Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/VPD7YUZh3HM82DzTUtpKj2fgLPc.roa
File:                     VPD7YUZh3HM82DzTUtpKj2fgLPc.roa (raw, json)
Hash identifier:          6qO0Hp29EaLUZUVfeovnXQiqgWhTCycO5biqFMfT+uk=
Subject key identifier:   54:F0:FB:61:46:61:DC:73:3C:D8:3C:D3:52:DA:4A:8F:67:E0:2C:F7
Certificate issuer:       /CN=53c912a0411bb0174507092d0ca35a91ad79905c
Certificate serial:       06E02D53
Authority key identifier: 53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/VPD7YUZh3HM82DzTUtpKj2fgLPc.roa
Signing time:             Sat 01 Jan 2022 09:01:20 +0000
ROA not before:           Sat 01 Jan 2022 09:01:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8220
IP address blocks:        194.59.137.0/24 maxlen: 24
                          194.59.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115354963 (0x6e02d53)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53c912a0411bb0174507092d0ca35a91ad79905c
        Validity
            Not Before: Jan  1 09:01:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54f0fb614661dc733cd83cd352da4a8f67e02cf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:10:89:72:33:4e:60:d8:ce:f5:6d:26:6c:33:
                    79:9e:49:24:db:48:59:01:02:89:07:b4:a1:45:cd:
                    9a:4c:fe:a0:35:38:b9:8b:50:a3:ca:67:0d:e9:1a:
                    e0:c8:57:ff:69:77:73:f1:4d:25:28:52:63:66:14:
                    13:80:fb:dc:3c:ca:20:b3:36:ec:2e:ee:e4:13:e6:
                    11:39:29:8a:99:ff:e6:a6:70:72:11:a6:3d:ef:7d:
                    8a:62:44:2a:08:6d:0f:7e:2e:39:2b:49:81:37:9d:
                    ed:f6:41:56:d4:4b:38:05:92:d6:6a:fe:9b:95:74:
                    ba:6b:bb:e7:df:e6:95:d7:97:7c:4d:d0:30:46:c9:
                    7c:61:e9:7e:62:68:01:fc:2c:68:0c:78:f1:a5:3a:
                    b1:f5:c4:5d:08:03:8e:9d:aa:7f:ec:c5:15:a9:f5:
                    5b:01:30:8d:62:27:d9:ab:77:0f:23:66:02:7a:f6:
                    8f:16:56:ab:a8:2f:c2:bf:0e:70:e4:87:86:ad:cb:
                    ee:c6:7f:5d:8b:6e:17:9b:c6:50:8b:66:2d:6e:cc:
                    83:9e:c8:15:0c:99:6e:3d:0c:20:b3:d9:bc:d4:c2:
                    33:0c:d1:c9:54:59:c9:73:d5:c4:8e:01:b1:71:4f:
                    c3:dc:47:2a:46:10:26:07:c0:7c:bf:f3:1b:d9:6a:
                    66:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:F0:FB:61:46:61:DC:73:3C:D8:3C:D3:52:DA:4A:8F:67:E0:2C:F7
            X509v3 Authority Key Identifier:
                keyid:53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/VPD7YUZh3HM82DzTUtpKj2fgLPc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.59.137.0/24
