Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/NTg5cYbvnsCV1Dpw2lrp5VuGYIE.roa
File:                     NTg5cYbvnsCV1Dpw2lrp5VuGYIE.roa (raw, json)
Hash identifier:          jjzUOZzReUD0N8Ht97n87KnyWfaCaLc1CFQjvv3K14o=
Subject key identifier:   35:38:39:71:86:EF:9E:C0:95:D4:3A:70:DA:5A:E9:E5:5B:86:60:81
Certificate issuer:       /CN=a3787d2be6eac36c1d2780f786b87c9e153e81f1
Certificate serial:       0183AD978A9F954D696A87981AF010E88AE5
Authority key identifier: A3:78:7D:2B:E6:EA:C3:6C:1D:27:80:F7:86:B8:7C:9E:15:3E:81:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3h9K-bqw2wdJ4D3hrh8nhU-gfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/NTg5cYbvnsCV1Dpw2lrp5VuGYIE.roa
Signing time:             Thu 06 Oct 2022 13:58:53 +0000
ROA not before:           Thu 06 Oct 2022 13:58:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61344
IP address blocks:        212.66.61.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ad:97:8a:9f:95:4d:69:6a:87:98:1a:f0:10:e8:8a:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3787d2be6eac36c1d2780f786b87c9e153e81f1
        Validity
            Not Before: Oct  6 13:58:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3538397186ef9ec095d43a70da5ae9e55b866081
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:85:ea:2f:0e:86:98:cf:f9:40:bb:33:d9:19:
                    9a:8e:90:51:21:e4:8f:33:b5:1e:e5:df:8d:0b:21:
                    ad:d2:ed:4a:f0:2e:db:b1:36:d8:3f:45:2a:77:ae:
                    83:d6:d0:4b:2f:50:e7:ed:28:5c:0d:99:a4:93:b7:
                    bb:bb:38:4c:a1:94:64:34:ec:56:2a:c2:84:e0:e5:
                    81:4f:2c:f2:6f:23:62:12:98:3a:d7:33:ab:ce:a3:
                    f1:02:9a:0d:6e:59:7a:29:24:0b:bf:13:6a:2b:58:
                    7d:d3:7f:0c:a0:91:20:55:9f:6e:59:ee:0b:be:99:
                    3c:3a:ba:40:38:e3:e4:a8:59:a3:ae:ba:88:de:85:
                    64:38:dc:62:db:dd:45:00:2a:6f:71:63:b2:59:40:
                    d7:c6:4b:ba:27:10:00:a6:62:b2:69:a9:9c:49:1a:
                    e0:3c:5a:46:1f:ab:54:7a:77:74:dd:de:21:d1:6d:
                    bd:13:73:92:6b:df:9c:8c:ee:01:1a:39:f8:6c:52:
                    18:8f:45:75:1f:b7:d9:2d:6d:aa:3f:10:24:17:03:
                    b2:38:d3:15:57:4f:52:c9:12:91:7d:5b:b8:fa:db:
                    6e:47:e3:c8:58:22:be:43:dd:8c:7d:ef:8c:f0:31:
                    e6:a1:28:96:29:61:21:81:ff:cb:d5:14:df:56:2c:
                    7a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:38:39:71:86:EF:9E:C0:95:D4:3A:70:DA:5A:E9:E5:5B:86:60:81
            X509v3 Authority Key Identifier:
                keyid:A3:78:7D:2B:E6:EA:C3:6C:1D:27:80:F7:86:B8:7C:9E:15:3E:81:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3h9K-bqw2wdJ4D3hrh8nhU-gfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/NTg5cYbvnsCV1Dpw2lrp5VuGYIE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/o3h9K-bqw2wdJ4D3hrh8nhU-gfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.66.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:5f:cf:b1:07:49:2d:9a:f1:a0:79:a3:ee:68:66:85:b9:a7:
