Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/VD75qljTMYmaz2JyilHjgAa7ScM.roa
File:                     VD75qljTMYmaz2JyilHjgAa7ScM.roa (raw, json)
Hash identifier:          fN+0oXkyyJN6nDh/9QoGYY7wf/ep78Hbq/81SkAo8vo=
Subject key identifier:   54:3E:F9:AA:58:D3:31:89:9A:CF:62:72:8A:51:E3:80:06:BB:49:C3
Certificate issuer:       /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial:       01851FE3B79002FA682F2EC5D8865B11C6C5
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/VD75qljTMYmaz2JyilHjgAa7ScM.roa
Signing time:             Sat 17 Dec 2022 11:41:35 +0000
ROA not before:           Sat 17 Dec 2022 11:41:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212609
IP address blocks:        146.247.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1f:e3:b7:90:02:fa:68:2f:2e:c5:d8:86:5b:11:c6:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
        Validity
            Not Before: Dec 17 11:41:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=543ef9aa58d331899acf62728a51e38006bb49c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0a:57:04:02:66:79:c8:28:41:f7:a9:26:b5:
                    af:29:ad:27:eb:2e:12:ab:ab:1c:f7:9d:19:55:03:
                    e0:d8:a8:7d:d8:4b:b3:d7:e5:6b:12:55:15:4c:65:
                    17:e7:75:a8:9d:7b:31:d7:9b:93:23:6e:f3:b9:fa:
                    f3:ef:73:3f:38:1c:af:a2:a6:58:d5:a0:1b:28:e9:
                    41:8d:a1:ea:17:9b:f5:91:5d:e8:9d:4a:09:e9:55:
                    14:90:fe:56:d1:18:0b:bc:b6:cd:a9:33:61:90:be:
                    8a:d8:a8:4d:63:05:f7:2b:72:50:1a:0e:6a:d2:f3:
                    72:02:57:69:b9:22:8e:c5:40:c2:09:1f:67:12:d4:
                    d1:4b:7e:94:33:1b:e5:f9:58:76:78:18:d9:c0:9d:
                    48:17:70:d5:c8:65:4c:14:7f:ba:c2:1b:37:5f:73:
                    42:99:e7:75:0d:bb:da:02:0f:29:8a:e7:3e:62:82:
                    6c:0d:31:d0:66:f8:f1:d8:8b:7c:86:28:6a:be:5a:
                    30:b6:1c:28:ad:08:9b:e4:cb:cb:c9:23:31:87:04:
                    ea:4c:6d:22:63:6f:f6:43:05:4f:0c:76:43:0f:ba:
                    a4:4e:ba:5d:0c:9e:75:9b:6d:73:c2:bf:b5:b0:73:
                    5b:f2:eb:da:2f:78:59:1c:c9:98:c0:1c:18:b6:66:
                    b7:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:3E:F9:AA:58:D3:31:89:9A:CF:62:72:8A:51:E3:80:06:BB:49:C3
            X509v3 Authority Key Identifier:
                keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/VD75qljTMYmaz2JyilHjgAa7ScM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.247.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:69:1a:15:e0:af:0e:9a:34:4b:1e:76:16:84:af:ce:b0:cd:
         16:56:3e:06:b6:15:5c:1d:f9:ef:22:65:1d:9e:41:d0:00:3c:
         3b:94:98:ca:57:25:60:f3:8b:27:9d:35:ea:c2:92:29:96:86:
         8b:35:d1:71:fa:6f:96:7b:fc:00:eb:be:f3:62:a9:4e:3c:f4:
         b9:f9:b4:ac:61:f2:45:3a:95:79:57:95:78:83:03:9f:a6:c2:
         5a:26:f5:e3:a5:21:0c:dc:83:25:90:41:63:d0:bb:51:7f:36:
         7c:47:d8:4e:c4:95:1a:f8:21:a5:fc:5a:26:d9:69:45:35:7f:
         dc:bd:b5:e7:b6:eb:d7:f7:15:a1:b6:9e:47:10:aa:cd:c4:b1:
         e8:30:6f:f8:66:b6:3e:fb:ba:52:9c:6a:84:d9:a5:74:9c:b3:
         df:cd:1e:f3:7f:5d:58:b4:ca:3e:84:24:f3:e2:7b:df:2c:1f:
         00:9d:c3:44:81:66:4b:1a:47:77:1f:e4:e0:c1:9f:3c:d4:9d:
         de:b5:f2:20:f2:ee:93:e0:1f:f3:de:2f:a3:7b:fb:14:58:cd:
         38:1c:f0:05:44:cb:ec:fb:45:c8:51:1a:8e:f9:8d:02:b4:d0:
         45:29:73:a0:15:7c:88:cf:b8:64:e4:ed:16:13:1f:dc:2b:5d:
         95:a3:b7:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUf47eQAvpoLy7F2IZbEcbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjIxMjE3MTE0MTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNlZjlhYTU4ZDMzMTg5OWFjZjYyNzI4YTUxZTM4MDA2YmI0OWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQpXBAJmecgoQfepJrWvKa0n6y4S
q6sc950ZVQPg2Kh92Euz1+VrElUVTGUX53WonXsx15uTI27zufrz73M/OByvoqZY
1aAbKOlBjaHqF5v1kV3onUoJ6VUUkP5W0RgLvLbNqTNhkL6K2KhNYwX3K3JQGg5q
0vNyAldpuSKOxUDCCR9nEtTRS36UMxvl+Vh2eBjZwJ1IF3DVyGVMFH+6whs3X3NC
med1DbvaAg8piuc+YoJsDTHQZvjx2It8hihqvlowthworQib5MvLySMxhwTqTG0i
Y2/2QwVPDHZDD7qkTrpdDJ51m21zwr+1sHNb8uvaL3hZHMmYwBwYtma3RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQ++apY0zGJms9icopR44AGu0nDMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvVkQ3NXFsalRNWW1hejJKeWlsSGpnQWE3U2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkvd8MA0G
CSqGSIb3DQEBCwUAA4IBAQBsaRoV4K8OmjRLHnYWhK/OsM0WVj4GthVcHfnvImUd
nkHQADw7lJjKVyVg84snnTXqwpIploaLNdFx+m+We/wA677zYqlOPPS5+bSsYfJF
OpV5V5V4gwOfpsJaJvXjpSEM3IMlkEFj0LtRfzZ8R9hOxJUa+CGl/Fom2WlFNX/c
vbXntuvX9xWhtp5HEKrNxLHoMG/4ZrY++7pSnGqE2aV0nLPfzR7zf11YtMo+hCTz
4nvfLB8AncNEgWZLGkd3H+TgwZ881J3etfIg8u6T4B/z3i+je/sUWM04HPAFRMvs
+0XIURqO+Y0CtNBFKXOgFXyIz7hk5O0WEx/cK12Vo7c1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:19 2024 by rpki-client on console-fra.rpki-client.org