Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/IqecIFdnsYb33vIRcUoqUfkzI7w.roa
File:                     IqecIFdnsYb33vIRcUoqUfkzI7w.roa (raw, json)
Hash identifier:          +Uq1H0l2+xK12GlFf9TtSzxX5iSX07VvgDNWcSjOX+4=
Subject key identifier:   22:A7:9C:20:57:67:B1:86:F7:DE:F2:11:71:4A:2A:51:F9:33:23:BC
Certificate issuer:       /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial:       0EC6AF6A
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/IqecIFdnsYb33vIRcUoqUfkzI7w.roa
Signing time:             Wed 01 Jun 2022 14:31:20 +0000
ROA not before:           Wed 01 Jun 2022 14:31:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60484
IP address blocks:        79.173.66.0/23 maxlen: 24
                          79.173.77.0/24 maxlen: 24
                          185.159.172.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 247902058 (0xec6af6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
        Validity
            Not Before: Jun  1 14:31:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22a79c205767b186f7def211714a2a51f93323bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ef:e5:ce:b9:fc:ca:39:92:25:18:e7:3b:21:
                    70:c5:31:25:06:5b:a4:29:ae:5c:a4:35:83:1a:70:
                    c2:cd:a6:7e:ff:a0:0a:6a:fe:af:bd:f8:23:a6:01:
                    d2:45:a6:5f:13:25:38:eb:21:98:c4:77:0f:69:a7:
                    00:89:59:ea:a6:66:c2:7b:bd:e8:3d:ef:ba:5e:de:
                    d7:d4:16:77:26:b6:ac:47:2f:5d:59:08:c2:99:23:
                    2e:67:48:ac:c1:c3:ef:1c:04:3e:b1:c2:8f:08:b8:
                    66:b2:43:35:ba:9d:81:d5:e0:46:0b:61:f9:26:1e:
                    5d:1a:6e:ea:8e:61:d0:97:c9:3a:10:03:38:0b:64:
                    f5:29:86:17:e4:59:5c:18:82:22:e1:ca:79:20:c2:
                    5a:2f:8b:38:d3:62:3f:54:a3:e4:fc:9a:b3:c7:08:
                    ec:92:6b:b6:4e:92:1c:3e:3b:23:d2:02:b2:c8:ec:
                    00:bd:f2:78:64:1c:0e:83:05:ae:36:7a:c6:cd:88:
                    b3:1c:d3:57:88:b0:26:80:f7:7f:41:1e:56:e1:7b:
                    49:3b:4b:7f:b8:00:64:3e:ff:db:7b:50:4d:37:a9:
                    bf:53:63:24:9e:c2:df:5a:7a:5d:95:63:9e:0e:95:
                    51:a1:d6:4b:5a:1b:74:62:69:12:cc:fb:ca:b4:16:
                    3c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:A7:9C:20:57:67:B1:86:F7:DE:F2:11:71:4A:2A:51:F9:33:23:BC
            X509v3 Authority Key Identifier:
                keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/IqecIFdnsYb33vIRcUoqUfkzI7w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.173.66.0/23
                  79.173.77.0/24
