Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/e62e0c-25eb-4c95-8002-87f1cf73a43a/1/1rAcSu-esX3-rgCm66zX35ZvTpU.roa
File:                     1rAcSu-esX3-rgCm66zX35ZvTpU.roa (raw, json)
Hash identifier:          zWpfHi6G/PzYcyM6VhR6FBNJgHVoVDX5enrFGIRz8PE=
Subject key identifier:   D6:B0:1C:4A:EF:9E:B1:7D:FE:AE:00:A6:EB:AC:D7:DF:96:6F:4E:95
Certificate issuer:       /CN=e67c1145d18554698edd99d7cd199cd3c02b2a15
Certificate serial:       01F08219
Authority key identifier: E6:7C:11:45:D1:85:54:69:8E:DD:99:D7:CD:19:9C:D3:C0:2B:2A:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5nwRRdGFVGmO3ZnXzRmc08ArKhU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/e62e0c-25eb-4c95-8002-87f1cf73a43a/1/1rAcSu-esX3-rgCm66zX35ZvTpU.roa
Signing time:             Sat 01 Jan 2022 09:58:29 +0000
ROA not before:           Sat 01 Jan 2022 09:58:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1299
IP address blocks:        194.126.228.0/24 maxlen: 24
                          2001:67c:2310::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32539161 (0x1f08219)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e67c1145d18554698edd99d7cd199cd3c02b2a15
        Validity
            Not Before: Jan  1 09:58:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d6b01c4aef9eb17dfeae00a6ebacd7df966f4e95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:78:9c:ea:37:26:41:e5:2e:24:f7:fb:de:20:
                    10:08:b5:d7:7d:97:2b:e3:b0:98:c9:e3:ed:d8:03:
                    c7:1d:72:dc:45:c5:b8:7d:48:96:b5:97:73:5d:e0:
                    0e:6a:b8:df:99:3d:ca:37:65:a2:f2:a8:82:c5:65:
                    58:d3:f3:ab:9d:ea:ec:96:53:b5:02:4f:54:b6:d2:
                    9f:a2:f8:45:01:0e:24:1b:45:1a:25:5b:43:cb:48:
                    51:d6:88:e4:81:0e:ac:9a:3e:bc:67:0c:61:ff:5c:
                    46:4c:f6:26:19:22:77:ad:12:40:d2:ff:07:11:6e:
                    e7:8f:4e:c0:9c:01:ba:f1:0f:d6:3c:e4:d0:d0:56:
                    74:91:c0:6d:4a:09:04:60:cb:f6:16:46:b6:d8:a6:
                    27:7f:4f:78:6c:c8:cc:42:2b:cc:73:5d:99:b4:6c:
                    18:f2:d8:bd:a5:07:c1:03:c8:56:aa:97:3c:d4:fd:
                    d5:06:3f:a7:62:b9:91:26:b4:1d:67:4f:f7:f6:96:
                    19:71:22:71:6e:e6:0a:71:3d:3b:d5:ac:be:38:5f:
                    41:aa:fa:f2:db:5b:11:ce:12:40:3c:73:e8:d8:4f:
                    48:16:5a:17:5c:3f:37:95:0f:7a:6b:c5:c0:ec:49:
                    1c:c0:2a:15:68:57:74:60:6f:0b:32:62:1a:ac:b3:
                    d8:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:B0:1C:4A:EF:9E:B1:7D:FE:AE:00:A6:EB:AC:D7:DF:96:6F:4E:95
            X509v3 Authority Key Identifier:
                keyid:E6:7C:11:45:D1:85:54:69:8E:DD:99:D7:CD:19:9C:D3:C0:2B:2A:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5nwRRdGFVGmO3ZnXzRmc08ArKhU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/e62e0c-25eb-4c95-8002-87f1cf73a43a/1/1rAcSu-esX3-rgCm66zX35ZvTpU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/e62e0c-25eb-4c95-8002-87f1cf73a43a/1/5nwRRdGFVGmO3ZnXzRmc08ArKhU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.126.228.0/24
