Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/82JF6gXlBOfEesa16AZeefUublQ.roa
File:                     82JF6gXlBOfEesa16AZeefUublQ.roa (raw, json)
Hash identifier:          l3VWqv8MlaJB8P/D4BXsrLHfdYHv13NPPIJp3gO7Ruc=
Subject key identifier:   F3:62:45:EA:05:E5:04:E7:C4:7A:C6:B5:E8:06:5E:79:F5:2E:6E:54
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       0B5D369B
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/82JF6gXlBOfEesa16AZeefUublQ.roa
Signing time:             Sat 01 Jan 2022 08:58:37 +0000
ROA not before:           Sat 01 Jan 2022 08:58:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43417
IP address blocks:        213.194.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 190658203 (0xb5d369b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  1 08:58:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f36245ea05e504e7c47ac6b5e8065e79f52e6e54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:98:ab:41:b5:3e:80:ef:18:eb:db:f8:44:cc:
                    1e:a0:47:43:30:95:99:fb:f8:23:87:2a:84:ca:de:
                    59:87:2a:95:1b:53:46:f5:3c:ac:e4:09:08:58:6c:
                    65:89:40:d3:70:5e:fa:ae:70:9e:e5:f2:cb:94:db:
                    f8:56:6e:fa:75:fd:f3:f9:e9:d1:0b:21:1f:ff:05:
                    9b:31:48:27:99:6d:02:71:c4:7d:13:d4:65:5e:07:
                    85:7b:9e:a4:d5:51:58:a7:00:93:dd:78:0b:35:25:
                    87:49:2f:a1:4f:ea:33:c8:3e:83:b4:44:16:a6:58:
                    40:2b:59:6f:a4:99:11:5c:26:f1:b8:34:d6:9b:3f:
                    6c:e7:8b:be:98:34:16:5f:2e:f6:b9:b8:ad:a3:da:
                    4e:39:f8:54:d1:7b:37:af:0f:c3:70:9d:ad:66:1f:
                    b0:cf:4e:64:4e:6f:d3:77:40:c7:d7:19:a2:eb:cf:
                    29:90:d5:ab:ab:05:54:f9:c1:45:82:c2:99:40:ba:
                    6a:31:86:53:98:ae:0e:f6:b2:45:61:17:20:2b:8a:
                    5c:0f:bf:48:b0:c8:3f:a1:c0:3d:7f:77:8a:39:ec:
                    cc:69:9a:f7:b9:5b:03:4a:fe:ea:6f:b3:57:dc:c9:
                    b2:6c:09:ba:a5:44:e8:d7:c3:03:18:46:aa:49:a9:
                    2c:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:62:45:EA:05:E5:04:E7:C4:7A:C6:B5:E8:06:5E:79:F5:2E:6E:54
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/82JF6gXlBOfEesa16AZeefUublQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.194.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:26:56:44:d9:54:81:16:3c:b8:eb:77:da:2f:56:7b:1f:a8:
         d9:11:33:32:5d:58:4b:3e:d9:c4:9a:65:58:49:4b:d6:75:b4:
         c6:da:41:19:f3:42:b2:86:0c:57:fa:9b:ac:49:31:96:72:36:
         5a:b5:f8:35:4c:47:99:f7:62:af:40:34:b9:de:dc:62:c7:5e:
         ef:38:c9:73:dc:e2:13:6a:3d:be:a8:c8:a7:f2:09:b1:2e:2b:
         20:cc:2d:b6:c6:19:1b:72:27:ec:3c:0e:c5:21:27:88:22:f7:
         50:fd:02:f1:88:93:90:2c:ea:e3:6e:b0:c2:12:b7:c9:1b:1b:
         10:9b:83:9b:e2:17:ee:53:07:02:fd:9b:be:db:da:d9:57:f9:
         93:f0:fb:66:67:ae:b9:d1:9a:80:17:4c:84:cd:94:92:84:b0:
         f0:f4:d3:dd:c4:cd:a7:cb:3b:c0:27:81:c2:af:1c:bd:49:d8:
         e3:f5:96:e1:0c:a5:c6:4b:30:22:fc:e5:a0:38:3a:87:a8:10:
         c8:63:4a:d7:47:13:9b:b3:e6:2e:c0:e3:25:f4:e6:34:25:45:
         10:f3:88:2e:d3:99:b1:41:07:fe:26:f7:f9:f0:8f:73:55:23:
         83:70:8f:a9:6b:83:23:bf:8e:3e:6b:55:07:ec:3b:d4:35:33:
         09:e6:b7:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC102mzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjhmZTM1Y2M5NjI2MzNhMjc1N2FmMTBhMGU2ZThhYjZkMDFmNGM5MB4XDTIyMDEw
MTA4NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjM2MjQ1ZWEwNWU1
MDRlN2M0N2FjNmI1ZTgwNjVlNzlmNTJlNmU1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIiYq0G1PoDvGOvb+ETMHqBHQzCVmfv4I4cqhMreWYcqlRtT
RvU8rOQJCFhsZYlA03Be+q5wnuXyy5Tb+FZu+nX98/np0QshH/8FmzFIJ5ltAnHE
fRPUZV4HhXuepNVRWKcAk914CzUlh0kvoU/qM8g+g7REFqZYQCtZb6SZEVwm8bg0
1ps/bOeLvpg0Fl8u9rm4raPaTjn4VNF7N68Pw3CdrWYfsM9OZE5v03dAx9cZouvP
KZDVq6sFVPnBRYLCmUC6ajGGU5iuDvayRWEXICuKXA+/SLDIP6HAPX93ijnszGma
97lbA0r+6m+zV9zJsmwJuqVE6NfDAxhGqkmpLHMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTzYkXqBeUE58R6xrXoBl559S5uVDAfBgNVHSMEGDAWgBRWj+NcyWJjOidX
rxCg5uirbQH0yTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZvX2pYTWxpWXpvblY2OFFvT2JvcTIwQjlNay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8x
LzgySkY2Z1hsQk9mRWVzYTE2QVplZWZVdWJsUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8xL1ZvX2pYTWxpWXpv
blY2OFFvT2JvcTIwQjlNay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXCbDANBgkqhkiG9w0BAQsFAAOC
AQEARiZWRNlUgRY8uOt32i9Wex+o2REzMl1YSz7ZxJplWElL1nW0xtpBGfNCsoYM
V/qbrEkxlnI2WrX4NUxHmfdir0A0ud7cYsde7zjJc9ziE2o9vqjIp/IJsS4rIMwt
tsYZG3In7DwOxSEniCL3UP0C8YiTkCzq426wwhK3yRsbEJuDm+IX7lMHAv2bvtva
2Vf5k/D7ZmeuudGagBdMhM2UkoSw8PTT3cTNp8s7wCeBwq8cvUnY4/WW4Qylxksw
IvzloDg6h6gQyGNK10cTm7PmLsDjJfTmNCVFEPOILtOZsUEH/ib3+fCPc1Ujg3CP
qWuDI7+OPmtVB+w71DUzCea3JA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:56 2024 by rpki-client on console-fra.rpki-client.org