Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/9JlvJesuSf_hXDQ8UkUzXEnEVYs.roa
File:                     9JlvJesuSf_hXDQ8UkUzXEnEVYs.roa (raw, json)
Hash identifier:          7UYr9Jb0MeqWUAl9yQk1jwVRU6MHLJCG8u7zg9pAZRA=
Subject key identifier:   F4:99:6F:25:EB:2E:49:FF:E1:5C:34:3C:52:45:33:5C:49:C4:55:8B
Certificate issuer:       /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial:       069EF8EF
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/9JlvJesuSf_hXDQ8UkUzXEnEVYs.roa
Signing time:             Sat 01 Jan 2022 13:59:30 +0000
ROA not before:           Sat 01 Jan 2022 13:59:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12989
IP address blocks:        81.171.62.0/23 maxlen: 24
                          81.171.61.0/24 maxlen: 24
                          81.171.66.0/24 maxlen: 24
                          81.171.70.0/23 maxlen: 23
                          81.171.68.0/24 maxlen: 24
                          81.171.105.0/24 maxlen: 24
                          81.171.106.0/24 maxlen: 24
                          81.171.116.0/24 maxlen: 24
                          81.171.115.0/24 maxlen: 24
                          2001:4de0:2105::/48 maxlen: 48
                          2001:4de0:4000::/40 maxlen: 40
                          2001:4de0:4100::/40 maxlen: 40
                          2001:4de0:4300::/40 maxlen: 40
                          2001:4de0:2100::/40 maxlen: 48
                          2001:4de0:500::/40 maxlen: 40
                          2001:4de0:2200::/40 maxlen: 40
                          2001:4de0:3000::/40 maxlen: 40
                          2001:4de0:2000::/40 maxlen: 40
                          2001:4de0:400::/40 maxlen: 40
                          2001:4de0:2300::/40 maxlen: 40
                          2001:4de0:700::/40 maxlen: 40
                          2001:4de0:3100::/40 maxlen: 40
                          2001:4de0:600::/40 maxlen: 40
                          2001:4de0:4200::/40 maxlen: 40
                          2001:4de0:1000::/48 maxlen: 48
                          2001:4de0:402::/48 maxlen: 48
                          2001:4de0:2202::/48 maxlen: 48
                          2001:4de0:7002::/48 maxlen: 48
                          2001:4de0:5010::/48 maxlen: 48
                          2001:4de0:ac13::/48 maxlen: 48
                          2001:4de0:3004::/48 maxlen: 48
                          2001:4de0:4006::/48 maxlen: 48
                          2001:4de0:101::/48 maxlen: 48
                          2001:4de0:7001::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 111081711 (0x69ef8ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
        Validity
            Not Before: Jan  1 13:59:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f4996f25eb2e49ffe15c343c5245335c49c4558b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:94:15:87:74:c3:f9:7b:22:93:05:9e:9c:98:
                    85:6f:36:f6:76:ea:96:80:b6:41:a1:11:36:e9:de:
                    a7:c1:43:26:90:cf:69:06:be:86:9d:82:ad:26:38:
                    65:4c:dc:56:87:f8:c4:f5:83:2f:95:c0:17:2d:8b:
                    fa:b6:c1:4a:64:22:11:49:fb:b8:10:b1:02:88:2d:
                    69:1b:53:8c:df:2a:c7:d2:f0:4f:69:34:19:eb:34:
                    a5:27:f4:40:09:bf:58:80:1a:fe:7d:78:54:9c:60:
                    06:24:18:be:cf:5e:00:85:37:4e:cf:8d:f6:fb:10:
                    1d:6c:2b:30:c6:5c:38:01:9d:f1:3a:74:30:64:26:
                    cb:8e:e9:0f:9d:7d:5d:57:34:32:f2:56:bf:af:65:
                    58:ff:fd:fd:6e:78:a0:5d:72:9b:ff:27:78:af:f9:
                    23:1c:e5:2e:86:fb:3d:18:75:90:5a:38:59:1e:d0:
                    94:96:0a:8c:eb:d0:ea:a9:c2:41:0f:c1:5a:12:ef:
                    6a:c0:48:ef:7b:5a:61:a6:13:eb:c0:3c:58:05:e1:
                    ae:90:99:af:81:c5:46:1e:69:9e:cc:03:93:39:7d:
                    db:39:c8:8e:b1:6e:5f:03:e9:7e:99:14:de:d3:da:
