Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d69525-7cfb-47c8-9c4f-ef4458ea20cd/1/mF-IkzVvIS77pA_BeF_SJI9aQos.roa
File:                     mF-IkzVvIS77pA_BeF_SJI9aQos.roa (raw, json)
Hash identifier:          tUtcSbHaQLiMJWlhfpNjUjNpDWEYQyPPjr1NNK7vKVo=
Subject key identifier:   98:5F:88:93:35:6F:21:2E:FB:A4:0F:C1:78:5F:D2:24:8F:5A:42:8B
Certificate issuer:       /CN=07aef190f44bfc1db0c50f1a73fdf017081afe16
Certificate serial:       018321324AFFA16904AA1F32F7090239E573
Authority key identifier: 07:AE:F1:90:F4:4B:FC:1D:B0:C5:0F:1A:73:FD:F0:17:08:1A:FE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B67xkPRL_B2wxQ8ac_3wFwga_hY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/d69525-7cfb-47c8-9c4f-ef4458ea20cd/1/mF-IkzVvIS77pA_BeF_SJI9aQos.roa
Signing time:             Fri 09 Sep 2022 07:41:27 +0000
ROA not before:           Fri 09 Sep 2022 07:41:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211018
IP address blocks:        194.99.159.0/24 maxlen: 24
                          2a11:8e00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:21:32:4a:ff:a1:69:04:aa:1f:32:f7:09:02:39:e5:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07aef190f44bfc1db0c50f1a73fdf017081afe16
        Validity
            Not Before: Sep  9 07:41:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=985f8893356f212efba40fc1785fd2248f5a428b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:e6:4b:98:0b:9c:f5:f9:ff:c7:69:ad:16:f4:
                    87:66:8d:18:b1:e5:fb:56:fe:70:6c:d8:9a:8b:10:
                    d4:c4:a9:79:6b:47:75:1f:6b:0a:e4:d4:6e:69:90:
                    e3:fa:03:2a:15:7e:6c:50:d2:f0:a5:60:32:86:06:
                    65:c7:d6:cd:ff:e2:48:50:bb:e3:c3:70:30:a9:e5:
                    13:b6:33:25:73:f7:76:21:d1:35:0f:09:86:5d:59:
                    03:39:93:f4:4d:ee:c5:79:eb:bb:fa:b6:66:19:16:
                    85:cc:66:12:f9:83:72:4b:7f:4a:3e:a4:61:b5:96:
                    12:3f:30:8f:72:52:da:b9:92:79:a3:1f:f0:f9:13:
                    9a:92:bc:59:ea:ad:e9:0e:48:16:00:25:14:f8:5f:
                    d3:01:df:d0:be:c7:fb:8c:ad:47:8a:34:85:12:90:
                    34:c1:ef:ed:85:46:cd:1d:38:a4:4c:6a:19:ee:bd:
                    7b:39:3a:e4:86:91:9b:72:72:1f:25:ac:91:89:cd:
                    3d:41:d5:2d:4d:b9:8d:1e:6e:64:6f:c1:44:ff:f9:
                    75:4a:04:c5:a2:6b:a6:83:bf:6f:4c:91:be:13:bc:
                    b3:bd:29:0d:ae:ef:9a:a0:10:2c:fa:03:37:16:df:
                    52:15:e3:91:92:4d:15:20:40:6c:78:7e:2e:c3:a9:
                    49:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:5F:88:93:35:6F:21:2E:FB:A4:0F:C1:78:5F:D2:24:8F:5A:42:8B
            X509v3 Authority Key Identifier:
                keyid:07:AE:F1:90:F4:4B:FC:1D:B0:C5:0F:1A:73:FD:F0:17:08:1A:FE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B67xkPRL_B2wxQ8ac_3wFwga_hY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d69525-7cfb-47c8-9c4f-ef4458ea20cd/1/mF-IkzVvIS77pA_BeF_SJI9aQos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d69525-7cfb-47c8-9c4f-ef4458ea20cd/1/B67xkPRL_B2wxQ8ac_3wFwga_hY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.99.159.0/24
