Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Iu1OfwkjimMiEJwxwoETKkPvEd4.roa
File:                     Iu1OfwkjimMiEJwxwoETKkPvEd4.roa (raw, json)
Hash identifier:          leK3KL46RdnKE80C0dT0ivythDcp0oDD+WwtKtP352I=
Subject key identifier:   22:ED:4E:7F:09:23:8A:63:22:10:9C:31:C2:81:13:2A:43:EF:11:DE
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       11C28BD6
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Iu1OfwkjimMiEJwxwoETKkPvEd4.roa
Signing time:             Sat 01 Jan 2022 15:05:40 +0000
ROA not before:           Sat 01 Jan 2022 15:05:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8877
IP address blocks:        78.142.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 297962454 (0x11c28bd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Jan  1 15:05:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22ed4e7f09238a6322109c31c281132a43ef11de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:c5:1d:9e:c0:3f:34:ce:d4:3e:d0:15:52:c2:
                    e8:1c:cd:75:a9:65:a8:e0:f1:90:90:ca:d7:74:71:
                    28:b5:a5:16:1b:19:c9:9a:97:20:4e:ba:34:a6:10:
                    47:79:a5:90:69:34:73:20:85:0a:8a:38:cc:5e:a3:
                    9a:a0:39:77:02:f7:78:e4:b5:b2:1e:b9:b7:5c:0d:
                    ef:d7:88:65:f4:b0:ea:cd:d2:a6:90:ba:15:d1:b8:
                    e6:07:c7:2d:ab:7b:72:4f:f8:b6:cb:e6:12:6e:b9:
                    84:c2:39:72:ae:13:f0:b3:06:f3:70:90:c5:cd:6d:
                    da:64:7a:4f:ec:b6:07:a6:64:d4:d3:d4:da:50:ac:
                    67:17:fa:0e:44:4c:4f:ba:b5:f9:0a:73:4e:59:42:
                    a2:f3:d4:94:87:83:bf:b2:8e:2b:47:ef:cd:f4:c6:
                    f3:ce:36:a8:a0:f4:16:ac:d4:06:08:3a:9c:4b:84:
                    92:00:b7:cc:f3:00:9b:0a:9c:9c:07:1f:85:28:a5:
                    1a:34:c3:9d:9b:3b:3c:bb:fb:a5:7e:3d:c0:2f:54:
                    5a:67:63:2c:69:a6:6b:2f:20:c2:4f:8d:62:cf:cb:
                    20:b7:20:11:aa:ba:e5:15:8a:77:d5:a7:99:a8:25:
                    56:16:92:ae:55:32:89:ce:7f:54:61:8f:3f:21:70:
                    79:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:ED:4E:7F:09:23:8A:63:22:10:9C:31:C2:81:13:2A:43:EF:11:DE
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Iu1OfwkjimMiEJwxwoETKkPvEd4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.142.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:2e:6d:6f:f9:46:db:5d:15:99:e1:d8:c9:d6:8a:85:3b:83:
         17:fc:0b:29:7c:4e:40:2e:d9:db:ca:66:ba:f6:80:b7:cf:04:
         53:60:b4:07:06:89:4f:41:fd:10:76:10:e9:e8:14:7c:6c:ab:
         48:8a:70:63:6d:1a:7e:64:b9:4f:0e:2a:1f:2f:9e:7c:f3:95:
         65:ce:32:aa:9b:c8:b5:6c:7b:b0:42:3b:be:4e:c8:42:d2:eb:
         82:e4:a1:86:9e:85:32:3b:2e:33:ca:c0:ba:69:47:31:32:96:
         27:6d:48:22:2a:2e:70:2e:b1:df:4a:81:57:06:68:fb:7e:85:
         33:d6:9e:46:61:71:e9:ec:40:da:42:0d:dd:f7:03:dc:9b:db:
         b6:0a:9e:36:0c:02:eb:f1:ac:4c:02:4a:19:2a:e8:8f:78:13:
         15:02:a9:c6:cb:ed:45:d9:ba:bd:b5:94:90:d4:5a:a2:c7:e0:
         c6:ba:48:a2:f3:78:76:02:57:22:a2:37:07:da:fa:2b:8c:be:
         fb:b7:c5:b2:9b:99:43:e7:4f:39:e4:f3:0a:e7:b5:da:2b:63:
         e7:99:86:9e:24:96:b5:62:cb:f8:5b:7b:8b:12:0c:81:fe:81:
         23:ed:dc:4d:61:6c:9a:cd:f4:ce:00:28:ce:96:49:e8:bf:37:
         eb:56:3a:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEcKL1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MzVlYWM2NGVhNDgwMmU2ODI0Njg2ZjdjMGQyMDFmMmM4NWNiMmFhMB4XDTIyMDEw
MTE1MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJlZDRlN2YwOTIz
OGE2MzIyMTA5YzMxYzI4MTEzMmE0M2VmMTFkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOrFHZ7APzTO1D7QFVLC6BzNdallqODxkJDK13RxKLWlFhsZ
yZqXIE66NKYQR3mlkGk0cyCFCoo4zF6jmqA5dwL3eOS1sh65t1wN79eIZfSw6s3S
ppC6FdG45gfHLat7ck/4tsvmEm65hMI5cq4T8LMG83CQxc1t2mR6T+y2B6Zk1NPU
2lCsZxf6DkRMT7q1+QpzTllCovPUlIeDv7KOK0fvzfTG8842qKD0FqzUBgg6nEuE
kgC3zPMAmwqcnAcfhSilGjTDnZs7PLv7pX49wC9UWmdjLGmmay8gwk+NYs/LILcg
Eaq65RWKd9WnmaglVhaSrlUyic5/VGGPPyFweU8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQi7U5/CSOKYyIQnDHCgRMqQ+8R3jAfBgNVHSMEGDAWgBTDXqxk6kgC5oJG
hvfA0gHyyFyyqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3cxNnNaT3BJQXVhQ1JvYjN3TklCOHNoY3Nxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvY2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8x
L0l1MU9md2tqaW1NaUVKd3h3b0VUS2tQdkVkNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
Y2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8xL3cxNnNaT3BJQXVh
Q1JvYjN3TklCOHNoY3Nxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE6OPDANBgkqhkiG9w0BAQsFAAOC
AQEAMC5tb/lG210VmeHYydaKhTuDF/wLKXxOQC7Z28pmuvaAt88EU2C0BwaJT0H9
EHYQ6egUfGyrSIpwY20afmS5Tw4qHy+efPOVZc4yqpvItWx7sEI7vk7IQtLrguSh
hp6FMjsuM8rAumlHMTKWJ21IIioucC6x30qBVwZo+36FM9aeRmFx6exA2kIN3fcD
3JvbtgqeNgwC6/GsTAJKGSroj3gTFQKpxsvtRdm6vbWUkNRaosfgxrpIovN4dgJX
IqI3B9r6K4y++7fFspuZQ+dPOeTzCue12itj55mGniSWtWLL+Ft7ixIMgf6BI+3c
TWFsms30zgAozpZJ6L8361Y6GQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org