Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/7DuLJ4Hxq6J56iRU0y0hMbS28Ok.roa
File:                     7DuLJ4Hxq6J56iRU0y0hMbS28Ok.roa (raw, json)
Hash identifier:          jTxmmSqatv7et20BNPdLZ7U83PwTgtRjSNei3veX+5I=
Subject key identifier:   EC:3B:8B:27:81:F1:AB:A2:79:EA:24:54:D3:2D:21:31:B4:B6:F0:E9
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0183E60EC906D8015792F6730625434C982B
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/7DuLJ4Hxq6J56iRU0y0hMbS28Ok.roa
Signing time:             Mon 17 Oct 2022 13:07:52 +0000
ROA not before:           Mon 17 Oct 2022 13:07:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        89.44.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:e6:0e:c9:06:d8:01:57:92:f6:73:06:25:43:4c:98:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Oct 17 13:07:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec3b8b2781f1aba279ea2454d32d2131b4b6f0e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:02:68:ff:95:ed:63:71:76:1e:e0:25:71:a9:
                    d5:43:72:f0:3b:4e:88:a0:3f:bd:f9:52:e2:a1:45:
                    d5:e6:32:40:a3:dc:55:bc:bd:77:63:06:46:cd:a9:
                    c7:28:82:16:fb:71:2a:21:76:eb:8f:de:7e:d8:38:
                    98:18:4b:be:a9:1e:5d:90:96:ee:ba:f9:2c:ad:35:
                    99:7c:54:3c:da:01:87:50:ac:a7:2c:76:cd:a5:e9:
                    ba:11:91:b9:94:47:f3:cf:93:a9:05:7d:56:78:89:
                    b9:2f:4b:89:71:1f:9f:c2:b0:33:1d:d0:84:43:e6:
                    ab:22:07:06:97:52:34:92:ce:c4:34:08:6a:32:c2:
                    7d:80:c2:cb:b1:27:3d:69:b3:0d:9d:28:72:81:34:
                    7b:06:91:4a:ca:8d:9d:dc:fc:aa:1a:15:fd:a9:ec:
                    53:c9:42:08:b6:3c:08:bb:4d:81:7c:e1:5d:c5:51:
                    4a:ce:7b:57:b7:e4:96:c1:4c:78:b7:e2:be:42:e2:
                    26:f7:53:ed:82:f6:c8:dd:d6:48:49:44:7c:d2:8b:
                    fc:74:b1:5d:e6:9e:98:0a:ba:5a:c1:b2:67:d9:e9:
                    80:f5:1a:c4:e5:21:d1:af:d4:84:06:ee:0f:de:5a:
                    1b:c6:86:b4:3a:3c:05:39:b8:62:ab:8a:55:d8:f2:
                    25:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:3B:8B:27:81:F1:AB:A2:79:EA:24:54:D3:2D:21:31:B4:B6:F0:E9
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/7DuLJ4Hxq6J56iRU0y0hMbS28Ok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.44.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ce:43:b3:a1:ba:fd:0a:46:98:89:75:94:41:f6:d2:ba:b6:a9:
         9f:d2:97:dc:0f:14:b9:9a:1d:d5:58:b9:68:7e:b8:54:8c:16:
         95:56:78:d3:4a:ae:be:ba:00:4a:ba:61:08:d8:77:ac:b4:11:
         77:10:07:8d:eb:1b:e1:52:3d:04:3f:f4:f1:ed:9a:fb:48:8e:
         09:f9:c2:41:d1:51:e6:37:41:86:e7:2d:11:9c:0c:b3:36:52:
         6b:cc:d0:d1:b8:29:4e:2a:2d:b6:90:44:46:57:c3:48:9e:b7:
         42:05:a8:b0:83:51:51:f0:c0:0c:a8:0c:d9:f2:dd:d0:9b:d0:
         03:19:8f:c7:56:ac:ba:bd:be:a5:73:1d:2f:f4:af:f6:3c:23:
         0b:f6:33:59:98:e4:18:72:f6:fb:f5:01:50:88:33:07:bc:e9:
         19:f7:7a:b7:98:31:df:c0:22:8b:d7:b0:0e:42:75:42:08:7f:
         39:88:1d:ed:1b:b0:15:2b:75:ce:08:46:04:0d:f0:2d:a7:ed:
         40:1d:6e:92:82:a3:aa:3d:d9:31:6b:bf:1b:70:09:67:f1:31:
         e7:05:b3:f6:60:a4:39:00:bf:b4:92:20:f2:fc:3c:a1:b1:08:
         b2:69:8d:fd:74:65:1f:b3:bb:61:06:12:ba:c1:0c:6a:ec:f7:
         80:d1:10:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPmDskG2AFXkvZzBiVDTJgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIxMDE3MTMwNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzNiOGIyNzgxZjFhYmEyNzllYTI0NTRkMzJkMjEzMWI0YjZmMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wJo/5XtY3F2HuAlcanVQ3LwO06I
oD+9+VLioUXV5jJAo9xVvL13YwZGzanHKIIW+3EqIXbrj95+2DiYGEu+qR5dkJbu
uvksrTWZfFQ82gGHUKynLHbNpem6EZG5lEfzz5OpBX1WeIm5L0uJcR+fwrAzHdCE
Q+arIgcGl1I0ks7ENAhqMsJ9gMLLsSc9abMNnShygTR7BpFKyo2d3PyqGhX9qexT
yUIItjwIu02BfOFdxVFKzntXt+SWwUx4t+K+QuIm91PtgvbI3dZISUR80ov8dLFd
5p6YCrpawbJn2emA9RrE5SHRr9SEBu4P3lobxoa0OjwFObhiq4pV2PIlCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOw7iyeB8auieeokVNMtITG0tvDpMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvN0R1TEo0SHhxNko1NmlSVTB5MGhNYlMyOE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSzRMA0G
CSqGSIb3DQEBCwUAA4IBAQDOQ7Ohuv0KRpiJdZRB9tK6tqmf0pfcDxS5mh3VWLlo
frhUjBaVVnjTSq6+ugBKumEI2HestBF3EAeN6xvhUj0EP/Tx7Zr7SI4J+cJB0VHm
N0GG5y0RnAyzNlJrzNDRuClOKi22kERGV8NInrdCBaiwg1FR8MAMqAzZ8t3Qm9AD
GY/HVqy6vb6lcx0v9K/2PCML9jNZmOQYcvb79QFQiDMHvOkZ93q3mDHfwCKL17AO
QnVCCH85iB3tG7AVK3XOCEYEDfAtp+1AHW6SgqOqPdkxa78bcAln8THnBbP2YKQ5
AL+0kiDy/DyhsQiyaY39dGUfs7thBhK6wQxq7PeA0RAi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org