Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/yJmTECc0xAE23WYpd2ZsbZQZ1z4.roa
File:                     yJmTECc0xAE23WYpd2ZsbZQZ1z4.roa (raw, json)
Hash identifier:          lOMolxDzCAcXaSrN+2D1FFGjW1FRqalWjkvfdpUS6uc=
Subject key identifier:   C8:99:93:10:27:34:C4:01:36:DD:66:29:77:66:6C:6D:94:19:D7:3E
Certificate issuer:       /CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Certificate serial:       018378E26C5C9F90517CADA547D400F5C817
Authority key identifier: EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/yJmTECc0xAE23WYpd2ZsbZQZ1z4.roa
Signing time:             Mon 26 Sep 2022 08:20:48 +0000
ROA not before:           Mon 26 Sep 2022 08:20:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8251
IP address blocks:        212.79.96.0/20 maxlen: 20
                          31.47.96.0/20 maxlen: 20
                          185.99.64.0/22 maxlen: 22
                          81.201.48.0/21 maxlen: 21
                          81.201.56.0/21 maxlen: 21
                          81.201.48.175/32 maxlen: 32
                          78.108.96.0/20 maxlen: 20
                          2a01:490::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:78:e2:6c:5c:9f:90:51:7c:ad:a5:47:d4:00:f5:c8:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
        Validity
            Not Before: Sep 26 08:20:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c89993102734c40136dd662977666c6d9419d73e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:04:0e:8d:e6:15:39:43:5e:87:b5:e3:86:0a:
                    66:d6:d7:d5:94:d9:f0:af:20:53:21:b8:d7:85:c0:
                    45:ce:28:0b:fa:bf:e1:fe:00:89:d4:a5:84:af:f8:
                    fd:8a:b8:21:09:6f:64:96:c5:78:2e:df:d5:5d:08:
                    0c:4b:2e:cc:99:5c:33:24:6f:b7:5a:f8:70:18:96:
                    3d:f1:a1:2e:51:9c:66:64:2f:b3:3e:2b:98:f5:82:
                    54:05:f6:01:0f:0e:8f:56:78:38:2c:8f:44:dc:3c:
                    eb:36:fe:f9:9e:86:3d:63:a0:99:89:e3:39:2e:90:
                    f5:df:61:d8:fd:09:66:2b:ae:a3:f4:a1:30:42:75:
                    fa:4b:9b:ca:14:39:51:c4:ee:10:82:b7:37:99:c3:
                    dc:a4:6d:a5:b9:95:81:87:7e:a9:f3:ae:04:67:ae:
                    a8:dc:e4:51:b8:77:51:b9:1b:a7:b4:46:ef:32:68:
                    7a:38:db:aa:d8:22:2d:a3:0c:96:14:0e:52:b3:78:
                    ad:2d:7a:7f:e2:18:20:32:de:8d:17:98:9c:69:ca:
                    8b:f4:33:ee:dd:c1:41:0a:d6:a9:d7:26:24:7e:30:
                    6f:b7:ab:ff:04:de:f5:d3:2c:0a:07:7f:a5:b3:0c:
                    ce:d2:68:fd:d6:29:1d:92:a8:c3:8f:75:90:4c:74:
                    9b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:99:93:10:27:34:C4:01:36:DD:66:29:77:66:6C:6D:94:19:D7:3E
            X509v3 Authority Key Identifier:
                keyid:EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/yJmTECc0xAE23WYpd2ZsbZQZ1z4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/71CC03-8gZmL_PlIpbvdpj7f3uA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.47.96.0/20
                  78.108.96.0/20
                  81.201.48.0/20
                  185.99.64.0/22
                  212.79.96.0/20
                IPv6:
                  2a01:490::/32

    Signature Algorithm: sha256WithRSAEncryption
         2c:1e:70:33:0b:fd:e9:99:93:33:f0:2e:be:6f:f6:66:f2:e2:
         15:f3:43:11:ec:36:cc:ed:8c:63:95:8d:30:bc:c5:6a:b9:9b:
         46:55:17:42:6b:93:c6:ab:a8:88:0b:fd:15:6c:7e:42:b0:44:
         8f:21:af:11:82:55:7c:cb:53:f7:d2:27:a2:79:17:32:c1:37:
         ed:42:60:75:79:ba:54:6a:7c:0f:d8:5c:2b:3d:3e:0d:0b:8f:
         7e:67:90:f8:7d:29:10:77:0a:60:3d:52:d7:67:75:c4:d7:69:
         9f:ba:ff:97:29:1f:97:a1:fe:34:89:33:06:55:32:64:54:fd:
         98:06:bf:99:2e:8a:ae:b4:25:ff:47:39:33:3c:b3:3b:9a:3b:
         f9:ca:07:40:85:ac:63:52:72:26:1b:e8:cb:03:c0:fd:ed:68:
         15:63:37:42:c5:d2:25:5b:90:17:6d:06:28:30:7b:23:de:6d:
         0a:83:09:f8:bc:75:ee:f1:46:c8:a3:10:c1:b4:dc:98:ff:8c:
         fb:83:7f:a5:0c:9b:db:62:ff:c0:a6:7e:e3:c6:8b:04:6f:08:
         33:ff:4d:b4:76:91:6b:51:9c:68:c0:9d:4d:4f:87:a1:a7:9d:
         67:95:e5:5f:b6:44:d8:13:53:35:ab:37:90:99:7e:cc:71:04:
         2d:1c:07:08
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYN44mxcn5BRfK2lR9QA9cgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTA4MmQzN2ZiYzgxOTk4YmZjZjk0OGE1YmJkZGE2M2Vk
ZmRlZTAwHhcNMjIwOTI2MDgyMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk5OTMxMDI3MzRjNDAxMzZkZDY2Mjk3NzY2NmM2ZDk0MTlkNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQQOjeYVOUNeh7Xjhgpm1tfVlNnw
ryBTIbjXhcBFzigL+r/h/gCJ1KWEr/j9irghCW9klsV4Lt/VXQgMSy7MmVwzJG+3
WvhwGJY98aEuUZxmZC+zPiuY9YJUBfYBDw6PVng4LI9E3DzrNv75noY9Y6CZieM5
LpD132HY/QlmK66j9KEwQnX6S5vKFDlRxO4Qgrc3mcPcpG2luZWBh36p864EZ66o
3ORRuHdRuRuntEbvMmh6ONuq2CItowyWFA5Ss3itLXp/4hggMt6NF5icacqL9DPu
3cFBCtap1yYkfjBvt6v/BN710ywKB3+lswzO0mj91ikdkqjDj3WQTHSbwwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMiZkxAnNMQBNt1mKXdmbG2UGdc+MB8GA1UdIwQY
MBaAFO9QgtN/vIGZi/z5SKW73aY+397gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYt
OTE5NWQwMmRlZDU1LzEveUptVEVDYzB4QUUyM1dZcGQyWnNiWlFaMXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYtOTE5NWQwMmRlZDU1
LzEvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEHy9gAwQE
TmxgAwQEUckwAwQCuWNAAwQE1E9gMA0EAgACMAcDBQAqAQSQMA0GCSqGSIb3DQEB
CwUAA4IBAQAsHnAzC/3pmZMz8C6+b/Zm8uIV80MR7DbM7YxjlY0wvMVquZtGVRdC
a5PGq6iIC/0VbH5CsESPIa8RglV8y1P30ieieRcywTftQmB1ebpUanwP2FwrPT4N
C49+Z5D4fSkQdwpgPVLXZ3XE12mfuv+XKR+Xof40iTMGVTJkVP2YBr+ZLoqutCX/
RzkzPLM7mjv5ygdAhaxjUnImG+jLA8D97WgVYzdCxdIlW5AXbQYoMHsj3m0Kgwn4
vHXu8UbIoxDBtNyY/4z7g3+lDJvbYv/Apn7jxosEbwgz/020dpFrUZxowJ1NT4eh
p51nleVftkTYE1M1qzeQmX7McQQtHAcI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org