                IPv6:
                  2001:67c:2310::/48

    Signature Algorithm: sha256WithRSAEncryption
         3c:b9:6b:66:c2:78:69:89:ad:11:ce:16:e2:63:8e:6e:90:7c:
         dc:16:03:20:91:a1:d8:b2:95:b0:dd:a7:78:4a:fc:b1:0a:d9:
         d7:91:ea:41:a4:47:39:7d:c1:be:16:75:3f:68:53:02:29:10:
         43:3d:be:b8:5f:e8:56:20:92:c1:f6:4d:48:d6:a3:41:0d:00:
         6c:6f:04:59:c5:48:58:89:29:93:a2:28:e7:bb:db:6b:76:1f:
         a5:54:0d:27:bf:bd:de:5d:77:18:33:aa:75:7d:bd:f2:32:6f:
         5c:c1:f1:9d:9c:5c:1e:6f:c9:8d:51:88:21:9d:6d:0c:02:04:
         a3:de:29:59:3c:e1:df:69:58:56:e5:37:e5:41:6f:ae:57:a8:
         03:a8:5b:d8:a2:e3:ea:ce:e5:ae:66:e9:1a:63:ba:76:06:bb:
         ce:2a:0e:c7:03:c2:63:e6:1e:71:65:a1:2d:45:01:fd:4a:de:
         39:49:94:5b:24:96:79:0f:e6:83:db:22:bb:29:33:3e:2d:cb:
         3e:3a:4d:a0:b9:e2:ae:7c:f0:37:30:c6:80:86:99:b9:6d:c0:
         a3:22:bc:f8:56:06:91:b2:75:c8:64:0a:60:5d:8e:c4:a2:f2:
         29:4a:61:72:77:c3:2f:06:8f:e2:aa:7a:d0:f6:ea:54:f1:5d:
         1d:cb:bd:44
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAfCCGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NjdjMTE0NWQxODU1NDY5OGVkZDk5ZDdjZDE5OWNkM2MwMmIyYTE1MB4XDTIyMDEw
MTA5NTgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDZiMDFjNGFlZjll
YjE3ZGZlYWUwMGE2ZWJhY2Q3ZGY5NjZmNGU5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJ4nOo3JkHlLiT3+94gEAi1132XK+OwmMnj7dgDxx1y3EXF
uH1IlrWXc13gDmq435k9yjdlovKogsVlWNPzq53q7JZTtQJPVLbSn6L4RQEOJBtF
GiVbQ8tIUdaI5IEOrJo+vGcMYf9cRkz2Jhkid60SQNL/BxFu549OwJwBuvEP1jzk
0NBWdJHAbUoJBGDL9hZGttimJ39PeGzIzEIrzHNdmbRsGPLYvaUHwQPIVqqXPNT9
1QY/p2K5kSa0HWdP9/aWGXEicW7mCnE9O9WsvjhfQar68ttbEc4SQDxz6NhPSBZa
F1w/N5UPemvFwOxJHMAqFWhXdGBvCzJiGqyz2EECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTWsBxK756xff6uAKbrrNfflm9OlTAfBgNVHSMEGDAWgBTmfBFF0YVUaY7d
mdfNGZzTwCsqFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVud1JSZEdGVkdtTzNablh6Um1jMDhBcktoVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZTYyZTBjLTI1ZWItNGM5NS04MDAyLTg3ZjFjZjczYTQzYS8x
LzFyQWNTdS1lc1gzLXJnQ202NnpYMzVadlRwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZTYyZTBjLTI1ZWItNGM5NS04MDAyLTg3ZjFjZjczYTQzYS8xLzVud1JSZEdGVkdt
TzNablh6Um1jMDhBcktoVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMJ+5DAPBAIAAjAJAwcAIAEGfCMQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA8uWtmwnhpia0RzhbiY45ukHzcFgMgkaHYspWw
3ad4SvyxCtnXkepBpEc5fcG+FnU/aFMCKRBDPb64X+hWIJLB9k1I1qNBDQBsbwRZ
xUhYiSmToijnu9trdh+lVA0nv73eXXcYM6p1fb3yMm9cwfGdnFweb8mNUYghnW0M
AgSj3ilZPOHfaVhW5TflQW+uV6gDqFvYouPqzuWuZukaY7p2BrvOKg7HA8Jj5h5x
ZaEtRQH9St45SZRbJJZ5D+aD2yK7KTM+Lcs+Ok2gueKufPA3MMaAhpm5bcCjIrz4
VgaRsnXIZApgXY7EovIpSmFyd8MvBo/iqnrQ9upU8V0dy71E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:54 2024 by rpki-client on console-fra.rpki-client.org