Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/wS-eOfG34Xk83MFIqAijjPLf2oU.roa
File:                     wS-eOfG34Xk83MFIqAijjPLf2oU.roa (raw, json)
Hash identifier:          S6O2L6ZrrObD49+FlZf31F7Zd4KS1pHlJJfJlr5c8fw=
Subject key identifier:   C1:2F:9E:39:F1:B7:E1:79:3C:DC:C1:48:A8:08:A3:8C:F2:DF:DA:85
Certificate issuer:       /CN=68639a21759796fe3a1d919f9b5737eb68d708e4
Certificate serial:       03F33971
Authority key identifier: 68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/wS-eOfG34Xk83MFIqAijjPLf2oU.roa
Signing time:             Sat 01 Jan 2022 11:59:26 +0000
ROA not before:           Sat 01 Jan 2022 11:59:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21375
IP address blocks:        82.116.61.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66271601 (0x3f33971)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68639a21759796fe3a1d919f9b5737eb68d708e4
        Validity
            Not Before: Jan  1 11:59:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c12f9e39f1b7e1793cdcc148a808a38cf2dfda85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:70:48:ba:e5:bc:35:47:ab:94:c0:76:34:bc:
                    7d:1d:90:a0:7a:30:60:76:f8:fb:30:5a:f4:73:89:
                    86:ef:3c:cc:26:1c:93:8a:a6:2b:a8:f0:db:ad:6c:
                    de:63:db:9a:21:b0:a9:ba:7d:aa:60:6b:72:c0:21:
                    53:ed:6a:c9:4d:93:ab:0e:7f:f2:54:01:24:51:a0:
                    ac:0f:63:c4:8e:7e:aa:07:37:49:c5:3b:fc:4d:85:
                    c2:01:bb:60:20:bb:21:8e:88:d7:5e:fd:70:33:6a:
                    d2:bd:88:a9:46:83:94:9f:72:77:78:ce:f0:dd:07:
                    49:7c:fb:de:ad:79:c5:f4:99:67:5c:b9:21:27:a9:
                    9c:5a:84:73:35:94:0d:20:5b:26:5a:c0:f1:7e:3b:
                    aa:a5:4a:3a:bf:65:90:ec:cf:b2:0c:ce:6e:02:b2:
                    0b:d0:2e:34:69:f8:f9:b0:28:4a:d7:93:6d:32:09:
                    3b:91:16:61:fa:71:ce:cd:d4:5d:0f:0b:74:f8:5c:
                    36:f2:2c:c5:de:ab:88:cb:a3:97:22:99:8f:2f:52:
                    a9:b4:e8:a6:4d:24:78:d9:d2:84:51:f3:b2:b1:c1:
                    5f:c5:f5:c9:30:62:f3:d4:47:4f:6f:a5:cf:5b:ab:
                    bd:d2:ae:89:1f:16:0d:57:bd:90:13:23:3d:69:16:
                    e3:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:2F:9E:39:F1:B7:E1:79:3C:DC:C1:48:A8:08:A3:8C:F2:DF:DA:85
            X509v3 Authority Key Identifier:
                keyid:68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/wS-eOfG34Xk83MFIqAijjPLf2oU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.116.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:08:9d:6f:23:a3:ce:69:dc:a1:c6:ce:09:37:90:81:6a:d3:
         f7:9b:a0:93:b2:39:36:3b:9b:c5:8c:cd:99:f8:ee:d6:97:c2:
         f0:db:df:d5:1b:29:84:8a:7e:22:00:e9:58:c8:42:19:f2:1b:
         1a:68:a3:58:ba:af:78:b9:29:b5:d0:61:71:33:f9:2e:0f:9f:
         e0:f6:94:f0:14:70:e5:27:04:68:48:3e:fe:3f:93:1a:12:68:
         68:97:73:1a:29:b8:95:0f:32:03:46:39:58:7f:c4:2e:2e:d9:
         6b:20:b8:f2:3e:1b:8f:ad:99:4f:d4:c4:c9:68:c7:3d:7b:80:
         68:bd:25:5b:d8:e6:96:1e:96:35:09:c1:71:fd:65:f2:46:3a:
         2f:a4:86:97:f2:dc:8f:74:6f:6a:eb:88:77:7d:cd:4f:38:f4:
         04:03:c3:4b:21:00:b2:6a:4a:3c:0c:a9:0e:6f:9b:08:19:ba:
         08:b3:cf:78:df:1d:46:97:b5:8a:c1:80:b6:6b:bd:e7:11:c7:
         61:41:71:4a:b0:ae:51:b7:de:ae:72:3e:3d:2a:92:b8:a7:c7:
         0c:4a:a5:47:b2:7f:90:8e:6d:02:5a:7c:69:d4:b2:93:12:59:
         cb:b3:b8:91:f3:8d:cc:8a:63:7a:17:94:1a:44:2b:2b:00:f8:
         94:25:eb:0c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/M5cTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODYzOWEyMTc1OTc5NmZlM2ExZDkxOWY5YjU3MzdlYjY4ZDcwOGU0MB4XDTIyMDEw
MTExNTkyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzEyZjllMzlmMWI3
ZTE3OTNjZGNjMTQ4YTgwOGEzOGNmMmRmZGE4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxwSLrlvDVHq5TAdjS8fR2QoHowYHb4+zBa9HOJhu88zCYc
k4qmK6jw261s3mPbmiGwqbp9qmBrcsAhU+1qyU2Tqw5/8lQBJFGgrA9jxI5+qgc3
ScU7/E2FwgG7YCC7IY6I1179cDNq0r2IqUaDlJ9yd3jO8N0HSXz73q15xfSZZ1y5
ISepnFqEczWUDSBbJlrA8X47qqVKOr9lkOzPsgzObgKyC9AuNGn4+bAoSteTbTIJ
O5EWYfpxzs3UXQ8LdPhcNvIsxd6riMujlyKZjy9SqbTopk0keNnShFHzsrHBX8X1
yTBi89RHT2+lz1urvdKuiR8WDVe9kBMjPWkW45UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTBL5458bfheTzcwUioCKOM8t/ahTAfBgNVHSMEGDAWgBRoY5ohdZeW/jod
kZ+bVzfraNcI5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FHT2FJWFdYbHY0NkhaR2ZtMWMzNjJqWENPUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvZTU2ODExLTk4MDEtNDU5NS04N2U3LTEzZDE2OGQ1OWIxMS8x
L3dTLWVPZkczNFhrODNNRklxQWlqalBMZjJvVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
ZTU2ODExLTk4MDEtNDU5NS04N2U3LTEzZDE2OGQ1OWIxMS8xL2FHT2FJWFdYbHY0
NkhaR2ZtMWMzNjJqWENPUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFJ0PTANBgkqhkiG9w0BAQsFAAOC
AQEAFwidbyOjzmncocbOCTeQgWrT95ugk7I5NjubxYzNmfju1pfC8Nvf1RsphIp+
IgDpWMhCGfIbGmijWLqveLkptdBhcTP5Lg+f4PaU8BRw5ScEaEg+/j+TGhJoaJdz
Gim4lQ8yA0Y5WH/ELi7ZayC48j4bj62ZT9TEyWjHPXuAaL0lW9jmlh6WNQnBcf1l
8kY6L6SGl/Lcj3RvauuId33NTzj0BAPDSyEAsmpKPAypDm+bCBm6CLPPeN8dRpe1
isGAtmu95xHHYUFxSrCuUbfernI+PSqSuKfHDEqlR7J/kI5tAlp8adSykxJZy7O4
kfONzIpjeheUGkQrKwD4lCXrDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org