Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/rDsEpTup_ELT_DmpuW65mUCqP_Y.roa
File:                     rDsEpTup_ELT_DmpuW65mUCqP_Y.roa (raw, json)
Hash identifier:          7o/vIpNNmEbljywvj6lvTSDcSWX7t8DR4u/whnw2U1U=
Subject key identifier:   AC:3B:04:A5:3B:A9:FC:42:D3:FC:39:A9:B9:6E:B9:99:40:AA:3F:F6
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       39FDBBA7
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/rDsEpTup_ELT_DmpuW65mUCqP_Y.roa
Signing time:             Sat 01 Jan 2022 14:00:35 +0000
ROA not before:           Sat 01 Jan 2022 14:00:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60869
IP address blocks:        217.153.163.128/25 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 972929959 (0x39fdbba7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  1 14:00:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ac3b04a53ba9fc42d3fc39a9b96eb99940aa3ff6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bb:55:31:01:b0:0c:5a:30:08:9e:14:15:11:
                    78:7e:7a:c8:da:39:56:99:57:e9:74:6e:1c:a4:fe:
                    ed:e9:fe:d5:68:fa:ae:0f:f9:7b:48:f9:96:37:d8:
                    4a:d4:62:4b:ce:fc:bb:6c:86:8d:cd:ac:b3:02:ae:
                    38:03:95:af:7f:2e:ef:fe:db:43:aa:40:4c:cb:ab:
                    5d:c4:a3:74:e3:67:a3:05:b9:2c:4a:07:7e:b1:9c:
                    0e:eb:f6:1c:f0:dc:73:a1:94:26:6c:e5:60:66:35:
                    86:83:f6:6b:c4:0e:ab:f3:4f:4c:d8:e2:54:88:ac:
                    2d:44:5f:2e:d7:c0:a6:2e:cd:51:93:d6:5a:31:37:
                    94:6d:65:9a:73:a9:44:99:8e:e4:8e:e6:af:fa:17:
                    64:ed:7e:5c:80:6a:59:68:62:64:0c:9b:b2:10:e6:
                    a6:7c:f3:fe:87:25:43:c4:67:28:f2:78:7e:ac:94:
                    13:b7:3a:d9:4e:05:f4:8c:a1:46:22:c2:f9:1a:40:
                    18:e0:8a:0d:86:55:9b:a7:c3:1a:45:22:f8:46:89:
                    d9:9a:a2:18:2c:8f:96:38:f7:31:89:50:6b:21:9a:
                    39:d9:f8:c0:fc:e5:ce:85:95:62:fb:f7:e2:f1:1f:
                    83:b9:c2:18:7a:96:77:66:30:e4:84:8e:0e:63:45:
                    64:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:3B:04:A5:3B:A9:FC:42:D3:FC:39:A9:B9:6E:B9:99:40:AA:3F:F6
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/rDsEpTup_ELT_DmpuW65mUCqP_Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.153.163.128/25

    Signature Algorithm: sha256WithRSAEncryption
         5d:c1:c8:a2:65:ed:b3:ff:4c:dd:30:4d:37:ed:10:57:af:8e:
         19:54:9e:f1:32:98:f3:19:2e:57:0d:3f:c9:ca:db:cc:79:b1:
         0e:ef:48:38:ed:59:05:3d:77:48:55:1a:da:e1:8e:e8:f7:19:
         3f:47:2c:0f:5e:ac:80:2a:99:eb:ca:fd:f8:1a:df:6a:ab:bb:
         22:c4:88:82:77:dd:71:a2:d4:d7:3c:da:3f:0d:81:3c:8b:c8:
         93:47:d7:b8:6b:be:9a:03:cc:74:a0:9b:3f:0c:96:74:ef:8d:
         b2:44:9f:d2:99:68:92:4e:d0:01:bc:47:8b:27:e1:c6:a4:96:
         47:a2:46:d5:54:30:9b:30:fd:3f:bf:90:9d:2a:ff:79:c7:10:
         3b:bc:df:5b:e5:25:19:d3:21:4a:47:ec:88:c7:4e:c7:83:25:
         21:7d:01:27:06:6b:dc:b6:bb:dd:f5:f6:d3:f7:f3:6f:c3:9d:
         36:33:8c:a2:10:fa:bf:77:5e:36:e6:78:f5:45:88:d2:d6:21:
         d7:b7:11:a8:58:37:23:9e:d5:e9:68:8c:6e:bd:e5:b8:c1:79:
         51:e8:57:4d:33:c8:29:46:85:22:09:73:c9:96:36:49:3b:3e:
         96:a8:77:f1:a9:2a:76:da:9c:f0:e9:89:a7:6e:1c:08:0c:45:
         79:bd:09:61
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEOf27pzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWMzYjA0YTUzYmE5
ZmM0MmQzZmMzOWE5Yjk2ZWI5OTk0MGFhM2ZmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKy7VTEBsAxaMAieFBUReH56yNo5VplX6XRuHKT+7en+1Wj6
rg/5e0j5ljfYStRiS878u2yGjc2sswKuOAOVr38u7/7bQ6pATMurXcSjdONnowW5
LEoHfrGcDuv2HPDcc6GUJmzlYGY1hoP2a8QOq/NPTNjiVIisLURfLtfApi7NUZPW
WjE3lG1lmnOpRJmO5I7mr/oXZO1+XIBqWWhiZAybshDmpnzz/oclQ8RnKPJ4fqyU
E7c62U4F9IyhRiLC+RpAGOCKDYZVm6fDGkUi+EaJ2ZqiGCyPljj3MYlQayGaOdn4
wPzlzoWVYvv34vEfg7nCGHqWd2Yw5ISODmNFZHcCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSsOwSlO6n8QtP8Oam5brmZQKo/9jAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L3JEc0VwVHVwX0VMVF9EbXB1VzY1bVVDcVBfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFB9mZo4AwDQYJKoZIhvcNAQELBQAD
ggEBAF3ByKJl7bP/TN0wTTftEFevjhlUnvEymPMZLlcNP8nK28x5sQ7vSDjtWQU9
d0hVGtrhjuj3GT9HLA9erIAqmevK/fga32qruyLEiIJ33XGi1Nc82j8NgTyLyJNH
17hrvpoDzHSgmz8MlnTvjbJEn9KZaJJO0AG8R4sn4caklkeiRtVUMJsw/T+/kJ0q
/3nHEDu831vlJRnTIUpH7IjHTseDJSF9AScGa9y2u9319tP382/DnTYzjKIQ+r93
XjbmePVFiNLWIde3EahYNyOe1elojG695bjBeVHoV00zyClGhSIJc8mWNkk7Ppao
d/GpKnbanPDpiaduHAgMRXm9CWE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org