Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/zm5KeNz0EZrGWtCMQOijSWhTOIk.roa
File:                     zm5KeNz0EZrGWtCMQOijSWhTOIk.roa (raw, json)
Hash identifier:          FnMMWX7la1JaeVItBxtCy9LiWkwrUl9fwgMJvPOc4fQ=
Subject key identifier:   CE:6E:4A:78:DC:F4:11:9A:C6:5A:D0:8C:40:E8:A3:49:68:53:38:89
Certificate issuer:       /CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Certificate serial:       025EFBAE
Authority key identifier: 84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/zm5KeNz0EZrGWtCMQOijSWhTOIk.roa
Signing time:             Sat 01 Jan 2022 12:58:02 +0000
ROA not before:           Sat 01 Jan 2022 12:58:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        194.56.216.0/23 maxlen: 23
                          194.56.222.0/23 maxlen: 23
                          2a0f:13c6::/31 maxlen: 31
                          2a0f:13c0::/31 maxlen: 31
                          2a0f:13c2::/31 maxlen: 31
                          2a0f:13c4::/31 maxlen: 31

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 39779246 (0x25efbae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84695c825129e3654a508b3bc529fe3a5b3839b1
        Validity
            Not Before: Jan  1 12:58:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ce6e4a78dcf4119ac65ad08c40e8a34968533889
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:dd:31:25:de:06:fa:ec:f3:e6:c8:26:c2:d1:
                    63:95:9d:37:ce:01:ea:40:81:95:01:47:77:4e:d8:
                    50:e8:74:19:85:d4:1a:9d:66:5d:b9:7b:d5:e8:64:
                    9d:83:9d:c5:7d:b2:19:87:6d:02:01:e3:a6:36:43:
                    06:80:7d:54:51:01:53:f0:b0:7c:12:7a:55:cc:e7:
                    3d:de:dd:69:fa:e1:e1:d1:44:7a:3e:85:5d:30:22:
                    38:70:4c:47:5a:13:bf:78:1e:c9:1d:61:6d:6f:88:
                    1e:6d:ac:9d:74:53:09:81:2d:bf:53:06:ef:52:54:
                    ce:2b:c9:db:5f:8f:b6:db:ed:f0:e2:9f:81:7c:7d:
                    86:da:fe:50:19:ea:6f:9a:da:b9:1f:f5:c1:8b:ac:
                    da:5a:02:d6:74:1b:30:bf:00:38:a4:d1:27:fc:f9:
                    ba:69:af:4f:6d:a7:d0:95:b9:fc:d0:6f:93:b3:78:
                    0d:7a:f9:8b:79:d2:ae:6b:54:34:4a:fc:78:cc:7c:
                    49:ff:40:75:63:4d:4c:1e:a3:52:0a:45:32:fc:80:
                    da:4e:d4:ce:8b:89:34:7a:3a:49:11:79:3b:fe:f5:
                    3b:a4:93:92:a8:98:5e:c0:b8:4a:a5:5c:22:46:48:
                    41:51:11:94:0b:24:60:22:9c:06:69:d2:be:28:a3:
                    7f:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:6E:4A:78:DC:F4:11:9A:C6:5A:D0:8C:40:E8:A3:49:68:53:38:89
            X509v3 Authority Key Identifier:
                keyid:84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/zm5KeNz0EZrGWtCMQOijSWhTOIk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.56.216.0/23
