Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/Q9CaPpFXGiKhDD1zhJAa6Wpmln8.roa
File:                     Q9CaPpFXGiKhDD1zhJAa6Wpmln8.roa (raw, json)
Hash identifier:          EtDATGj6rH1r7OOGh0QGueM/Qt9pzWxsrdJ6xyf/6WE=
Subject key identifier:   43:D0:9A:3E:91:57:1A:22:A1:0C:3D:73:84:90:1A:E9:6A:66:96:7F
Certificate issuer:       /CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
Certificate serial:       1B82BF75
Authority key identifier: EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/Q9CaPpFXGiKhDD1zhJAa6Wpmln8.roa
Signing time:             Sat 01 Jan 2022 15:02:28 +0000
ROA not before:           Sat 01 Jan 2022 15:02:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41017
IP address blocks:        79.134.56.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 461553525 (0x1b82bf75)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
        Validity
            Not Before: Jan  1 15:02:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=43d09a3e91571a22a10c3d7384901ae96a66967f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:24:a7:42:9d:4c:75:5c:44:17:d8:d3:9b:d6:
                    95:da:2c:4c:04:bb:e2:1a:0d:5f:22:f2:a3:e5:ba:
                    3e:1c:c4:d1:eb:0e:c9:19:30:1c:20:1b:f5:38:97:
                    c9:6e:a5:15:47:ff:3a:1f:de:b6:d6:c4:9f:b0:3a:
                    ba:7d:96:77:92:2e:92:db:90:84:64:07:91:df:ac:
                    96:a0:06:93:06:4a:09:76:b5:ae:06:02:45:08:86:
                    3d:bc:ba:d6:c2:84:cd:4a:00:94:f4:02:52:55:18:
                    03:7e:0d:22:61:2c:cc:ae:76:32:da:78:33:8e:49:
                    a2:fa:63:1f:59:06:e6:40:1d:22:09:cc:c1:8b:54:
                    df:d8:f2:fb:3c:9b:1e:0a:25:85:bf:60:55:4f:7b:
                    c4:da:e0:04:a1:1e:d8:bd:ff:21:b1:ff:cd:c6:df:
                    5a:bf:c1:e0:f5:68:db:95:15:43:c2:39:3a:df:b6:
                    e6:8d:70:47:47:56:2a:1c:ba:24:3b:b9:71:45:c0:
                    6e:38:34:a9:a6:4c:d5:e4:a6:65:4c:c0:f0:70:45:
                    28:f6:28:6f:5d:eb:7b:70:2f:57:47:75:fd:76:c0:
                    0c:77:99:3b:e1:a7:a6:b4:e8:a5:25:e4:45:ce:53:
                    61:ff:c4:a1:83:70:e3:5c:1b:e2:01:de:52:9e:5f:
                    85:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:D0:9A:3E:91:57:1A:22:A1:0C:3D:73:84:90:1A:E9:6A:66:96:7F
            X509v3 Authority Key Identifier:
                keyid:EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/Q9CaPpFXGiKhDD1zhJAa6Wpmln8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/67wNYL06kL1eMVCd6t9EcHaweNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.134.56.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:98:0a:5a:65:65:44:61:60:84:61:50:7f:42:ff:aa:80:13:
         cf:bd:41:42:60:63:88:7e:5b:8a:c5:f2:a9:17:ca:2a:18:28:
         37:31:b6:31:73:c1:40:45:d5:95:ad:01:c4:cf:dc:d5:6c:37:
         06:50:77:33:b2:12:2f:f6:cd:ae:26:0b:59:19:e0:08:92:a3:
         a0:ee:6d:32:43:fa:0c:67:9d:e0:99:73:ee:ca:3c:71:2f:08:
         51:76:fd:35:ee:06:5b:64:7c:b1:06:9c:d5:ec:65:fa:0a:60:
         0c:0c:3a:8a:8c:5a:47:b3:12:68:ce:cf:2c:d3:7a:4d:55:01:
         d8:59:6d:08:1b:39:e0:21:7a:d5:81:0a:db:05:f7:65:a8:22:
         27:cf:f9:e8:49:c6:d4:23:c6:eb:d2:32:4e:b7:21:c6:76:3c:
         d7:9d:4f:03:12:bc:81:9b:9c:e9:a9:b1:10:db:07:4e:3c:c4:
         cc:80:e9:7b:57:79:38:d2:17:d6:a8:22:52:08:03:8d:55:73:
         fd:2d:0a:f3:a2:1d:c9:cb:f1:69:65:40:71:de:52:a4:49:fb:
         59:a0:cf:eb:c4:1a:68:51:46:f4:7e:f5:82:4d:9d:20:98:76:
         5c:6e:59:d7:84:33:b1:f3:19:74:6c:b1:03:6a:eb:7f:12:c8:
         3f:15:b9:d0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG4K/dTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmJjMGQ2MGJkM2E5MGJkNWUzMTUwOWRlYWRmNDQ3MDc2YjA3OGQ4MB4XDTIyMDEw
MTE1MDIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNkMDlhM2U5MTU3
MWEyMmExMGMzZDczODQ5MDFhZTk2YTY2OTY3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQkp0KdTHVcRBfY05vWldosTAS74hoNXyLyo+W6PhzE0esO
yRkwHCAb9TiXyW6lFUf/Oh/ettbEn7A6un2Wd5IuktuQhGQHkd+slqAGkwZKCXa1
rgYCRQiGPby61sKEzUoAlPQCUlUYA34NImEszK52Mtp4M45JovpjH1kG5kAdIgnM
wYtU39jy+zybHgolhb9gVU97xNrgBKEe2L3/IbH/zcbfWr/B4PVo25UVQ8I5Ot+2
5o1wR0dWKhy6JDu5cUXAbjg0qaZM1eSmZUzA8HBFKPYob13re3AvV0d1/XbADHeZ
O+GnprTopSXkRc5TYf/EoYNw41wb4gHeUp5fhf0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRD0Jo+kVcaIqEMPXOEkBrpamaWfzAfBgNVHSMEGDAWgBTrvA1gvTqQvV4x
UJ3q30RwdrB42DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzY3d05ZTDA2a0wxZU1WQ2Q2dDlFY0hhd2VOZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvMDgwYWY2LThkYzQtNDhlNi05YzYzLWE2Yjk1OTkxY2QyYy8x
L1E5Q2FQcEZYR2lLaEREMXpoSkFhNldwbWxuOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
MDgwYWY2LThkYzQtNDhlNi05YzYzLWE2Yjk1OTkxY2QyYy8xLzY3d05ZTDA2a0wx
ZU1WQ2Q2dDlFY0hhd2VOZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU+GODANBgkqhkiG9w0BAQsFAAOC
AQEABZgKWmVlRGFghGFQf0L/qoATz71BQmBjiH5bisXyqRfKKhgoNzG2MXPBQEXV
la0BxM/c1Ww3BlB3M7ISL/bNriYLWRngCJKjoO5tMkP6DGed4Jlz7so8cS8IUXb9
Ne4GW2R8sQac1exl+gpgDAw6ioxaR7MSaM7PLNN6TVUB2FltCBs54CF61YEK2wX3
ZagiJ8/56EnG1CPG69IyTrchxnY8151PAxK8gZuc6amxENsHTjzEzIDpe1d5ONIX
1qgiUggDjVVz/S0K86IdycvxaWVAcd5SpEn7WaDP68QaaFFG9H71gk2dIJh2XG5Z
14QzsfMZdGyxA2rrfxLIPxW50A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:33 2024 by rpki-client on console-fra.rpki-client.org