Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/379e32-02e0-4339-882b-2f75195216b9/1/iJVF4dd5577QfQ1P9NnbYOOfwRk.roa
File:                     iJVF4dd5577QfQ1P9NnbYOOfwRk.roa (raw, json)
Hash identifier:          jglpCoR4pGmHQ21lEAFVX+ffuZZpFi7Pfx4bYsfxBOo=
Subject key identifier:   88:95:45:E1:D7:79:E7:BE:D0:7D:0D:4F:F4:D9:DB:60:E3:9F:C1:19
Certificate issuer:       /CN=d152b4c1f5d484eefc2b1597f455003ab654b055
Certificate serial:       060884B3
Authority key identifier: D1:52:B4:C1:F5:D4:84:EE:FC:2B:15:97:F4:55:00:3A:B6:54:B0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0VK0wfXUhO78KxWX9FUAOrZUsFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/379e32-02e0-4339-882b-2f75195216b9/1/iJVF4dd5577QfQ1P9NnbYOOfwRk.roa
Signing time:             Sat 01 Jan 2022 03:58:46 +0000
ROA not before:           Sat 01 Jan 2022 03:58:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209721
IP address blocks:        194.26.120.0/21 maxlen: 21
                          2001:67c:2e0c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 101221555 (0x60884b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d152b4c1f5d484eefc2b1597f455003ab654b055
        Validity
            Not Before: Jan  1 03:58:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=889545e1d779e7bed07d0d4ff4d9db60e39fc119
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b3:63:37:d8:c5:af:cd:94:18:7c:5c:7a:29:
                    30:f1:8e:f5:ae:c5:de:a6:f0:2b:a1:1d:7e:19:c0:
                    05:e1:23:05:89:75:64:3c:f4:09:95:ed:5d:a8:bf:
                    2d:c1:6f:84:02:7a:56:1f:74:eb:6c:11:d8:a3:ce:
                    f7:63:19:41:63:3b:3a:c0:f2:2d:52:6a:17:f7:fc:
                    ff:4d:39:63:1d:53:4e:91:2f:8c:40:ec:ad:db:e0:
                    5b:f5:66:91:a8:1c:c1:26:ec:7b:2b:3e:a0:df:6d:
                    49:09:0b:29:45:6d:c7:46:c4:c9:39:a9:67:13:e4:
                    4b:3c:51:b7:e2:7c:d4:7e:9c:4f:d0:62:5d:58:14:
                    a7:f4:e9:23:21:bd:ff:5c:61:4e:a4:f6:1e:47:4c:
                    3a:14:1f:58:1f:6e:48:ea:4b:ee:c2:51:09:a9:32:
                    a0:ae:07:f6:18:f5:27:d9:5b:dc:85:b5:62:74:62:
                    c9:5d:9a:ec:11:d7:48:50:b2:2b:6d:37:bc:c8:42:
                    c1:fa:60:33:67:b8:f8:4c:db:0a:ee:62:82:a5:dc:
                    f7:87:e4:07:70:d0:3c:12:3e:d6:c1:14:a1:6f:3d:
                    64:28:dc:b9:42:6e:4a:a5:37:fc:30:bc:cf:d5:fa:
                    94:41:25:3e:42:fd:db:71:61:d1:df:e0:3e:f2:e0:
                    1b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:95:45:E1:D7:79:E7:BE:D0:7D:0D:4F:F4:D9:DB:60:E3:9F:C1:19
            X509v3 Authority Key Identifier:
                keyid:D1:52:B4:C1:F5:D4:84:EE:FC:2B:15:97:F4:55:00:3A:B6:54:B0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0VK0wfXUhO78KxWX9FUAOrZUsFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/379e32-02e0-4339-882b-2f75195216b9/1/iJVF4dd5577QfQ1P9NnbYOOfwRk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/379e32-02e0-4339-882b-2f75195216b9/1/0VK0wfXUhO78KxWX9FUAOrZUsFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.120.0/21
