Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/T6pocpjv1R74wGqz3DyifeS6EG8.roa
File:                     T6pocpjv1R74wGqz3DyifeS6EG8.roa (raw, json)
Hash identifier:          dryBneUFYmBm1iDS+YgJyJKVVPXAd8Y5dyIlKdodfCs=
Subject key identifier:   4F:AA:68:72:98:EF:D5:1E:F8:C0:6A:B3:DC:3C:A2:7D:E4:BA:10:6F
Certificate issuer:       /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Certificate serial:       0182201CA1EB5ED96A7CFC6C6C44ABA71016
Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/T6pocpjv1R74wGqz3DyifeS6EG8.roa
Signing time:             Thu 21 Jul 2022 09:35:23 +0000
ROA not before:           Thu 21 Jul 2022 09:35:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39767
IP address blocks:        78.158.72.0/21 maxlen: 21
                          78.158.80.0/20 maxlen: 21
                          185.90.140.0/22 maxlen: 22
                          2a05:e200::/29 maxlen: 30

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:20:1c:a1:eb:5e:d9:6a:7c:fc:6c:6c:44:ab:a7:10:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
        Validity
            Not Before: Jul 21 09:35:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4faa687298efd51ef8c06ab3dc3ca27de4ba106f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8c:20:c3:ef:9c:bc:fc:3a:a3:58:a9:3a:01:
                    b1:00:07:3f:fc:0a:ad:ad:d2:2c:43:d6:2a:29:40:
                    84:53:85:69:39:d0:2b:df:d7:79:6f:6b:e5:55:c8:
                    79:bd:34:66:dd:ba:aa:51:84:bb:05:70:c4:e9:e6:
                    0e:43:e6:13:88:52:6a:6d:e5:30:b4:64:82:66:59:
                    25:6c:8e:d8:92:13:03:55:62:be:bf:12:c8:a9:8b:
                    d5:31:08:97:18:5a:62:85:fd:69:ac:eb:cf:2c:ca:
                    5e:af:a3:84:2e:f8:7d:24:a0:09:43:3b:de:6b:c3:
                    fe:84:5c:c4:ee:9e:65:3a:0a:48:f0:52:6b:1c:10:
                    0c:fe:a0:a6:be:ed:8a:24:a1:18:52:66:84:e4:9c:
                    50:44:b3:a6:02:d2:dc:3f:74:c9:70:e3:f0:23:61:
                    ff:b8:20:9d:08:fc:f1:a4:53:b2:c2:8e:f5:25:32:
                    e1:7d:de:65:f0:82:74:b9:e6:64:3a:84:4b:ff:cd:
                    9c:3c:59:07:19:83:00:a8:ff:e1:8a:0e:98:25:ef:
                    9c:e5:4a:52:5c:40:60:ae:fb:d8:ff:a4:2b:80:b3:
                    35:e9:99:3c:64:23:3a:33:ca:f8:46:72:7b:dd:d4:
                    3f:d4:5a:90:d0:f3:1b:0f:0e:79:f9:4d:52:a6:9c:
                    2d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:AA:68:72:98:EF:D5:1E:F8:C0:6A:B3:DC:3C:A2:7D:E4:BA:10:6F
            X509v3 Authority Key Identifier:
                keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/T6pocpjv1R74wGqz3DyifeS6EG8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.158.72.0-78.158.95.255
                  185.90.140.0/22
                IPv6:
                  2a05:e200::/29

    Signature Algorithm: sha256WithRSAEncryption
         66:33:18:56:72:42:24:be:64:08:8f:76:84:d9:c3:93:ff:e6:
         bf:95:f2:83:16:fa:d1:77:da:7e:78:15:b2:8e:4f:6a:af:73:
         ef:fe:a0:53:64:46:f1:a7:15:9f:cf:f9:dd:d6:58:34:5f:86:
         43:b3:4f:1c:d0:52:b7:50:5a:7a:fe:ab:62:ec:c9:e8:51:c6:
         cd:0b:c7:52:d8:80:25:f9:53:ad:d5:3e:aa:0a:09:69:1d:a7:
         2b:eb:26:a3:64:9a:0c:b4:6d:ff:57:9c:ad:11:e4:00:8e:9e:
         e0:b7:84:1a:da:6e:49:9b:05:94:5f:41:03:61:d5:88:cc:e4:
         5b:b9:3c:8b:22:1f:8e:d8:7e:a4:48:d3:76:30:96:7a:3a:37:
         14:bc:93:67:4a:09:7c:e1:16:84:17:19:b2:45:82:5b:74:d4:
         31:22:f8:5c:2e:69:24:19:73:56:5c:6e:44:ef:ee:f0:71:9b:
         53:10:d2:01:32:24:d7:f1:1b:e5:08:08:e7:91:9d:92:9f:0c:
         24:56:0b:c1:87:2a:e6:8a:aa:b5:2e:a0:43:b3:39:58:89:63:
         66:08:4c:fd:f9:b8:2a:83:d5:69:cf:3f:c9:b3:9f:ac:27:07:
         c1:b7:06:a2:5e:d8:bb:70:1c:c1:ff:a0:77:f4:2b:5f:81:c4:
         81:df:05:b2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYIgHKHrXtlqfPxsbESrpxAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk
YzQ5ZDUwHhcNMjIwNzIxMDkzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmFhNjg3Mjk4ZWZkNTFlZjhjMDZhYjNkYzNjYTI3ZGU0YmExMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4wgw++cvPw6o1ipOgGxAAc//Aqt
rdIsQ9YqKUCEU4VpOdAr39d5b2vlVch5vTRm3bqqUYS7BXDE6eYOQ+YTiFJqbeUw
tGSCZlklbI7YkhMDVWK+vxLIqYvVMQiXGFpihf1prOvPLMper6OELvh9JKAJQzve
a8P+hFzE7p5lOgpI8FJrHBAM/qCmvu2KJKEYUmaE5JxQRLOmAtLcP3TJcOPwI2H/
uCCdCPzxpFOywo71JTLhfd5l8IJ0ueZkOoRL/82cPFkHGYMAqP/hig6YJe+c5UpS
XEBgrvvY/6QrgLM16Zk8ZCM6M8r4RnJ73dQ/1FqQ0PMbDw55+U1SppwtNQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFE+qaHKY79Ue+MBqs9w8on3kuhBvMB8GA1UdIwQY
MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt
ZTBhZWUxYmJmOWUzLzEvVDZwb2NwanYxUjc0d0dxejNEeWlmZVM2RUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz
LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBANOnkgD
BAVOnkADBAK5WowwDQQCAAIwBwMFAyoF4gAwDQYJKoZIhvcNAQELBQADggEBAGYz
GFZyQiS+ZAiPdoTZw5P/5r+V8oMW+tF32n54FbKOT2qvc+/+oFNkRvGnFZ/P+d3W
WDRfhkOzTxzQUrdQWnr+q2LsyehRxs0Lx1LYgCX5U63VPqoKCWkdpyvrJqNkmgy0
bf9XnK0R5ACOnuC3hBrabkmbBZRfQQNh1YjM5Fu5PIsiH47YfqRI03Ywlno6NxS8
k2dKCXzhFoQXGbJFglt01DEi+FwuaSQZc1ZcbkTv7vBxm1MQ0gEyJNfxG+UICOeR
nZKfDCRWC8GHKuaKqrUuoEOzOViJY2YITP35uCqD1WnPP8mzn6wnB8G3BqJe2Ltw
HMH/oHf0K1+BxIHfBbI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:53 2024 by rpki-client on console-fra.rpki-client.org