Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/dae290-1b84-4fd0-9072-bd7d3451aa66/1/0-UDjgdBPBvXdbPHuz3MrDe-M2I.roa
File:                     0-UDjgdBPBvXdbPHuz3MrDe-M2I.roa (raw, json)
Hash identifier:          JlG2hLridbzUaYeljezW9a+Ebv5sl7lw4M/YTLfxmf0=
Subject key identifier:   D3:E5:03:8E:07:41:3C:1B:D7:75:B3:C7:BB:3D:CC:AC:37:BE:33:62
Certificate issuer:       /CN=1f456cc5b7ce3c2079f786fec1dfbcb252439941
Certificate serial:       6D72
Authority key identifier: 1F:45:6C:C5:B7:CE:3C:20:79:F7:86:FE:C1:DF:BC:B2:52:43:99:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0VsxbfOPCB594b-wd-8slJDmUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/dae290-1b84-4fd0-9072-bd7d3451aa66/1/0-UDjgdBPBvXdbPHuz3MrDe-M2I.roa
Signing time:             Fri 22 Apr 2022 12:54:19 +0000
ROA not before:           Fri 22 Apr 2022 12:54:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34353
IP address blocks:        193.178.141.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 28018 (0x6d72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f456cc5b7ce3c2079f786fec1dfbcb252439941
        Validity
            Not Before: Apr 22 12:54:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3e5038e07413c1bd775b3c7bb3dccac37be3362
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:5a:e6:eb:27:c0:98:b3:c6:08:15:df:df:f8:
                    8f:40:f8:a4:dc:8f:31:90:ab:3e:80:7a:73:ba:01:
                    f3:d7:83:cc:a0:39:77:60:7c:b2:6f:bd:f7:6c:2e:
                    90:43:b9:bb:9a:b5:af:57:30:b3:71:43:da:33:1e:
                    2f:44:1a:88:50:09:4b:b3:19:7a:65:de:4b:2d:1d:
                    e6:80:e2:4d:3a:4e:f6:e9:d7:19:fb:9a:b4:ae:d6:
                    91:3e:cd:d4:ae:70:76:85:ba:a2:f4:c9:40:29:73:
                    e4:17:8e:ff:1f:af:b8:33:d2:39:ab:38:05:33:05:
                    e7:e3:9d:06:dd:0f:d9:a9:d6:e2:bd:e1:5f:aa:08:
                    c7:db:2c:de:ef:1c:27:ad:63:87:eb:a3:81:c6:74:
                    02:f2:39:27:f0:53:cf:df:ec:97:2a:51:4c:c7:dc:
                    0a:ca:55:ed:c7:53:54:d2:8b:b5:da:40:ec:fb:66:
                    03:b9:51:7f:17:cc:08:5c:77:89:d6:6b:8f:17:94:
                    52:4d:1a:83:61:e2:a1:ec:e3:b0:fd:f2:dc:52:47:
                    8b:48:12:07:f4:82:37:a5:28:32:85:ba:6e:ef:5e:
                    ac:ab:f7:ac:0b:9f:62:5d:0d:dc:ec:29:6e:61:6d:
                    2c:48:23:db:06:f3:20:f0:71:76:e7:48:68:d5:cf:
                    dc:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:E5:03:8E:07:41:3C:1B:D7:75:B3:C7:BB:3D:CC:AC:37:BE:33:62
            X509v3 Authority Key Identifier:
                keyid:1F:45:6C:C5:B7:CE:3C:20:79:F7:86:FE:C1:DF:BC:B2:52:43:99:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0VsxbfOPCB594b-wd-8slJDmUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/dae290-1b84-4fd0-9072-bd7d3451aa66/1/0-UDjgdBPBvXdbPHuz3MrDe-M2I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/dae290-1b84-4fd0-9072-bd7d3451aa66/1/H0VsxbfOPCB594b-wd-8slJDmUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:4b:c4:d3:9a:ed:4f:b3:35:c5:2f:47:f7:d2:49:4b:50:92:
         5f:97:d8:1b:5c:cb:92:2c:5c:42:73:9f:2f:32:94:f7:3a:f9:
         f5:05:88:30:a3:87:92:ba:9c:4b:42:e4:a6:d7:fb:fa:10:5a:
         d4:b4:cf:2e:e9:c8:e6:84:2b:f8:56:b4:76:57:d3:a6:ad:c3:
         7f:22:8a:16:74:eb:da:98:95:cc:07:af:1c:2f:71:a3:fa:02:
         15:b9:dc:a7:c8:36:86:5a:31:04:30:63:2e:c8:47:be:da:41:
         e1:bb:12:8c:55:13:8a:14:f0:2f:c4:12:e7:3f:57:e3:32:62:
         3b:e2:b8:f4:14:98:ad:a1:bc:76:d5:48:19:c0:e5:29:36:c7:
         62:04:cc:5a:fe:af:32:5e:dc:0c:2b:44:54:3a:97:31:60:8a:
         da:5a:bc:32:7d:fb:df:bc:26:42:2e:3a:68:51:68:be:0c:08:
         85:cd:b8:0e:d8:8d:dc:a6:a3:8b:11:58:0b:22:d4:57:9a:88:
         46:ce:76:8b:1b:87:30:2f:69:53:1b:a1:92:6c:32:cc:d4:17:
         50:4f:e2:e0:45:6c:95:74:ad:81:90:09:53:9d:5b:ab:b0:d7:
         4d:5a:61:cb:42:7f:9f:bf:f5:43:f1:40:d3:18:59:dd:c6:59:
         50:57:9b:17
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICbXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMWY0
NTZjYzViN2NlM2MyMDc5Zjc4NmZlYzFkZmJjYjI1MjQzOTk0MTAeFw0yMjA0MjIx
MjU0MTlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGQzZTUwMzhlMDc0MTNj
MWJkNzc1YjNjN2JiM2RjY2FjMzdiZTMzNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoWubrJ8CYs8YIFd/f+I9A+KTcjzGQqz6AenO6AfPXg8ygOXdg
fLJvvfdsLpBDubuata9XMLNxQ9ozHi9EGohQCUuzGXpl3kstHeaA4k06Tvbp1xn7
mrSu1pE+zdSucHaFuqL0yUApc+QXjv8fr7gz0jmrOAUzBefjnQbdD9mp1uK94V+q
CMfbLN7vHCetY4fro4HGdALyOSfwU8/f7JcqUUzH3ArKVe3HU1TSi7XaQOz7ZgO5
UX8XzAhcd4nWa48XlFJNGoNh4qHs47D98txSR4tIEgf0gjelKDKFum7vXqyr96wL
n2JdDdzsKW5hbSxII9sG8yDwcXbnSGjVz9zrAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQU0+UDjgdBPBvXdbPHuz3MrDe+M2IwHwYDVR0jBBgwFoAUH0VsxbfOPCB594b+
wd+8slJDmUEwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9I
MFZzeGJmT1BDQjU5NGItd2QtOHNsSkRtVUUuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzFlL2RhZTI5MC0xYjg0LTRmZDAtOTA3Mi1iZDdkMzQ1MWFhNjYvMS8w
LVVEamdkQlBCdlhkYlBIdXozTXJEZS1NMkkucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFlL2Rh
ZTI5MC0xYjg0LTRmZDAtOTA3Mi1iZDdkMzQ1MWFhNjYvMS9IMFZzeGJmT1BDQjU5
NGItd2QtOHNsSkRtVUUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBso0wDQYJKoZIhvcNAQELBQADggEB
AAZLxNOa7U+zNcUvR/fSSUtQkl+X2Btcy5IsXEJzny8ylPc6+fUFiDCjh5K6nEtC
5KbX+/oQWtS0zy7pyOaEK/hWtHZX06atw38iihZ069qYlcwHrxwvcaP6AhW53KfI
NoZaMQQwYy7IR77aQeG7EoxVE4oU8C/EEuc/V+MyYjviuPQUmK2hvHbVSBnA5Sk2
x2IEzFr+rzJe3AwrRFQ6lzFgitpavDJ9+9+8JkIuOmhRaL4MCIXNuA7Yjdymo4sR
WAsi1FeaiEbOdosbhzAvaVMboZJsMszUF1BP4uBFbJV0rYGQCVOdW6uw101aYctC
f5+/9UPxQNMYWd3GWVBXmxc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:48 2024 by rpki-client on console-fra.rpki-client.org