Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/40-5sYaXTvLoHU5fC5fRyfrDjNM.roa
File:                     40-5sYaXTvLoHU5fC5fRyfrDjNM.roa (raw, json)
Hash identifier:          dhShs5C8gsp9/FShAwNJilKSDHez3ht+5+th1tnp1ww=
Subject key identifier:   E3:4F:B9:B1:86:97:4E:F2:E8:1D:4E:5F:0B:97:D1:C9:FA:C3:8C:D3
Certificate issuer:       /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial:       037C03AA
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/40-5sYaXTvLoHU5fC5fRyfrDjNM.roa
Signing time:             Sat 01 Jan 2022 01:59:18 +0000
ROA not before:           Sat 01 Jan 2022 01:59:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        91.239.62.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58459050 (0x37c03aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
        Validity
            Not Before: Jan  1 01:59:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e34fb9b186974ef2e81d4e5f0b97d1c9fac38cd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e4:4d:5f:06:35:89:53:4f:c1:06:60:a9:2e:
                    e3:a0:15:fe:9a:9a:ca:b7:ed:ac:3d:d8:04:9b:6a:
                    e1:4a:fe:23:a9:4c:55:e3:9e:69:cf:35:8b:e6:cb:
                    ed:51:29:fe:b7:5b:35:60:94:bd:87:16:ef:87:75:
                    58:9b:5f:8f:50:31:9f:ff:f8:df:21:9e:46:6f:22:
                    2e:13:c0:7e:4e:35:11:5b:b5:ea:2d:28:35:b5:f6:
                    3a:5e:32:cd:d3:22:85:2b:62:c6:8b:78:0e:7d:62:
                    cc:46:17:a6:48:8d:6e:8b:0f:e2:7d:93:c8:4b:a4:
                    58:8d:b3:8e:16:ba:42:09:52:6f:15:dc:81:24:7e:
                    32:e0:d8:c1:0c:be:cc:88:ec:bd:0e:5d:5e:fa:04:
                    fd:5c:e2:b2:6c:f5:69:e2:fa:64:0c:8d:7e:6e:48:
                    cd:c8:19:07:85:81:04:f2:7d:82:4b:67:4b:3b:c8:
                    df:1e:1e:3b:4f:12:1f:ce:a0:33:4b:4e:ec:08:43:
                    fe:aa:8f:e5:39:12:4e:83:be:6d:04:20:6b:29:53:
                    c7:52:97:29:90:77:41:89:15:f0:80:80:60:04:45:
                    1e:d1:81:a6:c6:5f:83:8b:3a:01:ac:3a:60:43:3a:
                    05:7c:90:be:fb:ca:57:c0:6c:83:4e:45:48:5a:a8:
                    8d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:4F:B9:B1:86:97:4E:F2:E8:1D:4E:5F:0B:97:D1:C9:FA:C3:8C:D3
            X509v3 Authority Key Identifier:
                keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/40-5sYaXTvLoHU5fC5fRyfrDjNM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:da:5c:61:da:2a:e3:b8:77:f5:1c:fd:97:0a:86:25:90:55:
         c5:2b:3d:f0:83:8e:c0:a8:be:d0:5b:db:48:79:96:a8:2d:cf:
         a1:b4:81:08:66:68:0b:c8:dd:10:0e:6b:a4:f9:6d:0c:15:2d:
         1e:4f:6f:64:41:43:ef:f1:d4:83:cc:65:22:5e:b1:e8:da:e5:
         eb:81:ee:e5:29:d7:4d:e6:ef:c7:10:75:99:2c:c7:a7:51:08:
         21:5f:ba:94:bc:43:63:5d:5e:4b:95:82:be:3e:29:aa:42:44:
         b5:9c:97:f2:7b:41:91:7b:83:f4:db:98:c4:6e:c5:25:36:c4:
         47:b5:23:33:be:9a:9b:4e:db:a8:48:eb:54:81:98:fb:91:21:
         93:a6:8d:fb:05:46:37:4a:fa:c5:af:45:79:99:9f:11:c5:72:
         bf:cd:c4:c1:09:e3:0d:ab:d6:93:23:31:e9:8e:34:b9:94:c1:
         5b:09:f0:d0:68:42:73:72:25:8a:45:96:0d:04:50:a1:d3:fe:
         b2:c3:50:19:ac:6e:08:03:51:d4:34:75:93:14:fc:b6:3f:8e:
         d7:dd:18:a4:d7:f8:87:01:08:0c:64:b2:2e:1b:58:77:1b:ea:
         73:eb:5d:a5:d3:ae:3a:3d:7c:9b:79:e9:33:b4:e8:cc:70:46:
         5c:ad:74:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA3wDqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzA2YTgyYmIxMTVkNzM5M2UzOWZkNThiNzNiYmYyMGY2Y2QwYjFmMB4XDTIyMDEw
MTAxNTkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM0ZmI5YjE4Njk3
NGVmMmU4MWQ0ZTVmMGI5N2QxYzlmYWMzOGNkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPkTV8GNYlTT8EGYKku46AV/pqayrftrD3YBJtq4Ur+I6lM
VeOeac81i+bL7VEp/rdbNWCUvYcW74d1WJtfj1Axn//43yGeRm8iLhPAfk41EVu1
6i0oNbX2Ol4yzdMihStixot4Dn1izEYXpkiNbosP4n2TyEukWI2zjha6QglSbxXc
gSR+MuDYwQy+zIjsvQ5dXvoE/Vzismz1aeL6ZAyNfm5IzcgZB4WBBPJ9gktnSzvI
3x4eO08SH86gM0tO7AhD/qqP5TkSToO+bQQgaylTx1KXKZB3QYkV8ICAYARFHtGB
psZfg4s6Aaw6YEM6BXyQvvvKV8Bsg05FSFqojdkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjT7mxhpdO8ugdTl8Ll9HJ+sOM0zAfBgNVHSMEGDAWgBQcBqgrsRXXOT45
/Vi3O78g9s0LHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hBYW9LN0VWMXprLU9mMVl0enVfSVBiTkN4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMTJlYWFkLThhNDUtNDc4OS1iYWI1LTcyNjA1N2ExZjJhNC8x
LzQwLTVzWWFYVHZMb0hVNWZDNWZSeWZyRGpOTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MTJlYWFkLThhNDUtNDc4OS1iYWI1LTcyNjA1N2ExZjJhNC8xL0hBYW9LN0VWMXpr
LU9mMVl0enVfSVBiTkN4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvvPjANBgkqhkiG9w0BAQsFAAOC
AQEAPdpcYdoq47h39Rz9lwqGJZBVxSs98IOOwKi+0FvbSHmWqC3PobSBCGZoC8jd
EA5rpPltDBUtHk9vZEFD7/HUg8xlIl6x6Nrl64Hu5SnXTebvxxB1mSzHp1EIIV+6
lLxDY11eS5WCvj4pqkJEtZyX8ntBkXuD9NuYxG7FJTbER7UjM76am07bqEjrVIGY
+5Ehk6aN+wVGN0r6xa9FeZmfEcVyv83EwQnjDavWkyMx6Y40uZTBWwnw0GhCc3Il
ikWWDQRQodP+ssNQGaxuCANR1DR1kxT8tj+O190YpNf4hwEIDGSyLhtYdxvqc+td
pdOuOj18m3npM7TozHBGXK10Aw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:01 2024 by rpki-client on console-ams.rpki-client.org