         5c:22:be:fc:b2:99:16:11:87:69:33:bd:f5:6a:56:0b:9a:84:
         17:29:d5:ab:44:c0:4e:c8:0b:46:88:be:ed:a7:7f:eb:01:df:
         98:34:2d:12:a8:f0:db:f4:05:d9:73:32:44:61:90:5b:18:cc:
         5f:20:2a:89:0a:ae:fd:08:75:2b:79:61:43:f8:72:c5:01:aa:
         e5:c1:7a:32:61:5b:b5:f7:fc:b8:93:43:97:68:db:1c:06:df:
         8f:59:bc:ab:dd:67:8a:15:c2:96:c3:da:2b:36:6e:59:a2:47:
         4c:e8:96:ad:da:30:6a:1b:50:dc:a4:86:08:da:8d:e0:87:2c:
         6b:b2:e6:7a:46:c2:f4:8b:86:cf:00:b4:ed:62:3b:1d:88:28:
         9a:e6:eb:e8:0f:1b:eb:0b:ba:55:a5:35:3b:f2:17:33:be:d3:
         93:ae:8a:b8:98:b8:84:d5:f9:ae:73:95:c0:24:d7:f5:23:99:
         8f:50:14:c7:02:0a:02:c9:5e:79:18:91:d7:36:48:1a:67:a6:
         52:25:c5:3d:d1:d3:5f:2a:dd:00:71:4e:ed:3a:cc:1e:e5:ac:
         a8:28:62:bc:7c:2b:64:b6:14:0e:c9:51:01:ff:9f:07:6c:e2:
         e7:21:9d:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOtl4qflU1paoeYGvAQ6IrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzg3ZDJiZTZlYWMzNmMxZDI3ODBmNzg2Yjg3YzllMTUz
ZTgxZjEwHhcNMjIxMDA2MTM1ODUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTM4Mzk3MTg2ZWY5ZWMwOTVkNDNhNzBkYTVhZTllNTViODY2MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA84XqLw6GmM/5QLsz2RmajpBRIeSP
M7Ue5d+NCyGt0u1K8C7bsTbYP0Uqd66D1tBLL1Dn7ShcDZmkk7e7uzhMoZRkNOxW
KsKE4OWBTyzybyNiEpg61zOrzqPxApoNbll6KSQLvxNqK1h9038MoJEgVZ9uWe4L
vpk8OrpAOOPkqFmjrrqI3oVkONxi291FACpvcWOyWUDXxku6JxAApmKyaamcSRrg
PFpGH6tUend03d4h0W29E3OSa9+cjO4BGjn4bFIYj0V1H7fZLW2qPxAkFwOyONMV
V09SyRKRfVu4+ttuR+PIWCK+Q92Mfe+M8DHmoSiWKWEhgf/L1RTfVix6lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDU4OXGG757AldQ6cNpa6eVbhmCBMB8GA1UdIwQY
MBaAFKN4fSvm6sNsHSeA94a4fJ4VPoHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNoOUstYnF3MndkSjREM2hyaDhuaFUtZ2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mNTY1ZDctMzJhZi00YmUxLTgyYWMt
YjYwMmNlZGFjMzZjLzEvTlRnNWNZYnZuc0NWMURwdzJscnA1VnVHWUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9mNTY1ZDctMzJhZi00YmUxLTgyYWMtYjYwMmNlZGFjMzZj
LzEvbzNoOUstYnF3MndkSjREM2hyaDhuaFUtZ2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EI9MA0G
CSqGSIb3DQEBCwUAA4IBAQBwX8+xB0ktmvGgeaPuaGaFuadcIr78spkWEYdpM731
alYLmoQXKdWrRMBOyAtGiL7tp3/rAd+YNC0SqPDb9AXZczJEYZBbGMxfICqJCq79
CHUreWFD+HLFAarlwXoyYVu19/y4k0OXaNscBt+PWbyr3WeKFcKWw9orNm5ZokdM
6Jat2jBqG1DcpIYI2o3ghyxrsuZ6RsL0i4bPALTtYjsdiCia5uvoDxvrC7pVpTU7
8hczvtOTroq4mLiE1fmuc5XAJNf1I5mPUBTHAgoCyV55GJHXNkgaZ6ZSJcU90dNf
Kt0AcU7tOswe5ayoKGK8fCtkthQOyVEB/58HbOLnIZ3X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:38 2024 by rpki-client on console-ams.rpki-client.org