                  185.159.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0f:6a:0b:70:bf:78:ba:6f:12:8f:fd:6b:4f:fd:8f:6e:d0:5b:
         34:d4:8b:70:69:86:b1:09:f3:62:fa:76:e0:5b:c1:9d:c4:18:
         aa:2e:5e:51:00:56:ad:28:47:45:7d:7c:72:24:07:10:59:b3:
         b8:79:82:24:32:fb:3e:70:6b:c2:7c:af:34:59:8f:d3:cb:7f:
         23:0f:a7:af:f6:6b:80:80:b7:91:cc:de:31:29:ee:7a:ef:0f:
         65:9f:82:91:8c:1e:1e:65:7c:9c:7a:0b:dd:59:d6:d6:59:b4:
         28:77:c4:f9:02:13:8b:75:44:b0:f0:a9:b2:6e:d1:c9:bd:08:
         c5:5b:36:ae:22:4e:f3:f4:4e:00:a0:f9:eb:77:d8:f9:1f:2b:
         0b:b1:5e:b4:af:3d:8b:ae:a9:c2:b1:14:72:40:e3:1a:37:37:
         34:87:c7:76:58:8c:4c:4e:4c:6a:df:98:73:4e:64:a9:32:25:
         63:59:68:f1:ca:13:8e:27:57:78:18:f1:78:98:45:8f:06:55:
         7d:b0:eb:3c:12:80:24:f9:18:45:d5:ac:ce:be:af:3d:50:70:
         8b:8e:19:e5:a0:91:ca:e4:61:69:40:a7:85:c0:0a:04:49:8b:
         de:ea:ae:19:11:f6:00:67:13:2e:4b:e7:ad:b3:ee:06:fd:49:
         83:a9:26:45
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDsavajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODAwOTlhODFiMzQ2ZjlhYmNhZjI2MDU2ZjViNzcwOTRkMWNmMTEzMB4XDTIyMDYw
MTE0MzEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJhNzljMjA1NzY3
YjE4NmY3ZGVmMjExNzE0YTJhNTFmOTMzMjNiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDv5c65/Mo5kiUY5zshcMUxJQZbpCmuXKQ1gxpwws2mfv+g
Cmr+r734I6YB0kWmXxMlOOshmMR3D2mnAIlZ6qZmwnu96D3vul7e19QWdya2rEcv
XVkIwpkjLmdIrMHD7xwEPrHCjwi4ZrJDNbqdgdXgRgth+SYeXRpu6o5h0JfJOhAD
OAtk9SmGF+RZXBiCIuHKeSDCWi+LONNiP1Sj5Pyas8cI7JJrtk6SHD47I9ICssjs
AL3yeGQcDoMFrjZ6xs2IsxzTV4iwJoD3f0EeVuF7STtLf7gAZD7/23tQTTepv1Nj
JJ7C31p6XZVjng6VUaHWS1obdGJpEsz7yrQWPOcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQip5wgV2exhvfe8hFxSipR+TMjvDAfBgNVHSMEGDAWgBQ4AJmoGzRvmryv
JgVvW3cJTRzxEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09BQ1pxQnMwYjVxOHJ5WUZiMXQzQ1UwYzhSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvOGU1MDFkLWMwODgtNDg5NS1hZWUzLTQ1MGZlMzM1OTVkMS8x
L0lxZWNJRmRuc1liMzN2SVJjVW9xVWZrekk3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
OGU1MDFkLWMwODgtNDg5NS1hZWUzLTQ1MGZlMzM1OTVkMS8xL09BQ1pxQnMwYjVx
OHJ5WUZiMXQzQ1UwYzhSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAU+tQgMEAE+tTQMEArmfrDANBgkq
hkiG9w0BAQsFAAOCAQEAD2oLcL94um8Sj/1rT/2PbtBbNNSLcGmGsQnzYvp24FvB
ncQYqi5eUQBWrShHRX18ciQHEFmzuHmCJDL7PnBrwnyvNFmP08t/Iw+nr/ZrgIC3
kczeMSnueu8PZZ+CkYweHmV8nHoL3VnW1lm0KHfE+QITi3VEsPCpsm7Ryb0IxVs2
riJO8/ROAKD563fY+R8rC7FetK89i66pwrEUckDjGjc3NIfHdliMTE5Mat+Yc05k
qTIlY1lo8coTjidXeBjxeJhFjwZVfbDrPBKAJPkYRdWszr6vPVBwi44Z5aCRyuRh
aUCnhcAKBEmL3uquGRH2AGcTLkvnrbPuBv1Jg6kmRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:56 2024 by rpki-client on console-ams.rpki-client.org