Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/L-yO_7ySXryorUbcdjCpNemjXDI.roa
File:                     L-yO_7ySXryorUbcdjCpNemjXDI.roa (raw, json)
Hash identifier:          XdUP+v9rqAXj+ydC5vlo3ABxnyJLbzypvqAM+KGaRMY=
Subject key identifier:   2F:EC:8E:FF:BC:92:5E:BC:A8:AD:46:DC:76:30:A9:35:E9:A3:5C:32
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0182D8DBAC6BAF8521BA48B634C007EFC2EE
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/L-yO_7ySXryorUbcdjCpNemjXDI.roa
Signing time:             Fri 26 Aug 2022 06:34:11 +0000
ROA not before:           Fri 26 Aug 2022 06:34:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205570
IP address blocks:        194.28.128.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d8:db:ac:6b:af:85:21:ba:48:b6:34:c0:07:ef:c2:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Aug 26 06:34:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2fec8effbc925ebca8ad46dc7630a935e9a35c32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:7b:0d:cf:1f:6f:4d:47:04:37:fb:50:17:d7:
                    22:e5:ca:10:24:2f:09:e0:d2:4b:e9:b9:c2:88:a5:
                    ef:f0:f9:74:4f:7a:ee:d1:16:f2:bc:2d:c9:6b:12:
                    f2:06:4a:bc:ed:2a:4f:8a:24:50:d7:3e:77:fe:c1:
                    9a:6a:d0:00:11:dc:a6:36:b9:30:8e:7a:65:5b:17:
                    1d:68:0b:f8:58:3d:40:e6:8d:57:54:9a:5e:b9:3c:
                    97:68:ce:10:7f:24:b8:1c:b3:8b:d3:6b:d8:aa:9d:
                    9e:dc:6f:5c:b7:fb:9a:dd:76:5e:af:2c:4e:c3:24:
                    6c:86:79:f4:0c:02:8c:5a:c4:d0:09:a8:f7:91:ee:
                    cd:74:52:45:12:52:50:61:e3:a5:d8:20:e3:02:d8:
                    fa:5b:c3:94:ac:0a:0b:0c:43:13:bf:7f:b7:6a:61:
                    35:f0:a0:14:c3:0d:04:e6:03:7c:42:2c:e4:7a:43:
                    9c:55:53:73:d1:c7:03:e9:b6:7d:77:49:ab:96:e1:
                    f5:12:90:3f:34:ea:d7:d9:78:86:2f:b8:bd:15:de:
                    8c:52:f8:ef:00:45:06:1e:a6:3c:aa:df:ca:fc:28:
                    f9:33:d5:8a:79:07:2e:90:55:78:06:3b:f8:bc:e9:
                    c7:3f:82:a8:1c:0d:5f:1a:1c:46:cd:76:2e:9f:ac:
                    16:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:EC:8E:FF:BC:92:5E:BC:A8:AD:46:DC:76:30:A9:35:E9:A3:5C:32
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/L-yO_7ySXryorUbcdjCpNemjXDI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.28.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:7b:96:5f:7c:54:db:74:f5:34:3f:88:56:96:14:32:4c:3f:
         29:24:8c:5b:77:f5:53:63:7f:6d:3b:c9:33:45:21:17:13:c9:
         ff:36:76:8a:7e:c8:2a:6c:a0:40:66:36:2a:6e:e3:88:26:9c:
         a4:22:86:bd:61:c6:a7:60:00:84:63:61:bd:32:d5:eb:0c:03:
         29:09:7e:f7:14:cb:d9:5c:4a:37:29:5e:12:f0:37:2c:59:13:
         8c:a1:1e:cf:a2:e4:e4:e7:12:a7:51:37:ae:da:5f:9b:7d:43:
         3b:46:58:44:8a:63:bf:dd:f4:03:bc:f6:c0:52:5a:8c:98:4b:
         f3:3a:78:c3:2a:22:36:20:cc:d4:98:61:b3:2d:e2:47:8f:63:
         09:93:6a:97:f9:79:c0:38:da:e2:a1:e3:54:ef:f9:a5:49:52:
         09:5a:81:50:14:b9:a6:94:a1:62:e0:00:58:fa:ab:17:90:26:
         79:d3:be:9b:27:66:f7:66:74:a4:80:6a:55:50:cc:f4:d4:a4:
         69:8c:9d:1a:dd:2f:8c:27:5c:16:6a:a9:f1:9e:35:f6:39:b8:
         5a:c4:55:b5:cb:78:0c:e0:de:60:2a:5d:35:4a:d6:a5:f2:cd:
         42:ec:cc:01:22:56:ee:fa:52:7d:2c:24:11:ad:71:36:63:dc:
         1d:34:53:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLY26xrr4Uhuki2NMAH78LuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwODI2MDYzNDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmVjOGVmZmJjOTI1ZWJjYThhZDQ2ZGM3NjMwYTkzNWU5YTM1YzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nsNzx9vTUcEN/tQF9ci5coQJC8J
4NJL6bnCiKXv8Pl0T3ru0RbyvC3JaxLyBkq87SpPiiRQ1z53/sGaatAAEdymNrkw
jnplWxcdaAv4WD1A5o1XVJpeuTyXaM4QfyS4HLOL02vYqp2e3G9ct/ua3XZeryxO
wyRshnn0DAKMWsTQCaj3ke7NdFJFElJQYeOl2CDjAtj6W8OUrAoLDEMTv3+3amE1
8KAUww0E5gN8QizkekOcVVNz0ccD6bZ9d0mrluH1EpA/NOrX2XiGL7i9Fd6MUvjv
AEUGHqY8qt/K/Cj5M9WKeQcukFV4Bjv4vOnHP4KoHA1fGhxGzXYun6wWHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/sjv+8kl68qK1G3HYwqTXpo1wyMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvTC15T183eVNYcnlvclViY2RqQ3BOZW1qWERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhyAMA0G
CSqGSIb3DQEBCwUAA4IBAQCGe5ZffFTbdPU0P4hWlhQyTD8pJIxbd/VTY39tO8kz
RSEXE8n/NnaKfsgqbKBAZjYqbuOIJpykIoa9YcanYACEY2G9MtXrDAMpCX73FMvZ
XEo3KV4S8DcsWROMoR7PouTk5xKnUTeu2l+bfUM7RlhEimO/3fQDvPbAUlqMmEvz
OnjDKiI2IMzUmGGzLeJHj2MJk2qX+XnAONrioeNU7/mlSVIJWoFQFLmmlKFi4ABY
+qsXkCZ5076bJ2b3ZnSkgGpVUMz01KRpjJ0a3S+MJ1wWaqnxnjX2ObhaxFW1y3gM
4N5gKl01Stal8s1C7MwBIlbu+lJ9LCQRrXE2Y9wdNFOh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org