Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/5j785oOMujagkzOpg7orEBgeOT0.roa
File:                     5j785oOMujagkzOpg7orEBgeOT0.roa (raw, json)
Hash identifier:          WfEvOov3iGIhqKKJwMTDmKg7edQfuxVOPkrqXfxXVqE=
Subject key identifier:   E6:3E:FC:E6:83:8C:BA:36:A0:93:33:A9:83:BA:2B:10:18:1E:39:3D
Certificate issuer:       /CN=52056867e4d2885e99b549ed6fb786330adf8f44
Certificate serial:       06BCFD19
Authority key identifier: 52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/5j785oOMujagkzOpg7orEBgeOT0.roa
Signing time:             Sat 01 Jan 2022 12:02:28 +0000
ROA not before:           Sat 01 Jan 2022 12:02:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        195.93.178.0/23 maxlen: 24
                          178.239.128.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113048857 (0x6bcfd19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52056867e4d2885e99b549ed6fb786330adf8f44
        Validity
            Not Before: Jan  1 12:02:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e63efce6838cba36a09333a983ba2b10181e393d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ec:3d:90:af:22:b1:d7:d2:34:b7:66:a8:15:
                    9f:9c:f7:e4:dc:05:a0:55:27:5a:3e:ec:26:4e:d2:
                    a9:7c:da:2e:cb:c5:83:5c:40:1f:f6:51:39:97:d8:
                    fb:ce:3e:19:fe:93:72:87:ef:f3:24:18:2c:48:93:
                    89:88:d8:58:ff:41:1e:34:04:ea:2b:e8:17:4d:cc:
                    6e:ae:14:16:c5:76:4d:6f:1b:7f:6d:43:4b:bc:8d:
                    e6:29:37:96:53:38:35:57:f5:65:48:70:76:47:6f:
                    bb:7c:c1:57:97:6b:4f:4d:0f:4d:6e:14:43:23:a1:
                    09:88:68:d5:57:d7:45:ed:fe:cd:63:be:6a:92:29:
                    48:66:43:2a:d9:0b:2c:a0:37:e9:6e:2e:48:8c:63:
                    b3:4d:f4:ab:35:53:6f:59:4d:93:ea:3b:8e:bf:e0:
                    a5:2e:bd:fb:ba:bd:b2:06:13:e4:ac:0e:9c:48:eb:
                    9f:8c:ec:c9:a0:14:9e:07:e6:6e:39:09:c8:f2:88:
                    d4:40:51:f7:4f:53:0d:64:1b:54:25:ec:7b:ff:a1:
                    bc:b3:43:0b:59:58:3e:e5:d8:34:af:ea:17:aa:5a:
                    53:36:81:04:5d:07:ae:34:d9:42:58:c4:3d:96:a6:
                    bc:41:e5:5d:86:01:eb:b0:30:06:5c:e5:f4:3c:ed:
                    d0:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:3E:FC:E6:83:8C:BA:36:A0:93:33:A9:83:BA:2B:10:18:1E:39:3D
            X509v3 Authority Key Identifier:
                keyid:52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/5j785oOMujagkzOpg7orEBgeOT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.239.128.0/20
                  195.93.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:ff:38:e9:0e:22:43:0c:67:19:8b:99:5f:c6:60:48:00:f5:
         2b:8f:fc:bd:d3:25:2e:77:54:dd:65:32:06:2c:64:52:ef:94:
         ae:fd:1f:83:23:c8:53:de:e0:dc:60:11:79:e3:e8:7d:2c:ba:
         15:2b:0d:1f:82:c4:fb:97:da:cf:30:f9:02:f6:54:d1:95:a5:
         d0:bc:5d:c2:cd:2a:85:ce:7d:6e:e1:7e:94:48:8b:5f:1c:c5:
         88:77:47:ee:de:f0:f7:5a:09:72:63:22:e9:96:f3:f9:47:49:
         c2:16:97:e2:ba:ee:0a:f8:ea:ec:7c:c0:47:93:81:7c:c1:02:
         9a:2f:3f:23:ae:0b:0a:6c:32:2e:c6:c8:b6:c4:b3:de:8b:00:
         5c:4f:5a:11:f5:e7:aa:33:1d:30:80:ba:7e:9a:81:c9:e6:76:
         cb:46:cd:29:3c:06:6e:9e:aa:fe:b3:77:3f:77:f9:ef:c7:16:
         72:ea:dd:db:33:1a:22:f8:16:c2:05:4d:54:5e:63:27:1f:55:
         32:22:92:ee:fb:c9:11:4e:ea:a0:b1:57:2d:3b:82:ba:d2:87:
         fb:5e:9f:20:5e:bb:0b:6d:6c:08:9c:73:30:0c:b6:db:0d:bc:
         28:75:21:5b:e6:c1:90:72:24:34:50:b7:c5:53:f0:6c:ee:03:
         6b:06:c5:2e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBrz9GTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjA1Njg2N2U0ZDI4ODVlOTliNTQ5ZWQ2ZmI3ODYzMzBhZGY4ZjQ0MB4XDTIyMDEw
MTEyMDIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTYzZWZjZTY4Mzhj
YmEzNmEwOTMzM2E5ODNiYTJiMTAxODFlMzkzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjsPZCvIrHX0jS3ZqgVn5z35NwFoFUnWj7sJk7SqXzaLsvF
g1xAH/ZROZfY+84+Gf6Tcofv8yQYLEiTiYjYWP9BHjQE6ivoF03Mbq4UFsV2TW8b
f21DS7yN5ik3llM4NVf1ZUhwdkdvu3zBV5drT00PTW4UQyOhCYho1VfXRe3+zWO+
apIpSGZDKtkLLKA36W4uSIxjs030qzVTb1lNk+o7jr/gpS69+7q9sgYT5KwOnEjr
n4zsyaAUngfmbjkJyPKI1EBR909TDWQbVCXse/+hvLNDC1lYPuXYNK/qF6paUzaB
BF0HrjTZQljEPZamvEHlXYYB67AwBlzl9Dzt0JECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTmPvzmg4y6NqCTM6mDuisQGB45PTAfBgNVHSMEGDAWgBRSBWhn5NKIXpm1
Se1vt4YzCt+PRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VnVm9aLVRTaUY2WnRVbnRiN2VHTXdyZmowUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvYjI3ZDQ1LTA4Y2MtNDdhMS1hYzVhLTVmNDgzNjA4M2EzMC8x
LzVqNzg1b09NdWphZ2t6T3BnN29yRUJnZU9UMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
YjI3ZDQ1LTA4Y2MtNDdhMS1hYzVhLTVmNDgzNjA4M2EzMC8xL1VnVm9aLVRTaUY2
WnRVbnRiN2VHTXdyZmowUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBLLvgAMEAcNdsjANBgkqhkiG9w0B
AQsFAAOCAQEACP846Q4iQwxnGYuZX8ZgSAD1K4/8vdMlLndU3WUyBixkUu+Urv0f
gyPIU97g3GAReePofSy6FSsNH4LE+5fazzD5AvZU0ZWl0Lxdws0qhc59buF+lEiL
XxzFiHdH7t7w91oJcmMi6Zbz+UdJwhaX4rruCvjq7HzAR5OBfMECmi8/I64LCmwy
LsbItsSz3osAXE9aEfXnqjMdMIC6fpqByeZ2y0bNKTwGbp6q/rN3P3f578cWcurd
2zMaIvgWwgVNVF5jJx9VMiKS7vvJEU7qoLFXLTuCutKH+16fIF67C21sCJxzMAy2
2w28KHUhW+bBkHIkNFC3xVPwbO4DawbFLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:27 2024 by rpki-client on console-fra.rpki-client.org