Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/crS1YyqllsYaV_aU5eN3L3TYzTU.roa
File:                     crS1YyqllsYaV_aU5eN3L3TYzTU.roa (raw, json)
Hash identifier:          9hQaYUgq6fipaaTtzATPLi6yUU0HZafPyrLV6NtBVh4=
Subject key identifier:   72:B4:B5:63:2A:A5:96:C6:1A:57:F6:94:E5:E3:77:2F:74:D8:CD:35
Certificate issuer:       /CN=3b54fa60b327a0803dc85e970a9b76a4514ceb5e
Certificate serial:       012AC5
Authority key identifier: 3B:54:FA:60:B3:27:A0:80:3D:C8:5E:97:0A:9B:76:A4:51:4C:EB:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1T6YLMnoIA9yF6XCpt2pFFM614.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/crS1YyqllsYaV_aU5eN3L3TYzTU.roa
Signing time:             Fri 11 Feb 2022 15:27:58 +0000
ROA not before:           Fri 11 Feb 2022 15:27:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42910
IP address blocks:        62.106.71.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76485 (0x12ac5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b54fa60b327a0803dc85e970a9b76a4514ceb5e
        Validity
            Not Before: Feb 11 15:27:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72b4b5632aa596c61a57f694e5e3772f74d8cd35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:40:e9:0d:fd:b2:31:24:1d:24:29:7c:44:21:
                    e6:ea:92:84:e9:54:89:50:a5:7a:72:c4:d0:52:4f:
                    08:6f:21:d8:03:fe:c9:8b:60:19:9d:d2:5f:4e:4f:
                    80:ff:f7:23:ec:0e:e4:80:6e:8f:08:1e:68:d8:73:
                    12:cd:48:1b:e3:03:ce:64:df:d2:5b:b1:55:23:ab:
                    14:b7:93:68:e2:fd:af:55:79:24:fd:df:cf:f0:4e:
                    8c:35:a3:c1:8a:2e:1b:10:eb:c4:39:fc:19:da:e1:
                    f9:20:88:05:97:dc:e5:1a:35:26:48:65:fa:7b:ba:
                    8e:8d:ec:0d:93:fb:82:03:7e:51:0e:88:52:9c:c8:
                    2f:e2:fc:8b:02:db:56:62:28:ad:7c:f1:02:31:a2:
                    98:31:43:bf:a6:9d:e5:a8:77:3f:2a:66:13:2b:54:
                    c2:31:08:be:9b:0d:d1:b5:a3:af:7d:2e:83:67:fe:
                    25:ec:51:33:c7:ee:34:dd:1c:8e:be:c4:83:78:b0:
                    e3:af:7d:34:f2:d2:73:cb:06:86:67:ed:ae:40:dc:
                    ad:6c:bf:b0:74:74:b0:a4:2d:13:ff:40:f4:0b:a3:
                    f0:f0:2b:c3:b6:07:d9:21:ca:32:a7:68:15:e7:6d:
                    a5:61:bf:a3:c4:ed:33:90:b0:d8:1e:83:58:0c:80:
                    4b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:B4:B5:63:2A:A5:96:C6:1A:57:F6:94:E5:E3:77:2F:74:D8:CD:35
            X509v3 Authority Key Identifier:
                keyid:3B:54:FA:60:B3:27:A0:80:3D:C8:5E:97:0A:9B:76:A4:51:4C:EB:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1T6YLMnoIA9yF6XCpt2pFFM614.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/crS1YyqllsYaV_aU5eN3L3TYzTU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/O1T6YLMnoIA9yF6XCpt2pFFM614.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.106.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:eb:f1:18:b2:ef:f5:55:81:20:07:47:32:56:1d:ac:6f:81:
