Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/Zq8qLI_ps0kmoq1oOPjBlGpZWdQ.roa
File:                     Zq8qLI_ps0kmoq1oOPjBlGpZWdQ.roa (raw, json)
Hash identifier:          JussqrBQyjH1KQ706TJ9+OA4jANopt0zo7U03/hXAqI=
Subject key identifier:   66:AF:2A:2C:8F:E9:B3:49:26:A2:AD:68:38:F8:C1:94:6A:59:59:D4
Certificate issuer:       /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial:       0D64C98A
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/Zq8qLI_ps0kmoq1oOPjBlGpZWdQ.roa
Signing time:             Sat 01 Jan 2022 13:04:19 +0000
ROA not before:           Sat 01 Jan 2022 13:04:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50741
IP address blocks:        79.173.79.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 224709002 (0xd64c98a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
        Validity
            Not Before: Jan  1 13:04:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=66af2a2c8fe9b34926a2ad6838f8c1946a5959d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e9:8b:6a:da:18:b0:0a:3e:2a:fc:37:39:f3:
                    20:53:85:f1:83:7b:96:89:76:16:4d:ab:04:24:d7:
                    96:1b:4e:b5:fc:2d:36:e9:7c:a1:17:5b:13:39:e7:
                    1b:f7:74:1e:81:51:a2:48:97:4c:12:9f:be:ca:76:
                    51:d6:9e:f4:4a:29:cd:a1:d4:22:f8:ea:0a:15:74:
                    0a:33:03:a2:ef:ed:15:9d:8b:2f:53:f8:13:ce:87:
                    e7:e9:ac:95:ad:bc:a2:cc:33:fd:24:e1:b5:36:a8:
                    71:37:fa:b6:ee:a5:f2:c3:20:d6:39:9b:21:8a:26:
                    66:a5:31:7a:33:2a:9a:41:60:1c:0b:d1:68:fa:0d:
                    fa:17:02:93:e0:38:ab:27:c4:45:cf:2d:ab:9b:7d:
                    50:d9:ee:5b:0f:4d:36:75:8a:92:7c:95:34:f4:0a:
                    62:be:0c:cc:58:82:89:9a:23:ca:06:e9:f1:a5:cf:
                    8a:10:86:25:d2:29:6b:6a:60:94:2e:19:e0:cb:88:
                    0a:f3:e3:90:a8:27:e5:e6:ab:e0:4b:f3:ea:1c:98:
                    eb:78:8b:7e:68:63:fe:63:c2:0f:b5:6a:ea:fc:4a:
                    c1:a9:20:09:e2:52:c3:f8:5a:0d:03:87:29:ee:aa:
                    27:fa:0f:57:61:25:1e:b8:d4:be:b2:53:17:49:31:
                    1b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:AF:2A:2C:8F:E9:B3:49:26:A2:AD:68:38:F8:C1:94:6A:59:59:D4
            X509v3 Authority Key Identifier:
                keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/Zq8qLI_ps0kmoq1oOPjBlGpZWdQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.173.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:74:af:01:c4:c5:98:e8:c4:2c:58:51:53:29:8b:d7:0a:3e:
         1a:e4:71:22:fb:1b:35:74:da:f8:b8:0c:47:41:f2:93:d3:31:
         35:da:95:cb:07:59:0b:52:d1:3b:20:a7:82:35:ec:5a:e2:58:
         7a:53:31:23:ca:99:08:52:01:66:65:9f:bb:48:70:c4:b0:c7:
         8e:11:4d:c7:c5:48:93:fa:68:ad:19:e2:70:f5:47:90:b7:fa:
         d6:ba:02:51:99:0a:6f:a3:3c:bf:c6:57:f8:1e:0a:8a:5c:05:
         47:e0:bd:10:ca:24:d9:a1:d5:14:c4:cf:ae:26:78:05:d7:0f:
         74:97:3d:ca:de:01:64:c6:4f:92:5c:78:f2:28:98:1f:90:ed:
         41:bb:0b:ac:88:95:81:a7:58:33:f0:de:e1:a0:6f:ed:99:0d:
         7e:24:f2:9c:16:7b:9b:98:50:3a:e2:64:40:fb:9e:89:f1:bb:
         6b:6a:8a:98:ed:7c:ae:17:0f:d9:d9:a9:ae:7f:8e:66:25:b8:
         ea:4b:9d:aa:c6:3b:ae:5f:40:e3:d7:62:2b:b3:f0:c3:5f:5e:
         c8:f5:1b:a3:22:29:df:ad:ec:30:a8:2c:33:04:42:d5:8f:f7:
         c8:60:06:98:3b:74:1a:e6:86:31:0b:69:7d:0c:13:f5:44:36:
         ca:55:77:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDWTJijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODAwOTlhODFiMzQ2ZjlhYmNhZjI2MDU2ZjViNzcwOTRkMWNmMTEzMB4XDTIyMDEw
MTEzMDQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZhZjJhMmM4ZmU5
YjM0OTI2YTJhZDY4MzhmOGMxOTQ2YTU5NTlkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7pi2raGLAKPir8NznzIFOF8YN7lol2Fk2rBCTXlhtOtfwt
Nul8oRdbEznnG/d0HoFRokiXTBKfvsp2Udae9EopzaHUIvjqChV0CjMDou/tFZ2L
L1P4E86H5+msla28oswz/SThtTaocTf6tu6l8sMg1jmbIYomZqUxejMqmkFgHAvR
aPoN+hcCk+A4qyfERc8tq5t9UNnuWw9NNnWKknyVNPQKYr4MzFiCiZojygbp8aXP
ihCGJdIpa2pglC4Z4MuICvPjkKgn5ear4Evz6hyY63iLfmhj/mPCD7Vq6vxKwakg
CeJSw/haDQOHKe6qJ/oPV2ElHrjUvrJTF0kxGxsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRmryosj+mzSSairWg4+MGUallZ1DAfBgNVHSMEGDAWgBQ4AJmoGzRvmryv
JgVvW3cJTRzxEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09BQ1pxQnMwYjVxOHJ5WUZiMXQzQ1UwYzhSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvOGU1MDFkLWMwODgtNDg5NS1hZWUzLTQ1MGZlMzM1OTVkMS8x
L1pxOHFMSV9wczBrbW9xMW9PUGpCbEdwWldkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
OGU1MDFkLWMwODgtNDg5NS1hZWUzLTQ1MGZlMzM1OTVkMS8xL09BQ1pxQnMwYjVx
OHJ5WUZiMXQzQ1UwYzhSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE+tTzANBgkqhkiG9w0BAQsFAAOC
AQEAOXSvAcTFmOjELFhRUymL1wo+GuRxIvsbNXTa+LgMR0Hyk9MxNdqVywdZC1LR
OyCngjXsWuJYelMxI8qZCFIBZmWfu0hwxLDHjhFNx8VIk/porRnicPVHkLf61roC
UZkKb6M8v8ZX+B4KilwFR+C9EMok2aHVFMTPriZ4BdcPdJc9yt4BZMZPklx48iiY
H5DtQbsLrIiVgadYM/De4aBv7ZkNfiTynBZ7m5hQOuJkQPueifG7a2qKmO18rhcP
2dmprn+OZiW46kudqsY7rl9A49diK7Pww19eyPUboyIp363sMKgsMwRC1Y/3yGAG
mDt0GuaGMQtpfQwT9UQ2ylV3Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:56 2024 by rpki-client on console-ams.rpki-client.org