Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/dac732-4aca-4bf8-a6db-e07952db967b/1/zdddhq5zFvGXZeSWEqLF8h9w7_I.roa
File:                     zdddhq5zFvGXZeSWEqLF8h9w7_I.roa (raw, json)
Hash identifier:          cvCxp6nLivN43TjcNQDzxsmcixbmkpOuOn0NVYBBQkk=
Subject key identifier:   CD:D7:5D:86:AE:73:16:F1:97:65:E4:96:12:A2:C5:F2:1F:70:EF:F2
Certificate issuer:       /CN=d095364395ccfd8543977358fa9b71f9271544f6
Certificate serial:       9BBB
Authority key identifier: D0:95:36:43:95:CC:FD:85:43:97:73:58:FA:9B:71:F9:27:15:44:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0JU2Q5XM_YVDl3NY-ptx-ScVRPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/dac732-4aca-4bf8-a6db-e07952db967b/1/zdddhq5zFvGXZeSWEqLF8h9w7_I.roa
Signing time:             Tue 08 Feb 2022 08:27:02 +0000
ROA not before:           Tue 08 Feb 2022 08:27:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57659
IP address blocks:        176.104.168.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 39867 (0x9bbb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d095364395ccfd8543977358fa9b71f9271544f6
        Validity
            Not Before: Feb  8 08:27:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cdd75d86ae7316f19765e49612a2c5f21f70eff2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b3:52:ce:18:e8:2d:00:d5:75:15:58:30:36:
                    af:54:8a:22:2e:52:c8:b0:b8:e7:13:77:20:7c:1f:
                    f0:38:72:9a:75:0b:65:38:64:3a:57:6f:38:e6:e8:
                    8a:e0:c0:0e:f1:b1:4a:99:05:7a:8f:90:18:88:3d:
                    92:98:9b:83:32:cf:fe:3f:21:4c:fa:03:a0:17:ca:
                    78:69:e4:07:28:ac:8c:b0:75:90:f2:c3:d0:d7:26:
                    2d:b1:e4:1f:da:73:bc:b0:f1:8c:85:66:c6:65:c1:
                    55:8d:be:7a:e7:4c:07:c1:b1:1b:05:09:1b:88:58:
                    6f:16:40:4e:b2:83:47:5a:e3:94:52:de:53:40:b8:
                    36:39:c8:fb:df:b3:4e:17:8b:5d:29:4c:b3:39:c8:
                    32:1e:e9:ae:c8:0c:12:47:0f:c0:b1:89:3b:7c:29:
                    c9:32:e2:73:39:02:91:93:2b:33:91:9e:a1:90:4d:
                    b7:69:f6:5a:ed:a6:2a:79:0b:4e:f8:1c:c8:86:bd:
                    5b:7f:50:ff:ec:61:77:95:53:3d:f4:51:b8:21:12:
                    66:ce:e1:7d:c8:52:b8:17:8c:d2:85:a4:e5:64:7b:
                    5a:6e:55:95:e5:3e:40:d8:85:51:7b:d7:e7:a0:d3:
                    24:09:58:5e:96:1d:af:82:a7:79:fa:9a:3e:c9:5c:
                    30:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:D7:5D:86:AE:73:16:F1:97:65:E4:96:12:A2:C5:F2:1F:70:EF:F2
            X509v3 Authority Key Identifier:
                keyid:D0:95:36:43:95:CC:FD:85:43:97:73:58:FA:9B:71:F9:27:15:44:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0JU2Q5XM_YVDl3NY-ptx-ScVRPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dac732-4aca-4bf8-a6db-e07952db967b/1/zdddhq5zFvGXZeSWEqLF8h9w7_I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dac732-4aca-4bf8-a6db-e07952db967b/1/0JU2Q5XM_YVDl3NY-ptx-ScVRPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.104.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         83:02:c6:52:8d:7d:f5:09:fe:58:3a:97:40:a0:c6:6a:77:68:
         b4:1c:50:1b:b3:32:2a:06:45:c2:4f:c9:6a:64:46:f4:b6:e3:
         42:67:fd:d5:ae:01:8c:2d:b5:14:0f:d2:8b:f9:63:4e:2f:18:
         33:95:b8:ec:78:8c:6f:55:fb:a3:44:22:87:e2:47:cc:fe:53:
         b9:14:82:99:5a:51:b7:80:74:d3:49:0a:fd:c5:c6:e7:bc:9d:
         b5:34:c7:d6:fe:4f:53:76:15:5d:87:da:56:21:93:03:37:1c:
         c5:a6:d6:a7:ca:5a:8f:79:bd:ca:7f:c7:00:ec:a3:30:18:f2:
         00:3f:73:f8:b7:cd:ce:b2:29:ae:f8:dd:d9:c2:c1:6a:27:d0:
         ed:9a:fa:d6:a5:1d:00:0f:49:e9:37:27:5c:92:9b:b9:62:46:
         05:46:8f:8d:7b:1f:58:26:29:2f:d4:f8:3e:9a:53:76:52:4e:
         2b:a1:88:8f:8d:9b:e2:96:cf:27:f6:f6:ba:2b:43:5c:6f:d1:
         2a:5b:ce:7a:69:be:88:ce:43:8e:98:ef:8e:60:32:ee:96:86:
         6a:ac:f7:4d:ba:de:f3:4a:fd:25:1a:c1:e5:0a:8c:23:39:b0:
         d4:74:32:b1:2a:f6:74:60:8f:9e:81:c8:4f:1b:63:53:0d:ee:
         59:df:e8:32
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAJu7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQw
OTUzNjQzOTVjY2ZkODU0Mzk3NzM1OGZhOWI3MWY5MjcxNTQ0ZjYwHhcNMjIwMjA4
MDgyNzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZGQ3NWQ4NmFlNzMx
NmYxOTc2NWU0OTYxMmEyYzVmMjFmNzBlZmYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtLNSzhjoLQDVdRVYMDavVIoiLlLIsLjnE3cgfB/wOHKadQtl
OGQ6V2845uiK4MAO8bFKmQV6j5AYiD2SmJuDMs/+PyFM+gOgF8p4aeQHKKyMsHWQ
8sPQ1yYtseQf2nO8sPGMhWbGZcFVjb5650wHwbEbBQkbiFhvFkBOsoNHWuOUUt5T
QLg2Ocj737NOF4tdKUyzOcgyHumuyAwSRw/AsYk7fCnJMuJzOQKRkyszkZ6hkE23
afZa7aYqeQtO+BzIhr1bf1D/7GF3lVM99FG4IRJmzuF9yFK4F4zShaTlZHtablWV
5T5A2IVRe9fnoNMkCVhelh2vgqd5+po+yVww2wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFM3XXYaucxbxl2XklhKixfIfcO/yMB8GA1UdIwQYMBaAFNCVNkOVzP2FQ5dz
WPqbcfknFUT2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MEpVMlE1WE1fWVZEbDNOWS1wdHgtU2NWUlBZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83My9kYWM3MzItNGFjYS00YmY4LWE2ZGItZTA3OTUyZGI5NjdiLzEv
emRkZGhxNXpGdkdYWmVTV0VxTEY4aDl3N19JLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9k
YWM3MzItNGFjYS00YmY4LWE2ZGItZTA3OTUyZGI5NjdiLzEvMEpVMlE1WE1fWVZE
bDNOWS1wdHgtU2NWUlBZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGioMA0GCSqGSIb3DQEBCwUAA4IB
AQCDAsZSjX31Cf5YOpdAoMZqd2i0HFAbszIqBkXCT8lqZEb0tuNCZ/3VrgGMLbUU
D9KL+WNOLxgzlbjseIxvVfujRCKH4kfM/lO5FIKZWlG3gHTTSQr9xcbnvJ21NMfW
/k9TdhVdh9pWIZMDNxzFptanylqPeb3Kf8cA7KMwGPIAP3P4t83Osimu+N3ZwsFq
J9DtmvrWpR0AD0npNydckpu5YkYFRo+Nex9YJikv1Pg+mlN2Uk4roYiPjZvils8n
9va6K0Ncb9EqW856ab6IzkOOmO+OYDLuloZqrPdNut7zSv0lGsHlCowjObDUdDKx
KvZ0YI+egchPG2NTDe5Z3+gy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:58 2024 by rpki-client on console-ams.rpki-client.org