         33:e1:01:1a:37:7b:82:7b:d6:6e:51:76:d4:d6:7b:6c:bc:93:
         c4:eb:6f:c4:3f:dd:57:4b:5a:90:cc:e1:32:31:65:f3:3e:c6:
         fc:11:63:ad:04:b9:dd:46:76:9e:4c:d4:92:03:02:ca:81:29:
         38:f1:0a:7a:f5:4d:b6:df:01:b7:2c:49:5b:fd:a5:86:ec:db:
         01:21:05:5d:ed:fc:1a:1b:1f:3d:71:48:15:91:1a:04:cd:50:
         32:38:4a:30:37:38:98:5c:fb:26:ac:91:66:82:be:90:ae:24:
         27:e0:0f:22:07:6c:db:f5:63:33:e2:28:7c:c3:ee:e6:a2:9d:
         1c:c6:52:f2:e1:c5:a3:2b:57:76:46:cb:0f:5b:97:b3:eb:b8:
         e8:b3:44:52:38:d5:b9:53:8d:0c:b9:3e:f7:d4:97:3b:66:a0:
         93:ce:85:c7:f6:a7:3d:6b:06:cd:69:f6:07:6b:a2:6d:f9:c7:
         7c:ba:85:5a:3f:5d:48:32:0d:ee:12:84:ea:3c:fd:f9:02:d0:
         00:30:26:1b:d5:82:69:8a:e3:d2:15:6a:7b:c0:ec:c1:60:37:
         f6:d4:7b:e4:67:3a:07:a6:69:62:98:6c:06:cd:52:5e:9c:67:
         2e:f6:56:3f
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDASrFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNi
NTRmYTYwYjMyN2EwODAzZGM4NWU5NzBhOWI3NmE0NTE0Y2ViNWUwHhcNMjIwMjEx
MTUyNzU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MmI0YjU2MzJhYTU5
NmM2MWE1N2Y2OTRlNWUzNzcyZjc0ZDhjZDM1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsUDpDf2yMSQdJCl8RCHm6pKE6VSJUKV6csTQUk8IbyHYA/7J
i2AZndJfTk+A//cj7A7kgG6PCB5o2HMSzUgb4wPOZN/SW7FVI6sUt5No4v2vVXkk
/d/P8E6MNaPBii4bEOvEOfwZ2uH5IIgFl9zlGjUmSGX6e7qOjewNk/uCA35RDohS
nMgv4vyLAttWYiitfPECMaKYMUO/pp3lqHc/KmYTK1TCMQi+mw3RtaOvfS6DZ/4l
7FEzx+403RyOvsSDeLDjr3008tJzywaGZ+2uQNytbL+wdHSwpC0T/0D0C6Pw8CvD
tgfZIcoyp2gV522lYb+jxO0zkLDYHoNYDIBLZwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFHK0tWMqpZbGGlf2lOXjdy902M01MB8GA1UdIwQYMBaAFDtU+mCzJ6CAPche
lwqbdqRRTOteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TzFUNllMTW5vSUE5eUY2WENwdDJwRkZNNjE0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jYi9kNGM4OTEtNGJjMC00YTNlLTg0NTctNDQyNzZmNjA0MjMzLzEv
Y3JTMVl5cWxsc1lhVl9hVTVlTjNMM1RZelRVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9k
NGM4OTEtNGJjMC00YTNlLTg0NTctNDQyNzZmNjA0MjMzLzEvTzFUNllMTW5vSUE5
eUY2WENwdDJwRkZNNjE0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmpHMA0GCSqGSIb3DQEBCwUAA4IB
AQBX6/EYsu/1VYEgB0cyVh2sb4Ez4QEaN3uCe9ZuUXbU1ntsvJPE62/EP91XS1qQ
zOEyMWXzPsb8EWOtBLndRnaeTNSSAwLKgSk48Qp69U223wG3LElb/aWG7NsBIQVd
7fwaGx89cUgVkRoEzVAyOEowNziYXPsmrJFmgr6QriQn4A8iB2zb9WMz4ih8w+7m
op0cxlLy4cWjK1d2RssPW5ez67jos0RSONW5U40MuT731Jc7ZqCTzoXH9qc9awbN
afYHa6Jt+cd8uoVaP11IMg3uEoTqPP35AtAAMCYb1YJpiuPSFWp7wOzBYDf21Hvk
ZzoHpmlimGwGzVJenGcu9lY/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:04 2024 by rpki-client on console-fra.rpki-client.org