Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/D_LTZO-jH-89jncq5vm2cPuApQQ.roa
File:                     D_LTZO-jH-89jncq5vm2cPuApQQ.roa (raw, json)
Hash identifier:          keJvcvDuBJj+70BU1xSTUrHiVys3hWQ9xawuEjCw9gM=
Subject key identifier:   0F:F2:D3:64:EF:A3:1F:EF:3D:8E:77:2A:E6:F9:B6:70:FB:80:A5:04
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       01842F5D3CB4E8F4678BB5C6063CE98234DA
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/D_LTZO-jH-89jncq5vm2cPuApQQ.roa
Signing time:             Mon 31 Oct 2022 18:45:50 +0000
ROA not before:           Mon 31 Oct 2022 18:45:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210993
IP address blocks:        80.76.43.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2f:5d:3c:b4:e8:f4:67:8b:b5:c6:06:3c:e9:82:34:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Oct 31 18:45:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0ff2d364efa31fef3d8e772ae6f9b670fb80a504
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:55:be:f7:74:cc:0a:0b:95:11:ac:60:db:bc:
                    70:ef:8c:c3:63:48:93:dd:c7:5c:de:4b:d6:9a:c4:
                    59:2f:6d:be:89:8a:8b:3d:2e:74:ed:94:96:28:6f:
                    e7:18:be:10:8c:62:d2:e5:99:f6:ab:66:3f:aa:70:
                    47:b2:10:e2:a3:b2:2d:01:06:23:62:d1:7b:c2:3a:
                    62:22:0e:ac:22:7d:40:ac:1a:6e:db:30:20:c4:30:
                    6c:01:e9:86:00:27:24:01:48:8e:fc:22:14:c0:6f:
                    df:21:f1:9d:7e:0a:fe:7c:60:41:c5:38:99:8d:89:
                    0b:30:86:99:c1:94:0a:11:31:f4:ff:26:db:68:d8:
                    a1:00:10:56:df:a8:3b:f7:62:55:3f:ea:be:1e:9e:
                    e6:d2:c3:32:24:19:d0:de:c7:ca:af:84:79:91:16:
                    fd:39:a9:6e:fe:52:23:5c:d2:c3:c7:26:21:f1:b1:
                    00:39:22:eb:f5:34:7e:d8:2d:94:6f:34:98:d9:06:
                    f5:7d:f7:a3:e8:cd:32:c5:b9:09:58:c8:13:8a:85:
                    08:e8:d2:b4:a6:d5:e3:b5:a1:35:ec:1a:db:8e:0c:
                    74:ad:cc:ad:4e:72:4d:c7:5d:f5:1c:39:8f:61:33:
                    d6:a8:de:cd:89:b5:3c:f2:58:11:9c:08:05:31:1a:
                    a2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:F2:D3:64:EF:A3:1F:EF:3D:8E:77:2A:E6:F9:B6:70:FB:80:A5:04
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/D_LTZO-jH-89jncq5vm2cPuApQQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.76.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:f5:18:c5:58:87:4d:e1:24:d7:e3:79:64:77:96:31:5a:7c:
         7c:66:90:03:cb:c2:2b:72:48:9d:24:e5:18:f9:46:a1:e0:ef:
         b2:8b:97:99:cd:37:05:12:bc:8c:1e:55:30:dc:07:e7:e1:7c:
         a0:6c:26:ab:d6:c6:5d:14:e7:a2:e7:b3:c6:db:26:9f:d4:3c:
         32:3f:5b:f1:ea:84:86:f9:62:ab:dc:27:6c:28:af:55:ae:e7:
         15:d4:1f:6b:13:19:fb:89:de:70:49:c7:dd:6a:f8:84:79:05:
         4b:63:45:ec:29:ce:6c:47:02:b8:b9:86:2e:73:6c:45:2c:08:
         2b:b8:40:39:1e:0a:05:3e:d6:bc:b2:11:bf:76:3d:00:6f:ea:
         8d:eb:31:a3:69:4f:d8:e1:78:7f:85:f2:17:c4:9e:71:c6:d0:
         1c:16:11:2d:66:63:c9:db:2d:98:b1:d2:ad:09:2a:76:69:aa:
         e1:6e:89:f2:10:2e:bc:ad:04:ac:3d:2e:26:cf:3f:7f:fe:3d:
         d2:23:a1:e5:95:f3:ff:71:67:fb:28:4a:89:9e:80:29:14:3e:
         9a:43:e1:bd:d3:ad:a4:11:9e:8c:d6:74:2d:96:d2:76:18:aa:
         e0:3e:c6:82:93:dc:51:fa:b6:36:df:78:1c:55:ca:24:95:a3:
         32:99:1c:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQvXTy06PRni7XGBjzpgjTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjIxMDMxMTg0NTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmYyZDM2NGVmYTMxZmVmM2Q4ZTc3MmFlNmY5YjY3MGZiODBhNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01W+93TMCguVEaxg27xw74zDY0iT
3cdc3kvWmsRZL22+iYqLPS507ZSWKG/nGL4QjGLS5Zn2q2Y/qnBHshDio7ItAQYj
YtF7wjpiIg6sIn1ArBpu2zAgxDBsAemGACckAUiO/CIUwG/fIfGdfgr+fGBBxTiZ
jYkLMIaZwZQKETH0/ybbaNihABBW36g792JVP+q+Hp7m0sMyJBnQ3sfKr4R5kRb9
Oalu/lIjXNLDxyYh8bEAOSLr9TR+2C2UbzSY2Qb1ffej6M0yxbkJWMgTioUI6NK0
ptXjtaE17Brbjgx0rcytTnJNx131HDmPYTPWqN7NibU88lgRnAgFMRqiMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/y02Tvox/vPY53Kub5tnD7gKUEMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvRF9MVFpPLWpILTg5am5jcTV2bTJjUHVBcFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEwrMA0G
CSqGSIb3DQEBCwUAA4IBAQAs9RjFWIdN4STX43lkd5YxWnx8ZpADy8IrckidJOUY
+Uah4O+yi5eZzTcFEryMHlUw3Afn4XygbCar1sZdFOei57PG2yaf1DwyP1vx6oSG
+WKr3CdsKK9VrucV1B9rExn7id5wScfdaviEeQVLY0XsKc5sRwK4uYYuc2xFLAgr
uEA5HgoFPta8shG/dj0Ab+qN6zGjaU/Y4Xh/hfIXxJ5xxtAcFhEtZmPJ2y2YsdKt
CSp2aarhbonyEC68rQSsPS4mzz9//j3SI6HllfP/cWf7KEqJnoApFD6aQ+G9062k
EZ6M1nQtltJ2GKrgPsaCk9xR+rY233gcVcoklaMymRwQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org