Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/nOmIBxKavko8IjEdrFaV4HvS2GY.roa
File:                     nOmIBxKavko8IjEdrFaV4HvS2GY.roa (raw, json)
Hash identifier:          vgYhVM/7uIuj4QkbRS/r7gCFESxmUoFwHfRGAo+roEs=
Subject key identifier:   9C:E9:88:07:12:9A:BE:4A:3C:22:31:1D:AC:56:95:E0:7B:D2:D8:66
Certificate issuer:       /CN=dbcacaaf8ac13a964ab3d461935841c8e1c93b80
Certificate serial:       0F543EA0
Authority key identifier: DB:CA:CA:AF:8A:C1:3A:96:4A:B3:D4:61:93:58:41:C8:E1:C9:3B:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/28rKr4rBOpZKs9Rhk1hByOHJO4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/nOmIBxKavko8IjEdrFaV4HvS2GY.roa
Signing time:             Sat 01 Jan 2022 13:06:29 +0000
ROA not before:           Sat 01 Jan 2022 13:06:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     553
IP address blocks:        141.79.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 257179296 (0xf543ea0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbcacaaf8ac13a964ab3d461935841c8e1c93b80
        Validity
            Not Before: Jan  1 13:06:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9ce98807129abe4a3c22311dac5695e07bd2d866
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3b:dd:26:10:64:fa:f9:b9:3a:e9:a8:0a:e8:
                    c6:f6:b2:70:cb:ac:70:7c:37:dd:39:65:5f:73:a1:
                    6d:a6:af:4f:42:eb:69:a4:06:75:52:c3:dc:7b:8b:
                    ed:34:b1:3e:49:74:af:ce:b4:83:b5:ea:92:79:06:
                    51:d1:27:22:44:4f:84:14:4e:00:0b:30:6d:0d:89:
                    46:bf:c0:72:1f:27:d5:78:0f:27:db:d0:0a:92:34:
                    0a:0e:33:3e:3f:57:73:2f:41:e7:32:23:5a:4e:a4:
                    d0:a1:96:68:84:17:2a:c3:45:75:02:6b:f7:39:4b:
                    68:f3:bd:f3:29:cd:98:c8:1f:bb:b6:d1:a0:1a:c8:
                    cf:4a:6b:b9:6b:18:6e:08:fc:1c:7c:76:89:49:97:
                    f5:24:06:2b:3b:12:36:b0:ce:76:23:7b:2a:3c:1e:
                    41:6c:8c:8e:9d:59:88:f8:b2:f1:77:48:06:99:02:
                    f7:2d:ed:95:da:75:e5:0e:36:e2:f1:22:58:da:36:
                    6e:38:f6:48:ba:9f:93:8d:7b:8c:e0:6b:06:92:93:
                    01:fa:7e:4d:59:83:78:cf:82:c4:34:7d:db:3a:1f:
                    12:c7:b2:1e:7c:1b:00:b1:06:b5:58:59:da:2a:11:
                    13:aa:85:83:95:ae:e6:5e:56:c2:71:47:14:8a:7b:
                    dc:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:E9:88:07:12:9A:BE:4A:3C:22:31:1D:AC:56:95:E0:7B:D2:D8:66
            X509v3 Authority Key Identifier:
                keyid:DB:CA:CA:AF:8A:C1:3A:96:4A:B3:D4:61:93:58:41:C8:E1:C9:3B:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28rKr4rBOpZKs9Rhk1hByOHJO4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/nOmIBxKavko8IjEdrFaV4HvS2GY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/28rKr4rBOpZKs9Rhk1hByOHJO4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.79.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6c:e1:e8:d1:94:56:0b:5d:31:e2:6e:33:8a:55:76:a3:af:7a:
