Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/74LYaAOeb7bqathxzUy-iplfxQg.roa
File:                     74LYaAOeb7bqathxzUy-iplfxQg.roa (raw, json)
Hash identifier:          aKCA4a+umRrWQOuldjuibnYr8CJNnndanv4wii+O+qg=
Subject key identifier:   EF:82:D8:68:03:9E:6F:B6:EA:6A:D8:71:CD:4C:BE:8A:99:5F:C5:08
Certificate issuer:       /CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Certificate serial:       096DAE5A
Authority key identifier: FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/74LYaAOeb7bqathxzUy-iplfxQg.roa
Signing time:             Sat 12 Feb 2022 10:57:09 +0000
ROA not before:           Sat 12 Feb 2022 10:57:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57706
IP address blocks:        2.58.58.0/24 maxlen: 24
                          2.58.59.0/24 maxlen: 24
                          2a09:e240::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 158183002 (0x96dae5a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb744006eac3084bf88f128349b0e733bb3d79e3
        Validity
            Not Before: Feb 12 10:57:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ef82d868039e6fb6ea6ad871cd4cbe8a995fc508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:af:ce:64:88:77:2c:7f:33:cc:dd:a6:fb:b1:
                    f3:86:d6:84:39:23:a6:6a:9e:5d:e2:03:f1:4a:db:
                    0b:6c:b4:36:ce:bf:10:33:65:fd:68:ba:7a:22:3f:
                    62:82:d8:17:48:a6:95:87:58:13:40:95:0d:b4:b2:
                    51:d6:99:7a:05:d0:46:f5:53:ea:13:e9:be:2d:c7:
                    a3:00:94:fe:fe:18:21:44:ce:e0:8c:86:c6:e8:77:
                    4b:f3:d1:37:90:7f:20:f4:9b:be:63:5a:c0:8b:c2:
                    8b:99:3a:4a:4b:19:b1:fd:ac:ac:25:5f:7b:8f:60:
                    4a:8f:bc:90:12:49:1d:79:f8:82:f3:d2:97:e4:16:
                    63:6f:09:cc:20:de:25:a4:11:1b:ff:2b:46:52:c1:
                    c3:38:6c:fc:f4:61:b2:22:12:43:4c:25:3f:89:e3:
                    bc:ad:15:33:ac:76:af:1d:4e:fa:a1:56:12:ce:8e:
                    95:58:8f:c6:52:7d:6b:14:05:61:13:ad:33:aa:ef:
                    39:f0:1c:aa:32:29:82:47:97:5d:52:1d:55:90:b9:
                    33:23:d3:c6:6b:b6:2e:8e:0b:71:3a:0f:7f:9e:6a:
                    13:8a:8c:8f:65:5b:30:63:21:4c:59:56:e5:4b:dc:
                    e1:1a:93:8f:64:23:36:e9:47:02:4e:46:ff:d7:aa:
                    7c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:82:D8:68:03:9E:6F:B6:EA:6A:D8:71:CD:4C:BE:8A:99:5F:C5:08
            X509v3 Authority Key Identifier:
                keyid:FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/74LYaAOeb7bqathxzUy-iplfxQg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/1-3RABurDCEv4jxKDSbDnM7s9eeM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.58.0/23
                IPv6:
                  2a09:e240::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:b1:15:d4:37:60:64:27:62:7e:df:60:51:22:fc:9a:4b:06:
         f2:f7:93:f3:35:4c:f4:7e:77:8a:eb:92:5c:1c:7b:a7:11:e3:
         3d:ad:9b:40:46:36:6f:48:81:c2:06:a2:3b:e9:25:da:14:64:
         a5:6f:ba:e8:b8:20:fa:91:97:32:46:b7:e7:73:4b:6c:9b:0d:
         ad:f6:be:39:ab:49:79:24:86:28:31:85:70:33:c9:d9:a2:a7:
         a1:b1:6c:33:fd:38:e0:7f:f1:03:dc:cd:b8:0f:11:d5:f5:69:
         7a:6a:58:f7:de:06:84:89:ff:4d:ae:e9:54:85:a0:e2:9d:45:
         be:89:b7:a7:08:99:9e:89:cd:de:7b:66:06:78:d8:1e:d2:5e:
         1b:cb:7b:6d:dd:a7:8e:58:12:be:4d:3c:34:16:84:ea:92:d8:
         8e:2d:3d:b9:29:c0:dc:f1:b3:97:7e:29:7d:a0:b1:8a:e5:9d:
         f4:0b:ec:06:b5:98:a9:44:f8:c0:93:97:06:48:1a:e0:2c:1f:
         5a:28:fa:b9:44:28:55:e8:a3:04:78:7f:19:3e:c8:89:98:fa:
         24:d3:4f:fb:82:a6:fe:a0:63:8e:e1:96:4f:6d:c5:a1:f9:23:
         ce:bf:5b:e7:03:01:d8:c7:3c:84:1c:5a:a2:9c:80:88:f2:f0:
         f7:a6:4b:24
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIECW2uWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjc0NDAwNmVhYzMwODRiZjg4ZjEyODM0OWIwZTczM2JiM2Q3OWUzMB4XDTIyMDIx
MjEwNTcwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY4MmQ4NjgwMzll
NmZiNmVhNmFkODcxY2Q0Y2JlOGE5OTVmYzUwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWvzmSIdyx/M8zdpvux84bWhDkjpmqeXeID8UrbC2y0Ns6/
EDNl/Wi6eiI/YoLYF0imlYdYE0CVDbSyUdaZegXQRvVT6hPpvi3HowCU/v4YIUTO
4IyGxuh3S/PRN5B/IPSbvmNawIvCi5k6SksZsf2srCVfe49gSo+8kBJJHXn4gvPS
l+QWY28JzCDeJaQRG/8rRlLBwzhs/PRhsiISQ0wlP4njvK0VM6x2rx1O+qFWEs6O
lViPxlJ9axQFYROtM6rvOfAcqjIpgkeXXVIdVZC5MyPTxmu2Lo4LcToPf55qE4qM
j2VbMGMhTFlW5Uvc4RqTj2QjNulHAk5G/9eqfLUCAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBTvgthoA55vtupq2HHNTL6KmV/FCDAfBgNVHSMEGDAWgBT7dEAG6sMIS/iP
EoNJsOczuz154zAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtM1JBQnVyRENFdjRqeEtEU2JEbk03czllZU0uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2ZlLzE3ODM2YS1kNjc4LTQxY2EtOGZiMi01ZWI3YmVmOWE3YTgv
MS83NExZYUFPZWI3YnFhdGh4elV5LWlwbGZ4UWcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Zl
LzE3ODM2YS1kNjc4LTQxY2EtOGZiMi01ZWI3YmVmOWE3YTgvMS8xLTNSQUJ1ckRD
RXY0anhLRFNiRG5NN3M5ZWVNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBAjo6MA8EAgACMAkDBwAqCeJA
AAAwDQYJKoZIhvcNAQELBQADggEBAG+xFdQ3YGQnYn7fYFEi/JpLBvL3k/M1TPR+
d4rrklwce6cR4z2tm0BGNm9IgcIGojvpJdoUZKVvuui4IPqRlzJGt+dzS2ybDa32
vjmrSXkkhigxhXAzydmip6GxbDP9OOB/8QPczbgPEdX1aXpqWPfeBoSJ/02u6VSF
oOKdRb6Jt6cImZ6Jzd57ZgZ42B7SXhvLe23dp45YEr5NPDQWhOqS2I4tPbkpwNzx
s5d+KX2gsYrlnfQL7Aa1mKlE+MCTlwZIGuAsH1oo+rlEKFXoowR4fxk+yImY+iTT
T/uCpv6gY47hlk9txaH5I86/W+cDAdjHPIQcWqKcgIjy8PemSyQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:01 2024 by rpki-client on console-fra.rpki-client.org