Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/vgX8tlU5zvibKbMAApidJx3V2OE.roa
File:                     vgX8tlU5zvibKbMAApidJx3V2OE.roa (raw, json)
Hash identifier:          g/Z/RhwJRo7eOI+XCaW33V05JA+v4s54FPVKk9LgFr8=
Subject key identifier:   BE:05:FC:B6:55:39:CE:F8:9B:29:B3:00:02:98:9D:27:1D:D5:D8:E1
Certificate issuer:       /CN=cdea4adee80b06519ce40dd3d13f28ba9f575957
Certificate serial:       03931CA0
Authority key identifier: CD:EA:4A:DE:E8:0B:06:51:9C:E4:0D:D3:D1:3F:28:BA:9F:57:59:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/vgX8tlU5zvibKbMAApidJx3V2OE.roa
Signing time:             Sat 01 Jan 2022 01:03:10 +0000
ROA not before:           Sat 01 Jan 2022 01:03:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        185.64.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59972768 (0x3931ca0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdea4adee80b06519ce40dd3d13f28ba9f575957
        Validity
            Not Before: Jan  1 01:03:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=be05fcb65539cef89b29b30002989d271dd5d8e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:86:51:1b:a5:3c:87:f8:81:27:fe:2d:e8:9f:
                    cf:f7:7c:2e:3f:38:02:8a:bb:22:85:7d:5d:9c:94:
                    e6:63:ec:52:51:7d:3a:82:dc:63:8e:cf:08:d8:16:
                    c1:d4:3c:c9:78:f5:42:5f:17:8a:ab:2c:98:9b:26:
                    ed:2a:71:27:db:f1:b0:b3:ff:23:fe:a3:72:50:fc:
                    46:86:5b:e0:84:2b:1a:60:3d:94:11:53:20:be:4b:
                    c4:ae:8d:b4:c1:23:e3:f1:41:ac:cc:62:55:63:ac:
                    cb:1d:e4:32:34:ef:bb:11:30:e0:71:58:4a:1c:b5:
                    58:fc:61:45:76:bd:46:d6:3b:63:15:89:34:94:84:
                    7b:6e:20:61:e6:00:96:0f:e0:b7:38:83:e8:13:cf:
                    80:95:6a:9b:b6:ae:01:a1:40:9e:9e:b0:83:ce:ba:
                    bc:d5:8d:24:c9:b5:18:42:b3:94:e7:ae:15:6c:f7:
                    9d:da:e7:83:5f:d4:f2:04:f0:7d:c0:e9:ff:87:8c:
                    88:2b:66:5e:a1:c0:6d:43:95:18:3e:77:1f:a2:32:
                    4b:c9:02:5d:85:f4:38:c6:ff:8b:e9:16:02:e7:84:
                    a9:94:a0:99:96:bc:83:12:70:6c:2b:d7:24:ef:e9:
                    4d:b4:78:94:3a:83:2e:da:44:dd:aa:3f:82:55:51:
                    cc:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:05:FC:B6:55:39:CE:F8:9B:29:B3:00:02:98:9D:27:1D:D5:D8:E1
            X509v3 Authority Key Identifier:
                keyid:CD:EA:4A:DE:E8:0B:06:51:9C:E4:0D:D3:D1:3F:28:BA:9F:57:59:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/vgX8tlU5zvibKbMAApidJx3V2OE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/zepK3ugLBlGc5A3T0T8oup9XWVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.64.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:6b:b4:3c:91:11:ae:25:94:e6:a8:31:7a:78:6d:1c:c6:25:
