Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/7w8snYQkW1ADMgtgeqVcqOptr3Y.roa
File:                     7w8snYQkW1ADMgtgeqVcqOptr3Y.roa (raw, json)
Hash identifier:          Ogxou5f/pMFzrEWxtDew9KWQMFCzpJXFKnDgqHUaoIo=
Subject key identifier:   EF:0F:2C:9D:84:24:5B:50:03:32:0B:60:7A:A5:5C:A8:EA:6D:AF:76
Certificate issuer:       /CN=a1c1be0981a4e7576c562f6f09e65c17c180e3ca
Certificate serial:       0BB44B32
Authority key identifier: A1:C1:BE:09:81:A4:E7:57:6C:56:2F:6F:09:E6:5C:17:C1:80:E3:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ocG-CYGk51dsVi9vCeZcF8GA48o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/7w8snYQkW1ADMgtgeqVcqOptr3Y.roa
Signing time:             Sat 01 Jan 2022 12:04:08 +0000
ROA not before:           Sat 01 Jan 2022 12:04:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8874
IP address blocks:        194.120.55.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 196365106 (0xbb44b32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1c1be0981a4e7576c562f6f09e65c17c180e3ca
        Validity
            Not Before: Jan  1 12:04:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ef0f2c9d84245b5003320b607aa55ca8ea6daf76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:a5:88:3a:9b:12:17:60:4c:93:50:52:dc:59:
                    63:e4:be:36:2c:74:b3:52:7e:af:87:34:62:b9:96:
                    c6:36:81:a3:09:04:8d:dd:36:bd:1b:3d:d1:89:b1:
                    1a:98:95:42:87:a4:16:6d:48:87:b5:ee:fe:ac:63:
                    08:fb:16:36:50:59:2f:b5:6a:f8:08:57:d8:b5:27:
                    5e:3d:4d:a6:a5:f9:cf:ee:37:84:7b:b8:2a:f8:81:
                    ff:81:7d:fb:ad:7a:31:82:81:4a:12:bd:dc:d8:2f:
                    ba:ec:0b:8f:ab:1d:6f:a8:26:82:c3:81:b1:07:1c:
                    cc:76:d0:6b:2e:f2:b9:6f:30:eb:7e:7f:04:5f:86:
                    3d:d1:fd:34:4e:07:b4:18:4c:c3:31:32:04:4b:dd:
                    bc:be:39:63:a3:33:b5:78:71:20:06:07:b1:3f:a3:
                    ac:74:50:ad:b6:e9:dd:dd:02:be:1b:d4:e1:f3:0a:
                    0e:1e:25:20:ce:05:35:af:0b:c0:4f:f8:b8:ac:6f:
                    60:51:00:fb:f0:85:7b:44:86:55:b0:19:c5:c7:ed:
                    1e:e7:d7:52:b7:a8:37:94:e5:dd:a8:75:f8:f9:10:
                    f1:81:55:fe:5b:af:5c:82:57:41:d3:53:0a:24:32:
                    66:72:0d:53:04:bd:e6:a6:2e:1c:13:41:69:2b:b4:
                    1d:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:0F:2C:9D:84:24:5B:50:03:32:0B:60:7A:A5:5C:A8:EA:6D:AF:76
            X509v3 Authority Key Identifier:
                keyid:A1:C1:BE:09:81:A4:E7:57:6C:56:2F:6F:09:E6:5C:17:C1:80:E3:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ocG-CYGk51dsVi9vCeZcF8GA48o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/7w8snYQkW1ADMgtgeqVcqOptr3Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/81e5a5-ac39-43c1-872f-98dfc2ee6e0c/1/ocG-CYGk51dsVi9vCeZcF8GA48o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.120.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:7d:1d:eb:30:d3:5a:c4:ab:f5:4b:f7:fb:59:06:3c:a6:5d:
