Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5a7731-ef54-4501-86f4-98e9e2510bb6/1/ZU6sYMl_JFdL2JQ8TkWelFJINEM.roa
File:                     ZU6sYMl_JFdL2JQ8TkWelFJINEM.roa (raw, json)
Hash identifier:          q/fg1KWhBv/eXWacAZ5EZhZlG00YE5hR6iq7p2CaW1k=
Subject key identifier:   65:4E:AC:60:C9:7F:24:57:4B:D8:94:3C:4E:45:9E:94:52:48:34:43
Certificate issuer:       /CN=505e2f2d5e7093ff8d4003a02b7d3e131ce70a12
Certificate serial:       012A2A
Authority key identifier: 50:5E:2F:2D:5E:70:93:FF:8D:40:03:A0:2B:7D:3E:13:1C:E7:0A:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UF4vLV5wk_-NQAOgK30-ExznChI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/5a7731-ef54-4501-86f4-98e9e2510bb6/1/ZU6sYMl_JFdL2JQ8TkWelFJINEM.roa
Signing time:             Thu 26 May 2022 18:35:14 +0000
ROA not before:           Thu 26 May 2022 18:35:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8075
IP address blocks:        178.255.242.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76330 (0x12a2a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=505e2f2d5e7093ff8d4003a02b7d3e131ce70a12
        Validity
            Not Before: May 26 18:35:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=654eac60c97f24574bd8943c4e459e9452483443
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:16:b8:37:83:a1:99:95:83:6d:33:12:f2:c6:
                    dd:81:38:e5:54:fe:db:f9:62:92:c2:42:95:85:0d:
                    46:63:3d:76:08:01:6a:13:70:7a:8e:9f:d7:93:dd:
                    8a:67:7c:10:ac:32:4c:57:17:5e:07:95:ce:e7:3a:
                    27:bc:48:c8:64:35:5b:dd:e6:16:08:47:15:1f:6f:
                    86:b2:6d:6e:95:ba:3a:5b:00:8c:e5:f9:09:a6:fe:
                    c8:5c:8f:7b:a5:5c:e5:ba:3d:7d:db:25:f6:83:54:
                    ad:7f:41:ec:53:7a:e1:d4:cc:f1:56:84:44:69:e4:
                    21:5c:81:0c:59:a2:ad:c4:db:e3:0b:ad:43:a8:5b:
                    33:38:07:d8:2b:87:59:48:b5:78:99:7f:bc:a6:77:
                    cd:78:5e:dd:dd:4e:c0:d9:63:94:c9:fe:43:e1:d0:
                    39:3f:70:f5:89:41:9d:0d:6c:f9:fb:ed:46:a7:70:
                    58:71:47:39:61:ba:99:7a:f2:90:2f:57:35:f4:60:
                    f7:7c:e0:25:8a:23:5a:5f:a2:c3:6b:e1:3a:09:93:
                    7b:e1:f7:b1:37:62:0c:3c:7b:e1:74:0e:fa:45:a8:
                    12:e0:4b:03:50:71:ed:d5:f0:58:a4:f4:4c:17:48:
                    86:f1:bf:de:87:00:5c:48:f0:70:f0:c5:3f:62:e8:
                    f3:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:4E:AC:60:C9:7F:24:57:4B:D8:94:3C:4E:45:9E:94:52:48:34:43
            X509v3 Authority Key Identifier:
                keyid:50:5E:2F:2D:5E:70:93:FF:8D:40:03:A0:2B:7D:3E:13:1C:E7:0A:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UF4vLV5wk_-NQAOgK30-ExznChI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5a7731-ef54-4501-86f4-98e9e2510bb6/1/ZU6sYMl_JFdL2JQ8TkWelFJINEM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5a7731-ef54-4501-86f4-98e9e2510bb6/1/UF4vLV5wk_-NQAOgK30-ExznChI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.255.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:cf:c5:81:1a:cd:f7:09:67:16:bb:39:3a:6d:5c:2c:f6:b6:
         fe:8a:dd:ce:f6:e9:45:85:de:69:43:71:03:1f:96:bc:71:81:
         a8:fd:93:df:62:65:94:0d:c0:3e:de:df:e1:19:a2:72:41:c9:
         32:26:2f:96:4e:59:15:83:ee:a9:34:19:ff:b8:9e:b3:26:0a:
         09:64:58:b1:05:b7:34:fd:61:56:c4:1c:58:39:e4:0b:36:c0:
         29:99:1f:8e:96:89:bf:d2:f1:22:c5:f6:c0:2d:bb:68:a5:4d:
         07:2a:37:aa:ec:b9:50:4a:e9:99:e9:1c:2c:2b:44:22:6c:f6:
         a9:e5:04:df:bd:6a:ff:0d:a3:bd:ad:c5:0c:f6:59:ed:2d:e8:
         44:80:9d:3e:bf:b5:57:c5:72:41:ef:20:df:b9:7d:a8:30:6a:
         9a:a3:5f:cf:25:87:29:42:af:73:70:d3:f1:f2:1a:47:08:d5:
         74:f0:76:e7:ee:45:8b:8d:e3:50:48:40:71:5b:4d:6d:e5:14:
         3d:69:ea:44:52:58:83:54:e7:fa:cf:7c:54:8d:f5:07:14:1b:
         b8:04:bf:76:c2:24:d7:69:7e:55:f6:1e:ba:48:4d:ef:e9:97:
         5a:af:43:16:2c:8b:9e:ad:e9:7a:8c:d5:f4:09:0a:e5:17:0d:
         fb:07:6a:7b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDASoqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUw
NWUyZjJkNWU3MDkzZmY4ZDQwMDNhMDJiN2QzZTEzMWNlNzBhMTIwHhcNMjIwNTI2
MTgzNTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2NTRlYWM2MGM5N2Yy
NDU3NGJkODk0M2M0ZTQ1OWU5NDUyNDgzNDQzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyRa4N4OhmZWDbTMS8sbdgTjlVP7b+WKSwkKVhQ1GYz12CAFq
E3B6jp/Xk92KZ3wQrDJMVxdeB5XO5zonvEjIZDVb3eYWCEcVH2+Gsm1ulbo6WwCM
5fkJpv7IXI97pVzluj192yX2g1Stf0HsU3rh1MzxVoREaeQhXIEMWaKtxNvjC61D
qFszOAfYK4dZSLV4mX+8pnfNeF7d3U7A2WOUyf5D4dA5P3D1iUGdDWz5++1Gp3BY
cUc5YbqZevKQL1c19GD3fOAliiNaX6LDa+E6CZN74fexN2IMPHvhdA76RagS4EsD
UHHt1fBYpPRMF0iG8b/ehwBcSPBw8MU/YujzdQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFGVOrGDJfyRXS9iUPE5FnpRSSDRDMB8GA1UdIwQYMBaAFFBeLy1ecJP/jUAD
oCt9PhMc5woSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VUY0dkxWNXdrXy1OUUFPZ0szMC1FeHpuQ2hJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZC81YTc3MzEtZWY1NC00NTAxLTg2ZjQtOThlOWUyNTEwYmI2LzEv
WlU2c1lNbF9KRmRMMkpROFRrV2VsRkpJTkVNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81
YTc3MzEtZWY1NC00NTAxLTg2ZjQtOThlOWUyNTEwYmI2LzEvVUY0dkxWNXdrXy1O
UUFPZ0szMC1FeHpuQ2hJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv/yMA0GCSqGSIb3DQEBCwUAA4IB
AQA4z8WBGs33CWcWuzk6bVws9rb+it3O9ulFhd5pQ3EDH5a8cYGo/ZPfYmWUDcA+
3t/hGaJyQckyJi+WTlkVg+6pNBn/uJ6zJgoJZFixBbc0/WFWxBxYOeQLNsApmR+O
lom/0vEixfbALbtopU0HKjeq7LlQSumZ6RwsK0QibPap5QTfvWr/DaO9rcUM9lnt
LehEgJ0+v7VXxXJB7yDfuX2oMGqao1/PJYcpQq9zcNPx8hpHCNV08Hbn7kWLjeNQ
SEBxW01t5RQ9aepEUliDVOf6z3xUjfUHFBu4BL92wiTXaX5V9h66SE3v6Zdar0MW
LIuerel6jNX0CQrlFw37B2p7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:21 2024 by rpki-client on console-ams.rpki-client.org