Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/08u-HAdDDtJPgr34o86cchvQ9Ys.roa
File:                     08u-HAdDDtJPgr34o86cchvQ9Ys.roa (raw, json)
Hash identifier:          iaiq74Fmigl1Ln84ZkcIaHc33L3Ar+JLVHFTAFHpCfA=
Subject key identifier:   D3:CB:BE:1C:07:43:0E:D2:4F:82:BD:F8:A3:CE:9C:72:1B:D0:F5:8B
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       079B17C7
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/08u-HAdDDtJPgr34o86cchvQ9Ys.roa
Signing time:             Sat 01 Jan 2022 08:01:40 +0000
ROA not before:           Sat 01 Jan 2022 08:01:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6134
IP address blocks:        176.113.68.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127604679 (0x79b17c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  1 08:01:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3cbbe1c07430ed24f82bdf8a3ce9c721bd0f58b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:61:70:3f:a2:6f:cf:0f:f3:cd:77:14:68:c3:
                    3e:68:2e:71:e5:62:19:da:2f:15:70:8e:c6:a6:d3:
                    0c:c3:01:9c:20:6a:a8:21:87:38:4d:5f:c2:61:74:
                    4e:87:ff:fd:47:dd:d9:54:f2:6f:50:40:82:32:2c:
                    35:16:88:a7:22:fd:18:51:b6:36:cd:1e:65:73:28:
                    fd:bb:14:28:15:0e:a0:8b:2e:d8:a6:3a:88:14:5c:
                    77:f8:18:c8:06:e6:29:ea:6d:24:7c:10:51:91:50:
                    70:1c:e0:7f:70:2f:49:88:94:96:70:58:0c:ca:71:
                    e5:f9:33:fa:66:67:aa:be:d8:92:3f:af:b5:86:c5:
                    0f:5e:a2:34:8a:c6:2d:b8:f2:5d:5a:31:cd:52:53:
                    a9:3f:38:54:0f:ba:48:88:c1:19:fe:ef:69:5e:c1:
                    ac:0e:fb:c6:48:b7:01:0c:31:f6:de:33:c9:70:db:
                    93:96:40:fd:59:33:dd:1c:e1:59:bb:81:9f:4c:5c:
                    26:27:ef:4b:f9:78:ef:a4:58:22:74:e4:b6:fb:c0:
                    a9:40:3d:c9:e8:61:9d:02:66:45:dd:b1:0a:10:f8:
                    c0:04:f3:dc:2a:e1:b1:60:8e:b7:15:74:9a:c0:ab:
                    b0:b8:93:59:d6:23:61:01:d2:35:f0:ae:88:12:13:
                    e3:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:CB:BE:1C:07:43:0E:D2:4F:82:BD:F8:A3:CE:9C:72:1B:D0:F5:8B
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/08u-HAdDDtJPgr34o86cchvQ9Ys.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.113.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:9a:9e:04:65:e9:f4:0b:f1:33:18:a5:17:c2:86:11:88:8f:
         57:17:e2:cc:cb:8a:98:05:a1:cc:f9:f6:dd:0f:fb:aa:d4:37:
         b4:39:a1:0d:cd:d6:b2:2f:22:ae:64:10:4c:a1:89:4d:7c:31:
         74:65:ea:20:ac:c5:b4:10:03:c0:8e:38:b4:62:b9:20:7a:01:
         a2:53:8d:6e:94:a4:72:87:65:65:e0:cb:b6:c9:db:5d:17:8c:
         ad:f1:17:e8:68:a5:dd:42:16:ba:3e:77:d7:b0:05:b5:7a:25:
         61:7d:5e:56:97:36:7f:75:37:99:62:b8:6f:ca:72:e3:2d:c1:
         bb:5f:a2:07:4b:4d:62:55:9c:b9:3d:2e:fe:b5:80:63:7a:cf:
         98:06:7a:a3:92:40:ff:f3:1d:03:86:8d:ce:36:49:e7:8d:d9:
         29:2e:86:0d:5a:b5:fb:0a:fb:22:41:2c:12:5f:99:7d:7f:93:
         9e:a9:95:81:38:fd:26:6c:02:e3:aa:c3:b9:66:7a:6a:92:04:
         d1:20:b8:0a:df:cb:c1:58:f2:d0:3d:8a:38:41:8a:8c:7b:01:
         fe:bf:f4:19:e3:44:83:aa:30:9a:41:7a:0e:8b:a7:2e:bb:b9:
         5a:3e:f4:24:58:cb:fc:9f:25:8a:cb:c9:4e:90:7b:a1:e7:30:
         95:a3:2a:ba
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB5sXxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
MTA4MDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNjYmJlMWMwNzQz
MGVkMjRmODJiZGY4YTNjZTljNzIxYmQwZjU4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9hcD+ib88P8813FGjDPmguceViGdovFXCOxqbTDMMBnCBq
qCGHOE1fwmF0Tof//Ufd2VTyb1BAgjIsNRaIpyL9GFG2Ns0eZXMo/bsUKBUOoIsu
2KY6iBRcd/gYyAbmKeptJHwQUZFQcBzgf3AvSYiUlnBYDMpx5fkz+mZnqr7Ykj+v
tYbFD16iNIrGLbjyXVoxzVJTqT84VA+6SIjBGf7vaV7BrA77xki3AQwx9t4zyXDb
k5ZA/Vkz3RzhWbuBn0xcJifvS/l476RYInTktvvAqUA9yehhnQJmRd2xChD4wATz
3CrhsWCOtxV0msCrsLiTWdYjYQHSNfCuiBIT47sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTy74cB0MO0k+CvfijzpxyG9D1izAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
LzA4dS1IQWRERHRKUGdyMzRvODZjY2h2UTlZcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArBxRDANBgkqhkiG9w0BAQsFAAOC
AQEAIJqeBGXp9AvxMxilF8KGEYiPVxfizMuKmAWhzPn23Q/7qtQ3tDmhDc3Wsi8i
rmQQTKGJTXwxdGXqIKzFtBADwI44tGK5IHoBolONbpSkcodlZeDLtsnbXReMrfEX
6Gil3UIWuj5317AFtXolYX1eVpc2f3U3mWK4b8py4y3Bu1+iB0tNYlWcuT0u/rWA
Y3rPmAZ6o5JA//MdA4aNzjZJ543ZKS6GDVq1+wr7IkEsEl+ZfX+TnqmVgTj9JmwC
46rDuWZ6apIE0SC4Ct/LwVjy0D2KOEGKjHsB/r/0GeNEg6owmkF6DounLru5Wj70
JFjL/J8lisvJTpB7oecwlaMqug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:46 2024 by rpki-client on console-ams.rpki-client.org