                IPv6:
                  2a11:8e00::/29

    Signature Algorithm: sha256WithRSAEncryption
         42:4e:5a:46:21:d0:48:f2:3a:d5:19:bd:a2:70:da:a6:17:22:
         61:46:45:03:0c:5f:93:d6:5b:29:b4:36:6f:07:5a:a3:40:0a:
         21:63:c3:89:48:e4:2b:2a:22:7e:42:0d:21:c8:57:cf:7f:d7:
         1b:09:24:db:87:06:6e:bf:10:9a:61:e0:21:e7:a4:b8:47:22:
         83:6b:5c:fa:f4:45:97:1f:5f:73:ea:71:8a:45:9d:45:87:b0:
         b3:aa:26:e5:d7:92:e8:00:09:60:36:1e:9b:1a:f3:5d:57:b4:
         bd:97:40:34:39:f4:3f:dc:54:89:56:bc:cd:63:3c:fd:1a:b2:
         73:86:0b:57:47:45:a4:e6:d4:a2:07:ff:8d:df:0c:67:7e:52:
         e8:d8:b9:f3:82:84:2f:b3:6f:01:0c:e9:4c:b2:92:15:d6:17:
         a5:82:6d:10:85:fb:82:6b:5c:14:23:c1:46:0d:7b:c3:fa:32:
         c5:fe:5c:0d:54:cb:6e:18:c5:c6:85:ac:0d:0d:7d:0e:bd:7a:
         d7:72:fa:8c:8c:31:f6:77:d2:80:59:36:b3:60:c6:bb:e8:8f:
         87:f3:9b:e5:14:85:63:2b:59:b9:c5:ce:ff:1f:6c:c3:09:8d:
         55:9a:d7:23:84:36:ef:b1:a4:d8:0e:ca:c2:0d:eb:a3:15:3d:
         c1:f0:3d:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMhMkr/oWkEqh8y9wkCOeVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YWVmMTkwZjQ0YmZjMWRiMGM1MGYxYTczZmRmMDE3MDgx
YWZlMTYwHhcNMjIwOTA5MDc0MTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODVmODg5MzM1NmYyMTJlZmJhNDBmYzE3ODVmZDIyNDhmNWE0MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuZLmAuc9fn/x2mtFvSHZo0YseX7
Vv5wbNiaixDUxKl5a0d1H2sK5NRuaZDj+gMqFX5sUNLwpWAyhgZlx9bN/+JIULvj
w3AwqeUTtjMlc/d2IdE1DwmGXVkDOZP0Te7Feeu7+rZmGRaFzGYS+YNyS39KPqRh
tZYSPzCPclLauZJ5ox/w+ROakrxZ6q3pDkgWACUU+F/TAd/Qvsf7jK1HijSFEpA0
we/thUbNHTikTGoZ7r17OTrkhpGbcnIfJayRic09QdUtTbmNHm5kb8FE//l1SgTF
omumg79vTJG+E7yzvSkNru+aoBAs+gM3Ft9SFeORkk0VIEBseH4uw6lJuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJhfiJM1byEu+6QPwXhf0iSPWkKLMB8GA1UdIwQY
MBaAFAeu8ZD0S/wdsMUPGnP98BcIGv4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjY3eGtQUkxfQjJ3eFE4YWNfM3dGd2dhX2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kNjk1MjUtN2NmYi00N2M4LTljNGYt
ZWY0NDU4ZWEyMGNkLzEvbUYtSWt6VnZJUzc3cEFfQmVGX1NKSTlhUW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kNjk1MjUtN2NmYi00N2M4LTljNGYtZWY0NDU4ZWEyMGNk
LzEvQjY3eGtQUkxfQjJ3eFE4YWNfM3dGd2dhX2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmOfMA0E
AgACMAcDBQMqEY4AMA0GCSqGSIb3DQEBCwUAA4IBAQBCTlpGIdBI8jrVGb2icNqm
FyJhRkUDDF+T1lsptDZvB1qjQAohY8OJSOQrKiJ+Qg0hyFfPf9cbCSTbhwZuvxCa
YeAh56S4RyKDa1z69EWXH19z6nGKRZ1Fh7Czqibl15LoAAlgNh6bGvNdV7S9l0A0
OfQ/3FSJVrzNYzz9GrJzhgtXR0Wk5tSiB/+N3wxnflLo2LnzgoQvs28BDOlMspIV
1helgm0QhfuCa1wUI8FGDXvD+jLF/lwNVMtuGMXGhawNDX0OvXrXcvqMjDH2d9KA
WTazYMa76I+H85vlFIVjK1m5xc7/H2zDCY1VmtcjhDbvsaTYDsrCDeujFT3B8D0g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:48 2024 by rpki-client on console-fra.rpki-client.org