Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/X_niY3aD2yVulCHVyjZ1VQs-IrM.roa
File:                     X_niY3aD2yVulCHVyjZ1VQs-IrM.roa (raw, json)
Hash identifier:          bZjM3XbIlj3HIco0Rynz8M0CLyABWjjT12CWOw/syxc=
Subject key identifier:   5F:F9:E2:63:76:83:DB:25:6E:94:21:D5:CA:36:75:55:0B:3E:22:B3
Certificate issuer:       /CN=5df40ee7489e95c57f104271919da268bc513f9b
Certificate serial:       0108D383
Authority key identifier: 5D:F4:0E:E7:48:9E:95:C5:7F:10:42:71:91:9D:A2:68:BC:51:3F:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XfQO50ielcV_EEJxkZ2iaLxRP5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/X_niY3aD2yVulCHVyjZ1VQs-IrM.roa
Signing time:             Tue 08 Mar 2022 11:58:47 +0000
ROA not before:           Tue 08 Mar 2022 11:58:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212797
IP address blocks:        194.76.58.0/23 maxlen: 23
                          194.76.104.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17355651 (0x108d383)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5df40ee7489e95c57f104271919da268bc513f9b
        Validity
            Not Before: Mar  8 11:58:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5ff9e2637683db256e9421d5ca3675550b3e22b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:8e:3e:3b:8b:7f:3b:ed:87:39:f0:da:c3:78:
                    f9:42:d9:bb:31:6f:93:5e:b0:94:b5:0b:42:4a:b9:
                    a4:72:24:2a:c1:15:05:05:51:03:d2:a7:f7:b9:c2:
                    b8:8e:4d:38:1e:b3:50:03:dc:21:13:26:e0:e7:2d:
                    1e:fb:b3:c3:4c:55:b7:c2:3b:b5:54:a4:1a:e5:7c:
                    7c:71:80:93:db:f9:8e:9b:7a:48:6e:45:3d:32:45:
                    a5:60:94:04:cb:17:f2:3f:b0:61:80:24:6d:7d:67:
                    83:66:ed:d5:a1:19:04:90:9e:6d:ad:d8:27:08:56:
                    d7:18:fe:79:1d:3a:98:c0:38:f5:89:f3:e1:e6:e5:
                    80:b9:be:a6:1f:5e:e4:00:5e:19:4f:f9:57:67:15:
                    d8:20:5c:9c:e9:2b:68:4b:89:9e:b8:c5:91:8d:06:
                    bd:f0:89:96:2e:6d:a9:5b:08:21:74:7e:9a:70:f1:
                    80:18:70:e1:b1:26:4e:f1:5c:56:5d:2e:10:a8:21:
                    71:6c:ad:d2:62:99:6b:36:c3:39:3a:f5:18:9f:80:
                    ed:64:2f:4d:50:43:8e:3f:5a:d1:71:67:58:65:da:
                    ca:a8:7c:64:bb:45:65:06:02:3a:6c:1c:0a:60:6b:
                    e6:da:8e:95:59:23:9c:0b:aa:ff:7f:6a:48:79:58:
                    c7:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:F9:E2:63:76:83:DB:25:6E:94:21:D5:CA:36:75:55:0B:3E:22:B3
            X509v3 Authority Key Identifier:
                keyid:5D:F4:0E:E7:48:9E:95:C5:7F:10:42:71:91:9D:A2:68:BC:51:3F:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfQO50ielcV_EEJxkZ2iaLxRP5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/X_niY3aD2yVulCHVyjZ1VQs-IrM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/XfQO50ielcV_EEJxkZ2iaLxRP5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.76.58.0/23
