Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/73MYZz7hActP8OJ_eX4QEXnT_Q4.roa
File:                     73MYZz7hActP8OJ_eX4QEXnT_Q4.roa (raw, json)
Hash identifier:          8ofm3c1TQG7eZ1YuJvZFg3D4lKF+nnNBMYx6oXTbvDw=
Subject key identifier:   EF:73:18:67:3E:E1:01:CB:4F:F0:E2:7F:79:7E:10:11:79:D3:FD:0E
Certificate issuer:       /CN=f19cf09771b8f184caa1a00421b9294491e97e6b
Certificate serial:       08E4F5CC
Authority key identifier: F1:9C:F0:97:71:B8:F1:84:CA:A1:A0:04:21:B9:29:44:91:E9:7E:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Zzwl3G48YTKoaAEIbkpRJHpfms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/73MYZz7hActP8OJ_eX4QEXnT_Q4.roa
Signing time:             Sat 01 Jan 2022 15:55:01 +0000
ROA not before:           Sat 01 Jan 2022 15:55:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51695
IP address blocks:        217.78.98.0/24 maxlen: 24
                          217.78.97.0/24 maxlen: 24
                          217.78.101.0/24 maxlen: 24
                          217.78.100.0/24 maxlen: 24
                          217.78.99.0/24 maxlen: 24
                          217.78.105.0/24 maxlen: 24
                          217.78.104.0/24 maxlen: 24
                          217.78.103.0/24 maxlen: 24
                          217.78.102.0/24 maxlen: 24
                          217.78.108.0/24 maxlen: 24
                          217.78.107.0/24 maxlen: 24
                          217.78.106.0/24 maxlen: 24
                          217.78.111.0/24 maxlen: 24
                          217.78.110.0/24 maxlen: 24
                          217.78.109.0/24 maxlen: 24
                          2a02:6700::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 149222860 (0x8e4f5cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f19cf09771b8f184caa1a00421b9294491e97e6b
        Validity
            Not Before: Jan  1 15:55:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ef7318673ee101cb4ff0e27f797e101179d3fd0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:63:3a:a5:e3:57:2a:39:b7:d9:32:14:3f:2e:
                    37:e6:34:c6:8d:c7:82:7c:13:3a:35:b8:16:c4:c2:
                    89:50:6a:bc:d6:e2:39:06:2b:30:72:67:1c:48:44:
                    a0:4a:40:e3:49:1a:50:c0:f9:f4:da:0e:5a:a9:09:
                    d6:9e:2f:51:dc:e1:f0:59:74:5c:74:01:fa:d7:fd:
                    bb:14:a3:54:5d:3b:f7:87:07:ca:b3:17:f5:02:43:
                    fc:e9:99:45:5a:bb:c0:e6:94:b3:96:ac:7e:f6:cc:
                    b8:29:82:b7:a1:75:d2:98:77:6f:c6:e4:57:7a:62:
                    95:b6:bf:1a:63:51:e9:c7:7b:9f:0c:ae:6c:e6:2a:
                    05:eb:c3:90:c2:c0:fb:7e:43:c0:aa:91:be:be:95:
                    b6:18:73:44:03:cf:c7:39:b2:73:a2:97:b0:f3:5d:
                    2e:b3:7a:19:ea:46:44:ff:03:94:40:4d:4a:70:59:
                    c4:e3:de:9a:60:28:c1:a9:1c:ad:6a:d4:b5:26:87:
                    d4:0d:bb:89:fe:c9:9f:c5:b8:ff:1b:3f:15:65:60:
                    f0:e9:8d:ed:94:c1:7b:51:b4:04:b7:ad:66:26:2c:
                    89:72:46:57:c6:84:f0:fa:23:9f:fd:0f:fc:2b:8e:
                    14:d0:8a:95:65:e7:b4:d9:8d:d9:65:2a:f9:b2:e6:
                    88:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:73:18:67:3E:E1:01:CB:4F:F0:E2:7F:79:7E:10:11:79:D3:FD:0E