         d9:2a:da:3e:8f:86:fe:6d:36:8d:02:7b:b4:5f:c7:26:ac:d7:
         e2:f1:c7:c6:d9:35:0a:a3:4d:6e:96:5c:52:e9:a9:73:b3:4d:
         40:11:16:d9:d1:6d:6d:73:a4:02:f8:f5:51:9b:d3:0e:dc:78:
         0d:1b:b8:22:7f:b5:0b:b8:36:02:69:b0:4a:59:0c:55:42:33:
         4b:7c:5a:1b:5f:a9:dd:e7:92:5f:f6:ec:39:c0:34:ac:cb:18:
         96:02:df:12:be:5e:af:62:b6:8e:2d:8b:85:b6:6c:0e:04:75:
         20:cb:58:6a:43:09:0b:ed:8c:e5:3d:9d:12:29:11:16:82:07:
         aa:44:20:dd:fa:4a:d2:25:0b:54:84:0f:0d:70:8b:06:1f:ad:
         7c:21:1c:ee:93:ae:e5:cf:37:9a:e4:8a:cb:f9:c5:a0:93:fe:
         e4:a4:38:7f:3d:91:78:4b:ad:b1:cf:3c:a0:4e:00:f2:be:a4:
         85:7c:bc:83:e9:56:e5:1e:1e:b2:a3:ad:a7:e4:4a:6f:df:9f:
         f1:dd:36:61:db:21:b8:8b:b1:c0:01:1d:e6:b8:f9:00:e1:56:
         8b:e2:f1:07:23:6d:5d:c8:86:4d:a7:99:5c:32:f6:de:1b:c0:
         d4:74:75:1c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC7RLMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MWMxYmUwOTgxYTRlNzU3NmM1NjJmNmYwOWU2NWMxN2MxODBlM2NhMB4XDTIyMDEw
MTEyMDQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWYwZjJjOWQ4NDI0
NWI1MDAzMzIwYjYwN2FhNTVjYThlYTZkYWY3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiliDqbEhdgTJNQUtxZY+S+Nix0s1J+r4c0YrmWxjaBowkE
jd02vRs90YmxGpiVQoekFm1Ih7Xu/qxjCPsWNlBZL7Vq+AhX2LUnXj1NpqX5z+43
hHu4KviB/4F9+616MYKBShK93NgvuuwLj6sdb6gmgsOBsQcczHbQay7yuW8w635/
BF+GPdH9NE4HtBhMwzEyBEvdvL45Y6MztXhxIAYHsT+jrHRQrbbp3d0CvhvU4fMK
Dh4lIM4FNa8LwE/4uKxvYFEA+/CFe0SGVbAZxcftHufXUreoN5Tl3ah1+PkQ8YFV
/luvXIJXQdNTCiQyZnINUwS95qYuHBNBaSu0Hb0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTvDyydhCRbUAMyC2B6pVyo6m2vdjAfBgNVHSMEGDAWgBShwb4JgaTnV2xW
L28J5lwXwYDjyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29jRy1DWUdrNTFkc1ZpOXZDZVpjRjhHQTQ4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvODFlNWE1LWFjMzktNDNjMS04NzJmLTk4ZGZjMmVlNmUwYy8x
Lzd3OHNuWVFrVzFBRE1ndGdlcVZjcU9wdHIzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
ODFlNWE1LWFjMzktNDNjMS04NzJmLTk4ZGZjMmVlNmUwYy8xL29jRy1DWUdrNTFk
c1ZpOXZDZVpjRjhHQTQ4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJ4NzANBgkqhkiG9w0BAQsFAAOC
AQEAU30d6zDTWsSr9Uv3+1kGPKZd2SraPo+G/m02jQJ7tF/HJqzX4vHHxtk1CqNN
bpZcUumpc7NNQBEW2dFtbXOkAvj1UZvTDtx4DRu4In+1C7g2AmmwSlkMVUIzS3xa
G1+p3eeSX/bsOcA0rMsYlgLfEr5er2K2ji2LhbZsDgR1IMtYakMJC+2M5T2dEikR
FoIHqkQg3fpK0iULVIQPDXCLBh+tfCEc7pOu5c83muSKy/nFoJP+5KQ4fz2ReEut
sc88oE4A8r6khXy8g+lW5R4esqOtp+RKb9+f8d02YdshuIuxwAEd5rj5AOFWi+Lx
ByNtXciGTaeZXDL23hvA1HR1HA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:24 2024 by rpki-client on console-fra.rpki-client.org