         c4:64:c7:12:48:a1:21:ad:36:64:c5:cb:35:ee:83:da:d8:be:
         ed:49:77:6c:55:24:c7:c5:8a:72:f6:33:84:0e:60:2c:7f:87:
         e9:74:8e:c2:9b:77:de:f8:df:fe:77:47:f4:c6:fb:16:5b:8f:
         81:ea:c5:87:33:2d:fb:74:bf:d2:71:30:b4:d7:d0:76:73:9a:
         76:d2:a2:42:e9:43:f6:94:a2:0d:f4:31:82:03:90:61:b7:1a:
         33:a6:27:7a:78:af:fe:16:bb:be:f9:c3:35:d2:39:64:bf:69:
         ce:1b:0e:9e:b5:90:83:83:73:60:ec:c8:ff:95:24:bb:1e:ca:
         5c:3a:37:cc:53:e2:79:a9:c6:ec:18:1b:e3:37:ec:bb:7b:d0:
         19:d0:1f:a3:80:3f:98:54:d0:e2:b1:08:1b:c8:65:c0:27:be:
         56:c7:dd:4a:3f:33:6c:6a:9b:95:18:1e:45:ad:1a:b1:87:c0:
         f9:5d:f4:99:78:cf:04:b5:0e:2f:b2:42:05:e8:c7:21:ee:10:
         21:ec:93:34:21:5a:b8:08:ee:9a:bc:06:53:80:66:59:5b:9c:
         df:b7:62:09:19:4f:5e:1e:48:a2:11:1d:0b:3b:e0:47:58:f8:
         c1:b7:39:ec
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5McoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZGVhNGFkZWU4MGIwNjUxOWNlNDBkZDNkMTNmMjhiYTlmNTc1OTU3MB4XDTIyMDEw
MTAxMDMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmUwNWZjYjY1NTM5
Y2VmODliMjliMzAwMDI5ODlkMjcxZGQ1ZDhlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOSGURulPIf4gSf+Leifz/d8Lj84Aoq7IoV9XZyU5mPsUlF9
OoLcY47PCNgWwdQ8yXj1Ql8XiqssmJsm7SpxJ9vxsLP/I/6jclD8RoZb4IQrGmA9
lBFTIL5LxK6NtMEj4/FBrMxiVWOsyx3kMjTvuxEw4HFYShy1WPxhRXa9RtY7YxWJ
NJSEe24gYeYAlg/gtziD6BPPgJVqm7auAaFAnp6wg866vNWNJMm1GEKzlOeuFWz3
ndrng1/U8gTwfcDp/4eMiCtmXqHAbUOVGD53H6IyS8kCXYX0OMb/i+kWAueEqZSg
mZa8gxJwbCvXJO/pTbR4lDqDLtpE3ao/glVRzM0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS+Bfy2VTnO+JspswACmJ0nHdXY4TAfBgNVHSMEGDAWgBTN6kre6AsGUZzk
DdPRPyi6n1dZVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3plcEszdWdMQmxHYzVBM1QwVDhvdXA5WFdWYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvNWI1ZjBjLTNjM2QtNGUyMC1iMDM1LTA1NmM3YmY2ZDdkOC8x
L3ZnWDh0bFU1enZpYktiTUFBcGlkSngzVjJPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
NWI1ZjBjLTNjM2QtNGUyMC1iMDM1LTA1NmM3YmY2ZDdkOC8xL3plcEszdWdMQmxH
YzVBM1QwVDhvdXA5WFdWYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlASTANBgkqhkiG9w0BAQsFAAOC
AQEASGu0PJERriWU5qgxenhtHMYlxGTHEkihIa02ZMXLNe6D2ti+7Ul3bFUkx8WK
cvYzhA5gLH+H6XSOwpt33vjf/ndH9Mb7FluPgerFhzMt+3S/0nEwtNfQdnOadtKi
QulD9pSiDfQxggOQYbcaM6Yneniv/ha7vvnDNdI5ZL9pzhsOnrWQg4NzYOzI/5Uk
ux7KXDo3zFPieanG7Bgb4zfsu3vQGdAfo4A/mFTQ4rEIG8hlwCe+VsfdSj8zbGqb
lRgeRa0asYfA+V30mXjPBLUOL7JCBejHIe4QIeyTNCFauAjumrwGU4BmWVuc37di
CRlPXh5IohEdCzvgR1j4wbc57A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:51 2024 by rpki-client on console-ams.rpki-client.org