            X509v3 Authority Key Identifier:
                keyid:F1:9C:F0:97:71:B8:F1:84:CA:A1:A0:04:21:B9:29:44:91:E9:7E:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Zzwl3G48YTKoaAEIbkpRJHpfms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/73MYZz7hActP8OJ_eX4QEXnT_Q4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/8Zzwl3G48YTKoaAEIbkpRJHpfms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.78.97.0-217.78.111.255
                IPv6:
                  2a02:6700::/32

    Signature Algorithm: sha256WithRSAEncryption
         30:70:fe:cf:ca:48:55:c6:66:2a:17:36:d7:ce:46:26:c7:36:
         d3:bb:e1:08:1b:4e:64:f8:b4:18:ec:8e:75:62:2f:aa:be:4a:
         02:c1:40:01:e8:c6:7f:37:0c:32:37:5e:8a:11:7f:6c:c4:10:
         81:54:dc:ca:3c:2b:67:71:32:b8:11:53:c0:cd:ec:00:a0:6c:
         fb:5c:6e:74:fe:ef:f4:f9:fb:88:8c:64:d8:26:c0:c1:ec:74:
         46:3e:45:6e:a7:64:2a:05:a0:39:f5:d0:15:86:06:74:ba:49:
         41:4e:13:de:2b:17:48:11:fd:e3:15:d9:8d:de:82:1a:49:4c:
         7b:58:07:42:8b:d8:88:a8:ab:99:d0:3d:37:bf:74:61:de:2b:
         6e:d2:31:ab:30:ec:31:aa:25:af:30:51:52:24:d2:50:3c:b7:
         e0:e4:00:28:1d:e1:4a:79:34:cf:fb:48:0d:af:af:91:57:9b:
         c1:23:a7:8a:21:06:41:43:d5:1f:f9:b2:58:11:d5:96:54:73:
         11:2e:a9:a2:cd:db:81:22:14:7b:c4:4f:45:b2:44:0c:1a:8f:
         98:15:bf:cc:04:75:11:2c:13:ad:4a:28:76:40:bd:cb:46:dd:
         a6:74:9c:ac:28:fd:5a:21:f4:cd:ce:ff:10:5c:0e:0a:4a:d4:
         f8:2f:5d:1b
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIECOT1zDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTljZjA5NzcxYjhmMTg0Y2FhMWEwMDQyMWI5Mjk0NDkxZTk3ZTZiMB4XDTIyMDEw
MTE1NTUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY3MzE4NjczZWUx
MDFjYjRmZjBlMjdmNzk3ZTEwMTE3OWQzZmQwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1jOqXjVyo5t9kyFD8uN+Y0xo3HgnwTOjW4FsTCiVBqvNbi
OQYrMHJnHEhEoEpA40kaUMD59NoOWqkJ1p4vUdzh8Fl0XHQB+tf9uxSjVF0794cH
yrMX9QJD/OmZRVq7wOaUs5asfvbMuCmCt6F10ph3b8bkV3pilba/GmNR6cd7nwyu
bOYqBevDkMLA+35DwKqRvr6VthhzRAPPxzmyc6KXsPNdLrN6GepGRP8DlEBNSnBZ
xOPemmAowakcrWrUtSaH1A27if7Jn8W4/xs/FWVg8OmN7ZTBe1G0BLetZiYsiXJG
V8aE8Pojn/0P/CuOFNCKlWXntNmN2WUq+bLmiPkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTvcxhnPuEBy0/w4n95fhARedP9DjAfBgNVHSMEGDAWgBTxnPCXcbjxhMqh
oAQhuSlEkel+azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhaendsM0c0OFlUS29hQUVJYmtwUkpIcGZtcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNjUwYzk3LTRlYjYtNGM5MS1iNWEzLWRjMWRiNjdkYjNjYi8x
LzczTVlaejdoQWN0UDhPSl9lWDRRRVhuVF9RNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NjUwYzk3LTRlYjYtNGM5MS1iNWEzLWRjMWRiNjdkYjNjYi8xLzhaendsM0c0OFlU
S29hQUVJYmtwUkpIcGZtcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQA2U5hAwQE2U5gMA0EAgACMAcD
BQAqAmcAMA0GCSqGSIb3DQEBCwUAA4IBAQAwcP7PykhVxmYqFzbXzkYmxzbTu+EI
G05k+LQY7I51Yi+qvkoCwUAB6MZ/NwwyN16KEX9sxBCBVNzKPCtncTK4EVPAzewA
oGz7XG50/u/0+fuIjGTYJsDB7HRGPkVup2QqBaA59dAVhgZ0uklBThPeKxdIEf3j
FdmN3oIaSUx7WAdCi9iIqKuZ0D03v3Rh3itu0jGrMOwxqiWvMFFSJNJQPLfg5AAo
HeFKeTTP+0gNr6+RV5vBI6eKIQZBQ9Uf+bJYEdWWVHMRLqmizduBIhR7xE9FskQM
Go+YFb/MBHURLBOtSih2QL3LRt2mdJysKP1aIfTNzv8QXA4KStT4L10b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:23 2024 by rpki-client on console-fra.rpki-client.org