Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9759e3-7260-4e0e-9826-4a708d12952b/1/tp2bdkwP7vyN7xr-Bj8raQmMbxI.roa
File:                     tp2bdkwP7vyN7xr-Bj8raQmMbxI.roa (raw, json)
Hash identifier:          ZZ8k5/0qubV+9ThSLffKuDUmsZdW7v5LDf/eyvb59kE=
Subject key identifier:   B6:9D:9B:76:4C:0F:EE:FC:8D:EF:1A:FE:06:3F:2B:69:09:8C:6F:12
Certificate issuer:       /CN=4a4d81d215ed51dfcc3c3bc0e7e7bf154373ad05
Certificate serial:       018356A35DF9EBE617BA4107E2C9F87E15D0
Authority key identifier: 4A:4D:81:D2:15:ED:51:DF:CC:3C:3B:C0:E7:E7:BF:15:43:73:AD:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sk2B0hXtUd_MPDvA5-e_FUNzrQU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/9759e3-7260-4e0e-9826-4a708d12952b/1/tp2bdkwP7vyN7xr-Bj8raQmMbxI.roa
Signing time:             Mon 19 Sep 2022 16:44:50 +0000
ROA not before:           Mon 19 Sep 2022 16:44:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400785
IP address blocks:        176.116.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:56:a3:5d:f9:eb:e6:17:ba:41:07:e2:c9:f8:7e:15:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a4d81d215ed51dfcc3c3bc0e7e7bf154373ad05
        Validity
            Not Before: Sep 19 16:44:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b69d9b764c0feefc8def1afe063f2b69098c6f12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:0e:b7:5b:28:6d:98:6d:68:45:e0:32:62:5c:
                    d1:e5:73:ef:1a:6b:dc:59:05:93:ca:2d:fe:29:9a:
                    d1:27:87:11:fb:f8:a4:d7:e0:4f:fa:d4:74:c3:e1:
                    69:cd:60:f3:aa:c2:c2:43:7f:bc:ee:bc:54:78:d5:
                    c6:31:3f:91:1b:1f:ce:5e:fc:50:37:96:6f:07:8c:
                    13:d1:0e:28:c5:68:35:84:e0:36:b4:64:ca:ac:27:
                    4f:41:5d:67:3d:d1:81:aa:7b:f5:e1:9b:cb:87:cf:
                    e4:ce:ad:7f:cc:fd:cd:21:e4:9a:d0:dd:03:4a:c9:
                    59:ed:ef:2c:e2:8b:f3:94:40:d4:bb:67:09:4b:db:
                    02:eb:ac:7d:f5:25:b1:3f:37:71:c0:9a:67:6b:36:
                    b8:4a:77:3f:f7:03:79:d2:50:90:1b:dd:ef:0f:fe:
                    5e:5c:b0:dd:fb:e0:fe:5b:db:79:c1:64:ba:b5:32:
                    41:0f:41:2b:10:33:49:2c:f6:2e:38:68:ff:e9:3f:
                    a3:91:66:c0:0c:ac:55:f4:db:67:55:2a:2e:66:45:
                    d9:0f:03:9c:0b:37:8e:fb:12:71:56:be:bc:67:db:
                    02:60:7e:db:54:22:26:07:de:d9:14:e8:9a:19:de:
                    74:5c:3c:a4:13:12:4b:44:2f:9c:18:b3:40:98:71:
                    e5:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:9D:9B:76:4C:0F:EE:FC:8D:EF:1A:FE:06:3F:2B:69:09:8C:6F:12
            X509v3 Authority Key Identifier:
                keyid:4A:4D:81:D2:15:ED:51:DF:CC:3C:3B:C0:E7:E7:BF:15:43:73:AD:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sk2B0hXtUd_MPDvA5-e_FUNzrQU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9759e3-7260-4e0e-9826-4a708d12952b/1/tp2bdkwP7vyN7xr-Bj8raQmMbxI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9759e3-7260-4e0e-9826-4a708d12952b/1/Sk2B0hXtUd_MPDvA5-e_FUNzrQU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.116.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:e1:37:11:af:a6:c6:0a:b0:ad:7d:4d:a6:aa:ca:17:ec:a4:
         d1:3c:48:d0:40:0d:71:88:33:bb:fb:e5:35:e3:28:97:28:55:
         fd:92:e7:34:31:c6:41:65:3d:fc:5c:34:c8:e9:05:f8:38:42:
         64:19:f5:5b:1e:c6:b0:00:3f:a8:3a:ba:04:4e:4e:19:7f:eb:
         2d:fa:63:6b:f5:ad:0a:e8:86:0c:3e:de:56:d6:3e:c1:2e:9c:
         cf:b8:7f:60:06:70:df:5d:9a:96:33:63:18:19:75:a1:f1:63:
         9a:43:a6:f6:9e:b6:dc:79:7d:9b:6f:1f:9d:00:80:ae:3c:06:
         77:c2:77:c1:6f:d7:45:b7:20:cd:a0:ba:60:db:4b:40:f8:4c:
         33:37:35:9e:58:65:63:0d:d3:58:0c:4b:82:6c:73:5b:3f:e4:
         28:f6:12:f6:79:54:ef:8d:0a:68:84:ae:b2:62:b9:d1:a8:5b:
         7f:a9:0c:dd:ab:8f:66:5e:fb:c2:2f:ed:f2:c9:af:ba:d6:7d:
         25:dd:fe:fc:3c:5d:13:ca:7f:7a:83:ab:f0:91:4d:ef:de:08:
         a3:8f:0f:e4:47:c3:f4:39:bf:86:3b:1c:95:97:de:4c:ca:aa:
         44:a5:fa:d5:1d:7f:ec:f4:e7:9e:a2:10:5f:b1:99:63:57:81:
         80:3b:26:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNWo1356+YXukEH4sn4fhXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNGQ4MWQyMTVlZDUxZGZjYzNjM2JjMGU3ZTdiZjE1NDM3
M2FkMDUwHhcNMjIwOTE5MTY0NDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjlkOWI3NjRjMGZlZWZjOGRlZjFhZmUwNjNmMmI2OTA5OGM2ZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ63WyhtmG1oReAyYlzR5XPvGmvc
WQWTyi3+KZrRJ4cR+/ik1+BP+tR0w+FpzWDzqsLCQ3+87rxUeNXGMT+RGx/OXvxQ
N5ZvB4wT0Q4oxWg1hOA2tGTKrCdPQV1nPdGBqnv14ZvLh8/kzq1/zP3NIeSa0N0D
SslZ7e8s4ovzlEDUu2cJS9sC66x99SWxPzdxwJpnaza4Snc/9wN50lCQG93vD/5e
XLDd++D+W9t5wWS6tTJBD0ErEDNJLPYuOGj/6T+jkWbADKxV9NtnVSouZkXZDwOc
CzeO+xJxVr68Z9sCYH7bVCImB97ZFOiaGd50XDykExJLRC+cGLNAmHHlpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLadm3ZMD+78je8a/gY/K2kJjG8SMB8GA1UdIwQY
MBaAFEpNgdIV7VHfzDw7wOfnvxVDc60FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2syQjBoWHRVZF9NUER2QTUtZV9GVU56clFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NzU5ZTMtNzI2MC00ZTBlLTk4MjYt
NGE3MDhkMTI5NTJiLzEvdHAyYmRrd1A3dnlON3hyLUJqOHJhUW1NYnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NzU5ZTMtNzI2MC00ZTBlLTk4MjYtNGE3MDhkMTI5NTJi
LzEvU2syQjBoWHRVZF9NUER2QTUtZV9GVU56clFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHQGMA0G
CSqGSIb3DQEBCwUAA4IBAQB74TcRr6bGCrCtfU2mqsoX7KTRPEjQQA1xiDO7++U1
4yiXKFX9kuc0McZBZT38XDTI6QX4OEJkGfVbHsawAD+oOroETk4Zf+st+mNr9a0K
6IYMPt5W1j7BLpzPuH9gBnDfXZqWM2MYGXWh8WOaQ6b2nrbceX2bbx+dAICuPAZ3
wnfBb9dFtyDNoLpg20tA+EwzNzWeWGVjDdNYDEuCbHNbP+Qo9hL2eVTvjQpohK6y
YrnRqFt/qQzdq49mXvvCL+3yya+61n0l3f78PF0Tyn96g6vwkU3v3gijjw/kR8P0
Ob+GOxyVl95MyqpEpfrVHX/s9OeeohBfsZljV4GAOyY+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:44 2023 by rpki-client on console-ams.rpki-client.org