Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5wk6m79fnWIKJUlD69aYrL39OGY.roa
File:                     5wk6m79fnWIKJUlD69aYrL39OGY.roa (raw, json)
Hash identifier:          7rf96sVjTE93uNoKVuMQ9AWoEhpEnFVM1Xjl/Sx7j48=
Subject key identifier:   E7:09:3A:9B:BF:5F:9D:62:0A:25:49:43:EB:D6:98:AC:BD:FD:38:66
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018562F68ACFC5CD66992275626CBE20D377
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5wk6m79fnWIKJUlD69aYrL39OGY.roa
Signing time:             Fri 30 Dec 2022 12:16:42 +0000
ROA not before:           Fri 30 Dec 2022 12:16:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206068
IP address blocks:        86.104.195.0/24 maxlen: 24
                          89.32.126.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:62:f6:8a:cf:c5:cd:66:99:22:75:62:6c:be:20:d3:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Dec 30 12:16:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e7093a9bbf5f9d620a254943ebd698acbdfd3866
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f2:33:e9:78:69:f4:62:fb:ca:c1:5c:fa:47:
                    70:4b:41:d2:18:85:54:d0:24:fd:49:0e:c2:9d:0b:
                    86:e2:b5:a9:c5:54:83:65:48:03:69:0f:31:3d:f4:
                    1b:f2:0b:64:15:0d:85:4f:b4:87:04:2b:a6:45:61:
                    01:db:73:bd:a1:bb:d5:73:e5:67:ac:2f:3a:9f:44:
                    7a:11:4b:9c:c8:31:19:c7:02:28:e2:b4:74:f2:d0:
                    80:a1:8d:b6:f9:42:25:85:09:cd:8c:0d:38:8e:f6:
                    44:2c:1b:1d:d7:c6:3a:4f:6a:5a:00:56:eb:e5:9a:
                    be:a5:ea:7a:b5:49:a5:3f:90:51:fa:7e:3f:37:69:
                    59:a7:25:1e:8d:70:88:c5:23:ec:32:50:da:fb:d1:
                    af:69:8a:5f:99:f1:68:a4:bb:70:f9:80:de:95:76:
                    e8:a1:a1:1f:dd:c3:fa:47:c0:09:0b:ad:b3:3d:c3:
                    96:f0:11:d2:3a:6a:a5:1f:e2:3e:fa:25:f1:a9:a6:
                    d1:52:ec:1c:fc:ae:05:75:b0:1d:d5:79:1f:aa:08:
                    2d:51:32:01:82:7e:31:69:f0:39:ee:00:8d:5f:4e:
                    3b:2d:52:df:3d:7d:90:c5:db:ce:a7:87:21:84:e0:
                    84:f0:22:1d:5b:d6:10:d2:1d:d2:6c:7d:4e:5e:02:
                    80:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:09:3A:9B:BF:5F:9D:62:0A:25:49:43:EB:D6:98:AC:BD:FD:38:66
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5wk6m79fnWIKJUlD69aYrL39OGY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.104.195.0/24
                  89.32.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:7d:fe:b8:02:ca:09:2c:3c:e1:61:c4:9e:56:4c:81:db:5a:
         78:73:e1:83:69:37:af:55:69:62:be:7b:80:ed:fd:d4:7a:cb:
         22:51:ec:46:d0:5e:64:96:c5:84:eb:12:97:37:6c:f6:68:e1:
         98:45:7b:6e:37:ca:80:c3:ab:9b:95:67:58:a9:fc:3b:e1:fb:
         6e:df:14:75:7c:6f:60:f1:51:4e:2b:5d:e2:0e:c6:f9:6e:36:
         3a:82:14:d6:d0:7c:6b:4a:cc:09:b9:a0:5d:33:1f:7c:db:08:
         93:50:47:63:c6:69:1f:89:62:2b:ea:83:8e:05:9e:cf:e9:ac:
         b7:25:1f:b3:dd:ce:62:9e:1e:c7:7a:b0:78:17:dd:1e:b6:34:
         bf:7b:45:2c:bd:f1:ad:5c:c2:f7:47:9c:8e:11:e2:5a:72:b0:
         dd:4d:3a:dd:b9:8b:3a:01:02:15:f7:b2:9b:9c:b7:7e:63:7a:
         fb:d2:55:b8:6e:53:61:26:cf:a2:a6:51:01:94:81:6a:8e:bd:
         12:52:58:ac:72:67:91:0c:5f:f9:36:f6:f4:55:5a:a1:fb:b2:
         aa:b8:dd:d9:89:d7:e3:d2:8e:08:cd:7c:24:08:47:fa:76:e5:
         0c:ba:80:50:7e:a4:7d:42:bf:60:66:17:e2:d0:f4:e8:01:b9:
         53:52:f7:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVi9orPxc1mmSJ1Ymy+INN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMjMwMTIxNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzA5M2E5YmJmNWY5ZDYyMGEyNTQ5NDNlYmQ2OThhY2JkZmQzODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfIz6Xhp9GL7ysFc+kdwS0HSGIVU
0CT9SQ7CnQuG4rWpxVSDZUgDaQ8xPfQb8gtkFQ2FT7SHBCumRWEB23O9obvVc+Vn
rC86n0R6EUucyDEZxwIo4rR08tCAoY22+UIlhQnNjA04jvZELBsd18Y6T2paAFbr
5Zq+pep6tUmlP5BR+n4/N2lZpyUejXCIxSPsMlDa+9GvaYpfmfFopLtw+YDelXbo
oaEf3cP6R8AJC62zPcOW8BHSOmqlH+I++iXxqabRUuwc/K4FdbAd1XkfqggtUTIB
gn4xafA57gCNX047LVLfPX2QxdvOp4chhOCE8CIdW9YQ0h3SbH1OXgKAIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOcJOpu/X51iCiVJQ+vWmKy9/ThmMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNXdrNm03OWZuV0lLSlVsRDY5YVlyTDM5T0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVmjDAwQA
WSB+MA0GCSqGSIb3DQEBCwUAA4IBAQCEff64AsoJLDzhYcSeVkyB21p4c+GDaTev
VWlivnuA7f3UessiUexG0F5klsWE6xKXN2z2aOGYRXtuN8qAw6ublWdYqfw74ftu
3xR1fG9g8VFOK13iDsb5bjY6ghTW0HxrSswJuaBdMx982wiTUEdjxmkfiWIr6oOO
BZ7P6ay3JR+z3c5inh7HerB4F90etjS/e0UsvfGtXML3R5yOEeJacrDdTTrduYs6
AQIV97KbnLd+Y3r70lW4blNhJs+iplEBlIFqjr0SUliscmeRDF/5Nvb0VVqh+7Kq
uN3Zidfj0o4IzXwkCEf6duUMuoBQfqR9Qr9gZhfi0PToAblTUveW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org