Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/CHuXYDZpw975BivpQOQr8xjMdOg.roa
File:                     CHuXYDZpw975BivpQOQr8xjMdOg.roa (raw, json)
Hash identifier:          jZ6QqHEEilpL/0Q8FQJc7X0ONdIlvyBC3HlFA0dN7Fo=
Subject key identifier:   08:7B:97:60:36:69:C3:DE:F9:06:2B:E9:40:E4:2B:F3:18:CC:74:E8
Certificate issuer:       /CN=3c8d19d9240191c36a974b62df93c221436d9bdd
Certificate serial:       018514BFCFA619A9E8C2A14A3C5CB619A2C5
Authority key identifier: 3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/CHuXYDZpw975BivpQOQr8xjMdOg.roa
Signing time:             Thu 15 Dec 2022 07:46:32 +0000
ROA not before:           Thu 15 Dec 2022 07:46:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34984
IP address blocks:        195.226.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:14:bf:cf:a6:19:a9:e8:c2:a1:4a:3c:5c:b6:19:a2:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c8d19d9240191c36a974b62df93c221436d9bdd
        Validity
            Not Before: Dec 15 07:46:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=087b97603669c3def9062be940e42bf318cc74e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:64:61:22:53:56:7a:97:33:22:af:e0:51:dc:
                    20:69:60:7a:f9:44:f9:31:23:d2:ba:46:a6:35:f0:
                    e5:95:59:a3:46:92:7e:60:81:87:82:cf:60:6f:c1:
                    fe:88:bc:be:c5:5d:9d:8e:c2:5c:f0:54:81:de:5a:
                    31:c9:95:db:59:a7:da:db:1b:a6:21:74:63:65:41:
                    ba:ab:a7:ef:43:1f:12:5a:b2:d1:ef:3e:0b:55:cf:
                    79:f2:11:03:75:a2:d3:60:7c:03:37:ab:27:6a:2b:
                    d1:95:60:85:31:6e:f3:0b:f9:6f:40:f5:b5:c5:ba:
                    68:58:46:f0:69:c1:d5:b2:62:7c:89:06:37:43:34:
                    06:30:5e:9c:8b:98:41:99:e3:29:d9:9d:7a:08:72:
                    55:91:83:04:0c:46:91:b9:74:16:57:d2:c0:4f:67:
                    83:14:99:20:ff:9a:9c:eb:3c:7d:3e:c7:99:0e:85:
                    dd:0d:cb:e1:fb:03:0c:45:fa:e3:57:3d:08:07:ba:
                    9e:14:a2:11:11:6f:80:0d:c7:4e:74:01:70:4c:fe:
                    c0:65:50:df:94:99:16:ad:14:ef:d7:5a:a1:3c:5c:
                    52:33:70:58:3a:55:3a:9f:bd:34:33:be:28:8e:ee:
                    50:5b:47:89:a1:1a:b3:5c:ed:0c:9f:53:52:91:49:
                    1c:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:7B:97:60:36:69:C3:DE:F9:06:2B:E9:40:E4:2B:F3:18:CC:74:E8
            X509v3 Authority Key Identifier:
                keyid:3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/CHuXYDZpw975BivpQOQr8xjMdOg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.226.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:01:5e:ce:96:c9:6f:5a:b1:a3:e1:bd:69:ac:01:a3:07:90:
         c7:c7:25:98:e3:e1:e5:47:3d:8d:d5:77:79:10:ab:66:1b:60:
         4e:26:f9:58:13:2c:74:89:a5:af:5c:30:61:07:c5:25:50:e3:
         33:5d:d6:c7:91:d6:a5:8d:39:1e:19:57:71:60:c9:01:1d:02:
         5a:84:aa:da:b8:75:e4:de:59:2e:e3:8b:84:13:ce:40:72:95:
         b3:ac:12:a1:7a:65:ec:5c:13:01:e9:e4:aa:c3:47:5c:9d:53:
         b6:aa:10:8b:84:4a:48:20:bb:db:06:e1:3f:39:c6:71:19:21:
         af:70:36:54:47:4c:74:38:1d:19:68:73:72:7e:ed:6c:f4:e9:
         d6:08:58:d7:32:9f:7f:d7:fc:eb:70:27:c8:cf:6f:b2:e0:90:
         74:e5:02:fe:e2:b3:f0:a2:1f:71:cb:b4:91:f0:78:db:29:11:
         10:d4:73:32:4a:ee:49:0a:36:92:00:36:fc:8e:8a:ac:4e:7a:
         db:c3:12:63:91:80:77:06:ba:c3:0a:15:4c:77:42:9c:74:3d:
         0b:3f:c0:ea:2b:37:6b:b2:dd:95:1e:93:bb:b5:51:23:00:9d:
         70:a2:30:4b:eb:95:08:0f:28:ea:35:e2:91:eb:e9:e8:40:11:
         5e:58:ba:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUUv8+mGanowqFKPFy2GaLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGQxOWQ5MjQwMTkxYzM2YTk3NGI2MmRmOTNjMjIxNDM2
ZDliZGQwHhcNMjIxMjE1MDc0NjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdiOTc2MDM2NjljM2RlZjkwNjJiZTk0MGU0MmJmMzE4Y2M3NGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmRhIlNWepczIq/gUdwgaWB6+UT5
MSPSukamNfDllVmjRpJ+YIGHgs9gb8H+iLy+xV2djsJc8FSB3loxyZXbWafa2xum
IXRjZUG6q6fvQx8SWrLR7z4LVc958hEDdaLTYHwDN6snaivRlWCFMW7zC/lvQPW1
xbpoWEbwacHVsmJ8iQY3QzQGMF6ci5hBmeMp2Z16CHJVkYMEDEaRuXQWV9LAT2eD
FJkg/5qc6zx9PseZDoXdDcvh+wMMRfrjVz0IB7qeFKIREW+ADcdOdAFwTP7AZVDf
lJkWrRTv11qhPFxSM3BYOlU6n700M74oju5QW0eJoRqzXO0Mn1NSkUkcbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAh7l2A2acPe+QYr6UDkK/MYzHToMB8GA1UdIwQY
MBaAFDyNGdkkAZHDapdLYt+TwiFDbZvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAt
MTAzNTdiODdjYjIzLzEvQ0h1WFlEWnB3OTc1Qml2cFFPUXI4eGpNZE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAtMTAzNTdiODdjYjIz
LzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+LEMA0G
CSqGSIb3DQEBCwUAA4IBAQA3AV7OlslvWrGj4b1prAGjB5DHxyWY4+HlRz2N1Xd5
EKtmG2BOJvlYEyx0iaWvXDBhB8UlUOMzXdbHkdaljTkeGVdxYMkBHQJahKrauHXk
3lku44uEE85AcpWzrBKhemXsXBMB6eSqw0dcnVO2qhCLhEpIILvbBuE/OcZxGSGv
cDZUR0x0OB0ZaHNyfu1s9OnWCFjXMp9/1/zrcCfIz2+y4JB05QL+4rPwoh9xy7SR
8HjbKREQ1HMySu5JCjaSADb8joqsTnrbwxJjkYB3BrrDChVMd0KcdD0LP8DqKzdr
st2VHpO7tVEjAJ1wojBL65UIDyjqNeKR6+noQBFeWLq/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:03 2024 by rpki-client on console-fra.rpki-client.org