Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/2ydN0cCNwqCDcM-JUiufUw6-mF4.roa
File:                     2ydN0cCNwqCDcM-JUiufUw6-mF4.roa (raw, json)
Hash identifier:          /TCON14XZU06S6TkdeFvCGGwBEs/uEiNECWZL9aUsOs=
Subject key identifier:   DB:27:4D:D1:C0:8D:C2:A0:83:70:CF:89:52:2B:9F:53:0E:BE:98:5E
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       038B4DC6
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/2ydN0cCNwqCDcM-JUiufUw6-mF4.roa
Signing time:             Tue 28 Jun 2022 08:11:05 +0000
ROA not before:           Tue 28 Jun 2022 08:11:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        62.72.189.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59461062 (0x38b4dc6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jun 28 08:11:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db274dd1c08dc2a08370cf89522b9f530ebe985e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fc:ec:11:75:81:27:30:4a:53:d4:dc:03:f8:
                    6a:2c:09:21:db:6a:1a:00:dc:3b:7b:56:d8:7b:ca:
                    a9:39:2e:2e:64:89:6b:66:d9:f1:6e:0d:27:16:4d:
                    1f:e5:af:88:8f:25:4b:cb:21:7c:c7:0c:e5:16:7f:
                    7b:22:90:c8:3e:7f:6f:62:c8:05:a3:7d:7d:3e:48:
                    58:bb:bc:64:15:34:f1:f0:59:0d:a1:df:43:14:85:
                    c2:10:91:3f:a7:34:a4:8a:f1:35:0d:f5:3d:db:05:
                    5f:81:b4:ef:85:ab:0b:06:68:73:9b:6a:06:24:3a:
                    01:3f:38:fd:bb:38:06:61:1e:55:9f:fe:9c:58:da:
                    13:c1:d8:c5:cd:ab:4f:51:a4:ca:12:fb:29:aa:08:
                    f7:21:11:39:90:c1:28:e2:d7:7b:b2:14:8b:72:8a:
                    5f:89:45:fd:a0:74:3e:bf:09:d7:b2:57:b3:6c:b4:
                    cf:0a:d2:7c:25:b1:a5:1f:19:1b:85:80:b9:53:22:
                    94:cb:52:b6:7a:80:e5:7e:a5:66:81:ed:f0:0b:e3:
                    b3:17:cb:24:0e:37:ed:df:cf:8a:4e:a1:14:27:1b:
                    be:f1:13:35:01:d1:fe:c3:d6:4d:08:f1:06:5c:5c:
                    d6:43:2c:5c:b2:69:57:88:e5:6f:7c:3c:94:97:8a:
                    5b:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:27:4D:D1:C0:8D:C2:A0:83:70:CF:89:52:2B:9F:53:0E:BE:98:5E
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/2ydN0cCNwqCDcM-JUiufUw6-mF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:14:34:80:a7:cd:0a:9d:1d:97:aa:bf:1b:4c:fa:dc:16:4f:
         93:29:2f:e3:70:13:e3:a5:2e:b2:0d:83:fe:56:e8:23:97:b7:
         01:a4:38:b0:e3:6e:e7:4c:0e:f9:d2:c3:bd:d8:c4:6f:2d:b2:
         b7:33:6e:a3:86:27:7e:fa:54:27:85:9b:0e:9d:fb:e0:10:bf:
         db:cb:5b:22:3d:ef:1d:a0:fd:a4:bc:16:05:31:aa:f7:bc:e3:
         cd:75:c3:f6:43:4e:36:b3:58:e1:48:78:a3:af:69:6c:99:1a:
         9c:18:9c:95:99:78:d2:22:db:32:ca:3b:6a:84:3e:ef:5e:3d:
         af:a1:bf:3b:e7:ec:89:e4:58:89:ab:a6:44:83:9a:e7:d5:62:
         3d:35:45:a7:75:f8:78:09:c4:8a:f3:f7:3a:20:d5:2f:16:e1:
         65:de:fa:85:a4:1c:7f:bc:cd:d9:5f:f1:9f:fc:ab:f6:c2:f1:
         c6:41:02:0b:50:8d:57:b0:45:e9:25:8f:f6:98:31:db:c2:1e:
         ca:b5:74:78:b1:89:bc:af:74:00:5b:8d:ff:fc:0c:fc:f2:0d:
         6a:ff:d0:04:eb:89:c0:cd:9b:f7:bc:5b:a6:07:6f:c9:8d:49:
         28:64:38:21:5e:33:ca:e4:50:81:f2:26:34:40:57:4b:35:55:
         b2:11:19:39
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4tNxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NWYxOTA3NDU0OGQyYTI5NGU0Mzg1ZDk1Y2Q2NzUyNDkwZWU0NmQ3MB4XDTIyMDYy
ODA4MTEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIyNzRkZDFjMDhk
YzJhMDgzNzBjZjg5NTIyYjlmNTMwZWJlOTg1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALT87BF1gScwSlPU3AP4aiwJIdtqGgDcO3tW2HvKqTkuLmSJ
a2bZ8W4NJxZNH+WviI8lS8shfMcM5RZ/eyKQyD5/b2LIBaN9fT5IWLu8ZBU08fBZ
DaHfQxSFwhCRP6c0pIrxNQ31PdsFX4G074WrCwZoc5tqBiQ6AT84/bs4BmEeVZ/+
nFjaE8HYxc2rT1GkyhL7KaoI9yEROZDBKOLXe7IUi3KKX4lF/aB0Pr8J17JXs2y0
zwrSfCWxpR8ZG4WAuVMilMtStnqA5X6lZoHt8AvjsxfLJA437d/Pik6hFCcbvvET
NQHR/sPWTQjxBlxc1kMsXLJpV4jlb3w8lJeKW/sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTbJ03RwI3CoINwz4lSK59TDr6YXjAfBgNVHSMEGDAWgBQV8ZB0VI0qKU5D
hdlc1nUkkO5G1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZmR1FkRlNOS2lsT1E0WFpYTloxSkpEdVJ0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMDA2MjQxLTgwOGQtNGE0OS1iMGNkLTU2MjQ0ZjQzMGRjYy8x
LzJ5ZE4wY0NOd3FDRGNNLUpVaXVmVXc2LW1GNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MDA2MjQxLTgwOGQtNGE0OS1iMGNkLTU2MjQ0ZjQzMGRjYy8xL0ZmR1FkRlNOS2ls
T1E0WFpYTloxSkpEdVJ0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD5IvTANBgkqhkiG9w0BAQsFAAOC
AQEAsBQ0gKfNCp0dl6q/G0z63BZPkykv43AT46Uusg2D/lboI5e3AaQ4sONu50wO
+dLDvdjEby2ytzNuo4YnfvpUJ4WbDp374BC/28tbIj3vHaD9pLwWBTGq97zjzXXD
9kNONrNY4Uh4o69pbJkanBiclZl40iLbMso7aoQ+7149r6G/O+fsieRYiaumRIOa
59ViPTVFp3X4eAnEivP3OiDVLxbhZd76haQcf7zN2V/xn/yr9sLxxkECC1CNV7BF
6SWP9pgx28IeyrV0eLGJvK90AFuN//wM/PINav/QBOuJwM2b97xbpgdvyY1JKGQ4
IV4zyuRQgfImNEBXSzVVshEZOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:54 2024 by rpki-client on console-ams.rpki-client.org