Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/M8gk5HJweTrYlZ40Il3MLhBXeXg.roa
File:                     M8gk5HJweTrYlZ40Il3MLhBXeXg.roa (raw, json)
Hash identifier:          fTcrKWmiOD7JOmQ+5y/tDdiyQ2kseEVVFUXPQJc5MiU=
Subject key identifier:   33:C8:24:E4:72:70:79:3A:D8:95:9E:34:22:5D:CC:2E:10:57:79:78
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       05794C03
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/M8gk5HJweTrYlZ40Il3MLhBXeXg.roa
Signing time:             Sat 01 Jan 2022 05:01:14 +0000
ROA not before:           Sat 01 Jan 2022 05:01:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     17920
IP address blocks:        2a05:1082:5::/48 maxlen: 48
                          2a05:1082:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91835395 (0x5794c03)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: Jan  1 05:01:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=33c824e47270793ad8959e34225dcc2e10577978
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:5a:66:bb:44:ff:9f:81:86:e8:fd:10:f5:45:
                    5c:da:5d:79:15:61:6e:d8:59:95:f3:d3:21:66:59:
                    be:8c:ce:55:d3:15:d9:27:24:44:5a:61:4f:fc:68:
                    c3:32:53:54:bb:3b:30:c3:69:8c:88:7f:22:2d:29:
                    7d:6c:03:a0:cf:bd:8e:92:e8:b6:13:ec:a9:4d:d6:
                    61:35:1a:f8:33:26:c3:2b:f2:a6:54:a4:de:ae:5b:
                    ac:f5:6b:e4:15:f7:ce:3e:5f:cf:e7:30:8a:da:3c:
                    80:4e:49:b6:d2:26:fa:8e:c1:b2:8c:8f:a3:4c:f1:
                    fb:b7:00:cb:8a:04:14:1e:45:ca:81:ab:34:23:54:
                    21:9d:8e:18:1b:3c:33:05:bc:c1:52:a3:78:dd:e3:
                    13:d5:c4:73:97:37:99:df:2e:ec:6c:ef:5f:45:02:
                    54:cd:5a:68:8d:29:44:3e:1d:f3:0c:75:d1:50:67:
                    ad:e7:e1:0a:89:4d:37:d9:10:ab:f0:18:2d:b4:01:
                    da:01:94:94:0c:45:0a:ab:75:52:de:a2:90:1c:9d:
                    fd:7e:cd:32:47:11:fd:d8:ac:a1:6e:0a:c2:78:ad:
                    3c:f3:8c:fd:8a:61:27:ed:28:20:d6:8b:8d:f4:60:
                    22:4c:fd:d9:ed:94:cc:5a:db:e6:2f:2f:53:c5:29:
                    f6:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:C8:24:E4:72:70:79:3A:D8:95:9E:34:22:5D:CC:2E:10:57:79:78
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/M8gk5HJweTrYlZ40Il3MLhBXeXg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:1082:1::/48
                  2a05:1082:5::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:3d:87:eb:fd:e0:4f:2d:8f:36:34:c9:00:78:8d:b7:ae:61:
         bb:8c:a7:7d:9e:eb:72:1a:0d:a9:b4:d7:23:bf:61:44:37:14:
         f8:08:2c:1c:23:7d:07:8f:b1:64:a3:4c:23:f6:4b:66:f2:3f:
         11:7f:93:34:87:df:8a:99:70:ae:2a:74:6d:e8:45:90:17:84:
         65:90:c5:9c:33:a6:d6:22:21:76:8a:29:08:22:89:58:8e:40:
         cc:09:62:57:19:25:b0:6c:4c:66:7f:f2:f7:94:2c:e3:c5:0a:
         86:a4:6c:ca:4b:b2:c0:fb:43:87:bb:77:7c:c1:d9:e1:15:c8:
         7f:23:24:f7:9c:b5:af:cf:ae:2d:bd:f3:81:75:44:11:a5:cb:
         5c:36:fb:c6:ee:72:38:b6:82:2d:3d:83:16:36:cf:14:d5:aa:
         54:0e:95:cc:9f:21:80:b5:db:be:b6:cf:1d:d6:3c:66:ab:9d:
         41:6f:10:c5:d0:3f:a1:6e:35:de:7a:72:59:cc:95:3f:45:90:
         a4:6b:1e:f0:3e:8e:b1:90:64:d8:53:4a:07:89:67:b9:72:d0:
         9b:4d:9e:d6:34:8f:33:ae:9a:5f:8a:3c:db:b8:26:4f:d3:33:
         3f:eb:05:1c:3c:cb:2a:ca:9d:70:b6:2e:f0:00:08:ea:96:f6:
         47:6b:ae:44
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBXlMAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2M2OWQwNDU4MzUwMGM1ZWY4MTEzNjgzMTIzNzU5M2UwYmI4NmNlMB4XDTIyMDEw
MTA1MDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNjODI0ZTQ3Mjcw
NzkzYWQ4OTU5ZTM0MjI1ZGNjMmUxMDU3Nzk3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9aZrtE/5+Bhuj9EPVFXNpdeRVhbthZlfPTIWZZvozOVdMV
2SckRFphT/xowzJTVLs7MMNpjIh/Ii0pfWwDoM+9jpLothPsqU3WYTUa+DMmwyvy
plSk3q5brPVr5BX3zj5fz+cwito8gE5JttIm+o7BsoyPo0zx+7cAy4oEFB5FyoGr
NCNUIZ2OGBs8MwW8wVKjeN3jE9XEc5c3md8u7GzvX0UCVM1aaI0pRD4d8wx10VBn
refhColNN9kQq/AYLbQB2gGUlAxFCqt1Ut6ikByd/X7NMkcR/disoW4KwnitPPOM
/YphJ+0oINaLjfRgIkz92e2UzFrb5i8vU8Up9psCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQzyCTkcnB5OtiVnjQiXcwuEFd5eDAfBgNVHSMEGDAWgBRzxp0EWDUAxe+B
E2gxI3WT4LuGzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2M4YWRCRmcxQU1YdmdSTm9NU04xay1DN2hzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNmY2Y2UyLWU2ZWUtNGUyYS05MDVkLWY5Y2IwYTdiMjA2Yy8x
L004Z2s1SEp3ZVRyWWxaNDBJbDNNTGhCWGVYZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NmY2Y2UyLWU2ZWUtNGUyYS05MDVkLWY5Y2IwYTdiMjA2Yy8xL2M4YWRCRmcxQU1Y
dmdSTm9NU04xay1DN2hzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoFEIIAAQMHACoFEIIABTANBgkq
hkiG9w0BAQsFAAOCAQEAYT2H6/3gTy2PNjTJAHiNt65hu4ynfZ7rchoNqbTXI79h
RDcU+AgsHCN9B4+xZKNMI/ZLZvI/EX+TNIffiplwrip0behFkBeEZZDFnDOm1iIh
doopCCKJWI5AzAliVxklsGxMZn/y95Qs48UKhqRsykuywPtDh7t3fMHZ4RXIfyMk
95y1r8+uLb3zgXVEEaXLXDb7xu5yOLaCLT2DFjbPFNWqVA6VzJ8hgLXbvrbPHdY8
ZqudQW8QxdA/oW413npyWcyVP0WQpGse8D6OsZBk2FNKB4lnuXLQm02e1jSPM66a
X4o827gmT9MzP+sFHDzLKsqdcLYu8AAI6pb2R2uuRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org