Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/lmflzjIm6kWj5Al3w8taCmhlS40.roa
File:                     lmflzjIm6kWj5Al3w8taCmhlS40.roa (raw, json)
Hash identifier:          ViMN7tmTIkjKSVw2We9N7IBx4jGRsJ1LRvYDhGHn9+8=
Subject key identifier:   96:67:E5:CE:32:26:EA:45:A3:E4:09:77:C3:CB:5A:0A:68:65:4B:8D
Certificate issuer:       /CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Certificate serial:       19213C68
Authority key identifier: 57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/lmflzjIm6kWj5Al3w8taCmhlS40.roa
Signing time:             Sat 01 Jan 2022 06:52:59 +0000
ROA not before:           Sat 01 Jan 2022 06:52:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15557
IP address blocks:        2a00:a080::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 421608552 (0x19213c68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
        Validity
            Not Before: Jan  1 06:52:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9667e5ce3226ea45a3e40977c3cb5a0a68654b8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:29:72:68:94:58:9d:2b:ed:7c:61:1c:24:21:
                    9d:9d:cb:10:a9:84:14:58:67:34:b5:bd:c9:f3:f2:
                    6a:27:40:7f:69:c9:74:f3:a2:f9:d8:f0:35:5c:a4:
                    55:08:48:e1:a8:64:3f:5a:ed:f6:24:9f:38:79:48:
                    1a:b9:10:dd:d7:eb:12:45:42:d4:4b:18:14:f5:5f:
                    a5:9f:8b:ec:67:a4:3a:5f:5a:d4:4c:80:ca:b1:ef:
                    ce:7e:4a:81:eb:01:09:17:24:7f:45:da:a3:a4:82:
                    54:16:00:bc:dd:e5:4a:d6:ec:b0:6a:ce:2b:0e:78:
                    22:91:07:cf:3a:4e:e9:c3:31:a0:78:ef:3f:df:d4:
                    4e:d2:90:15:10:a5:a6:5c:63:e4:8d:ac:6f:04:e2:
                    52:aa:24:d7:ae:16:d3:86:18:dc:28:d6:13:25:e9:
                    bf:a4:94:20:d3:fc:31:d5:61:78:12:e3:7b:83:4d:
                    07:99:91:e3:c5:c9:c8:9d:87:8c:94:79:78:69:d3:
                    de:ba:d5:47:bc:5e:ad:02:7f:7c:86:69:b0:7e:e0:
                    fd:b2:11:b5:ed:c6:29:23:74:47:bb:57:61:2d:10:
                    a6:27:b5:5e:c6:d0:64:6d:b2:35:52:59:28:1d:5a:
                    e0:b3:0d:d6:a8:00:f6:f0:f9:1d:9a:02:ad:27:d7:
                    86:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:67:E5:CE:32:26:EA:45:A3:E4:09:77:C3:CB:5A:0A:68:65:4B:8D
            X509v3 Authority Key Identifier:
                keyid:57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/lmflzjIm6kWj5Al3w8taCmhlS40.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:a080::/32

    Signature Algorithm: sha256WithRSAEncryption
         77:a1:d9:83:fd:ca:3e:ac:e9:1f:76:c7:69:ab:09:2a:61:7e:
         fc:dc:49:0b:b8:86:dd:af:72:bf:77:81:99:57:22:a7:87:81:
         96:e2:6f:21:54:e9:32:08:1a:80:25:a4:d7:db:52:e5:54:2c:
         7d:b7:67:55:3a:d9:d5:2a:df:c0:ee:e1:32:e9:e9:05:ad:bb:
         6d:66:12:10:d5:03:10:1f:5f:46:b6:7b:e1:68:ff:24:48:9e:
         26:38:eb:5b:d9:66:88:d9:3a:50:14:0a:ec:12:75:99:c0:70:
         ca:ad:8c:0e:fb:f7:82:9a:c5:2e:3f:f6:24:d3:03:6c:6c:f1:
         11:7d:1a:e6:ee:b0:2a:23:f9:80:4b:c4:7d:ac:c2:f7:1d:af:
         aa:ac:a8:5d:36:a6:0f:7e:7e:06:6b:5b:b7:9a:d5:38:c8:ac:
         31:a5:fb:c7:47:69:60:a4:da:6d:81:cf:20:51:e3:d5:81:05:
         03:80:1a:5f:0b:59:07:bc:18:aa:98:ca:36:ad:f7:19:87:94:
         57:bb:d2:04:a2:f3:f4:aa:4c:a9:52:bb:6b:51:3a:1c:65:02:
         b1:bc:ad:75:a1:c2:45:90:e4:c4:84:bb:f2:0f:8d:01:52:3a:
         41:d6:b7:3d:fd:f4:8a:36:0c:36:d3:45:11:56:d9:fd:00:a2:
         db:34:06:67
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEGSE8aDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
N2I4MGU2MGI1YWRmNDVhZWJhNWMwYzhhYmNjYzYzOTk3YTBmMWRiMB4XDTIyMDEw
MTA2NTI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTY2N2U1Y2UzMjI2
ZWE0NWEzZTQwOTc3YzNjYjVhMGE2ODY1NGI4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0pcmiUWJ0r7XxhHCQhnZ3LEKmEFFhnNLW9yfPyaidAf2nJ
dPOi+djwNVykVQhI4ahkP1rt9iSfOHlIGrkQ3dfrEkVC1EsYFPVfpZ+L7GekOl9a
1EyAyrHvzn5KgesBCRckf0Xao6SCVBYAvN3lStbssGrOKw54IpEHzzpO6cMxoHjv
P9/UTtKQFRClplxj5I2sbwTiUqok164W04YY3CjWEyXpv6SUINP8MdVheBLje4NN
B5mR48XJyJ2HjJR5eGnT3rrVR7xerQJ/fIZpsH7g/bIRte3GKSN0R7tXYS0Qpie1
XsbQZG2yNVJZKB1a4LMN1qgA9vD5HZoCrSfXhhECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSWZ+XOMibqRaPkCXfDy1oKaGVLjTAfBgNVHSMEGDAWgBRXuA5gta30Wuul
wMirzMY5l6Dx2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Y3Z09ZTFd0OUZycnBjRElxOHpHT1plZzhkcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvNzlkZDljLWNlNjQtNGIyNS04ZjIzLWU2ZThhYWUzNDgyNi8x
L2xtZmx6akltNmtXajVBbDN3OHRhQ21obFM0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
NzlkZDljLWNlNjQtNGIyNS04ZjIzLWU2ZThhYWUzNDgyNi8xL1Y3Z09ZTFd0OUZy
cnBjRElxOHpHT1plZzhkcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoAoIAwDQYJKoZIhvcNAQELBQAD
ggEBAHeh2YP9yj6s6R92x2mrCSphfvzcSQu4ht2vcr93gZlXIqeHgZbibyFU6TII
GoAlpNfbUuVULH23Z1U62dUq38Du4TLp6QWtu21mEhDVAxAfX0a2e+Fo/yRIniY4
61vZZojZOlAUCuwSdZnAcMqtjA7794KaxS4/9iTTA2xs8RF9GubusCoj+YBLxH2s
wvcdr6qsqF02pg9+fgZrW7ea1TjIrDGl+8dHaWCk2m2BzyBR49WBBQOAGl8LWQe8
GKqYyjat9xmHlFe70gSi8/SqTKlSu2tROhxlArG8rXWhwkWQ5MSEu/IPjQFSOkHW
tz399Io2DDbTRRFW2f0Aots0Bmc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:36 2024 by rpki-client on console-fra.rpki-client.org