Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/55yIf3KApXX1iAOmlLzqp_D2GnQ.roa
File:                     55yIf3KApXX1iAOmlLzqp_D2GnQ.roa (raw, json)
Hash identifier:          0Qxg5I9Kfakxz5XnhHL/h1UNW/H6qtBZnalWYxDi76E=
Subject key identifier:   E7:9C:88:7F:72:80:A5:75:F5:88:03:A6:94:BC:EA:A7:F0:F6:1A:74
Certificate issuer:       /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial:       09295044
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/55yIf3KApXX1iAOmlLzqp_D2GnQ.roa
Signing time:             Sat 01 Jan 2022 03:56:40 +0000
ROA not before:           Sat 01 Jan 2022 03:56:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62003
IP address blocks:        144.43.240.0/21 maxlen: 24
                          144.43.252.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153702468 (0x9295044)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
        Validity
            Not Before: Jan  1 03:56:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e79c887f7280a575f58803a694bceaa7f0f61a74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:84:a0:a9:ef:0e:f2:29:73:78:e5:5b:7e:c4:
                    b8:0c:af:2b:d3:81:33:6f:91:74:09:4f:17:67:1c:
                    1d:88:ef:23:b2:ca:7d:4e:c0:7a:6d:72:b9:aa:3d:
                    47:4f:93:b0:28:c7:c2:4b:7b:5f:c0:8f:3d:f6:5e:
                    6d:c4:81:8b:10:63:f3:da:dd:66:9d:cc:3b:c6:8c:
                    38:37:7a:26:e4:1e:49:06:0c:f3:b7:aa:6e:4e:b6:
                    aa:26:dd:5c:a5:c7:21:0a:ae:99:41:97:00:3c:52:
                    aa:16:ad:1c:c1:c4:54:11:24:a1:8e:c4:8e:e0:d9:
                    9f:bf:cc:d6:9f:cf:f2:52:ef:24:c8:50:4b:9b:4c:
                    74:c1:69:7c:b7:44:08:d6:85:8e:09:60:57:24:75:
                    d7:36:76:b1:82:dd:e5:3d:ac:2b:cf:d7:23:4a:bc:
                    e7:f3:6d:1f:37:ac:1c:02:79:95:38:21:fd:d5:95:
                    30:e0:2a:15:85:b9:ec:08:35:0d:41:c5:86:fd:3f:
                    11:cd:ff:59:4f:5c:b7:b9:ec:d0:43:aa:98:4f:00:
                    b0:ef:10:02:a4:bc:89:c4:b2:81:41:0b:74:0f:fe:
                    e0:6a:c0:9f:6a:1b:64:e7:0c:6a:42:9e:f4:cf:f2:
                    ab:29:97:84:4a:34:f3:af:17:e3:f8:04:c1:17:9a:
                    1c:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:9C:88:7F:72:80:A5:75:F5:88:03:A6:94:BC:EA:A7:F0:F6:1A:74
            X509v3 Authority Key Identifier:
                keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/55yIf3KApXX1iAOmlLzqp_D2GnQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.43.240.0/21
                  144.43.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:42:86:7e:1d:bc:85:ee:31:24:41:b8:1e:40:e3:7f:da:ef:
         90:7f:c5:aa:04:74:e1:a4:36:69:58:ae:55:2e:45:35:d6:19:
         d0:38:2e:7e:92:f9:fb:0d:8c:9f:8f:d0:6c:1c:fc:4b:69:3c:
         8f:5b:c7:b8:b0:0d:eb:6a:49:14:f5:23:1d:e6:bd:fc:f9:d7:
         ab:6d:e2:81:bb:9b:ed:89:61:e3:b0:e4:b3:c4:4d:a2:1d:a5:
         82:be:a9:b1:7f:34:47:71:5f:fe:0c:38:2b:42:b7:7b:6c:3e:
         93:25:25:34:75:06:37:de:9a:b9:f3:90:0a:d0:a2:84:9a:92:
         3b:7a:62:4b:43:20:9a:81:8b:b3:de:c4:5c:f0:3d:7b:20:9f:
         fb:dd:52:4a:1e:1f:ee:9e:89:86:86:5b:ff:6a:bc:3a:62:7b:
         ee:05:8c:a4:64:ae:ef:04:cf:3f:3e:41:d2:52:73:33:0d:18:
         52:e7:c4:57:04:39:6d:d5:5e:e6:35:7f:eb:6b:a5:5a:46:a1:
         31:74:08:8f:0e:cb:56:23:73:98:b1:e0:94:17:17:20:b0:1a:
         f6:a0:84:1d:89:23:b7:db:78:b3:41:da:5b:fa:c4:6d:88:fb:
         5d:91:d4:32:05:c9:9e:62:71:ce:2b:03:b8:f4:ca:84:f8:bb:
         ba:7c:49:9d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECSlQRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDA2OWUxOWUxMmMxMDQwMDRlOGI0Yjc1ZjhhNzc4OWI3ZTExMzk2MB4XDTIyMDEw
MTAzNTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTc5Yzg4N2Y3Mjgw
YTU3NWY1ODgwM2E2OTRiY2VhYTdmMGY2MWE3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6EoKnvDvIpc3jlW37EuAyvK9OBM2+RdAlPF2ccHYjvI7LK
fU7Aem1yuao9R0+TsCjHwkt7X8CPPfZebcSBixBj89rdZp3MO8aMODd6JuQeSQYM
87eqbk62qibdXKXHIQqumUGXADxSqhatHMHEVBEkoY7EjuDZn7/M1p/P8lLvJMhQ
S5tMdMFpfLdECNaFjglgVyR11zZ2sYLd5T2sK8/XI0q85/NtHzesHAJ5lTgh/dWV
MOAqFYW57Ag1DUHFhv0/Ec3/WU9ct7ns0EOqmE8AsO8QAqS8icSygUELdA/+4GrA
n2obZOcMakKe9M/yqymXhEo0868X4/gEwReaHO8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTnnIh/coCldfWIA6aUvOqn8PYadDAfBgNVHSMEGDAWgBRtBp4Z4SwQQATo
tLdfineJt+ETljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JRYWVHZUVzRUVBRTZMUzNYNHAzaWJmaEU1WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvY2Y2NGY2LTA3ODktNDNlMy1iZDZiLTdiZmYyOTZjNmIwMi8x
LzU1eUlmM0tBcFhYMWlBT21sTHpxcF9EMkduUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
Y2Y2NGY2LTA3ODktNDNlMy1iZDZiLTdiZmYyOTZjNmIwMi8xL2JRYWVHZUVzRUVB
RTZMUzNYNHAzaWJmaEU1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA5Ar8AMEApAr/DANBgkqhkiG9w0B
AQsFAAOCAQEAh0KGfh28he4xJEG4HkDjf9rvkH/FqgR04aQ2aViuVS5FNdYZ0Dgu
fpL5+w2Mn4/QbBz8S2k8j1vHuLAN62pJFPUjHea9/PnXq23igbub7Ylh47Dks8RN
oh2lgr6psX80R3Ff/gw4K0K3e2w+kyUlNHUGN96aufOQCtCihJqSO3piS0MgmoGL
s97EXPA9eyCf+91SSh4f7p6JhoZb/2q8OmJ77gWMpGSu7wTPPz5B0lJzMw0YUufE
VwQ5bdVe5jV/62ulWkahMXQIjw7LViNzmLHglBcXILAa9qCEHYkjt9t4s0HaW/rE
bYj7XZHUMgXJnmJxzisDuPTKhPi7unxJnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:39 2024 by rpki-client on console-fra.rpki-client.org