Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/lNLr51sLYD1ExWfHoxRF9rSG_ao.roa
File:                     lNLr51sLYD1ExWfHoxRF9rSG_ao.roa (raw, json)
Hash identifier:          J3PPhYTW7l46JgtGJ/AfCoUwigcK3qvnnqmoIRjzbbA=
Subject key identifier:   94:D2:EB:E7:5B:0B:60:3D:44:C5:67:C7:A3:14:45:F6:B4:86:FD:AA
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0372DB99
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/lNLr51sLYD1ExWfHoxRF9rSG_ao.roa
Signing time:             Mon 20 Jun 2022 07:06:44 +0000
ROA not before:           Mon 20 Jun 2022 07:06:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        62.72.176.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 57858969 (0x372db99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jun 20 07:06:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=94d2ebe75b0b603d44c567c7a31445f6b486fdaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:9b:2d:a1:a0:18:74:63:2c:2c:ea:40:b4:f1:
                    3c:11:b5:2a:c6:22:e3:d8:fb:e1:98:c6:e3:f1:da:
                    46:83:76:1a:4d:75:58:cd:50:29:f4:d5:fb:b6:ec:
                    19:31:b2:69:32:ea:35:2c:9b:55:df:fd:fb:ee:a5:
                    ea:ff:93:e0:40:2b:d0:e2:0d:fe:93:3b:c1:c6:b0:
                    05:a4:76:a4:34:59:63:46:fb:bd:c7:31:35:a3:65:
                    46:5b:b5:02:8f:90:e8:9b:0c:e7:12:23:3e:83:e0:
                    00:57:7c:22:e0:3f:5e:a1:61:1f:0d:fd:68:0d:ce:
                    42:60:29:93:e1:97:c0:e7:3e:06:cd:38:8f:bf:04:
                    16:44:48:18:5d:40:13:50:a2:05:b1:78:dc:f3:86:
                    c7:32:bd:82:dc:02:1c:4f:d8:bd:9c:60:35:04:78:
                    c3:6b:be:68:12:f8:53:d7:43:4e:ec:ed:7d:67:5c:
                    ca:d0:b4:b1:e8:3f:07:da:f5:3b:90:0d:ff:22:4f:
                    d8:0b:11:9b:7d:2b:df:f4:36:37:c2:72:d7:5b:69:
                    97:41:8a:49:26:69:d2:43:8e:51:9c:38:e2:51:80:
                    da:e5:56:06:42:ab:bb:13:4e:f7:00:96:5f:2b:80:
                    96:2a:dd:cb:81:4d:54:58:50:58:f6:8c:47:a0:be:
                    13:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:D2:EB:E7:5B:0B:60:3D:44:C5:67:C7:A3:14:45:F6:B4:86:FD:AA
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/lNLr51sLYD1ExWfHoxRF9rSG_ao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.176.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:d5:a7:e1:ae:54:12:d3:dd:74:ff:a9:3f:a1:49:1f:c5:5d:
         8e:cb:6d:6e:a2:3a:5f:9c:e7:ce:94:5c:aa:21:05:45:f6:f8:
         fc:18:d6:c2:71:a2:65:b7:6e:de:a2:54:f1:5f:db:e9:c9:38:
         fa:0d:e5:c1:15:e7:67:aa:ed:f3:6b:fa:65:0d:c2:a0:64:40:
         d6:3a:b5:af:55:8c:ce:03:c3:6d:b1:f6:4b:43:a3:a0:cf:57:
         f3:6a:bd:0d:76:fb:b1:25:92:6b:5a:19:c5:ba:4c:95:2a:78:
         ca:5b:e2:0d:53:b1:4a:1f:e2:8a:39:e2:ff:2d:10:01:1b:ce:
         6b:4a:2d:6a:24:85:88:e7:f3:bc:64:dd:88:fc:14:75:91:00:
         e6:f3:d5:85:72:28:0c:5c:c7:85:9c:15:46:9a:d9:2e:95:8c:
         0b:0a:ab:c0:de:11:01:29:38:4b:4d:c9:1b:26:82:05:7c:dd:
         e4:02:b6:2f:42:50:84:f7:0d:f8:44:81:25:3c:cb:9f:cf:fd:
         84:b1:a9:ff:4b:e0:16:bc:89:83:2f:d9:2f:b7:10:da:6e:7f:
         4c:46:56:2c:47:78:73:a6:55:bf:05:dd:94:4b:16:b2:20:71:
         1e:f2:88:a7:ce:53:89:ae:b2:11:b7:ce:2f:b1:77:44:f7:6f:
         af:5b:ed:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA3LbmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NWYxOTA3NDU0OGQyYTI5NGU0Mzg1ZDk1Y2Q2NzUyNDkwZWU0NmQ3MB4XDTIyMDYy
MDA3MDY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRkMmViZTc1YjBi
NjAzZDQ0YzU2N2M3YTMxNDQ1ZjZiNDg2ZmRhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKabLaGgGHRjLCzqQLTxPBG1KsYi49j74ZjG4/HaRoN2Gk11
WM1QKfTV+7bsGTGyaTLqNSybVd/9++6l6v+T4EAr0OIN/pM7wcawBaR2pDRZY0b7
vccxNaNlRlu1Ao+Q6JsM5xIjPoPgAFd8IuA/XqFhHw39aA3OQmApk+GXwOc+Bs04
j78EFkRIGF1AE1CiBbF43POGxzK9gtwCHE/YvZxgNQR4w2u+aBL4U9dDTuztfWdc
ytC0seg/B9r1O5AN/yJP2AsRm30r3/Q2N8Jy11tpl0GKSSZp0kOOUZw44lGA2uVW
BkKruxNO9wCWXyuAlirdy4FNVFhQWPaMR6C+E6MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSU0uvnWwtgPUTFZ8ejFEX2tIb9qjAfBgNVHSMEGDAWgBQV8ZB0VI0qKU5D
hdlc1nUkkO5G1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZmR1FkRlNOS2lsT1E0WFpYTloxSkpEdVJ0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMDA2MjQxLTgwOGQtNGE0OS1iMGNkLTU2MjQ0ZjQzMGRjYy8x
L2xOTHI1MXNMWUQxRXhXZkhveFJGOXJTR19hby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MDA2MjQxLTgwOGQtNGE0OS1iMGNkLTU2MjQ0ZjQzMGRjYy8xL0ZmR1FkRlNOS2ls
T1E0WFpYTloxSkpEdVJ0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAT5IsDANBgkqhkiG9w0BAQsFAAOC
AQEAe9Wn4a5UEtPddP+pP6FJH8VdjsttbqI6X5znzpRcqiEFRfb4/BjWwnGiZbdu
3qJU8V/b6ck4+g3lwRXnZ6rt82v6ZQ3CoGRA1jq1r1WMzgPDbbH2S0OjoM9X82q9
DXb7sSWSa1oZxbpMlSp4ylviDVOxSh/iijni/y0QARvOa0otaiSFiOfzvGTdiPwU
dZEA5vPVhXIoDFzHhZwVRprZLpWMCwqrwN4RASk4S03JGyaCBXzd5AK2L0JQhPcN
+ESBJTzLn8/9hLGp/0vgFryJgy/ZL7cQ2m5/TEZWLEd4c6ZVvwXdlEsWsiBxHvKI
p85Tia6yEbfOL7F3RPdvr1vtuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org