Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/I8gELyIBgdP9fK8YbPekBU_AEBk.roa
File:                     I8gELyIBgdP9fK8YbPekBU_AEBk.roa (raw, json)
Hash identifier:          o/+FW6d/4Bfm5Nw0iXUWl0Gm25hGLUKLxaUYgtVcMzk=
Subject key identifier:   23:C8:04:2F:22:01:81:D3:FD:7C:AF:18:6C:F7:A4:05:4F:C0:10:19
Certificate issuer:       /CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Certificate serial:       503DFF
Authority key identifier: C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/I8gELyIBgdP9fK8YbPekBU_AEBk.roa
Signing time:             Sat 01 Jan 2022 01:55:44 +0000
ROA not before:           Sat 01 Jan 2022 01:55:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13130
IP address blocks:        194.114.76.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5258751 (0x503dff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
        Validity
            Not Before: Jan  1 01:55:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=23c8042f220181d3fd7caf186cf7a4054fc01019
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:3d:e4:c4:11:cb:81:e2:56:41:7c:c3:29:3c:
                    2e:aa:86:83:de:65:50:66:96:4f:60:71:ee:88:12:
                    e2:1f:ca:d7:06:7b:df:a0:60:44:a1:2d:e3:ba:6c:
                    73:76:08:39:5e:b1:08:69:94:d7:da:1c:e4:72:62:
                    84:8b:4d:7c:0e:64:12:0f:ea:61:cb:b6:d3:df:cd:
                    11:e2:19:9d:a9:80:ef:d8:54:af:74:f4:43:79:ca:
                    80:d9:d2:26:e5:e5:07:6e:cf:42:b1:ab:fd:b0:63:
                    b1:b8:c9:71:f7:d3:81:3c:40:b9:d4:41:35:02:d9:
                    cc:24:08:d6:25:d3:50:3e:f9:ec:a8:08:18:7e:d8:
                    2e:27:bb:91:a1:34:95:52:1d:0b:16:26:82:e9:b9:
                    af:df:ae:c3:c6:be:22:c8:7c:2d:7f:fc:56:06:93:
                    05:83:cc:c8:75:35:ce:56:05:4a:15:77:fb:9e:89:
                    38:52:b1:66:40:9e:e6:ab:fa:6e:7f:10:88:c6:41:
                    11:c4:3a:d1:16:e0:4a:26:72:dc:98:01:29:4b:5f:
                    63:fe:97:4b:e9:94:91:b4:da:be:10:26:4b:ab:24:
                    29:76:04:7b:db:dd:af:3c:57:4d:f8:d4:55:23:e5:
                    60:37:2f:d1:08:27:ee:61:37:cc:6d:dc:11:a9:14:
                    a3:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:C8:04:2F:22:01:81:D3:FD:7C:AF:18:6C:F7:A4:05:4F:C0:10:19
            X509v3 Authority Key Identifier:
                keyid:C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/I8gELyIBgdP9fK8YbPekBU_AEBk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.114.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:cd:24:ed:18:81:c9:1e:af:ad:db:20:9b:53:99:67:12:ae:
         f8:80:0b:8c:20:e4:64:46:40:6e:e9:d5:9d:52:b0:0c:b1:10:
         23:e2:94:66:43:c4:3c:a0:a5:47:b7:d6:54:67:68:49:e6:34:
         27:ec:74:db:78:33:60:59:3a:b7:18:7b:da:2d:cf:ff:d7:e7:
         7e:e5:49:49:b4:2d:6c:38:36:56:76:13:91:3a:14:9d:bd:f2:
         90:48:34:8a:92:dd:a6:b5:72:76:7f:dc:af:de:34:42:5e:78:
         ef:00:af:12:ac:14:ca:a8:ab:96:88:40:6f:84:ec:37:f0:d6:
         6c:48:ed:74:e5:b7:16:8e:e2:1e:1b:e0:72:f0:f2:34:b0:65:
         ed:55:1e:a2:cd:05:4c:86:a0:30:bc:3b:13:7a:3f:94:df:cb:
         e9:a0:89:6c:83:81:46:c0:03:7d:7b:29:e1:e1:09:6e:d5:5e:
         e7:e6:57:a8:38:6b:d0:d2:e2:57:30:26:e9:98:d0:7d:27:5e:
         a9:83:06:75:b9:90:ce:ec:d7:00:3d:84:4e:26:fb:56:5f:3c:
         c1:2d:7d:54:a7:b8:4f:74:c9:4f:ed:58:5c:a1:0f:0d:43:95:
         35:0c:76:2f:cb:45:46:c2:78:c5:5d:c9:96:eb:9f:80:6d:48:
         2f:93:5a:69
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDUD3/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM3
ZjA0Yjc4YjJlZWRmOTk4ZWRkNWNjMWU4ODY3MWM4ZDEwZjE4NjUwHhcNMjIwMTAx
MDE1NTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyM2M4MDQyZjIyMDE4
MWQzZmQ3Y2FmMTg2Y2Y3YTQwNTRmYzAxMDE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3D3kxBHLgeJWQXzDKTwuqoaD3mVQZpZPYHHuiBLiH8rXBnvf
oGBEoS3jumxzdgg5XrEIaZTX2hzkcmKEi018DmQSD+phy7bT380R4hmdqYDv2FSv
dPRDecqA2dIm5eUHbs9Csav9sGOxuMlx99OBPEC51EE1AtnMJAjWJdNQPvnsqAgY
ftguJ7uRoTSVUh0LFiaC6bmv367Dxr4iyHwtf/xWBpMFg8zIdTXOVgVKFXf7nok4
UrFmQJ7mq/pufxCIxkERxDrRFuBKJnLcmAEpS19j/pdL6ZSRtNq+ECZLqyQpdgR7
292vPFdN+NRVI+VgNy/RCCfuYTfMbdwRqRSjRQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCPIBC8iAYHT/XyvGGz3pAVPwBAZMB8GA1UdIwQYMBaAFMfwS3iy7t+Zjt1c
weiGccjRDxhlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzctZjQzNzgzOTA5NWQxLzEv
SThnRUx5SUJnZFA5Zks4WWJQZWtCVV9BRUJrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80
NzM5MjQtNmY5OS00NzNkLWEwNzctZjQzNzgzOTA5NWQxLzEveF9CTGVMTHUzNW1P
M1Z6QjZJWnh5TkVQR0dVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnJMMA0GCSqGSIb3DQEBCwUAA4IB
AQAhzSTtGIHJHq+t2yCbU5lnEq74gAuMIORkRkBu6dWdUrAMsRAj4pRmQ8Q8oKVH
t9ZUZ2hJ5jQn7HTbeDNgWTq3GHvaLc//1+d+5UlJtC1sODZWdhOROhSdvfKQSDSK
kt2mtXJ2f9yv3jRCXnjvAK8SrBTKqKuWiEBvhOw38NZsSO105bcWjuIeG+By8PI0
sGXtVR6izQVMhqAwvDsTej+U38vpoIlsg4FGwAN9eynh4Qlu1V7n5leoOGvQ0uJX
MCbpmNB9J16pgwZ1uZDO7NcAPYROJvtWXzzBLX1Up7hPdMlP7VhcoQ8NQ5U1DHYv
y0VGwnjFXcmW65+AbUgvk1pp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:57 2024 by rpki-client on console-fra.rpki-client.org