                    0d:4f:fa:9c:53:20:30:a2:85:d9:58:aa:15:0a:f8:
                    67:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:99:6F:25:EB:2E:49:FF:E1:5C:34:3C:52:45:33:5C:49:C4:55:8B
            X509v3 Authority Key Identifier:
                keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/9JlvJesuSf_hXDQ8UkUzXEnEVYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.171.61.0-81.171.63.255
                  81.171.66.0/24
                  81.171.68.0/24
                  81.171.70.0/23
                  81.171.105.0-81.171.106.255
                  81.171.115.0-81.171.116.255
                IPv6:
                  2001:4de0:101::/48
                  2001:4de0:400::/38
                  2001:4de0:1000::/48
                  2001:4de0:2000::/38
                  2001:4de0:3000::/39
                  2001:4de0:4000::/38
                  2001:4de0:5010::/48
                  2001:4de0:7001::-2001:4de0:7002:ffff:ffff:ffff:ffff:ffff
                  2001:4de0:ac13::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:f7:ce:60:e9:9e:0c:21:8b:dd:0a:25:19:27:3e:d6:40:1d:
         2d:e2:15:60:a1:44:a7:81:6b:aa:99:f5:3f:38:ee:01:62:4b:
         f5:c8:79:f9:e1:db:00:1c:70:b5:2f:72:90:21:56:ca:bd:74:
         9a:27:3d:02:6a:4b:69:be:22:1c:a5:64:3b:fc:4a:29:6a:42:
         8b:6f:cc:96:f4:f1:76:7f:14:e4:3c:15:11:88:0c:3c:74:bb:
         78:9e:d1:1a:39:db:03:bb:b1:0a:8e:f7:b3:73:06:18:cb:66:
         eb:29:35:f0:5a:7d:66:b2:b1:14:ba:9b:d4:1a:30:fe:81:60:
         88:0b:d8:f4:a3:87:e3:30:94:3b:4c:b1:4a:49:f4:cf:45:c9:
         3a:9b:05:51:6c:2d:c8:8b:19:cb:7f:60:ad:60:c5:69:f6:fc:
         2c:9d:0a:06:22:0b:b5:89:01:af:93:51:1f:30:1e:9d:08:d7:
         70:9c:68:ef:fa:2e:49:e5:2b:17:d2:e4:4d:e8:00:a5:1a:9e:
         37:e4:4a:63:5f:dc:e0:7f:03:63:25:9f:48:3e:95:97:2e:81:
         96:64:30:42:7a:04:8c:23:bd:32:1e:44:c1:f0:09:5b:e7:38:
         f6:33:7a:ac:ae:3a:6e:15:ec:02:8f:2c:61:69:24:95:2a:a4:
         8f:15:a2:c8
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIEBp747zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NzliYmEyODA1YTk4ODk1NGU0ZmVjNDI1NzA1MzBmMTZmOWU3MDkzMB4XDTIyMDEw
MTEzNTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ5OTZmMjVlYjJl
NDlmZmUxNWMzNDNjNTI0NTMzNWM0OWM0NTU4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGUFYd0w/l7IpMFnpyYhW829nbqloC2QaERNunep8FDJpDP
aQa+hp2CrSY4ZUzcVof4xPWDL5XAFy2L+rbBSmQiEUn7uBCxAogtaRtTjN8qx9Lw
T2k0Ges0pSf0QAm/WIAa/n14VJxgBiQYvs9eAIU3Ts+N9vsQHWwrMMZcOAGd8Tp0
MGQmy47pD519XVc0MvJWv69lWP/9/W54oF1ym/8neK/5IxzlLob7PRh1kFo4WR7Q
lJYKjOvQ6qnCQQ/BWhLvasBI73taYaYT68A8WAXhrpCZr4HFRh5pnswDkzl92znI
jrFuXwPpfpkU3tPaDU/6nFMgMKKF2ViqFQr4Z4UCAwEAAaOCAqIwggKeMB0GA1Ud
DgQWBBT0mW8l6y5J/+FcNDxSRTNcScRVizAfBgNVHSMEGDAWgBSnm7ooBamIlU5P
7EJXBTDxb55wkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3A1dTZLQVdwaUpWT1QteENWd1V3OFctZWNKTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvZDE0MGZiLTAzYWUtNDVkOS04ZGRjLWUxZWQ5ZGQyYTAyYS8x
LzlKbHZKZXN1U2ZfaFhEUThVa1V6WEVuRVZZcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
ZDE0MGZiLTAzYWUtNDVkOS04ZGRjLWUxZWQ5ZGQyYTAyYS8xL3A1dTZLQVdwaUpW
T1QteENWd1V3OFctZWNKTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
twYIKwYBBQUHAQcBAf8EgacwgaQwQgQCAAEwPDAMAwQAUas9AwQGUasAAwQAUatC
AwQAUatEAwQBUatGMAwDBABRq2kDBABRq2owDAMEAFGrcwMEAFGrdDBeBAIAAjBY
AwcAIAFN4AEBAwYCIAFN4AQDBwAgAU3gEAADBgIgAU3gIAMGASABTeAwAwYCIAFN
4EADBwAgAU3gUBAwEgMHACABTeBwAQMHACABTeBwAgMHACABTeCsEzANBgkqhkiG
9w0BAQsFAAOCAQEAMPfOYOmeDCGL3QolGSc+1kAdLeIVYKFEp4Frqpn1PzjuAWJL
9ch5+eHbABxwtS9ykCFWyr10mic9AmpLab4iHKVkO/xKKWpCi2/MlvTxdn8U5DwV
EYgMPHS7eJ7RGjnbA7uxCo73s3MGGMtm6yk18Fp9ZrKxFLqb1Bow/oFgiAvY9KOH
4zCUO0yxSkn0z0XJOpsFUWwtyIsZy39grWDFafb8LJ0KBiILtYkBr5NRHzAenQjX
cJxo7/ouSeUrF9LkTegApRqeN+RKY1/c4H8DYyWfSD6Vly6BlmQwQnoEjCO9Mh5E
wfAJW+c49jN6rK46bhXsAo8sYWkklSqkjxWiyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:51 2024 by rpki-client on console-fra.rpki-client.org