                IPv6:
                  2001:67c:2e0c::/48

    Signature Algorithm: sha256WithRSAEncryption
         16:36:12:91:4d:43:0d:ea:bc:08:3e:34:90:e0:d9:aa:d2:63:
         38:88:05:cd:1f:74:ec:18:ed:a7:f7:ec:6f:49:c2:25:48:ed:
         1c:05:12:65:ce:dd:f3:a5:21:ad:e7:ad:8e:cd:9e:7a:00:b1:
         ba:6c:13:3d:75:96:1b:28:0c:c7:00:d0:49:6a:26:20:d5:79:
         4e:4b:34:74:48:00:d7:32:d3:31:a2:d1:f0:82:a5:d9:35:da:
         71:58:dd:05:c8:38:73:b4:ea:f6:e2:56:33:45:cd:05:f5:7c:
         b7:d0:94:80:1d:5e:99:e5:3a:ae:00:a1:eb:c3:43:ab:c5:0a:
         be:f0:a4:0d:c5:43:b1:11:b1:c1:4b:e9:3a:10:1a:d9:f5:44:
         c2:72:04:64:31:ec:4e:bb:e9:ab:5d:54:69:b6:85:9e:b9:23:
         71:9e:07:6c:95:e5:b8:06:ed:72:f9:b8:12:43:0c:f6:bc:9a:
         9f:4e:2d:4c:37:21:1f:c9:60:7d:c5:c6:06:90:6e:11:ee:dc:
         ab:e8:13:89:60:19:5b:2b:9a:1d:a4:29:e3:a8:c2:58:ae:32:
         78:c1:84:41:95:75:6e:e2:9f:41:d0:3d:46:cb:8b:4c:f5:70:
         dd:de:f7:7f:f0:c0:73:59:3c:a3:48:89:86:ce:92:48:f9:15:
         a8:8b:39:47
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBgiEszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTUyYjRjMWY1ZDQ4NGVlZmMyYjE1OTdmNDU1MDAzYWI2NTRiMDU1MB4XDTIyMDEw
MTAzNTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODg5NTQ1ZTFkNzc5
ZTdiZWQwN2QwZDRmZjRkOWRiNjBlMzlmYzExOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKzYzfYxa/NlBh8XHopMPGO9a7F3qbwK6EdfhnABeEjBYl1
ZDz0CZXtXai/LcFvhAJ6Vh9062wR2KPO92MZQWM7OsDyLVJqF/f8/005Yx1TTpEv
jEDsrdvgW/VmkagcwSbseys+oN9tSQkLKUVtx0bEyTmpZxPkSzxRt+J81H6cT9Bi
XVgUp/TpIyG9/1xhTqT2HkdMOhQfWB9uSOpL7sJRCakyoK4H9hj1J9lb3IW1YnRi
yV2a7BHXSFCyK203vMhCwfpgM2e4+EzbCu5igqXc94fkB3DQPBI+1sEUoW89ZCjc
uUJuSqU3/DC8z9X6lEElPkL923Fh0d/gPvLgG0ECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSIlUXh13nnvtB9DU/02dtg45/BGTAfBgNVHSMEGDAWgBTRUrTB9dSE7vwr
FZf0VQA6tlSwVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBWSzB3ZlhVaE83OEt4V1g5RlVBT3JaVXNGVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvMzc5ZTMyLTAyZTAtNDMzOS04ODJiLTJmNzUxOTUyMTZiOS8x
L2lKVkY0ZGQ1NTc3UWZRMVA5Tm5iWU9PZndSay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
Mzc5ZTMyLTAyZTAtNDMzOS04ODJiLTJmNzUxOTUyMTZiOS8xLzBWSzB3ZlhVaE83
OEt4V1g5RlVBT3JaVXNGVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8IaeDAPBAIAAjAJAwcAIAEGfC4M
MA0GCSqGSIb3DQEBCwUAA4IBAQAWNhKRTUMN6rwIPjSQ4Nmq0mM4iAXNH3TsGO2n
9+xvScIlSO0cBRJlzt3zpSGt562OzZ56ALG6bBM9dZYbKAzHANBJaiYg1XlOSzR0
SADXMtMxotHwgqXZNdpxWN0FyDhztOr24lYzRc0F9Xy30JSAHV6Z5TquAKHrw0Or
xQq+8KQNxUOxEbHBS+k6EBrZ9UTCcgRkMexOu+mrXVRptoWeuSNxngdsleW4Bu1y
+bgSQwz2vJqfTi1MNyEfyWB9xcYGkG4R7tyr6BOJYBlbK5odpCnjqMJYrjJ4wYRB
lXVu4p9B0D1Gy4tM9XDd3vd/8MBzWTyjSImGzpJI+RWoizlH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:40 2024 by rpki-client on console-fra.rpki-client.org