         f6:13:a7:6d:b8:c2:08:ee:76:a8:93:05:45:ce:9c:0b:8f:cc:
         9f:10:2f:c2:d9:c6:aa:d1:72:0d:44:1d:f9:09:c9:a1:56:28:
         7b:d8:13:b3:68:3a:05:44:de:ab:6d:98:7e:44:03:88:50:38:
         7d:9c:7f:30:ea:b8:0b:7f:55:c8:6b:43:eb:bc:61:8a:11:ca:
         c0:93:bb:e8:4e:5f:35:9d:0c:36:7f:66:1e:27:82:d0:9b:c5:
         69:35:11:48:c3:df:3b:27:55:4d:9c:02:a0:bd:bb:5b:03:a6:
         96:b1:2b:3b:55:ff:1b:f6:5d:31:44:ed:18:26:75:cf:80:6c:
         5f:37:5d:71:a4:88:13:a0:4d:2f:43:bc:66:03:34:07:31:65:
         33:d4:5b:a9:e0:56:55:c5:2f:b1:11:cc:dd:cd:0c:f7:9e:e0:
         26:2f:0b:33:44:c3:12:21:1f:03:89:4f:4d:50:ed:42:af:16:
         54:30:5c:5a:65:72:33:19:4f:83:a7:80:e2:03:79:54:a9:7a:
         43:97:bf:97:bd:29:94:3f:38:ae:85:59:66:5e:8c:40:1e:3b:
         98:75:9f:72:84:65:09:d2:27:71:31:49:5f:97:95:8c:ff:a6:
         24:5e:f5:57
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIED1Q+oDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmNhY2FhZjhhYzEzYTk2NGFiM2Q0NjE5MzU4NDFjOGUxYzkzYjgwMB4XDTIyMDEw
MTEzMDYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNlOTg4MDcxMjlh
YmU0YTNjMjIzMTFkYWM1Njk1ZTA3YmQyZDg2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK073SYQZPr5uTrpqAroxvaycMuscHw33TllX3OhbaavT0Lr
aaQGdVLD3HuL7TSxPkl0r860g7XqknkGUdEnIkRPhBROAAswbQ2JRr/Ach8n1XgP
J9vQCpI0Cg4zPj9Xcy9B5zIjWk6k0KGWaIQXKsNFdQJr9zlLaPO98ynNmMgfu7bR
oBrIz0pruWsYbgj8HHx2iUmX9SQGKzsSNrDOdiN7KjweQWyMjp1ZiPiy8XdIBpkC
9y3tldp15Q424vEiWNo2bjj2SLqfk417jOBrBpKTAfp+TVmDeM+CxDR92zofEsey
HnwbALEGtVhZ2ioRE6qFg5Wu5l5WwnFHFIp73P0CAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBSc6YgHEpq+SjwiMR2sVpXge9LYZjAfBgNVHSMEGDAWgBTbysqvisE6lkqz
1GGTWEHI4ck7gDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI4cktyNHJCT3BaS3M5UmhrMWhCeU9ISk80QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvNTczN2IwLWJiMjQtNGU5Mi1iMTlkLTVlNjVjN2Q2MWI5ZS8x
L25PbUlCeEthdmtvOElqRWRyRmFWNEh2UzJHWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
NTczN2IwLWJiMjQtNGU5Mi1iMTlkLTVlNjVjN2Q2MWI5ZS8xLzI4cktyNHJCT3Ba
S3M5UmhrMWhCeU9ISk80QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAI1PMA0GCSqGSIb3DQEBCwUAA4IB
AQBs4ejRlFYLXTHibjOKVXajr3r2E6dtuMII7naokwVFzpwLj8yfEC/C2caq0XIN
RB35CcmhVih72BOzaDoFRN6rbZh+RAOIUDh9nH8w6rgLf1XIa0PrvGGKEcrAk7vo
Tl81nQw2f2YeJ4LQm8VpNRFIw987J1VNnAKgvbtbA6aWsSs7Vf8b9l0xRO0YJnXP
gGxfN11xpIgToE0vQ7xmAzQHMWUz1Fup4FZVxS+xEczdzQz3nuAmLwszRMMSIR8D
iU9NUO1CrxZUMFxaZXIzGU+Dp4DiA3lUqXpDl7+XvSmUPziuhVlmXoxAHjuYdZ9y
hGUJ0idxMUlfl5WM/6YkXvVX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:05 2024 by rpki-client on console-ams.rpki-client.org