Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5N5c9yg3nzo6XxhyLPsKU6Zowvg.roa
File:                     5N5c9yg3nzo6XxhyLPsKU6Zowvg.roa (raw, json)
Hash identifier:          WtMA5HM4gCd0p1O1eJRb1S/4EAd5sAHXeZqXS+jvmIQ=
Subject key identifier:   E4:DE:5C:F7:28:37:9F:3A:3A:5F:18:72:2C:FB:0A:53:A6:68:C2:F8
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       139F1212
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5N5c9yg3nzo6XxhyLPsKU6Zowvg.roa
Signing time:             Tue 04 Jan 2022 16:54:44 +0000
ROA not before:           Tue 04 Jan 2022 16:54:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205301
IP address blocks:        194.242.22.0/23 maxlen: 23
                          194.242.28.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 329191954 (0x139f1212)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  4 16:54:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e4de5cf728379f3a3a5f18722cfb0a53a668c2f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ba:89:b4:00:5f:9f:2c:68:32:d5:72:9e:e2:
                    44:16:e1:98:4d:4c:0e:1e:94:a2:78:d9:63:fa:99:
                    b6:ae:27:72:5b:98:71:f3:bc:ef:aa:ec:4f:c7:02:
                    f6:03:21:67:56:8f:4f:96:60:0c:92:58:05:ae:79:
                    f1:c9:76:26:0e:ae:8e:65:20:e8:c4:0b:d7:78:d0:
                    8f:b7:a6:f6:fc:d2:16:8c:76:96:6a:57:f5:ab:64:
                    a0:31:68:4a:ff:e8:cd:80:7c:fe:3c:fd:04:bb:1f:
                    4f:fe:b4:36:c6:55:31:2c:1b:dc:bb:6c:98:09:f8:
                    7f:24:4e:d9:30:ce:3f:68:d2:96:04:8e:fa:42:73:
                    96:68:87:ac:23:ed:64:72:cf:25:ce:26:60:ff:da:
                    b2:11:95:20:0f:c5:db:81:fa:51:2c:67:67:9e:74:
                    ff:75:6d:ed:40:bf:e6:96:c9:f4:39:fa:ba:6a:67:
                    e9:af:3d:db:08:bf:2d:88:86:a7:48:3a:c5:ea:e9:
                    4e:97:4c:9e:24:73:0c:1f:1b:d6:5c:23:fa:5d:c3:
                    8f:aa:ac:a9:30:aa:ad:84:5a:04:70:46:ad:95:8d:
                    c2:e1:cf:c9:51:16:d3:66:c3:c0:b4:05:53:8e:5e:
                    46:67:0e:76:82:64:0d:70:4a:81:39:99:60:42:a5:
                    70:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:DE:5C:F7:28:37:9F:3A:3A:5F:18:72:2C:FB:0A:53:A6:68:C2:F8
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5N5c9yg3nzo6XxhyLPsKU6Zowvg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.242.22.0/23
                  194.242.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:06:0b:3a:58:fe:b2:5b:d5:30:c7:78:3f:63:02:4d:11:62:
         83:35:e6:a4:ed:4b:3a:00:a8:87:0f:da:3a:56:5f:28:22:6f:
         76:54:e1:d8:c9:e2:14:a6:8c:3c:53:32:16:d1:e5:4f:0c:00:
         31:9f:d5:bf:6b:d8:4d:38:2c:1e:c8:7d:ae:0f:e5:0b:27:6c:
         1f:b1:87:df:ce:f1:ba:82:95:78:86:7d:67:3f:7d:d1:c7:41:
         ba:2c:5e:38:4a:91:55:48:3a:be:ce:14:98:d9:d6:6a:0f:f7:
         5d:e4:47:9c:92:84:95:3a:b9:49:4c:27:72:e1:86:d3:a7:88:
         08:4e:4e:3f:16:ea:4e:91:b9:36:88:cc:86:8f:53:7b:1e:5f:
         a3:32:e9:25:a0:25:d6:25:cf:a4:df:77:08:89:16:2f:10:a7:
         3b:03:87:a9:30:ec:5b:fa:86:19:24:63:c5:82:c5:d0:da:3a:
         e7:d7:fd:c7:87:60:da:dc:cc:f7:a4:e4:24:5c:82:92:60:7e:
         98:7d:cc:38:61:30:7d:f9:16:a4:4f:a6:71:9b:d6:7b:7b:bf:
         0a:95:b5:51:e8:2a:ee:27:d6:9f:23:ee:69:d2:dc:95:a5:bd:
         c8:7c:7c:eb:2c:7b:ca:ef:86:e8:d2:24:21:85:b8:5c:05:82:
         42:e4:00:28
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEE58SEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
NDE2NTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRkZTVjZjcyODM3
OWYzYTNhNWYxODcyMmNmYjBhNTNhNjY4YzJmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMe6ibQAX58saDLVcp7iRBbhmE1MDh6UonjZY/qZtq4ncluY
cfO876rsT8cC9gMhZ1aPT5ZgDJJYBa558cl2Jg6ujmUg6MQL13jQj7em9vzSFox2
lmpX9atkoDFoSv/ozYB8/jz9BLsfT/60NsZVMSwb3LtsmAn4fyRO2TDOP2jSlgSO
+kJzlmiHrCPtZHLPJc4mYP/ashGVIA/F24H6USxnZ550/3Vt7UC/5pbJ9Dn6umpn
6a892wi/LYiGp0g6xerpTpdMniRzDB8b1lwj+l3Dj6qsqTCqrYRaBHBGrZWNwuHP
yVEW02bDwLQFU45eRmcOdoJkDXBKgTmZYEKlcH0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTk3lz3KDefOjpfGHIs+wpTpmjC+DAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
LzVONWM5eWczbnpvNlh4aHlMUHNLVTZab3d2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcLyFgMEAcLyHDANBgkqhkiG9w0B
AQsFAAOCAQEAlAYLOlj+slvVMMd4P2MCTRFigzXmpO1LOgCohw/aOlZfKCJvdlTh
2MniFKaMPFMyFtHlTwwAMZ/Vv2vYTTgsHsh9rg/lCydsH7GH387xuoKVeIZ9Zz99
0cdBuixeOEqRVUg6vs4UmNnWag/3XeRHnJKElTq5SUwncuGG06eICE5OPxbqTpG5
NojMho9Tex5fozLpJaAl1iXPpN93CIkWLxCnOwOHqTDsW/qGGSRjxYLF0No659f9
x4dg2tzM96TkJFyCkmB+mH3MOGEwffkWpE+mcZvWe3u/CpW1Uegq7ifWnyPuadLc
laW9yHx86yx7yu+G6NIkIYW4XAWCQuQAKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org