Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/900f41-a2df-4d33-a96d-20f2dcfc853f/1/s8elXW7Bh2rDq2GP5wMSn0FOlsU.roa
File:                     s8elXW7Bh2rDq2GP5wMSn0FOlsU.roa (raw, json)
Hash identifier:          TjjjfRMTJMAxYzAbGBBWT2ryh8SzQdkhOiKb/v+8HD4=
Subject key identifier:   B3:C7:A5:5D:6E:C1:87:6A:C3:AB:61:8F:E7:03:12:9F:41:4E:96:C5
Certificate issuer:       /CN=e40fe224116a9f19d33727fdeb7acf82341ba603
Certificate serial:       0E808706
Authority key identifier: E4:0F:E2:24:11:6A:9F:19:D3:37:27:FD:EB:7A:CF:82:34:1B:A6:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5A_iJBFqnxnTNyf963rPgjQbpgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/900f41-a2df-4d33-a96d-20f2dcfc853f/1/s8elXW7Bh2rDq2GP5wMSn0FOlsU.roa
Signing time:             Sat 01 Jan 2022 12:57:54 +0000
ROA not before:           Sat 01 Jan 2022 12:57:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206764
IP address blocks:        195.85.213.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 243304198 (0xe808706)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e40fe224116a9f19d33727fdeb7acf82341ba603
        Validity
            Not Before: Jan  1 12:57:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b3c7a55d6ec1876ac3ab618fe703129f414e96c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1d:85:6c:69:98:a4:20:42:93:b1:ad:28:04:
                    ec:66:96:c3:02:b2:03:4a:e4:90:4a:f6:c5:5c:11:
                    81:18:ae:ef:cc:bf:8c:e6:14:de:3e:52:ee:76:b6:
                    29:41:4c:3f:94:a1:1a:d3:67:9b:81:d3:18:bf:33:
                    1d:60:5d:f9:5d:06:71:27:0f:ab:70:99:4b:6e:79:
                    5f:81:f7:97:1c:0b:94:1d:f9:b5:86:71:cf:6d:63:
                    fb:ef:19:92:78:84:df:0d:b5:db:24:c4:7d:0f:52:
                    d7:7c:88:41:15:d7:b9:f3:41:0d:48:41:f4:4a:58:
                    df:13:20:5c:4b:a2:48:8f:85:cd:b4:4b:6d:d5:37:
                    e1:14:c9:25:f9:d5:2f:e1:d6:57:a2:d8:60:3b:5a:
                    e3:e8:f3:0a:71:73:bc:c1:31:e9:c0:37:b9:7a:1c:
                    b4:15:2e:09:e9:86:fd:b4:94:08:dc:e2:ac:9c:6b:
                    d9:b5:4f:ee:0a:7d:0c:fa:8d:e3:3a:4d:35:60:9b:
                    c9:57:2c:d3:c0:24:42:ba:42:67:0f:c2:fe:c0:b9:
                    38:49:03:e0:13:dd:17:c8:b1:82:a7:95:a8:58:e2:
                    17:92:fa:3f:3a:ad:c8:e6:65:af:52:82:f3:2f:3a:
                    98:35:32:25:a3:7c:12:e6:c3:49:99:66:27:b6:30:
                    ce:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:C7:A5:5D:6E:C1:87:6A:C3:AB:61:8F:E7:03:12:9F:41:4E:96:C5
            X509v3 Authority Key Identifier:
