Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/a0H_mMuf89zHR4Yvdtx_TIBftxo.roa
File:                     a0H_mMuf89zHR4Yvdtx_TIBftxo.roa (raw, json)
Hash identifier:          3RfYUia1Q5b2UsJSviQfrWogElDWXc98Q7phWb4vWls=
Subject key identifier:   6B:41:FF:98:CB:9F:F3:DC:C7:47:86:2F:76:DC:7F:4C:80:5F:B7:1A
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       0184299F328906EEAD15B0CC2F6849300683
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/a0H_mMuf89zHR4Yvdtx_TIBftxo.roa
Signing time:             Sun 30 Oct 2022 16:00:09 +0000
ROA not before:           Sun 30 Oct 2022 16:00:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     53667
IP address blocks:        81.31.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:29:9f:32:89:06:ee:ad:15:b0:cc:2f:68:49:30:06:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Oct 30 16:00:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b41ff98cb9ff3dcc747862f76dc7f4c805fb71a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:87:3c:3f:01:90:23:7f:9e:0f:6d:44:d0:9a:
                    f7:3c:50:20:5b:ad:a9:d3:0e:df:1f:02:48:46:1b:
                    4c:9b:52:f8:69:0a:53:58:6a:1b:58:ee:e5:ba:85:
                    b3:2b:48:b0:e3:00:72:3d:19:68:45:ef:6e:1e:fe:
                    cc:b5:fa:0d:6f:cb:10:7a:59:5a:70:8e:be:d7:16:
                    d8:9e:57:1c:a2:d1:67:b0:7c:e4:de:e5:67:9c:52:
                    74:4e:c5:6e:95:07:bd:d2:e0:08:85:31:36:10:a1:
                    39:ca:87:58:dc:52:f6:f8:61:04:5a:ce:ed:e2:b2:
                    7b:13:ad:ce:da:3c:58:f4:66:9e:7c:59:5e:73:62:
                    eb:f7:7c:c9:0d:ba:8d:aa:98:60:7d:ab:3b:9c:f4:
                    69:94:d5:74:8c:4b:b5:eb:f6:a7:9b:e1:cc:9f:80:
                    fb:7a:d5:3b:2a:da:55:bb:a4:ae:c4:37:6f:f5:46:
                    25:08:a8:02:8b:bd:e8:8d:f0:4a:f1:2f:af:db:e0:
                    bb:33:e8:06:72:c3:28:2e:29:0f:c7:67:f8:d4:5b:
                    57:23:14:4c:58:d0:e3:4f:b7:52:ec:1e:09:f7:60:
                    3e:9e:a0:ab:1d:ec:8d:78:89:85:d7:c7:97:1f:a6:
                    26:2f:5d:16:88:5e:6b:a2:23:32:ca:39:36:13:c6:
                    22:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:41:FF:98:CB:9F:F3:DC:C7:47:86:2F:76:DC:7F:4C:80:5F:B7:1A
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/a0H_mMuf89zHR4Yvdtx_TIBftxo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:18:23:b5:95:9a:63:58:c4:1f:f1:62:08:f4:aa:0d:50:fd:
         33:ad:02:13:b8:2b:9b:91:14:71:4a:75:33:de:f0:6c:ff:6c:
         65:f0:4a:5a:9c:e0:a4:24:81:55:0c:d4:5a:f4:47:e9:ab:dd:
         2c:17:4b:23:24:89:d8:70:cd:79:06:50:e1:c1:37:e4:43:51:
         2e:e7:2c:01:6a:7e:84:73:5e:df:10:89:46:a1:d0:de:bf:bb:
         7c:42:8e:ca:d0:d6:b4:09:25:9c:71:92:45:2f:02:dc:a7:f4:
         9c:b9:20:f1:06:f5:c3:04:ea:d7:ae:75:7b:49:62:30:0a:d4:
         bb:c9:6f:09:07:6e:0f:2d:85:af:7a:6d:5c:05:65:26:1e:d7:
         d9:51:41:93:d4:79:8f:49:60:12:e6:73:7c:87:23:e7:a5:48:
         9c:1d:ff:86:75:bf:f2:25:70:c4:b0:ed:ef:88:6c:8f:49:b3:
         5e:bc:56:58:9d:87:ee:48:af:1d:48:f4:1c:f9:90:03:c9:72:
         0b:c7:04:34:a3:cc:51:6d:3b:11:40:64:15:af:3e:e8:95:9e:
         1d:99:d1:79:60:78:d3:94:0b:62:4f:f6:03:04:f2:53:23:5f:
         2a:cc:dd:9a:b4:8f:ce:bf:46:b5:b0:78:17:a5:4a:0e:1a:b6:
         78:df:bf:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQpnzKJBu6tFbDML2hJMAaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjIxMDMwMTYwMDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQxZmY5OGNiOWZmM2RjYzc0Nzg2MmY3NmRjN2Y0YzgwNWZiNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIc8PwGQI3+eD21E0Jr3PFAgW62p
0w7fHwJIRhtMm1L4aQpTWGobWO7luoWzK0iw4wByPRloRe9uHv7MtfoNb8sQella
cI6+1xbYnlccotFnsHzk3uVnnFJ0TsVulQe90uAIhTE2EKE5yodY3FL2+GEEWs7t
4rJ7E63O2jxY9GaefFlec2Lr93zJDbqNqphgfas7nPRplNV0jEu16/anm+HMn4D7
etU7KtpVu6SuxDdv9UYlCKgCi73ojfBK8S+v2+C7M+gGcsMoLikPx2f41FtXIxRM
WNDjT7dS7B4J92A+nqCrHeyNeImF18eXH6YmL10WiF5roiMyyjk2E8YiDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtB/5jLn/Pcx0eGL3bcf0yAX7caMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvYTBIX21NdWY4OXpIUjRZdmR0eF9USUJmdHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR/oMA0G
CSqGSIb3DQEBCwUAA4IBAQAdGCO1lZpjWMQf8WII9KoNUP0zrQITuCubkRRxSnUz
3vBs/2xl8EpanOCkJIFVDNRa9Efpq90sF0sjJInYcM15BlDhwTfkQ1Eu5ywBan6E
c17fEIlGodDev7t8Qo7K0Na0CSWccZJFLwLcp/ScuSDxBvXDBOrXrnV7SWIwCtS7
yW8JB24PLYWvem1cBWUmHtfZUUGT1HmPSWAS5nN8hyPnpUicHf+Gdb/yJXDEsO3v
iGyPSbNevFZYnYfuSK8dSPQc+ZADyXILxwQ0o8xRbTsRQGQVrz7olZ4dmdF5YHjT
lAtiT/YDBPJTI18qzN2atI/Ov0a1sHgXpUoOGrZ4379+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org