Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/YihqKM3gkwvwFdQHPSWEo08SGZM.roa
File:                     YihqKM3gkwvwFdQHPSWEo08SGZM.roa (raw, json)
Hash identifier:          SSM6N0YWrQDK29JZHdJ49EmVx6vlcqRHiYoXcNkn3LA=
Subject key identifier:   62:28:6A:28:CD:E0:93:0B:F0:15:D4:07:3D:25:84:A3:4F:12:19:93
Certificate issuer:       /CN=34958a58d17cab8ff9a79156f66bed5a78799f7e
Certificate serial:       0EE9A66F
Authority key identifier: 34:95:8A:58:D1:7C:AB:8F:F9:A7:91:56:F6:6B:ED:5A:78:79:9F:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJWKWNF8q4_5p5FW9mvtWnh5n34.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/YihqKM3gkwvwFdQHPSWEo08SGZM.roa
Signing time:             Sat 01 Jan 2022 06:06:07 +0000
ROA not before:           Sat 01 Jan 2022 06:06:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39122
IP address blocks:        85.159.16.0/21 maxlen: 21
                          2a01:4d8::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 250193519 (0xee9a66f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34958a58d17cab8ff9a79156f66bed5a78799f7e
        Validity
            Not Before: Jan  1 06:06:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62286a28cde0930bf015d4073d2584a34f121993
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ae:27:1c:3b:8d:07:52:c4:91:1f:a5:e8:d3:
                    20:34:6c:8f:40:9f:74:3e:d2:18:90:fb:43:7e:fa:
                    8b:42:04:62:28:18:60:51:f9:a4:61:96:ba:c9:80:
                    8c:15:f2:7d:4e:70:de:03:3e:e0:89:e3:63:ec:84:
                    28:73:f6:2d:8b:9b:d1:62:a9:ee:d2:95:6d:15:ba:
                    6a:b6:52:72:88:cf:22:50:2d:32:a6:7d:6e:bd:a6:
                    98:b5:b7:7a:db:5d:f3:57:06:50:91:be:09:12:78:
                    cb:da:a4:ac:ba:bc:71:4a:d7:de:9c:a5:68:e3:08:
                    34:2d:a7:a7:c0:18:b3:42:1d:a4:dc:43:60:73:64:
                    94:0e:ce:dd:9d:a6:4e:e5:91:4d:27:d4:64:e2:9b:
                    23:7f:f6:68:86:b6:36:bd:8b:2e:f0:f6:d1:c1:7d:
                    46:53:04:0f:21:51:1e:5b:6f:1a:d8:37:4c:8a:50:
                    52:1b:49:ef:18:02:1e:da:55:ee:61:99:5d:9d:22:
                    c3:69:cf:9a:74:12:3c:d3:54:cf:91:55:39:ee:11:
                    b9:ca:8c:6e:6c:e3:36:c0:c3:fa:71:35:49:9a:37:
                    62:99:85:78:97:c8:b0:25:75:a2:1d:4c:c4:34:b1:
                    48:b2:3c:c1:43:45:4a:4a:2b:91:9f:cb:b3:14:f3:
                    17:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:28:6A:28:CD:E0:93:0B:F0:15:D4:07:3D:25:84:A3:4F:12:19:93
            X509v3 Authority Key Identifier:
                keyid:34:95:8A:58:D1:7C:AB:8F:F9:A7:91:56:F6:6B:ED:5A:78:79:9F:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJWKWNF8q4_5p5FW9mvtWnh5n34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/YihqKM3gkwvwFdQHPSWEo08SGZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/NJWKWNF8q4_5p5FW9mvtWnh5n34.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.159.16.0/21
