Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/28e113-3931-4d3d-b793-ecb80702a117/1/Y88q7JBtpdSIUt4Hd6UBx-i_700.roa
File:                     Y88q7JBtpdSIUt4Hd6UBx-i_700.roa (raw, json)
Hash identifier:          u1OMJtMphKqPc8LkvjS4iomExGLboZdrah2Y1zxCl5s=
Subject key identifier:   63:CF:2A:EC:90:6D:A5:D4:88:52:DE:07:77:A5:01:C7:E8:BF:EF:4D
Certificate issuer:       /CN=8e90bd2870050c84477a161eb090f05eb962016c
Certificate serial:       09D4C9B8
Authority key identifier: 8E:90:BD:28:70:05:0C:84:47:7A:16:1E:B0:90:F0:5E:B9:62:01:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jpC9KHAFDIRHehYesJDwXrliAWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/28e113-3931-4d3d-b793-ecb80702a117/1/Y88q7JBtpdSIUt4Hd6UBx-i_700.roa
Signing time:             Sat 01 Jan 2022 15:02:24 +0000
ROA not before:           Sat 01 Jan 2022 15:02:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1213
IP address blocks:        136.201.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 164940216 (0x9d4c9b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e90bd2870050c84477a161eb090f05eb962016c
        Validity
            Not Before: Jan  1 15:02:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=63cf2aec906da5d48852de0777a501c7e8bfef4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:40:e3:ef:f1:a9:01:52:22:f3:26:98:de:52:
                    5b:50:19:a3:a8:27:ca:63:22:90:f7:ca:aa:c1:5e:
                    8b:3c:78:ae:af:bf:3d:b6:28:e2:5f:a5:4e:10:1a:
                    59:ca:20:39:5d:21:ee:f6:d1:cf:4a:6a:96:55:e0:
                    dc:85:79:9d:e3:30:ca:b1:44:4b:ee:5d:1d:ca:93:
                    ad:0b:f9:d8:f7:77:03:aa:25:9b:f7:bc:14:eb:1c:
                    ea:50:d8:ec:76:38:41:fc:b1:15:e7:67:93:94:92:
                    4d:5f:2c:50:5f:3f:2c:55:2c:8f:3d:86:06:6f:44:
                    ed:de:e4:94:9a:49:46:de:8f:65:7d:c3:64:e5:d4:
                    5c:88:df:4a:9f:a5:87:a4:13:75:59:10:61:24:53:
                    0c:25:79:2f:52:57:39:aa:f1:af:3f:2f:fd:72:b2:
                    02:20:c1:64:f9:34:34:8b:e5:c4:35:51:5d:19:4b:
                    86:b7:b4:e7:24:75:6d:84:ba:c7:a8:f0:39:93:a7:
                    9c:5b:23:cd:c6:7a:9b:d9:3f:d7:1c:33:7d:b0:7e:
                    a5:ee:f7:bf:66:0e:0a:c5:ad:bf:cd:13:60:1d:94:
                    75:e9:f4:d2:ba:91:4e:d0:c1:79:19:91:04:10:7c:
                    25:35:1b:c2:00:3b:91:a6:76:0b:73:2c:ad:56:f7:
                    1f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:CF:2A:EC:90:6D:A5:D4:88:52:DE:07:77:A5:01:C7:E8:BF:EF:4D
            X509v3 Authority Key Identifier:
                keyid:8E:90:BD:28:70:05:0C:84:47:7A:16:1E:B0:90:F0:5E:B9:62:01:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jpC9KHAFDIRHehYesJDwXrliAWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/28e113-3931-4d3d-b793-ecb80702a117/1/Y88q7JBtpdSIUt4Hd6UBx-i_700.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/28e113-3931-4d3d-b793-ecb80702a117/1/jpC9KHAFDIRHehYesJDwXrliAWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.201.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5c:e5:2a:b9:97:e0:52:98:bb:85:6b:02:f3:02:52:37:4b:e7:
         28:01:2a:4d:02:74:ec:4f:b8:ff:05:3c:8a:60:15:3a:9b:63:
         7a:32:8e:34:af:ac:bb:d5:d3:5a:23:47:11:22:9a:40:90:db:
         ae:02:39:bd:27:c3:09:8b:44:22:41:6a:9a:c0:f3:e8:c2:67:
         d8:dd:c4:82:40:bb:22:38:9a:f3:2e:47:21:11:3e:8a:2a:7a:
         f6:9b:9e:da:e0:60:49:04:bd:b9:ed:99:6f:ea:cc:3e:8a:6c:
         e0:cd:6a:af:86:3b:a6:10:c5:7c:4f:cc:e2:0c:68:d0:96:2a:
         83:6b:f0:19:11:7d:36:68:ad:dd:23:91:b8:b0:e7:8e:72:15:
         03:c6:4b:bb:9c:60:eb:35:cb:d2:86:10:f9:6f:0e:10:4b:fe:
         88:75:67:7d:ce:c8:93:31:f1:dd:ef:b9:4f:3e:22:c6:14:35:
         c8:38:16:60:2d:5f:1b:76:04:60:f7:a4:89:10:c8:d8:c1:f8:
         ae:15:d5:a9:40:da:c6:42:6c:6d:19:0d:0d:f3:17:a6:95:91:
         1b:f4:6f:54:c4:94:f3:af:fe:ea:1a:c1:35:d1:5e:15:ac:80:
         b4:84:5f:8d:f5:36:f8:e3:b6:97:f9:ba:ae:0a:a4:6b:63:e6:
         c9:38:74:f6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECdTJuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTkwYmQyODcwMDUwYzg0NDc3YTE2MWViMDkwZjA1ZWI5NjIwMTZjMB4XDTIyMDEw
MTE1MDIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjNjZjJhZWM5MDZk
YTVkNDg4NTJkZTA3NzdhNTAxYzdlOGJmZWY0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZA4+/xqQFSIvMmmN5SW1AZo6gnymMikPfKqsFeizx4rq+/
PbYo4l+lThAaWcogOV0h7vbRz0pqllXg3IV5neMwyrFES+5dHcqTrQv52Pd3A6ol
m/e8FOsc6lDY7HY4QfyxFednk5SSTV8sUF8/LFUsjz2GBm9E7d7klJpJRt6PZX3D
ZOXUXIjfSp+lh6QTdVkQYSRTDCV5L1JXOarxrz8v/XKyAiDBZPk0NIvlxDVRXRlL
hre05yR1bYS6x6jwOZOnnFsjzcZ6m9k/1xwzfbB+pe73v2YOCsWtv80TYB2Uden0
0rqRTtDBeRmRBBB8JTUbwgA7kaZ2C3MsrVb3H3sCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBRjzyrskG2l1IhS3gd3pQHH6L/vTTAfBgNVHSMEGDAWgBSOkL0ocAUMhEd6
Fh6wkPBeuWIBbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pwQzlLSEFGRElSSGVoWWVzSkR3WHJsaUFXdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvMjhlMTEzLTM5MzEtNGQzZC1iNzkzLWVjYjgwNzAyYTExNy8x
L1k4OHE3SkJ0cGRTSVV0NEhkNlVCeC1pXzcwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
MjhlMTEzLTM5MzEtNGQzZC1iNzkzLWVjYjgwNzAyYTExNy8xL2pwQzlLSEFGRElS
SGVoWWVzSkR3WHJsaUFXdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIjJMA0GCSqGSIb3DQEBCwUAA4IB
AQBc5Sq5l+BSmLuFawLzAlI3S+coASpNAnTsT7j/BTyKYBU6m2N6Mo40r6y71dNa
I0cRIppAkNuuAjm9J8MJi0QiQWqawPPowmfY3cSCQLsiOJrzLkchET6KKnr2m57a
4GBJBL257Zlv6sw+imzgzWqvhjumEMV8T8ziDGjQliqDa/AZEX02aK3dI5G4sOeO
chUDxku7nGDrNcvShhD5bw4QS/6IdWd9zsiTMfHd77lPPiLGFDXIOBZgLV8bdgRg
96SJEMjYwfiuFdWpQNrGQmxtGQ0N8xemlZEb9G9UxJTzr/7qGsE10V4VrIC0hF+N
9Tb447aX+bquCqRrY+bJOHT2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:41 2024 by rpki-client on console-ams.rpki-client.org