Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/z5J6A7YoIPcpTBlR79N0xXkuFp8.roa
File:                     z5J6A7YoIPcpTBlR79N0xXkuFp8.roa (raw, json)
Hash identifier:          TfVTnlMMtbK+0l3H2PBR1VIcFpodVpPQJwKc4bCCReo=
Subject key identifier:   CF:92:7A:03:B6:28:20:F7:29:4C:19:51:EF:D3:74:C5:79:2E:16:9F
Certificate issuer:       /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial:       0184E3AA20C6B019710FC4E5E0C57A99487A
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/z5J6A7YoIPcpTBlR79N0xXkuFp8.roa
Signing time:             Mon 05 Dec 2022 19:01:28 +0000
ROA not before:           Mon 05 Dec 2022 19:01:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        146.247.101.0/24 maxlen: 24
                          146.247.107.0/24 maxlen: 24
                          146.247.112.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e3:aa:20:c6:b0:19:71:0f:c4:e5:e0:c5:7a:99:48:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
        Validity
            Not Before: Dec  5 19:01:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cf927a03b62820f7294c1951efd374c5792e169f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f4:a3:35:93:24:5f:7b:29:96:d8:fc:1f:9e:
                    3f:73:87:c5:65:3b:59:84:97:75:96:99:10:37:68:
                    d2:f4:c2:df:20:b1:46:ae:24:0d:40:37:51:e5:da:
                    95:49:11:6f:8b:fe:e1:3c:66:17:f3:f5:23:94:b8:
                    0e:9a:6d:2a:a9:cc:d9:17:00:29:85:f2:e7:5d:73:
                    b3:ec:41:d8:ab:63:ee:28:f3:b4:c2:5c:e6:f3:43:
                    1e:1c:3b:2c:f2:f1:39:cf:e3:78:18:5d:1c:21:0c:
                    b7:3f:7b:ea:24:6c:35:3c:0c:f8:3d:8b:10:5c:fa:
                    d7:27:7a:19:25:d5:8c:5d:19:3c:5f:8e:d9:b0:c3:
                    0c:63:38:d1:b5:a0:5c:2c:51:50:91:b4:fa:7d:b1:
                    6f:b7:f6:4c:0d:9e:e3:4e:17:46:5f:5f:ce:3c:77:
                    33:a6:ed:2c:a8:ab:d7:13:8d:42:24:e6:45:51:26:
                    e1:2d:dc:52:ea:d9:f1:f0:2a:49:22:e2:94:19:fb:
                    44:ed:c8:95:75:13:9d:30:3e:3e:83:dd:59:a5:9a:
                    49:4b:86:e8:e1:0a:24:ac:ca:66:3e:52:5f:84:df:
                    e5:65:f8:09:39:18:6c:90:e9:bb:cb:91:d4:ab:f9:
                    7c:10:71:60:16:8c:dc:e2:0d:6a:55:10:d6:bb:3c:
                    04:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:92:7A:03:B6:28:20:F7:29:4C:19:51:EF:D3:74:C5:79:2E:16:9F
            X509v3 Authority Key Identifier:
                keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/z5J6A7YoIPcpTBlR79N0xXkuFp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.247.101.0/24
                  146.247.107.0/24
                  146.247.112.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9e:fc:ff:f3:5a:59:09:99:2b:7f:49:ff:51:89:9d:cc:05:98:
         9a:c8:48:20:d8:18:b2:84:be:53:47:35:1d:a4:7a:85:70:35:
         f7:d9:46:48:95:af:a2:5d:34:aa:0c:41:ed:0f:c0:e9:da:e7:
         bc:43:3c:95:a4:e5:e9:2d:ea:ed:78:2d:6a:96:b2:57:38:fc:
         b9:62:26:db:5c:c6:ff:9a:f5:57:0a:ab:e2:02:f0:11:ba:16:
         a3:a5:54:5f:d3:91:7b:4c:1b:f3:b2:d2:20:77:72:88:2a:a3:
         f9:db:1b:b0:06:85:f3:bf:99:eb:1c:95:72:01:11:aa:ad:03:
         d2:b8:1f:8a:2f:4f:37:40:80:07:36:21:12:5b:26:bb:9f:11:
         7c:5b:c4:80:ab:98:c7:20:19:88:ca:c1:84:fc:aa:cc:9b:37:
         f4:c5:6b:72:c3:ba:f7:10:15:f9:99:88:79:e6:f6:f9:7f:38:
         75:1c:b1:ae:02:37:13:f5:9b:83:2b:3b:f4:b6:ed:9f:3b:b5:
         f3:c3:da:a3:68:12:1f:58:80:33:f6:00:43:6b:74:9a:33:3b:
         0b:c2:04:13:88:64:d2:46:75:43:f4:18:32:9d:11:b0:51:5a:
         23:4e:e7:9e:b5:99:bb:59:2e:fe:e7:f4:01:a9:a7:69:45:5e:
         bf:d1:05:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTjqiDGsBlxD8Tl4MV6mUh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjIxMjA1MTkwMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjkyN2EwM2I2MjgyMGY3Mjk0YzE5NTFlZmQzNzRjNTc5MmUxNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vSjNZMkX3spltj8H54/c4fFZTtZ
hJd1lpkQN2jS9MLfILFGriQNQDdR5dqVSRFvi/7hPGYX8/UjlLgOmm0qqczZFwAp
hfLnXXOz7EHYq2PuKPO0wlzm80MeHDss8vE5z+N4GF0cIQy3P3vqJGw1PAz4PYsQ
XPrXJ3oZJdWMXRk8X47ZsMMMYzjRtaBcLFFQkbT6fbFvt/ZMDZ7jThdGX1/OPHcz
pu0sqKvXE41CJOZFUSbhLdxS6tnx8CpJIuKUGftE7ciVdROdMD4+g91ZpZpJS4bo
4QokrMpmPlJfhN/lZfgJORhskOm7y5HUq/l8EHFgFozc4g1qVRDWuzwEpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM+SegO2KCD3KUwZUe/TdMV5LhafMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvejVKNkE3WW9JUGNwVEJsUjc5TjB4WGt1RnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkvdlAwQA
kvdrAwQBkvdwMA0GCSqGSIb3DQEBCwUAA4IBAQCe/P/zWlkJmSt/Sf9RiZ3MBZia
yEgg2BiyhL5TRzUdpHqFcDX32UZIla+iXTSqDEHtD8Dp2ue8QzyVpOXpLerteC1q
lrJXOPy5YibbXMb/mvVXCqviAvARuhajpVRf05F7TBvzstIgd3KIKqP52xuwBoXz
v5nrHJVyARGqrQPSuB+KL083QIAHNiESWya7nxF8W8SAq5jHIBmIysGE/KrMmzf0
xWtyw7r3EBX5mYh55vb5fzh1HLGuAjcT9ZuDKzv0tu2fO7Xzw9qjaBIfWIAz9gBD
a3SaMzsLwgQTiGTSRnVD9BgynRGwUVojTueetZm7WS7+5/QBqadpRV6/0QUs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:35 2024 by rpki-client on console-ams.rpki-client.org