Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/8oakiNTIFoFJcVj5uZdyU7VN66k.roa
File:                     8oakiNTIFoFJcVj5uZdyU7VN66k.roa (raw, json)
Hash identifier:          8v2TaJtLZGv66hULa4rSGdkXYG8N7AUeHMRFSyJKqOc=
Subject key identifier:   F2:86:A4:88:D4:C8:16:81:49:71:58:F9:B9:97:72:53:B5:4D:EB:A9
Certificate issuer:       /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial:       387C1331
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/8oakiNTIFoFJcVj5uZdyU7VN66k.roa
Signing time:             Sat 01 Jan 2022 16:10:56 +0000
ROA not before:           Sat 01 Jan 2022 16:10:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6453
IP address blocks:        217.196.16.0/20 maxlen: 20
                          77.245.96.0/20 maxlen: 20
                          93.185.64.0/20 maxlen: 20
                          95.141.128.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 947655473 (0x387c1331)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
        Validity
            Not Before: Jan  1 16:10:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f286a488d4c81681497158f9b9977253b54deba9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:04:7e:c0:59:d2:9c:1c:5a:20:ed:19:c0:2d:
                    69:53:e6:7c:e3:c1:77:45:51:ac:75:e0:69:ec:14:
                    74:59:fa:21:93:3f:35:fc:1c:20:62:e0:e7:6a:48:
                    18:f9:e2:32:d8:ee:bc:d2:81:46:db:eb:e8:f6:77:
                    d9:82:e9:4c:8e:45:71:14:f7:66:26:17:45:04:18:
                    22:38:38:d2:f4:13:38:41:62:a7:b8:76:a1:be:92:
                    2b:74:df:63:e2:37:dc:f2:2b:bd:b2:df:31:d2:4d:
                    d2:c3:c8:7a:7a:fd:03:13:47:0a:cb:7f:c4:6f:52:
                    07:1e:32:f8:bd:4a:4f:38:7b:47:fc:38:46:68:45:
                    1c:f8:00:7a:77:15:b9:07:84:43:43:4d:12:b8:78:
                    89:66:11:09:41:43:73:ac:07:c4:76:8e:07:1c:e6:
                    db:7c:c0:59:ec:9a:31:9d:a2:6e:54:46:5f:97:1d:
                    69:24:e1:37:13:98:82:a4:2d:51:18:88:53:a0:27:
                    97:ed:01:00:69:77:05:01:fd:94:05:a7:73:90:f4:
                    95:c4:c3:31:2a:83:bb:c8:42:6a:de:12:2e:c8:98:
                    a2:28:97:1c:db:cf:1d:15:4e:b2:6c:5a:82:50:1f:
                    6b:df:9a:90:15:d8:e2:d6:e7:6e:d3:51:77:dd:7b:
                    ea:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:86:A4:88:D4:C8:16:81:49:71:58:F9:B9:97:72:53:B5:4D:EB:A9
            X509v3 Authority Key Identifier:
                keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/8oakiNTIFoFJcVj5uZdyU7VN66k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.245.96.0/20
                  93.185.64.0/20
                  95.141.128.0/20
