Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R4ZLuWm2jsx6a3XYKlUBrYr8YQs.roa
File:                     R4ZLuWm2jsx6a3XYKlUBrYr8YQs.roa (raw, json)
Hash identifier:          Fb2E/OKLuMby+mjbRrPsIRFnwmO7Yr52SV1uin42r5s=
Subject key identifier:   47:86:4B:B9:69:B6:8E:CC:7A:6B:75:D8:2A:55:01:AD:8A:FC:61:0B
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1C7A1AC7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R4ZLuWm2jsx6a3XYKlUBrYr8YQs.roa
Signing time:             Sat 01 Jan 2022 01:02:42 +0000
ROA not before:           Sat 01 Jan 2022 01:02:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60859
IP address blocks:        94.156.34.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 477764295 (0x1c7a1ac7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 01:02:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=47864bb969b68ecc7a6b75d82a5501ad8afc610b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:52:58:8a:01:77:c7:12:06:06:57:c3:e5:c6:
                    31:6c:98:21:13:1d:0a:a5:6c:bf:6d:d5:4e:64:68:
                    b0:65:09:77:c2:fc:c2:cf:9d:ba:ce:00:80:8b:94:
                    e0:3b:3a:d4:13:8d:ca:76:6b:a1:93:3b:3a:9e:78:
                    78:57:36:54:a5:6a:85:97:3e:6a:8e:16:0a:c2:00:
                    41:9c:7e:ad:4e:2c:f5:e5:54:89:8a:b1:e5:71:72:
                    6b:9d:68:f5:63:bc:87:f8:70:58:6f:66:61:d7:01:
                    c5:32:c0:77:c2:7c:cc:2c:03:cb:18:87:14:36:d5:
                    32:42:ab:f8:d6:91:3a:b1:1a:ae:4a:12:40:b1:3c:
                    85:ff:0e:dd:6a:1c:17:e7:f1:e9:bf:32:53:ab:74:
                    4f:c4:12:3f:40:62:45:ed:9a:21:38:66:9a:c4:f9:
                    f3:48:ad:96:6e:6a:5b:a3:95:8f:15:0e:e1:ee:da:
                    5a:b9:42:d8:9b:f0:e9:77:b1:1b:68:20:ca:f6:0d:
                    01:61:aa:7c:ad:a5:ca:b8:04:37:f8:df:64:21:cf:
                    d2:5a:ad:4a:92:e1:03:1a:5e:f2:e2:bd:5e:b1:27:
                    18:e5:b5:ae:22:e4:66:42:90:3c:58:b4:e5:75:1c:
                    e6:aa:5b:0f:6b:60:4f:c5:ed:89:f0:e7:1b:48:bc:
                    e0:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:86:4B:B9:69:B6:8E:CC:7A:6B:75:D8:2A:55:01:AD:8A:FC:61:0B
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R4ZLuWm2jsx6a3XYKlUBrYr8YQs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.156.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:cf:28:5a:bd:36:a7:91:54:0e:8e:5e:99:a5:2b:67:8f:3e:
         73:44:f0:99:4a:07:ad:0b:e9:77:7c:c2:5d:4c:8b:27:bd:c3:
         2c:90:d0:df:46:03:0b:7d:28:45:96:00:d1:ae:13:9e:cd:9a:
         f0:4b:38:9b:2c:98:ab:60:3f:60:7b:79:50:2d:9f:79:3b:23:
         6e:fa:dd:43:6a:b4:d2:f8:67:ac:1a:74:0e:6f:c2:a5:70:c8:
         f9:3a:8d:e6:99:89:fb:65:f6:53:60:89:b6:3e:2b:b8:5c:07:
         e8:89:3c:2a:c4:9f:07:b0:35:20:3c:27:ca:2a:a3:f1:4f:21:
         f9:37:a0:3d:90:10:60:22:4e:56:f1:18:d8:75:a6:20:fa:ca:
         b9:da:04:05:54:c3:17:55:1b:1d:eb:d5:04:ff:82:bc:eb:38:
         a5:b1:5f:c8:28:11:52:ae:dc:c4:d3:6c:62:27:c6:bd:0b:2a:
         1e:4d:b9:1a:00:3b:ee:c8:ff:82:49:67:09:10:82:51:a7:52:
         04:6e:a8:f0:a5:dc:8d:f2:55:bc:9c:4c:ec:30:fa:97:63:a6:
         f6:78:f2:cd:a7:a8:00:3e:12:1c:1c:37:4c:d7:1f:ba:45:b9:
         20:78:ab:1d:0a:5e:89:97:76:df:12:d6:ff:e1:33:10:1b:31:
         39:15:ee:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHHoaxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc4NjRiYjk2OWI2
OGVjYzdhNmI3NWQ4MmE1NTAxYWQ4YWZjNjEwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOhSWIoBd8cSBgZXw+XGMWyYIRMdCqVsv23VTmRosGUJd8L8
ws+dus4AgIuU4Ds61BONynZroZM7Op54eFc2VKVqhZc+ao4WCsIAQZx+rU4s9eVU
iYqx5XFya51o9WO8h/hwWG9mYdcBxTLAd8J8zCwDyxiHFDbVMkKr+NaROrEarkoS
QLE8hf8O3WocF+fx6b8yU6t0T8QSP0BiRe2aIThmmsT580itlm5qW6OVjxUO4e7a
WrlC2Jvw6XexG2ggyvYNAWGqfK2lyrgEN/jfZCHP0lqtSpLhAxpe8uK9XrEnGOW1
riLkZkKQPFi05XUc5qpbD2tgT8XtifDnG0i84CECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRHhku5abaOzHprddgqVQGtivxhCzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1I0Wkx1V20yanN4NmEzWFlLbFVCcllyOFlRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF6cIjANBgkqhkiG9w0BAQsFAAOC
AQEAFc8oWr02p5FUDo5emaUrZ48+c0TwmUoHrQvpd3zCXUyLJ73DLJDQ30YDC30o
RZYA0a4Tns2a8Es4myyYq2A/YHt5UC2feTsjbvrdQ2q00vhnrBp0Dm/CpXDI+TqN
5pmJ+2X2U2CJtj4ruFwH6Ik8KsSfB7A1IDwnyiqj8U8h+TegPZAQYCJOVvEY2HWm
IPrKudoEBVTDF1UbHevVBP+CvOs4pbFfyCgRUq7cxNNsYifGvQsqHk25GgA77sj/
gklnCRCCUadSBG6o8KXcjfJVvJxM7DD6l2Om9njyzaeoAD4SHBw3TNcfukW5IHir
HQpeiZd23xLW/+EzEBsxORXuHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:07 2024 by rpki-client on console-fra.rpki-client.org