                  194.76.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         71:12:30:ea:6a:a7:c4:fb:d9:a3:8f:78:3e:fc:6e:e1:3a:db:
         10:a1:18:10:93:61:cf:e9:5c:6e:2b:02:f3:61:e4:1e:39:9d:
         78:e9:9c:71:de:cd:8a:ad:bd:c8:b8:f4:68:a8:7e:3f:9c:3d:
         1d:17:ad:93:42:a1:ec:6d:c7:a2:08:60:e7:f5:54:1f:01:f7:
         2b:8a:63:28:57:ea:2d:b3:80:4a:35:d4:da:ef:ee:a2:15:5a:
         c7:b5:03:35:63:1f:cd:42:15:62:2b:d3:50:84:b6:10:8d:f3:
         09:cf:9d:8b:c5:66:ac:fd:7a:fe:02:24:98:af:58:c9:07:2f:
         07:08:97:6c:30:fb:63:8c:ce:d1:d6:24:4e:31:c9:2f:ba:2b:
         88:48:0f:fe:00:ac:8a:fd:60:0d:77:27:b5:3c:ea:aa:98:e7:
         d5:d5:fb:a6:c1:01:bb:e2:08:10:c6:44:a1:93:a1:17:32:73:
         43:d2:f8:ac:f9:24:fc:cb:9b:8a:62:91:d7:3a:05:29:a0:fc:
         ac:b2:94:21:d0:f3:6c:3d:2d:4d:ec:5f:56:8d:79:65:31:ac:
         cc:e5:38:b4:de:65:a7:8a:66:18:5f:da:aa:73:4d:38:f6:2f:
         15:64:b7:0b:aa:91:dc:8b:ac:ba:df:d6:6e:b0:54:6f:f5:fe:
         8e:e2:c2:85
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAQjTgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGY0MGVlNzQ4OWU5NWM1N2YxMDQyNzE5MTlkYTI2OGJjNTEzZjliMB4XDTIyMDMw
ODExNTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZmOWUyNjM3Njgz
ZGIyNTZlOTQyMWQ1Y2EzNjc1NTUwYjNlMjJiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOOPjuLfzvthznw2sN4+ULZuzFvk16wlLULQkq5pHIkKsEV
BQVRA9Kn97nCuI5NOB6zUAPcIRMm4OctHvuzw0xVt8I7tVSkGuV8fHGAk9v5jpt6
SG5FPTJFpWCUBMsX8j+wYYAkbX1ng2bt1aEZBJCeba3YJwhW1xj+eR06mMA49Ynz
4eblgLm+ph9e5ABeGU/5V2cV2CBcnOkraEuJnrjFkY0GvfCJli5tqVsIIXR+mnDx
gBhw4bEmTvFcVl0uEKghcWyt0mKZazbDOTr1GJ+A7WQvTVBDjj9a0XFnWGXayqh8
ZLtFZQYCOmwcCmBr5tqOlVkjnAuq/39qSHlYx28CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRf+eJjdoPbJW6UIdXKNnVVCz4iszAfBgNVHSMEGDAWgBRd9A7nSJ6VxX8Q
QnGRnaJovFE/mzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hmUU81MGllbGNWX0VFSnhrWjJpYUx4UlA1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYTdlODUwLTAwYmUtNGRjMi04YzQxLTM4NjZiOTVmNDg1Zi8x
L1hfbmlZM2FEMnlWdWxDSFZ5aloxVlFzLUlyTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YTdlODUwLTAwYmUtNGRjMi04YzQxLTM4NjZiOTVmNDg1Zi8xL1hmUU81MGllbGNW
X0VFSnhrWjJpYUx4UlA1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcJMOgMEAcJMaDANBgkqhkiG9w0B
AQsFAAOCAQEAcRIw6mqnxPvZo494Pvxu4TrbEKEYEJNhz+lcbisC82HkHjmdeOmc
cd7Niq29yLj0aKh+P5w9HRetk0Kh7G3Hoghg5/VUHwH3K4pjKFfqLbOASjXU2u/u
ohVax7UDNWMfzUIVYivTUIS2EI3zCc+di8VmrP16/gIkmK9YyQcvBwiXbDD7Y4zO
0dYkTjHJL7oriEgP/gCsiv1gDXcntTzqqpjn1dX7psEBu+IIEMZEoZOhFzJzQ9L4
rPkk/MubimKR1zoFKaD8rLKUIdDzbD0tTexfVo15ZTGszOU4tN5lp4pmGF/aqnNN
OPYvFWS3C6qR3Iusut/WbrBUb/X+juLChQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:55 2024 by rpki-client on console-fra.rpki-client.org