                IPv6:
                  2a01:4d8::/32

    Signature Algorithm: sha256WithRSAEncryption
         b4:ef:83:14:30:1b:7b:9a:53:57:ee:13:e1:24:f8:05:de:9d:
         7e:d1:c1:e4:9c:81:d8:1d:f6:72:1d:96:6c:83:53:74:a2:2a:
         24:cc:ba:4c:88:58:e3:9b:1c:6b:91:ba:59:d6:0d:19:ae:ae:
         2f:3c:78:0a:fd:3c:95:c1:59:89:ce:37:ae:ef:e4:5e:50:8b:
         ac:55:0f:46:82:fa:f8:ed:05:72:ca:ea:d7:de:62:ba:13:65:
         7e:5c:3c:a0:38:3e:fb:7b:b0:a3:a0:02:4c:36:d2:40:f1:40:
         13:9f:7f:09:92:75:63:ef:f1:79:20:3f:66:8f:52:92:ff:fb:
         de:df:96:7a:30:61:54:87:cd:9d:12:96:2b:2b:7e:da:ed:4c:
         6e:e2:d7:a1:ff:64:3b:37:7a:5f:8c:bc:c2:23:48:7d:b4:e4:
         c6:65:93:68:5b:99:4f:e8:cf:63:3c:f3:9a:e9:4a:c9:95:b1:
         c6:b8:a6:8f:05:aa:bc:92:16:74:49:9a:40:10:8c:bf:f3:d1:
         c6:d9:3b:4c:f0:7f:7b:7e:2a:78:72:67:54:4f:93:bc:a0:cf:
         6a:c5:15:35:07:0b:e4:15:14:39:94:c1:50:2b:ae:b1:17:55:
         b5:cb:a6:57:b6:be:f2:23:29:bc:96:9b:d6:29:8f:24:77:b1:
         72:2c:ef:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDummbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDk1OGE1OGQxN2NhYjhmZjlhNzkxNTZmNjZiZWQ1YTc4Nzk5ZjdlMB4XDTIyMDEw
MTA2MDYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIyODZhMjhjZGUw
OTMwYmYwMTVkNDA3M2QyNTg0YTM0ZjEyMTk5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKuJxw7jQdSxJEfpejTIDRsj0CfdD7SGJD7Q376i0IEYigY
YFH5pGGWusmAjBXyfU5w3gM+4InjY+yEKHP2LYub0WKp7tKVbRW6arZScojPIlAt
MqZ9br2mmLW3ettd81cGUJG+CRJ4y9qkrLq8cUrX3pylaOMINC2np8AYs0IdpNxD
YHNklA7O3Z2mTuWRTSfUZOKbI3/2aIa2Nr2LLvD20cF9RlMEDyFRHltvGtg3TIpQ
UhtJ7xgCHtpV7mGZXZ0iw2nPmnQSPNNUz5FVOe4RucqMbmzjNsDD+nE1SZo3YpmF
eJfIsCV1oh1MxDSxSLI8wUNFSkorkZ/LsxTzF9MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRiKGoozeCTC/AV1Ac9JYSjTxIZkzAfBgNVHSMEGDAWgBQ0lYpY0Xyrj/mn
kVb2a+1aeHmffjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KV0tXTkY4cTRfNXA1Rlc5bXZ0V25oNW4zNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvZDZjNTI1LTRhMzktNGRiOC04YzVkLTQ2ODEwNjEzNTM4YS8x
L1lpaHFLTTNna3d2d0ZkUUhQU1dFbzA4U0daTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
ZDZjNTI1LTRhMzktNGRiOC04YzVkLTQ2ODEwNjEzNTM4YS8xL05KV0tXTkY4cTRf
NXA1Rlc5bXZ0V25oNW4zNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA1WfEDANBAIAAjAHAwUAKgEE2DAN
BgkqhkiG9w0BAQsFAAOCAQEAtO+DFDAbe5pTV+4T4ST4Bd6dftHB5JyB2B32ch2W
bINTdKIqJMy6TIhY45sca5G6WdYNGa6uLzx4Cv08lcFZic43ru/kXlCLrFUPRoL6
+O0Fcsrq195iuhNlflw8oDg++3uwo6ACTDbSQPFAE59/CZJ1Y+/xeSA/Zo9Skv/7
3t+WejBhVIfNnRKWKyt+2u1MbuLXof9kOzd6X4y8wiNIfbTkxmWTaFuZT+jPYzzz
mulKyZWxxrimjwWqvJIWdEmaQBCMv/PRxtk7TPB/e34qeHJnVE+TvKDPasUVNQcL
5BUUOZTBUCuusRdVtcumV7a+8iMpvJab1imPJHexcizvPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:02 2024 by rpki-client on console-fra.rpki-client.org