Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/yKwQoeQqnVJTrwyjk7Hy1OuqG5s.roa
File:                     yKwQoeQqnVJTrwyjk7Hy1OuqG5s.roa (raw, json)
Hash identifier:          VlGT3gMwAeW4HCwaiOiuxzt0JhjafxWajIshBnG3lXQ=
Subject key identifier:   C8:AC:10:A1:E4:2A:9D:52:53:AF:0C:A3:93:B1:F2:D4:EB:AA:1B:9B
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       0184856CB4F560076EAB9B70A7F9B86040D1
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/yKwQoeQqnVJTrwyjk7Hy1OuqG5s.roa
Signing time:             Thu 17 Nov 2022 11:50:04 +0000
ROA not before:           Thu 17 Nov 2022 11:50:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197737
IP address blocks:        195.128.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:85:6c:b4:f5:60:07:6e:ab:9b:70:a7:f9:b8:60:40:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: Nov 17 11:50:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c8ac10a1e42a9d5253af0ca393b1f2d4ebaa1b9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:18:46:5b:6c:ba:5b:7c:15:ae:6e:59:7e:16:
                    8d:60:25:7f:36:4b:27:65:dc:ad:a4:96:04:da:14:
                    54:32:f7:bf:27:0b:e5:bb:24:9b:22:ec:57:13:e1:
                    ed:2c:28:47:05:6b:07:00:29:d3:b1:01:91:74:29:
                    33:ab:72:32:53:e1:ac:ef:19:87:99:99:f8:06:02:
                    09:2c:45:7f:f4:bc:49:3f:65:c5:f7:8f:19:d8:68:
                    8d:75:9b:bd:1e:94:4c:82:d1:bd:4e:c4:c3:ec:36:
                    69:6b:1c:05:89:b5:3f:e4:0c:05:40:aa:34:7c:85:
                    b8:4b:e0:a4:5a:31:57:bf:73:6a:f5:b6:24:73:18:
                    be:6d:50:4f:53:f6:cb:49:2b:8e:8d:74:61:e6:3a:
                    19:00:ca:b6:a8:c1:db:45:58:8f:be:b6:7e:37:19:
                    d5:f2:fa:1a:35:d6:ce:dd:58:93:a6:e8:bf:c3:c6:
                    1f:b3:bd:7e:95:83:b6:36:33:1a:e6:9c:1e:7d:1b:
                    27:0b:51:3c:9d:b7:bb:17:96:61:52:d8:d3:a2:b6:
                    4c:5b:5a:24:ed:85:35:78:88:e8:fc:b6:ee:9b:9c:
                    21:bf:ba:c1:2e:00:7b:6a:b9:7a:fc:5f:09:a2:5f:
                    16:33:91:35:12:49:2f:2c:66:15:3f:49:36:48:68:
                    d3:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:AC:10:A1:E4:2A:9D:52:53:AF:0C:A3:93:B1:F2:D4:EB:AA:1B:9B
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/yKwQoeQqnVJTrwyjk7Hy1OuqG5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.128.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:54:19:3e:b9:de:e7:01:77:5c:5a:cd:d5:30:ad:50:65:13:
         f3:29:c8:e1:fa:2a:66:46:c5:fd:96:59:4a:47:84:07:ae:6e:
         9d:05:e5:53:83:c4:75:e6:90:28:75:3f:19:0a:f4:d7:56:77:
         39:29:fb:6d:61:07:f2:79:a4:8b:01:ee:11:20:99:e0:39:b5:
         64:41:b4:ae:e4:18:04:b6:9d:3f:c4:d5:60:a0:9c:f0:37:2b:
         fc:b4:b2:4d:6f:88:0c:e5:69:0c:98:e5:5b:81:f3:65:00:5f:
         a2:ac:25:45:f1:0f:a1:c2:05:0c:8d:01:91:a1:07:f4:9f:62:
         1e:8c:1a:fe:58:ca:e6:ac:04:7f:6f:70:c6:9b:30:13:29:0a:
         10:b6:66:eb:d0:af:b6:6c:43:ff:1b:c6:93:03:5b:e7:33:1b:
         b9:1f:95:d4:66:db:3c:47:1c:5a:b4:c7:a7:9d:09:b7:81:54:
         0e:03:74:82:9a:16:35:6f:6e:92:53:99:cf:d1:3b:46:72:e4:
         b0:9c:e3:f4:38:2a:a7:2f:4e:e0:01:aa:40:41:52:2e:66:73:
         dd:b4:df:89:f5:a9:c1:bc:18:94:8a:9f:31:cd:d3:f0:88:3d:
         10:e2:88:34:bd:f1:32:f3:d5:d3:d0:3f:4c:ff:ec:b8:00:da:
         d1:7f:3f:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSFbLT1YAduq5twp/m4YEDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjIxMTE3MTE1MDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGFjMTBhMWU0MmE5ZDUyNTNhZjBjYTM5M2IxZjJkNGViYWExYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthhGW2y6W3wVrm5ZfhaNYCV/Nksn
ZdytpJYE2hRUMve/JwvluySbIuxXE+HtLChHBWsHACnTsQGRdCkzq3IyU+Gs7xmH
mZn4BgIJLEV/9LxJP2XF948Z2GiNdZu9HpRMgtG9TsTD7DZpaxwFibU/5AwFQKo0
fIW4S+CkWjFXv3Nq9bYkcxi+bVBPU/bLSSuOjXRh5joZAMq2qMHbRViPvrZ+NxnV
8voaNdbO3ViTpui/w8Yfs71+lYO2NjMa5pwefRsnC1E8nbe7F5ZhUtjTorZMW1ok
7YU1eIjo/Lbum5whv7rBLgB7arl6/F8Jol8WM5E1EkkvLGYVP0k2SGjTvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMisEKHkKp1SU68Mo5Ox8tTrqhubMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEveUt3UW9lUXFuVkpUcnd5ams3SHkxT3VxRzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4CTMA0G
CSqGSIb3DQEBCwUAA4IBAQAsVBk+ud7nAXdcWs3VMK1QZRPzKcjh+ipmRsX9lllK
R4QHrm6dBeVTg8R15pAodT8ZCvTXVnc5KfttYQfyeaSLAe4RIJngObVkQbSu5BgE
tp0/xNVgoJzwNyv8tLJNb4gM5WkMmOVbgfNlAF+irCVF8Q+hwgUMjQGRoQf0n2Ie
jBr+WMrmrAR/b3DGmzATKQoQtmbr0K+2bEP/G8aTA1vnMxu5H5XUZts8RxxatMen
nQm3gVQOA3SCmhY1b26SU5nP0TtGcuSwnOP0OCqnL07gAapAQVIuZnPdtN+J9anB
vBiUip8xzdPwiD0Q4og0vfEy89XT0D9M/+y4ANrRfz9S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:44 2024 by rpki-client on console-fra.rpki-client.org