Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/f1l5yv5ZUmvFugToLsfHdYwzixg.roa
File:                     f1l5yv5ZUmvFugToLsfHdYwzixg.roa (raw, json)
Hash identifier:          E6vWRgcxfwy4liKCWvsyuOUW/cwBvfbIogW/Jd1OrIk=
Subject key identifier:   7F:59:79:CA:FE:59:52:6B:C5:BA:04:E8:2E:C7:C7:75:8C:33:8B:18
Certificate issuer:       /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial:       3421C1F7
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/f1l5yv5ZUmvFugToLsfHdYwzixg.roa
Signing time:             Sat 01 Jan 2022 09:03:11 +0000
ROA not before:           Sat 01 Jan 2022 09:03:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51955
IP address blocks:        194.0.8.0/24 maxlen: 24
                          194.0.48.0/24 maxlen: 24
                          194.0.49.0/24 maxlen: 24
                          194.0.50.0/24 maxlen: 24
                          91.198.156.0/24 maxlen: 24
                          194.8.2.0/24 maxlen: 24
                          194.8.3.0/24 maxlen: 24
                          2001:678:80::/48 maxlen: 48
                          2a02:503:8::/48 maxlen: 48
                          2001:678:b::/48 maxlen: 48
                          2001:678:84::/48 maxlen: 48
                          2a02:503::/48 maxlen: 48
                          2001:678:7c::/48 maxlen: 48
                          2a02:503:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 874627575 (0x3421c1f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
        Validity
            Not Before: Jan  1 09:03:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7f5979cafe59526bc5ba04e82ec7c7758c338b18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:bb:3b:8c:db:4f:3b:97:8e:a1:fc:af:66:b2:
                    d2:e9:7a:49:81:c6:6f:bd:5f:6f:e6:ef:d6:74:3b:
                    ee:e7:83:d7:34:a4:06:93:8c:d0:07:3d:59:d1:94:
                    e9:77:1f:af:3d:51:ce:cc:5f:63:75:58:0b:2c:a7:
                    c1:c8:15:33:28:ac:55:b5:f9:7c:7a:18:3e:21:77:
                    9a:85:23:3e:96:d6:82:f3:62:6c:41:f9:6a:57:69:
                    a0:26:71:55:11:e5:72:3b:9b:2b:41:c3:f5:da:93:
                    c2:fb:b2:af:05:09:6b:ef:b2:3a:11:13:c2:e5:df:
                    92:19:38:66:52:d1:cc:08:a7:99:01:b0:55:1f:49:
                    62:e9:ca:b1:e1:ab:b2:9e:9a:ab:75:99:7b:46:46:
                    09:ce:bc:a4:2c:f3:0e:dc:f4:c8:7e:74:b6:5a:f5:
                    fe:4d:5a:60:fc:fe:34:92:6d:2b:d0:94:99:0a:c4:
                    23:bb:0e:ba:c7:41:3d:55:9d:04:5a:e7:4c:2f:52:
                    ab:3b:b3:fe:06:72:d3:1d:f1:54:ad:8a:94:02:ce:
                    3f:68:9e:b8:82:a6:01:e4:50:dc:1c:2f:20:ea:d6:
                    e0:3c:67:42:05:c5:00:09:6f:03:86:78:2d:4b:68:
                    4b:dc:ac:e3:f4:83:2c:e3:08:2c:95:ae:11:ab:da:
                    d3:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:59:79:CA:FE:59:52:6B:C5:BA:04:E8:2E:C7:C7:75:8C:33:8B:18
            X509v3 Authority Key Identifier:
                keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/f1l5yv5ZUmvFugToLsfHdYwzixg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.156.0/24
