Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/ZIiPNefMpXxpi055cOWLrWCjk7g.roa
File:                     ZIiPNefMpXxpi055cOWLrWCjk7g.roa (raw, json)
Hash identifier:          2RBhq1CiHdSUsdt4pMrpvxv7rcrM8QNNvyHh9kUZSw4=
Subject key identifier:   64:88:8F:35:E7:CC:A5:7C:69:8B:4E:79:70:E5:8B:AD:60:A3:93:B8
Certificate issuer:       /CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
Certificate serial:       127F
Authority key identifier: DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/ZIiPNefMpXxpi055cOWLrWCjk7g.roa
Signing time:             Wed 13 Apr 2022 11:23:13 +0000
ROA not before:           Wed 13 Apr 2022 11:23:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42184
IP address blocks:        194.1.176.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4735 (0x127f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
        Validity
            Not Before: Apr 13 11:23:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=64888f35e7cca57c698b4e7970e58bad60a393b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:73:1e:76:32:c5:55:8a:58:6c:9e:d0:42:d0:
                    34:20:34:f8:7b:c3:26:fa:15:a1:ea:2e:8d:0c:88:
                    62:7f:0b:08:c2:05:a4:b1:a1:ca:96:e8:30:e0:a7:
                    3e:c8:e0:83:2a:af:4f:29:ee:26:bf:9c:48:50:41:
                    5d:81:0c:b6:c0:4d:ea:95:33:42:36:55:bd:93:4c:
                    2a:8e:59:58:39:c7:76:9a:da:94:63:d3:52:eb:79:
                    b3:99:bb:80:4e:09:54:5f:9f:55:d4:c3:48:d6:26:
                    93:31:39:bb:c4:2c:79:cc:1c:cc:0e:e5:20:f7:c6:
                    0b:a8:bb:ed:09:9b:42:36:2f:24:42:e0:91:68:b3:
                    dc:80:bb:5e:83:c7:c3:2a:7f:01:9a:ed:97:88:e4:
                    50:3c:e7:1d:36:08:1f:25:4c:a7:7f:43:30:81:9b:
                    e5:fa:30:a7:57:cd:99:b6:c2:3f:ec:45:e5:d6:ea:
                    07:93:30:42:ff:fd:a9:6f:de:b5:23:8d:2e:ab:5d:
                    8e:29:2e:f3:be:e8:ce:bd:f7:d2:13:02:a5:ea:00:
                    31:9f:88:ce:09:75:9d:55:8d:d9:3b:90:8e:44:87:
                    15:4e:1d:28:08:97:74:b9:85:84:c1:b9:da:4b:53:
                    87:60:89:25:e9:af:fe:86:87:37:3c:32:7e:ae:a9:
                    6c:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:88:8F:35:E7:CC:A5:7C:69:8B:4E:79:70:E5:8B:AD:60:A3:93:B8
            X509v3 Authority Key Identifier:
                keyid:DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/ZIiPNefMpXxpi055cOWLrWCjk7g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/3l5sIzCRG8HcjIPUEe9rEgizu9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.1.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:1e:85:53:c0:1c:50:c1:5d:e1:1e:f5:56:6a:1e:41:5f:11:
         96:1d:d2:dc:2b:3b:f4:49:6a:a2:b8:43:60:ab:eb:fb:ea:af:
         11:74:e5:f9:57:0a:66:60:3f:34:1c:6d:06:5a:f4:05:a8:c9:
         4b:5b:2c:57:63:6b:7c:ff:51:30:a1:d1:4f:0d:05:6c:fa:9b:
         1e:bb:bc:27:58:7b:dc:33:bd:40:03:40:88:08:a6:c9:4c:54:
         60:56:0a:d2:13:68:29:b9:fc:2f:6d:ce:fc:c3:e4:2b:14:28:
         2f:26:c6:26:74:3a:3c:cf:98:1a:5a:80:76:1d:a9:d7:11:bd:
         ea:d3:e1:64:ab:1a:eb:38:ea:9f:57:88:b5:ca:bf:8c:c9:6b:
         79:57:b8:31:34:a9:ba:60:0c:b9:8a:7d:46:f5:cf:86:39:3a:
         85:51:48:e2:51:59:e1:52:2d:26:dd:e8:15:42:b3:8a:d7:34:
         be:48:e7:02:09:d2:9a:19:ae:e8:43:b2:2f:70:68:89:aa:5d:
         89:96:f0:a6:05:e4:99:82:f2:ab:f9:cc:5a:d7:43:ea:51:8c:
         60:e9:08:e4:a8:45:5f:30:83:fb:ba:c4:6e:9d:24:37:d9:36:
         26:68:11:8f:96:c2:03:94:67:ca:8e:99:be:a0:d9:21:70:3d:
         ac:44:92:c3
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICEn8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZGU1
ZTZjMjMzMDkxMWJjMWRjOGM4M2Q0MTFlZjZiMTIwOGIzYmJkNjAeFw0yMjA0MTMx
MTIzMTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDY0ODg4ZjM1ZTdjY2E1
N2M2OThiNGU3OTcwZTU4YmFkNjBhMzkzYjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEcx52MsVVilhsntBC0DQgNPh7wyb6FaHqLo0MiGJ/CwjCBaSx
ocqW6DDgpz7I4IMqr08p7ia/nEhQQV2BDLbATeqVM0I2Vb2TTCqOWVg5x3aa2pRj
01LrebOZu4BOCVRfn1XUw0jWJpMxObvELHnMHMwO5SD3xguou+0Jm0I2LyRC4JFo
s9yAu16Dx8MqfwGa7ZeI5FA85x02CB8lTKd/QzCBm+X6MKdXzZm2wj/sReXW6geT
MEL//alv3rUjjS6rXY4pLvO+6M6999ITAqXqADGfiM4JdZ1Vjdk7kI5EhxVOHSgI
l3S5hYTBudpLU4dgiSXpr/6Ghzc8Mn6uqWw7AgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUZIiPNefMpXxpi055cOWLrWCjk7gwHwYDVR0jBBgwFoAU3l5sIzCRG8HcjIPU
Ee9rEgizu9YwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8z
bDVzSXpDUkc4SGNqSVBVRWU5ckVnaXp1OVkuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzMxL2RlOWQ3Mi1mY2Q0LTRjN2MtODljYS1kZTRiYTc4NmY4NzIvMS9a
SWlQTmVmTXBYeHBpMDU1Y09XTHJXQ2prN2cucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMxL2Rl
OWQ3Mi1mY2Q0LTRjN2MtODljYS1kZTRiYTc4NmY4NzIvMS8zbDVzSXpDUkc4SGNq
SVBVRWU5ckVnaXp1OVkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCAbAwDQYJKoZIhvcNAQELBQADggEB
AEQehVPAHFDBXeEe9VZqHkFfEZYd0twrO/RJaqK4Q2Cr6/vqrxF05flXCmZgPzQc
bQZa9AWoyUtbLFdja3z/UTCh0U8NBWz6mx67vCdYe9wzvUADQIgIpslMVGBWCtIT
aCm5/C9tzvzD5CsUKC8mxiZ0OjzPmBpagHYdqdcRverT4WSrGus46p9XiLXKv4zJ
a3lXuDE0qbpgDLmKfUb1z4Y5OoVRSOJRWeFSLSbd6BVCs4rXNL5I5wIJ0poZruhD
si9waImqXYmW8KYF5JmC8qv5zFrXQ+pRjGDpCOSoRV8wg/u6xG6dJDfZNiZoEY+W
wgOUZ8qOmb6g2SFwPaxEksM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:38 2024 by rpki-client on console-fra.rpki-client.org