                  217.196.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         56:a7:f9:b9:0b:0d:8c:90:7f:3e:08:17:a3:1b:47:e0:fa:c6:
         7c:78:9b:31:29:ae:fc:6b:ec:04:44:1b:23:6f:15:51:51:20:
         d8:55:22:b9:42:71:8a:bf:29:1f:e4:da:9a:f5:8d:2c:f5:f2:
         93:4f:2e:9e:1c:aa:b2:8a:b5:cd:a1:5f:46:95:d1:7c:db:5d:
         60:81:a4:ce:1b:8a:ec:4f:11:24:f1:cb:a2:91:43:fc:1a:18:
         19:b3:bf:f0:0b:a1:3e:a3:76:0b:f1:20:50:80:22:86:16:0e:
         44:74:86:a6:ee:32:eb:9f:af:ee:5d:a5:3e:4e:98:de:89:de:
         4d:a8:74:13:51:74:de:eb:2e:48:09:e9:d3:a4:8c:34:f8:df:
         7e:f2:72:05:b5:20:cb:11:7f:6f:03:1a:64:2a:9d:02:af:d7:
         ce:9f:de:b7:e3:c6:ac:21:13:4d:a0:dd:5b:2b:25:f0:18:f2:
         9e:8c:0f:1e:e0:8a:1f:34:4c:18:48:69:70:98:1a:44:fd:ee:
         fd:d2:f0:95:c7:15:34:18:09:58:c8:0d:ac:d3:03:95:3e:74:
         95:42:91:00:a7:ad:5f:23:0b:c6:76:b1:0d:0f:80:d2:89:da:
         be:1d:03:80:c0:2b:c0:da:bc:e3:e4:11:28:10:b7:c8:1a:1c:
         e9:51:58:ef
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEOHwTMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDIxMGYyMjU5MDkzYWFmNDUyODU5MjJhNTg4ZTlhNjYxYWJhOWZhMB4XDTIyMDEw
MTE2MTA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI4NmE0ODhkNGM4
MTY4MTQ5NzE1OGY5Yjk5NzcyNTNiNTRkZWJhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgEfsBZ0pwcWiDtGcAtaVPmfOPBd0VRrHXgaewUdFn6IZM/
NfwcIGLg52pIGPniMtjuvNKBRtvr6PZ32YLpTI5FcRT3ZiYXRQQYIjg40vQTOEFi
p7h2ob6SK3TfY+I33PIrvbLfMdJN0sPIenr9AxNHCst/xG9SBx4y+L1KTzh7R/w4
RmhFHPgAencVuQeEQ0NNErh4iWYRCUFDc6wHxHaOBxzm23zAWeyaMZ2iblRGX5cd
aSThNxOYgqQtURiIU6Anl+0BAGl3BQH9lAWnc5D0lcTDMSqDu8hCat4SLsiYoiiX
HNvPHRVOsmxaglAfa9+akBXY4tbnbtNRd9176iMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTyhqSI1MgWgUlxWPm5l3JTtU3rqTAfBgNVHSMEGDAWgBSdIQ8iWQk6r0Uo
WSKliOmmYaup+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TRVBJbGtKT3E5RktGa2lwWWpwcG1HcnFmby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvOTM2ODZkLTExZjUtNGUzZS1iNWM0LTQzODQzYzJlOTQzYi8x
LzhvYWtpTlRJRm9GSmNWajV1WmR5VTdWTjY2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
OTM2ODZkLTExZjUtNGUzZS1iNWM0LTQzODQzYzJlOTQzYi8xL25TRVBJbGtKT3E5
RktGa2lwWWpwcG1HcnFmby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBE31YAMEBF25QAMEBF+NgAMEBNnE
EDANBgkqhkiG9w0BAQsFAAOCAQEAVqf5uQsNjJB/PggXoxtH4PrGfHibMSmu/Gvs
BEQbI28VUVEg2FUiuUJxir8pH+TamvWNLPXyk08unhyqsoq1zaFfRpXRfNtdYIGk
zhuK7E8RJPHLopFD/BoYGbO/8AuhPqN2C/EgUIAihhYORHSGpu4y65+v7l2lPk6Y
3oneTah0E1F03usuSAnp06SMNPjffvJyBbUgyxF/bwMaZCqdAq/Xzp/et+PGrCET
TaDdWysl8BjynowPHuCKHzRMGEhpcJgaRP3u/dLwlccVNBgJWMgNrNMDlT50lUKR
AKetXyMLxnaxDQ+A0onavh0DgMArwNq84+QRKBC3yBoc6VFY7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:17 2024 by rpki-client on console-fra.rpki-client.org