                  194.0.8.0/24
                  194.0.48.0-194.0.50.255
                  194.8.2.0/23
                IPv6:
                  2001:678:b::/48
                  2001:678:7c::/48
                  2001:678:80::/48
                  2001:678:84::/48
                  2a02:503::/47
                  2a02:503:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         be:e0:e3:9c:2a:11:9f:58:26:72:b8:65:ff:3b:b2:e6:1b:34:
         4a:d5:ce:84:ac:fa:cf:c8:a7:6b:2d:97:2b:3a:8a:be:cf:b1:
         23:cc:ed:20:e0:6a:63:21:c8:7f:98:9f:3e:a7:f3:39:18:50:
         24:9c:22:b2:50:d2:82:43:bf:ee:21:36:0b:21:8e:59:d3:25:
         57:ab:aa:c3:84:2a:78:b6:93:26:37:c3:22:da:d6:c9:99:a9:
         7d:c6:82:e7:d1:88:35:d1:c3:c1:5e:88:29:4a:59:a1:26:23:
         1c:e7:80:9f:f6:d9:65:70:79:36:23:10:ec:2f:c3:1b:6c:27:
         05:ca:da:6e:3f:b2:4f:c0:1b:f6:6b:2a:dc:50:9f:49:1e:a7:
         75:f9:ab:57:bd:16:54:27:9f:1f:3c:30:60:7b:e5:ab:47:97:
         f6:28:1b:a5:63:e3:54:c5:5d:c7:7e:b7:48:6a:46:c1:34:8a:
         15:40:19:32:a5:30:b3:b6:30:34:42:3a:82:ac:ab:2b:94:71:
         00:b3:1d:98:5f:06:b5:55:c8:86:14:4a:dc:72:ce:92:e0:a4:
         d1:0b:75:87:73:36:d7:7b:05:b4:d1:42:36:a1:51:20:c9:93:
         85:16:8f:cd:e3:4f:ab:92:4c:5a:cd:92:ba:b8:35:36:03:43:
         ed:2e:31:6b
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIENCHB9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjBiMjRhNzQwZjJlNjE2MzIwNTBhZGMxNDZjMWVlNmEzZTY4NmM1MB4XDTIyMDEw
MTA5MDMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y1OTc5Y2FmZTU5
NTI2YmM1YmEwNGU4MmVjN2M3NzU4YzMzOGIxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANC7O4zbTzuXjqH8r2ay0ul6SYHGb71fb+bv1nQ77ueD1zSk
BpOM0Ac9WdGU6Xcfrz1RzsxfY3VYCyynwcgVMyisVbX5fHoYPiF3moUjPpbWgvNi
bEH5aldpoCZxVRHlcjubK0HD9dqTwvuyrwUJa++yOhETwuXfkhk4ZlLRzAinmQGw
VR9JYunKseGrsp6aq3WZe0ZGCc68pCzzDtz0yH50tlr1/k1aYPz+NJJtK9CUmQrE
I7sOusdBPVWdBFrnTC9Sqzuz/gZy0x3xVK2KlALOP2ieuIKmAeRQ3BwvIOrW4Dxn
QgXFAAlvA4Z4LUtoS9ys4/SDLOMILJWuEava08cCAwEAAaOCAmEwggJdMB0GA1Ud
DgQWBBR/WXnK/llSa8W6BOgux8d1jDOLGDAfBgNVHSMEGDAWgBQyCySnQPLmFjIF
CtwUbB7mo+aGxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01nc2twMER5NWhZeUJRcmNGR3dlNXFQbWhzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvOWMyN2U0LWQ3YjEtNDNjMS1hMzhmLTk0OTE0ZjVkZGIzYy8x
L2YxbDV5djVaVW12RnVnVG9Mc2ZIZFl3eml4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
OWMyN2U0LWQ3YjEtNDNjMS1hMzhmLTk0OTE0ZjVkZGIzYy8xL01nc2twMER5NWhZ
eUJRcmNGR3dlNXFQbWhzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3
BggrBgEFBQcBBwEB/wRoMGYwJgQCAAEwIAMEAFvGnAMEAMIACDAMAwQEwgAwAwQA
wgAyAwQBwggCMDwEAgACMDYDBwAgAQZ4AAsDBwAgAQZ4AHwDBwAgAQZ4AIADBwAg
AQZ4AIQDBwEqAgUDAAADBwAqAgUDAAgwDQYJKoZIhvcNAQELBQADggEBAL7g45wq
EZ9YJnK4Zf87suYbNErVzoSs+s/Ip2stlys6ir7PsSPM7SDgamMhyH+Ynz6n8zkY
UCScIrJQ0oJDv+4hNgshjlnTJVerqsOEKni2kyY3wyLa1smZqX3GgufRiDXRw8Fe
iClKWaEmIxzngJ/22WVweTYjEOwvwxtsJwXK2m4/sk/AG/ZrKtxQn0kep3X5q1e9
FlQnnx88MGB75atHl/YoG6Vj41TFXcd+t0hqRsE0ihVAGTKlMLO2MDRCOoKsqyuU
cQCzHZhfBrVVyIYUStxyzpLgpNELdYdzNtd7BbTRQjahUSDJk4UWj83jT6uSTFrN
krq4NTYDQ+0uMWs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:31 2024 by rpki-client on console-ams.rpki-client.org