Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/p4NvQ-CfcjIOtzWSoXsYgitTgVY.roa
File:                     p4NvQ-CfcjIOtzWSoXsYgitTgVY.roa (raw, json)
Hash identifier:          wY/L0T0Dqga/BwcwrHadgXo4jEQeNJw29hUPVuKjr9o=
Subject key identifier:   A7:83:6F:43:E0:9F:72:32:0E:B7:35:92:A1:7B:18:82:2B:53:81:56
Certificate issuer:       /CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Certificate serial:       06B4B3CC
Authority key identifier: 86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/p4NvQ-CfcjIOtzWSoXsYgitTgVY.roa
Signing time:             Sat 01 Jan 2022 12:02:06 +0000
ROA not before:           Sat 01 Jan 2022 12:02:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207753
IP address blocks:        195.246.254.0/23 maxlen: 23
                          195.248.244.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112505804 (0x6b4b3cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
        Validity
            Not Before: Jan  1 12:02:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a7836f43e09f72320eb73592a17b18822b538156
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:1d:fc:95:3f:fd:a3:65:e9:2c:ae:57:25:df:
                    5e:39:bb:43:0e:c4:2c:d2:08:5d:15:80:15:33:4f:
                    85:96:76:07:6b:64:eb:22:c2:c0:66:fc:0e:b7:c3:
                    5f:22:87:37:d2:86:83:b0:89:5e:57:66:f1:b5:7b:
                    9a:33:98:f6:bf:fc:29:5c:d9:13:51:b7:92:31:88:
                    8c:18:df:9a:b6:48:ec:04:8d:2a:15:7e:79:3d:dc:
                    9f:4e:df:a9:45:93:c3:2f:ee:8d:e6:05:aa:7e:86:
                    64:82:d9:db:ec:2e:53:b6:66:14:e0:17:14:21:63:
                    26:99:bb:19:07:cb:26:d5:39:b4:fc:1a:94:84:5e:
                    a7:23:16:36:9f:54:94:f6:0d:18:43:c5:4a:22:e2:
                    9f:44:16:34:bf:1f:16:22:cc:f7:4c:5a:2d:97:35:
                    cf:3c:18:b9:a4:fa:9d:5d:2e:58:7e:67:a4:df:d7:
                    5c:8f:56:4a:fb:16:5d:51:cd:4b:99:1c:3d:ca:9e:
                    08:d3:f8:67:b5:2b:23:a0:a0:74:82:29:03:3f:96:
                    99:93:1f:1b:48:69:f8:77:4e:9b:43:24:4e:7b:77:
                    79:96:c2:59:d3:d2:34:e8:83:aa:56:05:6e:a5:ad:
                    7e:2c:ad:5f:ba:19:d9:cd:72:b6:58:d1:a8:68:d5:
                    e0:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:83:6F:43:E0:9F:72:32:0E:B7:35:92:A1:7B:18:82:2B:53:81:56
            X509v3 Authority Key Identifier:
                keyid:86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/p4NvQ-CfcjIOtzWSoXsYgitTgVY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.246.254.0/23
                  195.248.244.0/23

    Signature Algorithm: sha256WithRSAEncryption