                  194.59.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:4e:6a:e3:a5:5e:81:8c:8f:85:2e:e9:61:8d:f1:a6:6b:45:
         03:aa:87:28:5d:e4:57:a0:b3:c6:e9:b3:26:02:67:98:93:4f:
         4c:04:61:90:4d:27:81:91:28:c2:29:34:96:d9:89:17:22:9e:
         3e:66:3f:ff:a1:a7:96:26:0e:d3:d0:db:db:f3:25:95:99:e3:
         17:2f:7b:89:4d:de:60:2b:60:13:d9:df:8d:9e:49:f5:63:9e:
         07:8d:c0:98:44:a9:ef:a4:12:8c:34:52:6c:5f:9b:85:f2:c3:
         41:c4:09:59:bc:6e:d0:8f:df:c9:80:86:aa:08:c3:49:f8:33:
         54:41:44:09:91:46:0b:ae:b8:11:63:36:18:24:f2:03:a2:b6:
         cf:6b:73:ac:fa:2c:61:39:5c:f1:38:d3:b1:a3:c7:01:3a:4c:
         ff:78:ef:19:f7:2b:5f:1a:9b:33:8e:3f:0b:26:26:ed:0f:bb:
         62:12:35:66:f8:0a:8e:ba:8f:f4:06:2b:f0:1f:68:dd:ac:52:
         71:0c:00:ed:3d:3e:97:f9:7c:c0:9a:b9:21:a6:9e:9f:a4:78:
         8d:ae:05:b6:36:8c:ea:be:e9:0c:fd:42:8d:ce:02:8c:95:fb:
         9b:21:0b:a6:62:0e:8f:f1:55:6c:e0:14:36:e1:df:ab:7e:5c:
         5b:20:7d:56
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBuAtUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2M5MTJhMDQxMWJiMDE3NDUwNzA5MmQwY2EzNWE5MWFkNzk5MDVjMB4XDTIyMDEw
MTA5MDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRmMGZiNjE0NjYx
ZGM3MzNjZDgzY2QzNTJkYTRhOGY2N2UwMmNmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgQiXIzTmDYzvVtJmwzeZ5JJNtIWQECiQe0oUXNmkz+oDU4
uYtQo8pnDeka4MhX/2l3c/FNJShSY2YUE4D73DzKILM27C7u5BPmETkpipn/5qZw
chGmPe99imJEKghtD34uOStJgTed7fZBVtRLOAWS1mr+m5V0umu759/mldeXfE3Q
MEbJfGHpfmJoAfwsaAx48aU6sfXEXQgDjp2qf+zFFan1WwEwjWIn2at3DyNmAnr2
jxZWq6gvwr8OcOSHhq3L7sZ/XYtuF5vGUItmLW7Mg57IFQyZbj0MILPZvNTCMwzR
yVRZyXPVxI4BsXFPw9xHKkYQJgfAfL/zG9lqZuUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRU8PthRmHcczzYPNNS2kqPZ+As9zAfBgNVHSMEGDAWgBRTyRKgQRuwF0UH
CS0Mo1qRrXmQXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1U4a1NvRUVic0JkRkJ3a3RES05ha2ExNWtGdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvZDc3ZTYwLTg5MTYtNGY5Ni04ZWQwLWUyMWM0MzZiNjJlZi8x
L1ZQRDdZVVpoM0hNODJEelRVdHBLajJmZ0xQYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
ZDc3ZTYwLTg5MTYtNGY5Ni04ZWQwLWUyMWM0MzZiNjJlZi8xL1U4a1NvRUVic0Jk
RkJ3a3RES05ha2ExNWtGdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMI7iQMEAMI7izANBgkqhkiG9w0B
AQsFAAOCAQEAhk5q46VegYyPhS7pYY3xpmtFA6qHKF3kV6CzxumzJgJnmJNPTARh
kE0ngZEowik0ltmJFyKePmY//6GnliYO09Db2/MllZnjFy97iU3eYCtgE9nfjZ5J
9WOeB43AmESp76QSjDRSbF+bhfLDQcQJWbxu0I/fyYCGqgjDSfgzVEFECZFGC664
EWM2GCTyA6K2z2tzrPosYTlc8TjTsaPHATpM/3jvGfcrXxqbM44/CyYm7Q+7YhI1
ZvgKjrqP9AYr8B9o3axScQwA7T0+l/l8wJq5Iaaen6R4ja4FtjaM6r7pDP1Cjc4C
jJX7myELpmIOj/FVbOAUNuHfq35cWyB9Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:45 2024 by rpki-client on console-fra.rpki-client.org