                keyid:E4:0F:E2:24:11:6A:9F:19:D3:37:27:FD:EB:7A:CF:82:34:1B:A6:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5A_iJBFqnxnTNyf963rPgjQbpgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/900f41-a2df-4d33-a96d-20f2dcfc853f/1/s8elXW7Bh2rDq2GP5wMSn0FOlsU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/900f41-a2df-4d33-a96d-20f2dcfc853f/1/5A_iJBFqnxnTNyf963rPgjQbpgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.85.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:03:be:f6:cd:e1:68:57:bc:28:9d:1a:2d:86:3e:9a:e6:f5:
         1a:da:d2:11:af:1c:37:05:a3:fe:33:44:0a:b6:85:c0:bd:26:
         32:5c:a1:83:2c:bc:dd:3d:27:aa:6d:7b:e1:94:5c:a3:e1:65:
         fa:60:cc:52:0d:48:4f:db:29:90:5c:a5:c9:a3:f4:87:ed:3f:
         f9:34:b3:d4:6d:a3:62:11:6c:30:38:b7:fe:a6:8c:f2:07:0c:
         19:82:85:43:c3:e8:28:bd:76:eb:d4:8f:3b:70:e8:5a:f5:4b:
         be:83:f0:58:5c:7f:28:64:6b:7e:4d:df:2d:69:5c:0b:52:5d:
         11:ec:d6:ef:8d:06:c3:40:68:2d:b7:df:e9:a0:1e:4c:3d:90:
         77:5f:44:f2:ad:20:02:4f:97:bf:de:a4:dc:58:ab:a0:b0:37:
         9e:cd:10:e7:b2:09:ae:ff:d0:29:63:7a:23:4d:32:7f:03:e3:
         42:ac:9d:a0:34:9a:f9:b0:65:f6:91:d0:58:2d:6e:b5:f4:de:
         f6:6f:6e:9e:0d:61:3e:9b:e5:7c:b3:63:ee:f3:a4:8e:61:61:
         81:8f:cf:a6:9e:c2:49:3b:55:05:da:a2:dd:c1:3a:93:91:47:
         99:94:c7:6e:6a:73:ec:ba:0a:d8:30:4f:ff:9e:b7:96:12:e9:
         75:ba:6d:9b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDoCHBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDBmZTIyNDExNmE5ZjE5ZDMzNzI3ZmRlYjdhY2Y4MjM0MWJhNjAzMB4XDTIyMDEw
MTEyNTc1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNjN2E1NWQ2ZWMx
ODc2YWMzYWI2MThmZTcwMzEyOWY0MTRlOTZjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYdhWxpmKQgQpOxrSgE7GaWwwKyA0rkkEr2xVwRgRiu78y/
jOYU3j5S7na2KUFMP5ShGtNnm4HTGL8zHWBd+V0GcScPq3CZS255X4H3lxwLlB35
tYZxz21j++8ZkniE3w212yTEfQ9S13yIQRXXufNBDUhB9EpY3xMgXEuiSI+FzbRL
bdU34RTJJfnVL+HWV6LYYDta4+jzCnFzvMEx6cA3uXoctBUuCemG/bSUCNzirJxr
2bVP7gp9DPqN4zpNNWCbyVcs08AkQrpCZw/C/sC5OEkD4BPdF8ixgqeVqFjiF5L6
PzqtyOZlr1KC8y86mDUyJaN8EubDSZlmJ7Ywzv0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSzx6VdbsGHasOrYY/nAxKfQU6WxTAfBgNVHSMEGDAWgBTkD+IkEWqfGdM3
J/3res+CNBumAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVBX2lKQkZxbnhuVE55Zjk2M3JQZ2pRYnBnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvOTAwZjQxLWEyZGYtNGQzMy1hOTZkLTIwZjJkY2ZjODUzZi8x
L3M4ZWxYVzdCaDJyRHEyR1A1d01TbjBGT2xzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
OTAwZjQxLWEyZGYtNGQzMy1hOTZkLTIwZjJkY2ZjODUzZi8xLzVBX2lKQkZxbnhu
VE55Zjk2M3JQZ2pRYnBnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNV1TANBgkqhkiG9w0BAQsFAAOC
AQEATwO+9s3haFe8KJ0aLYY+mub1GtrSEa8cNwWj/jNECraFwL0mMlyhgyy83T0n
qm174ZRco+Fl+mDMUg1IT9spkFylyaP0h+0/+TSz1G2jYhFsMDi3/qaM8gcMGYKF
Q8PoKL1269SPO3DoWvVLvoPwWFx/KGRrfk3fLWlcC1JdEezW740Gw0BoLbff6aAe
TD2Qd19E8q0gAk+Xv96k3FiroLA3ns0Q57IJrv/QKWN6I00yfwPjQqydoDSa+bBl
9pHQWC1utfTe9m9ung1hPpvlfLNj7vOkjmFhgY/Ppp7CSTtVBdqi3cE6k5FHmZTH
bmpz7LoK2DBP/563lhLpdbptmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org