Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_K_whHPTdyXpCN0V5RsTPg24z5U.roa
File:                     _K_whHPTdyXpCN0V5RsTPg24z5U.roa (raw, json)
Hash identifier:          iJZH2yOVUIw2vTmbaYGz/Q0/ZFQDRFSkBh7yq+efYjc=
Subject key identifier:   FC:AF:F0:84:73:D3:77:25:E9:08:DD:15:E5:1B:13:3E:0D:B8:CF:95
Certificate issuer:       /CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Certificate serial:       0207AF21
Authority key identifier: FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_K_whHPTdyXpCN0V5RsTPg24z5U.roa
Signing time:             Tue 12 Apr 2022 13:14:16 +0000
ROA not before:           Tue 12 Apr 2022 13:14:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        195.210.109.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34058017 (0x207af21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
        Validity
            Not Before: Apr 12 13:14:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fcaff08473d37725e908dd15e51b133e0db8cf95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:0e:f3:93:ef:17:7a:bc:0a:e8:e2:95:ee:19:
                    62:d7:32:0a:a2:fd:a3:f5:3f:b1:d4:37:45:ac:2b:
                    39:d7:e9:60:71:e4:4d:d5:45:33:87:d9:34:2b:20:
                    07:e1:4b:83:cd:61:2e:ce:80:0b:87:b3:3c:77:83:
                    ac:16:6e:f8:e5:55:38:b1:ff:a1:c7:67:5d:c7:bf:
                    45:07:a8:fe:a9:0b:2c:ef:a2:cf:75:37:a6:a5:42:
                    e4:90:01:d3:72:d9:f7:eb:91:97:cf:dc:ab:88:a0:
                    48:93:66:d0:5a:93:4d:41:45:02:f0:7d:9d:0f:86:
                    8b:b4:0d:5a:d9:60:a4:8a:7b:d4:6e:68:5f:36:34:
                    53:92:d1:91:5c:a8:04:6b:36:6d:67:6f:6e:9e:50:
                    e8:40:ec:48:2d:12:9d:3a:8d:5a:a0:5e:11:03:31:
                    80:7b:16:2d:01:2f:65:b9:6d:37:10:2f:54:27:f0:
                    31:48:07:53:70:fa:81:97:1c:2f:d8:b5:9a:37:c2:
                    80:36:b1:cf:5f:5b:2d:7c:cb:b0:1d:ae:c5:ec:f1:
                    bb:a5:31:11:92:d2:b1:b3:df:5f:32:2e:14:9c:03:
                    46:a6:24:15:d4:16:e0:ae:0c:61:92:4f:6c:71:29:
                    d5:dd:73:3c:bb:36:b1:0b:c4:56:c6:3f:ff:16:af:
                    50:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:AF:F0:84:73:D3:77:25:E9:08:DD:15:E5:1B:13:3E:0D:B8:CF:95
            X509v3 Authority Key Identifier:
                keyid:FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_K_whHPTdyXpCN0V5RsTPg24z5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.210.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d5:0a:e6:2d:51:ac:fc:18:2a:e3:39:3c:76:f3:da:00:6c:b6:
         32:1c:27:02:eb:2d:52:38:b9:63:94:5f:68:df:fa:9b:c5:5f:
         eb:27:33:13:7d:d6:bd:5f:f6:80:1f:51:0d:df:b6:80:9c:79:
         2b:78:1f:04:32:4b:5e:8e:15:c8:f5:20:dd:c6:41:3b:33:b2:
         89:4f:14:f7:02:0a:23:e2:37:38:37:5c:33:b8:71:7e:33:8d:
         b3:50:bf:3c:4d:d5:a6:97:05:4b:27:d0:15:27:ac:c1:20:57:
         7a:89:c8:88:21:60:bb:ac:7c:71:a0:a6:a5:b7:3c:02:4f:7b:
         17:00:89:db:4a:dc:d7:c7:65:57:c7:50:fa:31:07:7a:b2:cf:
         80:e9:a3:00:da:f8:12:2f:fb:1e:48:a6:de:bd:f5:b0:2c:f2:
         8f:67:d2:9f:52:ad:78:3c:c6:dc:6f:28:ba:73:4c:ab:75:1d:
         5a:96:69:fa:dc:ca:59:64:69:85:4e:3b:8c:90:6b:51:a0:60:
         81:21:9c:93:41:ce:9d:79:87:71:bc:98:ae:96:7a:e0:53:dc:
         42:4b:37:96:e0:c7:c3:29:8a:6c:f6:ee:09:01:03:44:25:35:
         68:2c:00:91:e4:37:e5:f7:bf:71:ff:ea:aa:f9:42:f8:79:d6:
         3a:de:dd:e2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAgevITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZWI4NGQ5ZjhmOWUzMzE1NjU4OWE1ZWJmNzIyMjAzYTg5OWUwYTUxMB4XDTIyMDQx
MjEzMTQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmNhZmYwODQ3M2Qz
NzcyNWU5MDhkZDE1ZTUxYjEzM2UwZGI4Y2Y5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4O85PvF3q8Cujile4ZYtcyCqL9o/U/sdQ3RawrOdfpYHHk
TdVFM4fZNCsgB+FLg81hLs6AC4ezPHeDrBZu+OVVOLH/ocdnXce/RQeo/qkLLO+i
z3U3pqVC5JAB03LZ9+uRl8/cq4igSJNm0FqTTUFFAvB9nQ+Gi7QNWtlgpIp71G5o
XzY0U5LRkVyoBGs2bWdvbp5Q6EDsSC0SnTqNWqBeEQMxgHsWLQEvZbltNxAvVCfw
MUgHU3D6gZccL9i1mjfCgDaxz19bLXzLsB2uxezxu6UxEZLSsbPfXzIuFJwDRqYk
FdQW4K4MYZJPbHEp1d1zPLs2sQvEVsY//xavUJ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT8r/CEc9N3JekI3RXlGxM+DbjPlTAfBgNVHSMEGDAWgBT+uE2fj54zFWWJ
pev3IiA6iZ4KUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19yaE5uNC1lTXhWbGlhWHI5eUlnT29tZUNsRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvNjE0ZTVjLTI5OWItNGZkNC1hMGJjLWFmMWNjMjMxN2UzOS8x
L19LX3doSFBUZHlYcENOMFY1UnNUUGcyNHo1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
NjE0ZTVjLTI5OWItNGZkNC1hMGJjLWFmMWNjMjMxN2UzOS8xL19yaE5uNC1lTXhW
bGlhWHI5eUlnT29tZUNsRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPSbTANBgkqhkiG9w0BAQsFAAOC
AQEA1QrmLVGs/Bgq4zk8dvPaAGy2MhwnAustUji5Y5RfaN/6m8Vf6yczE33WvV/2
gB9RDd+2gJx5K3gfBDJLXo4VyPUg3cZBOzOyiU8U9wIKI+I3ODdcM7hxfjONs1C/
PE3VppcFSyfQFSeswSBXeonIiCFgu6x8caCmpbc8Ak97FwCJ20rc18dlV8dQ+jEH
erLPgOmjANr4Ei/7Hkim3r31sCzyj2fSn1KteDzG3G8ounNMq3UdWpZp+tzKWWRp
hU47jJBrUaBggSGck0HOnXmHcbyYrpZ64FPcQks3luDHwymKbPbuCQEDRCU1aCwA
keQ35fe/cf/qqvlC+HnWOt7d4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:48 2024 by rpki-client on console-ams.rpki-client.org