Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/1-rfMxWAPfqy7CQs2azJ-v2S22Q4.roa
File:                     1-rfMxWAPfqy7CQs2azJ-v2S22Q4.roa (raw, json)
Hash identifier:          BG+EwEgkNchdFplQe+xeX9qeM8fiVVEZgbpxa2QWRDM=
Subject key identifier:   FA:B7:CC:C5:60:0F:7E:AC:BB:09:0B:36:6B:32:7E:BF:64:B6:D9:0E
Certificate issuer:       /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial:       13F9A15A
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/1-rfMxWAPfqy7CQs2azJ-v2S22Q4.roa
Signing time:             Sat 01 Jan 2022 11:55:32 +0000
ROA not before:           Sat 01 Jan 2022 11:55:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207459
IP address blocks:        213.238.167.0/24 maxlen: 24
                          213.238.182.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 335126874 (0x13f9a15a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
        Validity
            Not Before: Jan  1 11:55:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fab7ccc5600f7eacbb090b366b327ebf64b6d90e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6f:e6:7c:b8:36:cf:75:61:44:d1:ad:ee:13:
                    80:b8:22:ff:57:7e:f2:aa:49:36:30:91:cb:9b:ce:
                    3a:20:34:37:99:8c:f7:96:86:57:08:0a:83:aa:34:
                    6a:cb:fe:e9:df:3b:f5:1d:70:35:df:9a:57:85:c7:
                    c9:51:3b:66:1a:af:39:10:c6:1b:8a:e7:97:14:81:
                    bf:fd:04:41:4a:d5:c9:fc:74:e1:fd:bd:5b:75:f7:
                    63:7c:c1:dc:d1:c3:ec:39:f0:03:7a:3c:12:ea:75:
                    51:3f:f5:f0:66:cd:83:bf:24:ab:b8:fe:11:5f:e1:
                    59:43:f1:0e:ab:a7:e5:d4:c3:a4:df:03:d4:6b:7b:
                    0e:c5:12:ea:e9:6d:d0:b6:7f:0d:26:14:cd:7c:4c:
                    37:46:c4:46:c5:00:cd:5f:eb:cf:a0:f9:ae:d4:63:
                    c1:2f:11:33:82:1a:1d:e5:42:62:7b:46:3e:d2:7a:
                    42:4a:28:80:63:55:9c:19:4e:90:2c:e0:8b:f8:d6:
                    21:ef:d0:00:70:d0:2e:7a:e6:71:e2:b1:43:32:b8:
                    d6:34:a5:e4:a2:60:1c:64:92:4c:fa:1b:35:ad:c3:
                    43:31:20:aa:74:5d:eb:51:8b:53:52:90:57:50:a7:
                    d9:dc:1c:39:ba:ee:c2:ce:de:61:df:39:1a:6a:66:
                    2b:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:B7:CC:C5:60:0F:7E:AC:BB:09:0B:36:6B:32:7E:BF:64:B6:D9:0E
            X509v3 Authority Key Identifier:
                keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/1-rfMxWAPfqy7CQs2azJ-v2S22Q4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.238.167.0/24
                  213.238.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:fb:84:9a:7b:1a:c0:4a:21:4c:22:8a:ce:bc:a7:91:7e:f5:
         a6:94:9e:ba:a5:f3:34:43:d5:2c:a6:e4:74:b4:fe:dd:7e:ff:
         4d:65:d2:20:c1:5e:d3:8b:ae:11:5c:47:c5:f4:bc:0e:1b:51:
         1f:df:fb:52:2a:34:9a:94:38:31:ac:2a:d9:bd:83:76:43:7c:
         d1:f9:70:d8:e8:53:24:d9:48:1a:ea:cd:98:64:74:ba:a9:7b:
         c2:a1:03:9d:97:7c:56:d0:96:f4:59:cd:de:c9:3e:3e:0b:bc:
         6a:cf:ce:c8:05:07:07:de:fa:06:f0:c2:a9:86:db:c8:0b:7b:
         59:4f:3b:98:9b:70:82:c3:0f:10:9f:fc:3a:98:87:c8:54:b7:
         82:84:89:c4:9a:2c:c9:0d:b4:ea:2f:9f:da:dd:40:17:29:37:
         52:42:3e:93:56:fa:cf:3d:a2:41:f8:7e:7f:09:13:71:bf:b2:
         61:56:54:27:1e:da:12:38:4f:5c:fd:6d:d7:4c:54:60:0d:83:
         b7:14:d6:7c:21:77:a0:b5:d3:39:e4:71:c3:15:8e:ec:cd:8b:
         a6:5c:a0:04:7b:1d:b8:62:3f:af:7d:5f:45:3c:0a:08:41:e0:
         6f:51:aa:ad:79:18:15:06:92:5c:cf:fb:41:54:e3:fe:07:c7:
         6d:58:d3:a9
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEE/mhWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGNiZGE3OGIxZDFiNjEzZGY1NjVmZjk5NzAwYjZhZWU5NDBkZTNmMB4XDTIyMDEw
MTExNTUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFiN2NjYzU2MDBm
N2VhY2JiMDkwYjM2NmIzMjdlYmY2NGI2ZDkwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpv5ny4Ns91YUTRre4TgLgi/1d+8qpJNjCRy5vOOiA0N5mM
95aGVwgKg6o0asv+6d879R1wNd+aV4XHyVE7ZhqvORDGG4rnlxSBv/0EQUrVyfx0
4f29W3X3Y3zB3NHD7DnwA3o8Eup1UT/18GbNg78kq7j+EV/hWUPxDqun5dTDpN8D
1Gt7DsUS6ult0LZ/DSYUzXxMN0bERsUAzV/rz6D5rtRjwS8RM4IaHeVCYntGPtJ6
QkoogGNVnBlOkCzgi/jWIe/QAHDQLnrmceKxQzK41jSl5KJgHGSSTPobNa3DQzEg
qnRd61GLU1KQV1Cn2dwcObruws7eYd85GmpmK2sCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT6t8zFYA9+rLsJCzZrMn6/ZLbZDjAfBgNVHSMEGDAWgBRUy9p4sdG2E99W
X/mXALau6UDePzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZNdmFlTEhSdGhQZlZsXzVsd0MycnVsQTNqOC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8x
LzEtcmZNeFdBUGZxeTdDUXMyYXpKLXYyUzIyUTQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMw
LzZkNjFkOS0wYmY3LTQ0YmItYjgwZi1jZDMxNjE1ZDAxYTkvMS9WTXZhZUxIUnRo
UGZWbF81bHdDMnJ1bEEzajguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBADV7qcDBADV7rYwDQYJKoZIhvcN
AQELBQADggEBAB77hJp7GsBKIUwiis68p5F+9aaUnrql8zRD1Sym5HS0/t1+/01l
0iDBXtOLrhFcR8X0vA4bUR/f+1IqNJqUODGsKtm9g3ZDfNH5cNjoUyTZSBrqzZhk
dLqpe8KhA52XfFbQlvRZzd7JPj4LvGrPzsgFBwfe+gbwwqmG28gLe1lPO5ibcILD
DxCf/DqYh8hUt4KEicSaLMkNtOovn9rdQBcpN1JCPpNW+s89okH4fn8JE3G/smFW
VCce2hI4T1z9bddMVGANg7cU1nwhd6C10znkccMVjuzNi6ZcoAR7HbhiP699X0U8
CghB4G9Rqq15GBUGklzP+0FU4/4Hx21Y06k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org