Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/iyMzXNsECsY1m3DVjWOiIxUYbvM.roa
File:                     iyMzXNsECsY1m3DVjWOiIxUYbvM.roa (raw, json)
Hash identifier:          IfxWX5XFK20S7ZJJBlzOX705FaC7067mZYhpFzSjIKg=
Subject key identifier:   8B:23:33:5C:DB:04:0A:C6:35:9B:70:D5:8D:63:A2:23:15:18:6E:F3
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       06E9244B
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/iyMzXNsECsY1m3DVjWOiIxUYbvM.roa
Signing time:             Fri 20 May 2022 11:12:30 +0000
ROA not before:           Fri 20 May 2022 11:12:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     138211
IP address blocks:        2a0d:2587:8500::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115942475 (0x6e9244b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: May 20 11:12:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b23335cdb040ac6359b70d58d63a22315186ef3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:dc:77:64:3f:da:83:ed:eb:1d:c2:f7:f2:2d:
                    23:62:09:6f:b0:a3:8e:60:88:29:03:c7:d3:af:49:
                    26:c7:87:61:c8:cf:47:54:38:55:67:32:9d:37:e0:
                    46:89:ac:fa:36:d5:7b:6d:97:fa:2f:8e:13:5e:7a:
                    7b:16:82:a7:04:ce:3b:8c:ab:75:44:ee:fa:62:a9:
                    4f:c0:c3:77:ef:7b:da:02:f1:ba:e6:e9:ab:1b:f0:
                    0c:b3:da:03:48:55:16:6c:d4:43:f3:3f:10:f4:ac:
                    9e:9c:e3:cc:94:ba:a2:47:94:6b:bc:9c:24:ba:7d:
                    5d:77:44:3a:cd:18:e9:78:dd:41:ce:03:05:df:e1:
                    4c:2e:b2:75:08:b6:cd:1b:e4:35:d4:c2:4b:7b:4d:
                    b1:9c:dd:27:8d:76:a4:3a:02:93:a8:2d:cb:b5:03:
                    2f:ed:a4:77:9b:1d:64:a4:8f:30:12:25:29:c2:29:
                    55:1f:5a:31:00:b0:d1:9f:de:a0:e0:e9:f1:0b:46:
                    dd:c4:bc:77:3a:b2:15:fb:6b:f2:ba:bb:4d:46:93:
                    db:03:fb:84:63:5d:d6:04:ed:68:f6:05:60:3d:c3:
                    e7:41:a6:97:17:71:4a:29:01:ac:4c:b2:5c:b5:c5:
                    12:91:aa:fa:22:37:26:42:ae:d1:be:e4:d3:71:84:
                    f6:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:23:33:5C:DB:04:0A:C6:35:9B:70:D5:8D:63:A2:23:15:18:6E:F3
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/iyMzXNsECsY1m3DVjWOiIxUYbvM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2587:8500::/40

    Signature Algorithm: sha256WithRSAEncryption
         44:c2:67:bd:7f:55:94:01:8b:c8:9c:b4:3f:5d:7f:a9:91:79:
         ae:83:72:8b:4e:67:d1:2f:b2:99:11:8d:50:8f:f4:ba:25:d3:
         da:c8:1f:30:6a:9c:2d:23:b5:56:1a:51:75:6e:a7:43:3f:07:
         c9:e9:91:0d:6b:83:3a:04:16:96:ab:95:a0:23:78:85:33:95:
         93:e7:f6:b2:1e:84:b7:12:15:f2:33:7b:8d:c7:fb:d5:90:b3:
         4d:f5:59:94:a5:44:31:d7:6b:d2:e1:19:56:2e:d9:73:04:19:
         4c:d5:20:c1:4d:8c:e6:4c:06:36:33:57:22:53:78:9e:8f:5f:
         52:32:77:f0:c5:ac:2b:2d:33:fb:c3:3b:40:58:2d:09:8b:49:
         11:6e:7c:e4:58:f7:5e:a0:c6:d1:bf:9c:aa:77:1f:b6:84:c4:
         0e:cc:a7:f7:3d:83:61:f4:ad:15:67:09:67:62:3d:17:7a:da:
         de:24:ee:65:dc:50:9b:5d:af:bd:73:71:5a:30:30:b0:04:e3:
         5c:3c:16:99:1c:b2:b3:7b:68:6f:39:73:ca:50:98:78:30:0c:
         05:3b:76:31:60:f4:95:0e:f2:67:6e:22:0c:97:91:51:f0:34:
         17:a4:15:d8:40:e4:a1:7d:ea:28:c4:96:ba:77:5e:33:99:b0:
         d7:be:cd:2d
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEBukkSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2M2OWQwNDU4MzUwMGM1ZWY4MTEzNjgzMTIzNzU5M2UwYmI4NmNlMB4XDTIyMDUy
MDExMTIzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGIyMzMzNWNkYjA0
MGFjNjM1OWI3MGQ1OGQ2M2EyMjMxNTE4NmVmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMncd2Q/2oPt6x3C9/ItI2IJb7CjjmCIKQPH069JJseHYcjP
R1Q4VWcynTfgRoms+jbVe22X+i+OE156exaCpwTOO4yrdUTu+mKpT8DDd+972gLx
uubpqxvwDLPaA0hVFmzUQ/M/EPSsnpzjzJS6okeUa7ycJLp9XXdEOs0Y6XjdQc4D
Bd/hTC6ydQi2zRvkNdTCS3tNsZzdJ412pDoCk6gty7UDL+2kd5sdZKSPMBIlKcIp
VR9aMQCw0Z/eoODp8QtG3cS8dzqyFftr8rq7TUaT2wP7hGNd1gTtaPYFYD3D50Gm
lxdxSikBrEyyXLXFEpGq+iI3JkKu0b7k03GE9r8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSLIzNc2wQKxjWbcNWNY6IjFRhu8zAfBgNVHSMEGDAWgBRzxp0EWDUAxe+B
E2gxI3WT4LuGzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2M4YWRCRmcxQU1YdmdSTm9NU04xay1DN2hzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNmY2Y2UyLWU2ZWUtNGUyYS05MDVkLWY5Y2IwYTdiMjA2Yy8x
L2l5TXpYTnNFQ3NZMW0zRFZqV09pSXhVWWJ2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NmY2Y2UyLWU2ZWUtNGUyYS05MDVkLWY5Y2IwYTdiMjA2Yy8xL2M4YWRCRmcxQU1Y
dmdSTm9NU04xay1DN2hzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoNJYeFMA0GCSqGSIb3DQEBCwUA
A4IBAQBEwme9f1WUAYvInLQ/XX+pkXmug3KLTmfRL7KZEY1Qj/S6JdPayB8wapwt
I7VWGlF1bqdDPwfJ6ZENa4M6BBaWq5WgI3iFM5WT5/ayHoS3EhXyM3uNx/vVkLNN
9VmUpUQx12vS4RlWLtlzBBlM1SDBTYzmTAY2M1ciU3iej19SMnfwxawrLTP7wztA
WC0Ji0kRbnzkWPdeoMbRv5yqdx+2hMQOzKf3PYNh9K0VZwlnYj0XetreJO5l3FCb
Xa+9c3FaMDCwBONcPBaZHLKze2hvOXPKUJh4MAwFO3YxYPSVDvJnbiIMl5FR8DQX
pBXYQOShfeooxJa6d14zmbDXvs0t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:48 2024 by rpki-client on console-ams.rpki-client.org