Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/9zlmMUzpO3zU36slmf-sksbzunI.roa
File:                     9zlmMUzpO3zU36slmf-sksbzunI.roa (raw, json)
Hash identifier:          7K8pgwZrZ1IoLOmqB4VpQCA1klBPd+gl6DJiT90iVVY=
Subject key identifier:   F7:39:66:31:4C:E9:3B:7C:D4:DF:AB:25:99:FF:AC:92:C6:F3:BA:72
Certificate issuer:       /CN=5140b5cb5986084126f68d6032316d3b1b57696e
Certificate serial:       0185055A09982971D55BC59910DC0F71FB4C
Authority key identifier: 51:40:B5:CB:59:86:08:41:26:F6:8D:60:32:31:6D:3B:1B:57:69:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UUC1y1mGCEEm9o1gMjFtOxtXaW4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/9zlmMUzpO3zU36slmf-sksbzunI.roa
Signing time:             Mon 12 Dec 2022 08:01:04 +0000
ROA not before:           Mon 12 Dec 2022 08:01:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199462
IP address blocks:        185.101.78.0/24 maxlen: 24
                          185.101.77.0/24 maxlen: 24
                          185.101.76.0/24 maxlen: 24
                          185.101.79.0/24 maxlen: 24
                          2a06:1b87::/32 maxlen: 32
                          2001:67c:11bc::/48 maxlen: 48
                          2a06:1b80::/29 maxlen: 29
                          2a06:1b86::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:05:5a:09:98:29:71:d5:5b:c5:99:10:dc:0f:71:fb:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5140b5cb5986084126f68d6032316d3b1b57696e
        Validity
            Not Before: Dec 12 08:01:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f73966314ce93b7cd4dfab2599ffac92c6f3ba72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:36:aa:af:8e:a3:f5:92:7f:0c:c3:ee:63:6f:
                    4d:80:6f:80:3d:03:2c:ee:64:36:a0:0a:e6:ec:45:
                    7f:a5:81:af:4b:4a:08:fc:95:54:ae:62:c6:c3:77:
                    32:30:16:e6:89:2d:e7:53:fb:bf:f0:4e:93:87:0c:
                    73:13:e7:8b:4f:0c:f9:5b:dd:cc:e9:1d:3f:c3:08:
                    af:d5:81:07:96:ea:b2:cf:26:dc:84:8d:a9:20:6a:
                    0b:20:13:09:47:48:1d:57:14:91:5b:1e:7b:dc:a8:
                    fa:85:63:39:fb:1c:8d:28:5d:50:44:a5:6c:91:64:
                    16:9d:5b:bc:5f:26:b0:38:47:b0:fe:e5:23:51:de:
                    eb:f4:27:d6:6f:7c:db:a9:ae:6c:b8:fb:b0:05:57:
                    08:d6:3d:be:01:62:99:5f:b6:f7:a8:fb:95:a7:74:
                    dd:bd:62:87:85:57:02:08:ee:84:64:47:3c:c9:cc:
                    68:01:a9:3a:76:0a:3f:78:d0:a1:94:83:c1:ce:52:
                    27:72:63:2f:8c:85:31:17:ab:3e:44:e4:13:7f:4d:
                    93:ef:b8:f4:8e:ba:a0:47:b4:f1:d3:63:a3:50:dc:
                    80:4b:82:70:9a:01:4a:fa:7f:d3:43:ac:8a:dc:a9:
                    65:fb:9c:81:f7:73:ab:77:d3:2b:47:e6:43:e9:dc:
                    4d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:39:66:31:4C:E9:3B:7C:D4:DF:AB:25:99:FF:AC:92:C6:F3:BA:72
            X509v3 Authority Key Identifier:
                keyid:51:40:B5:CB:59:86:08:41:26:F6:8D:60:32:31:6D:3B:1B:57:69:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UUC1y1mGCEEm9o1gMjFtOxtXaW4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/9zlmMUzpO3zU36slmf-sksbzunI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/UUC1y1mGCEEm9o1gMjFtOxtXaW4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.101.76.0/22
                IPv6:
                  2001:67c:11bc::/48
                  2a06:1b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         7c:bf:85:2f:5b:0d:a0:5d:e4:47:b8:48:4d:59:63:55:67:1e:
         aa:94:61:73:ed:07:07:e3:e3:cd:e0:7b:93:19:8d:46:3b:db:
         67:4d:d6:87:89:09:54:3b:26:e6:8e:55:c6:a9:94:da:80:d2:
         04:bb:0b:a8:16:cf:45:2a:dc:ba:db:2e:6e:9f:e0:03:37:32:
         31:1d:08:63:60:b3:9f:f6:54:cc:9c:4b:d4:bb:5e:cf:5b:8f:
         5d:43:ab:89:79:ee:1b:1f:e5:05:29:87:ea:62:a8:df:ed:d0:
         9d:0c:94:53:3c:51:d5:e7:15:3f:b6:32:82:f3:4c:51:6c:52:
         d2:a0:5f:38:95:20:2b:19:cb:2d:1f:90:06:2f:2b:14:9c:ab:
         b9:fa:22:e2:b6:e6:62:24:23:69:28:50:e8:48:d3:5d:e5:c6:
         f9:1e:ab:dd:a0:d7:ad:f2:fc:b0:bc:37:8e:74:55:1a:17:66:
         ab:6e:03:26:d2:d4:f4:64:b0:fc:1f:e1:c8:19:44:73:58:d9:
         49:ae:9c:52:0f:e4:d7:6a:63:ea:6f:dc:45:3a:6d:d7:8a:e5:
         33:4a:88:fd:8d:0e:9e:f6:ed:83:8d:cb:69:31:02:c0:af:74:
         ad:02:3e:30:7f:76:69:42:bb:a7:15:12:9e:a4:18:0c:f3:19:
         66:21:ea:f3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUFWgmYKXHVW8WZENwPcftMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNDBiNWNiNTk4NjA4NDEyNmY2OGQ2MDMyMzE2ZDNiMWI1
NzY5NmUwHhcNMjIxMjEyMDgwMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzM5NjYzMTRjZTkzYjdjZDRkZmFiMjU5OWZmYWM5MmM2ZjNiYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDaqr46j9ZJ/DMPuY29NgG+APQMs
7mQ2oArm7EV/pYGvS0oI/JVUrmLGw3cyMBbmiS3nU/u/8E6ThwxzE+eLTwz5W93M
6R0/wwiv1YEHluqyzybchI2pIGoLIBMJR0gdVxSRWx573Kj6hWM5+xyNKF1QRKVs
kWQWnVu8XyawOEew/uUjUd7r9CfWb3zbqa5suPuwBVcI1j2+AWKZX7b3qPuVp3Td
vWKHhVcCCO6EZEc8ycxoAak6dgo/eNChlIPBzlIncmMvjIUxF6s+ROQTf02T77j0
jrqgR7Tx02OjUNyAS4JwmgFK+n/TQ6yK3Kll+5yB93Ord9MrR+ZD6dxN3QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPc5ZjFM6Tt81N+rJZn/rJLG87pyMB8GA1UdIwQY
MBaAFFFAtctZhghBJvaNYDIxbTsbV2luMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVVDMXkxbUdDRUVtOW8xZ01qRnRPeHRYYVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kMTlmMmQtOTY1OS00OGIxLWIxZTgt
ZGUxM2E1NTJkZjYzLzEvOXpsbU1VenBPM3pVMzZzbG1mLXNrc2J6dW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kMTlmMmQtOTY1OS00OGIxLWIxZTgtZGUxM2E1NTJkZjYz
LzEvVVVDMXkxbUdDRUVtOW8xZ01qRnRPeHRYYVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuWVMMBYE
AgACMBADBwAgAQZ8EbwDBQMqBhuAMA0GCSqGSIb3DQEBCwUAA4IBAQB8v4UvWw2g
XeRHuEhNWWNVZx6qlGFz7QcH4+PN4HuTGY1GO9tnTdaHiQlUOybmjlXGqZTagNIE
uwuoFs9FKty62y5un+ADNzIxHQhjYLOf9lTMnEvUu17PW49dQ6uJee4bH+UFKYfq
Yqjf7dCdDJRTPFHV5xU/tjKC80xRbFLSoF84lSArGcstH5AGLysUnKu5+iLituZi
JCNpKFDoSNNd5cb5HqvdoNet8vywvDeOdFUaF2arbgMm0tT0ZLD8H+HIGURzWNlJ
rpxSD+TXamPqb9xFOm3XiuUzSoj9jQ6e9u2DjctpMQLAr3StAj4wf3ZpQrunFRKe
pBgM8xlmIerz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:07 2024 by rpki-client on console-ams.rpki-client.org