         73:94:1b:76:9a:fd:f3:00:82:ec:f8:b9:df:92:a6:ad:25:26:
         6d:d5:77:54:36:aa:d9:c8:65:8b:2c:a6:d9:a2:d1:8e:d2:b9:
         c6:6e:89:af:83:f5:b4:75:32:4f:fe:37:fd:7b:5b:60:05:b4:
         00:31:15:ae:e3:4c:4b:f6:2e:e9:37:6f:c9:41:98:1f:67:4d:
         86:0e:a1:67:e6:d9:88:e9:ac:54:82:3b:31:d4:24:aa:48:0e:
         08:a0:a8:5f:13:f1:14:e3:e5:e6:86:fa:84:90:17:6f:e8:5d:
         23:03:f5:87:e7:48:a4:3e:bd:05:24:2e:a4:9c:03:25:c9:dc:
         9a:27:92:f0:cd:5c:09:11:5a:15:6e:08:68:40:bd:10:0b:f1:
         fd:43:94:2c:87:e6:02:39:7e:09:9c:f8:be:52:ed:4d:8b:85:
         cb:e2:93:7f:fc:46:52:48:22:59:0f:19:4b:65:fc:e3:b2:dc:
         fd:0f:c2:90:dd:c6:80:5f:e7:b3:ca:fc:6e:92:26:4e:92:78:
         2b:6b:7e:30:15:7b:3a:0d:55:3b:02:78:82:8a:c1:c3:a2:10:
         5a:12:f2:11:7e:49:2b:b8:92:3b:68:22:72:71:b1:66:3d:c1:
         50:08:af:a3:40:fb:d2:af:36:53:0b:72:88:74:77:47:2f:99:
         a7:6d:b7:80
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBrSzzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmE5ZjNhZTQ1ZjcwMTUwYWYxN2ViODc4OWU5Nzg4OTAyOWVlNWQzMB4XDTIyMDEw
MTEyMDIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTc4MzZmNDNlMDlm
NzIzMjBlYjczNTkyYTE3YjE4ODIyYjUzODE1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANcd/JU//aNl6SyuVyXfXjm7Qw7ELNIIXRWAFTNPhZZ2B2tk
6yLCwGb8DrfDXyKHN9KGg7CJXldm8bV7mjOY9r/8KVzZE1G3kjGIjBjfmrZI7ASN
KhV+eT3cn07fqUWTwy/ujeYFqn6GZILZ2+wuU7ZmFOAXFCFjJpm7GQfLJtU5tPwa
lIRepyMWNp9UlPYNGEPFSiLin0QWNL8fFiLM90xaLZc1zzwYuaT6nV0uWH5npN/X
XI9WSvsWXVHNS5kcPcqeCNP4Z7UrI6CgdIIpAz+WmZMfG0hp+HdOm0MkTnt3eZbC
WdPSNOiDqlYFbqWtfiytX7oZ2c1ytljRqGjV4IMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSng29D4J9yMg63NZKhexiCK1OBVjAfBgNVHSMEGDAWgBSGqfOuRfcBUK8X
64eJ6XiJAp7l0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hxbnpya1gzQVZDdkYtdUhpZWw0aVFLZTVkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvMTMxMjc0LTczMzQtNDQ2Yi1hOTM1LTM0ODdhZTgyYjIwZC8x
L3A0TnZRLUNmY2pJT3R6V1NvWHNZZ2l0VGdWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
MTMxMjc0LTczMzQtNDQ2Yi1hOTM1LTM0ODdhZTgyYjIwZC8xL2hxbnpya1gzQVZD
dkYtdUhpZWw0aVFLZTVkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcP2/gMEAcP49DANBgkqhkiG9w0B
AQsFAAOCAQEAc5Qbdpr98wCC7Pi535KmrSUmbdV3VDaq2chliyym2aLRjtK5xm6J
r4P1tHUyT/43/XtbYAW0ADEVruNMS/Yu6TdvyUGYH2dNhg6hZ+bZiOmsVII7MdQk
qkgOCKCoXxPxFOPl5ob6hJAXb+hdIwP1h+dIpD69BSQupJwDJcncmieS8M1cCRFa
FW4IaEC9EAvx/UOULIfmAjl+CZz4vlLtTYuFy+KTf/xGUkgiWQ8ZS2X847Lc/Q/C
kN3GgF/ns8r8bpImTpJ4K2t+MBV7Og1VOwJ4gorBw6IQWhLyEX5JK7iSO2gicnGx
Zj3BUAivo0D70q82UwtyiHR3Ry+Zp223gA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:22 2024 by rpki-client on console-fra.rpki-client.org