB3MW5youDs0jzx3s3+XiRrHMlaCXf6Eddk3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHlny24+9xsvosGMkTqFmUwNcZQmMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZVdmTGJqNzNHeS1pd1l5Uk9vV1pUQTF4bENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQIlyMA0G
CSqGSIb3DQEBCwUAA4IBAQAj2OhSYBODMDfqPD5c9V96CATAqSJh/eY90FH35NbQ
LAVPRYMl11L2CWH8H6anNk/qD/sxFeWtS3SV4zEIpOf2cpZc0tnf2MVPA17IND7n
PJOraB+VO6NV3uIP9RxA5SV3d29GP2xOLIpmw5LeI9n75ggOFV2rvg/Cv0UiOuuN
dyzTOiX1eS9pX1MUhETVeR+1xBAj+uX5vS5Gvj4wPRH6FNUwQrHVoo9jAbAiM4Ny
bp2itFbz6aGUa8VaGeqC1tYbVT8sD9Mbz0qfe1L8eTpN0MgggC5+AAnmxpsv4lV1
CXKGvSphOanoGSNIOrkXNeytAbqkHwO6Di/o80/gL5f5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org