Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/avfJRdXYz0QxGDOYrW5vP21tAgc.roa
File:                     avfJRdXYz0QxGDOYrW5vP21tAgc.roa (raw, json)
Hash identifier:          cP0B9G1cDtkCRiAQ/QdkMEizVEE1TTAHul5LoAV7VV8=
Subject key identifier:   6A:F7:C9:45:D5:D8:CF:44:31:18:33:98:AD:6E:6F:3F:6D:6D:02:07
Certificate issuer:       /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial:       0183A28F063B2F67428709A99B422586ED1B
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/avfJRdXYz0QxGDOYrW5vP21tAgc.roa
Signing time:             Tue 04 Oct 2022 10:33:45 +0000
ROA not before:           Tue 04 Oct 2022 10:33:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        94.154.42.0/24 maxlen: 24
                          94.154.43.0/24 maxlen: 24
                          94.154.44.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a2:8f:06:3b:2f:67:42:87:09:a9:9b:42:25:86:ed:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
        Validity
            Not Before: Oct  4 10:33:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6af7c945d5d8cf4431183398ad6e6f3f6d6d0207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:49:4e:15:34:eb:66:22:9d:a3:e6:80:d3:29:
                    49:4b:a0:78:78:c9:eb:78:80:fa:23:9c:55:7f:b9:
                    3f:bb:59:af:53:85:a3:4d:e9:9c:16:d5:00:ff:81:
                    62:d2:89:7c:f1:5a:3c:d6:7d:74:c4:47:1a:06:5d:
                    00:b6:3a:a9:83:18:6e:7e:2d:b2:3c:f0:82:16:12:
                    83:ed:af:7d:1b:97:9f:69:ce:ad:d2:de:16:93:54:
                    15:b6:37:44:44:67:be:be:a6:b7:a6:14:b8:02:ab:
                    9b:22:a4:b2:b5:dc:18:e1:37:02:3f:31:83:fe:f7:
                    de:38:67:71:60:ef:74:7a:93:1e:a0:da:44:ac:05:
                    b5:ba:8f:f7:5d:58:02:e7:d1:ff:35:b2:49:49:1e:
                    7b:da:df:b0:a2:fc:ae:12:5e:4d:9a:15:e9:76:7e:
                    cf:bf:88:91:d2:ab:e0:42:9b:96:29:61:e2:67:d8:
                    d3:d3:22:b7:ba:2f:94:30:8f:28:df:9d:d3:e7:4e:
                    ba:dc:02:08:71:fb:ef:c2:40:56:f7:76:38:37:de:
                    e5:29:ba:58:15:70:6c:46:e4:a8:5c:0b:5a:9c:af:
                    a4:e2:09:18:d9:6b:fc:b7:86:79:6a:bf:b5:31:46:
                    7f:95:1e:b1:6e:7f:7a:71:28:46:19:e9:37:3b:49:
                    48:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F7:C9:45:D5:D8:CF:44:31:18:33:98:AD:6E:6F:3F:6D:6D:02:07
            X509v3 Authority Key Identifier:
                keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/avfJRdXYz0QxGDOYrW5vP21tAgc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.42.0-94.154.44.255

    Signature Algorithm: sha256WithRSAEncryption
         98:f7:98:0b:6f:07:6d:1e:90:7d:75:19:4f:bc:01:d7:24:33:
         67:89:c7:53:0e:a6:96:0a:ae:cd:64:28:41:c6:3d:9c:bf:b0:
         f2:0a:39:11:56:b4:a8:15:83:fb:8c:99:25:4a:aa:f2:ec:54:
         22:61:73:49:86:74:65:90:4f:21:23:b4:c8:e5:1a:4a:da:e5:
         6a:36:06:ba:f1:5b:11:01:ef:09:38:6f:d9:c6:56:fc:c1:73:
         40:f0:47:ee:a1:e2:d1:ca:64:7f:4c:74:e6:18:d9:ee:a5:5f:
         3d:10:7c:3d:57:0f:da:ae:fa:5e:10:cb:8e:3f:fc:29:8c:ef:
         5e:20:9e:f2:25:e5:b8:d5:06:c3:fb:b5:59:27:94:0b:c8:af:
         f7:3d:18:81:65:16:67:76:19:3a:8c:e8:86:e6:d8:79:26:71:
         d3:d7:c1:cc:3e:bf:2a:da:cf:f8:4d:53:bf:e2:1e:87:51:b7:
         fd:ad:cc:cd:e7:7b:b3:96:f8:0b:2d:be:4b:ac:33:55:6f:fb:
         26:71:4d:7d:54:13:8e:c0:46:59:8b:ad:aa:34:f4:73:8d:8b:
         8d:0c:4f:a2:b4:db:9e:db:99:15:6a:bb:fa:10:51:8a:ca:02:
         c4:d5:cc:d7:47:19:93:1c:75:4a:30:d1:58:8c:a9:be:f8:3f:
         3b:68:5f:d2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYOijwY7L2dChwmpm0Ilhu0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjIxMDA0MTAzMzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWY3Yzk0NWQ1ZDhjZjQ0MzExODMzOThhZDZlNmYzZjZkNmQwMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhklOFTTrZiKdo+aA0ylJS6B4eMnr
eID6I5xVf7k/u1mvU4WjTemcFtUA/4Fi0ol88Vo81n10xEcaBl0Atjqpgxhufi2y
PPCCFhKD7a99G5efac6t0t4Wk1QVtjdERGe+vqa3phS4AqubIqSytdwY4TcCPzGD
/vfeOGdxYO90epMeoNpErAW1uo/3XVgC59H/NbJJSR572t+wovyuEl5NmhXpdn7P
v4iR0qvgQpuWKWHiZ9jT0yK3ui+UMI8o353T50663AIIcfvvwkBW93Y4N97lKbpY
FXBsRuSoXAtanK+k4gkY2Wv8t4Z5ar+1MUZ/lR6xbn96cShGGek3O0lIywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGr3yUXV2M9EMRgzmK1ubz9tbQIHMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvYXZmSlJkWFl6MFF4R0RPWXJXNXZQMjF0QWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFemioD
BABemiwwDQYJKoZIhvcNAQELBQADggEBAJj3mAtvB20ekH11GU+8AdckM2eJx1MO
ppYKrs1kKEHGPZy/sPIKORFWtKgVg/uMmSVKqvLsVCJhc0mGdGWQTyEjtMjlGkra
5Wo2BrrxWxEB7wk4b9nGVvzBc0DwR+6h4tHKZH9MdOYY2e6lXz0QfD1XD9qu+l4Q
y44//CmM714gnvIl5bjVBsP7tVknlAvIr/c9GIFlFmd2GTqM6Ibm2HkmcdPXwcw+
vyraz/hNU7/iHodRt/2tzM3ne7OW+AstvkusM1Vv+yZxTX1UE47ARlmLrao09HON
i40MT6K0257bmRVqu/oQUYrKAsTVzNdHGZMcdUow0ViMqb74PztoX9I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:31 2024 by rpki-client on console-fra.rpki-client.org