                  194.56.222.0/23
                IPv6:
                  2a0f:13c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         21:d9:47:52:fb:5e:a6:8f:83:e8:fb:27:5b:46:68:9b:f7:ce:
         0f:5d:44:9a:5a:30:71:9c:fc:10:db:fb:23:63:86:63:e5:67:
         8d:e8:10:8c:f6:68:80:83:5f:3d:92:3c:e2:7f:4e:bd:d9:e8:
         8b:dd:c5:61:7b:12:7c:b8:1c:87:0b:6d:43:98:ed:d8:77:2d:
         df:29:91:8f:82:4e:c5:74:fe:d9:c8:2c:44:bd:da:e7:fb:4b:
         82:3a:bf:11:36:c3:f0:1e:d9:2e:ad:81:44:aa:77:bd:74:15:
         4f:51:1f:73:8d:4d:68:d6:1e:25:39:27:fd:5a:6c:f1:fa:bd:
         e4:68:58:0e:ca:41:23:a5:07:36:3a:75:ae:9b:7b:2c:f5:ea:
         3a:48:8b:ac:09:84:26:6e:b5:fc:14:59:fc:20:38:25:b8:7d:
         36:78:62:55:a8:15:4e:86:7b:ed:29:0f:37:50:4f:d8:a9:18:
         00:91:95:a9:dc:90:11:af:be:12:0c:e4:ff:7c:23:95:d4:c4:
         87:66:4d:8c:b1:05:21:10:b2:e1:d6:58:da:8e:81:c1:e8:16:
         09:a1:f3:e6:80:4a:9e:21:9f:e2:83:b3:4b:c0:99:4c:00:9c:
         f9:0e:4b:06:f8:9e:1f:99:f3:a3:73:cc:bf:48:ed:42:2b:31:
         da:7d:d0:03
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAl77rjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDY5NWM4MjUxMjllMzY1NGE1MDhiM2JjNTI5ZmUzYTViMzgzOWIxMB4XDTIyMDEw
MTEyNTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2U2ZTRhNzhkY2Y0
MTE5YWM2NWFkMDhjNDBlOGEzNDk2ODUzMzg4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbdMSXeBvrs8+bIJsLRY5WdN84B6kCBlQFHd07YUOh0GYXU
Gp1mXbl71ehknYOdxX2yGYdtAgHjpjZDBoB9VFEBU/CwfBJ6VcznPd7dafrh4dFE
ej6FXTAiOHBMR1oTv3geyR1hbW+IHm2snXRTCYEtv1MG71JUzivJ21+Pttvt8OKf
gXx9htr+UBnqb5rauR/1wYus2loC1nQbML8AOKTRJ/z5ummvT22n0JW5/NBvk7N4
DXr5i3nSrmtUNEr8eMx8Sf9AdWNNTB6jUgpFMvyA2k7UzouJNHo6SRF5O/71O6ST
kqiYXsC4SqVcIkZIQVERlAskYCKcBmnSviijf2cCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTObkp43PQRmsZa0IxA6KNJaFM4iTAfBgNVHSMEGDAWgBSEaVyCUSnjZUpQ
izvFKf46Wzg5sTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hHbGNnbEVwNDJWS1VJczd4U24tT2xzNE9iRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvYTBlOTBmLTIxOTgtNDQyZS05NWZjLWI3ZjYzNDIzZjE5Mi8x
L3ptNUtlTnowRVpyR1d0Q01RT2lqU1doVE9Jay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
YTBlOTBmLTIxOTgtNDQyZS05NWZjLWI3ZjYzNDIzZjE5Mi8xL2hHbGNnbEVwNDJW
S1VJczd4U24tT2xzNE9iRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAcI42AMEAcI43jANBAIAAjAHAwUD
Kg8TwDANBgkqhkiG9w0BAQsFAAOCAQEAIdlHUvtepo+D6PsnW0Zom/fOD11Emlow
cZz8ENv7I2OGY+VnjegQjPZogINfPZI84n9Ovdnoi93FYXsSfLgchwttQ5jt2Hct
3ymRj4JOxXT+2cgsRL3a5/tLgjq/ETbD8B7ZLq2BRKp3vXQVT1Efc41NaNYeJTkn
/Vps8fq95GhYDspBI6UHNjp1rpt7LPXqOkiLrAmEJm61/BRZ/CA4Jbh9NnhiVagV
ToZ77SkPN1BP2KkYAJGVqdyQEa++Egzk/3wjldTEh2ZNjLEFIRCy4dZY2o6BwegW
CaHz5oBKniGf4oOzS8CZTACc+Q5LBvieH5nzo3PMv0jtQisx2n3QAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:59 2024 by rpki-client on console-fra.rpki-client.org