Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/9df811-07dc-4fdf-9118-77fd4d1e5b26/1/R8lR1ICCf6ixk_vDM5V7g9IIEro.roa
File:                     R8lR1ICCf6ixk_vDM5V7g9IIEro.roa (raw, json)
Hash identifier:          Bc4372QRM2dRfl4rtGLfxoiuQfGmmTGNHyorQHD6gVI=
Subject key identifier:   47:C9:51:D4:80:82:7F:A8:B1:93:FB:C3:33:95:7B:83:D2:08:12:BA
Certificate issuer:       /CN=ff7276c4d8cfafc04c26f85fb34fd9ece4769695
Certificate serial:       01850AA0DEDCD668EFC90515B3FD4EFCCA90
Authority key identifier: FF:72:76:C4:D8:CF:AF:C0:4C:26:F8:5F:B3:4F:D9:EC:E4:76:96:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_3J2xNjPr8BMJvhfs0_Z7OR2lpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/9df811-07dc-4fdf-9118-77fd4d1e5b26/1/R8lR1ICCf6ixk_vDM5V7g9IIEro.roa
Signing time:             Tue 13 Dec 2022 08:36:33 +0000
ROA not before:           Tue 13 Dec 2022 08:36:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42876
IP address blocks:        194.60.243.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:0a:a0:de:dc:d6:68:ef:c9:05:15:b3:fd:4e:fc:ca:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff7276c4d8cfafc04c26f85fb34fd9ece4769695
        Validity
            Not Before: Dec 13 08:36:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=47c951d480827fa8b193fbc333957b83d20812ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c3:e0:6c:59:cb:8b:45:63:7e:aa:5d:c7:22:
                    65:9d:77:7f:50:b6:73:64:51:6e:1a:b6:b5:0e:ad:
                    e2:a5:e9:28:e1:ef:5a:8b:31:96:b1:8f:68:2d:98:
                    49:fc:db:d3:6a:f5:17:00:82:f1:91:af:1e:f5:ea:
                    91:d0:e0:22:d2:c2:32:51:77:4c:12:d2:21:43:3a:
                    49:22:86:84:80:7d:37:e2:29:52:f3:ca:2d:dc:25:
                    e8:17:18:08:04:56:d8:42:13:df:28:80:52:6a:bb:
                    3f:2e:48:64:a1:c2:51:da:fc:a4:e9:49:28:36:df:
                    4f:7a:86:4e:6a:f0:ca:99:60:e4:bc:d7:48:e9:1c:
                    f5:65:15:b3:4e:54:e6:93:f3:bf:df:39:56:7a:a4:
                    df:59:23:ad:4a:36:7e:0d:72:b8:c1:95:94:a9:a4:
                    df:fb:37:b0:e9:03:0b:03:52:f2:da:e4:49:2d:45:
                    6c:d4:12:87:d0:76:1d:15:82:d7:88:13:04:c4:a0:
                    d1:a0:50:a9:05:b9:44:de:2d:f0:6c:1b:65:f1:4d:
                    36:ff:2a:cd:3f:7d:06:a4:28:e4:5e:da:47:f2:be:
                    5f:67:ca:99:ff:f3:3f:39:71:05:8c:bf:11:4f:b5:
                    dd:1a:aa:1d:f4:d1:67:4e:c3:fe:e4:83:62:4d:bc:
                    2e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:C9:51:D4:80:82:7F:A8:B1:93:FB:C3:33:95:7B:83:D2:08:12:BA
            X509v3 Authority Key Identifier:
                keyid:FF:72:76:C4:D8:CF:AF:C0:4C:26:F8:5F:B3:4F:D9:EC:E4:76:96:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_3J2xNjPr8BMJvhfs0_Z7OR2lpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/9df811-07dc-4fdf-9118-77fd4d1e5b26/1/R8lR1ICCf6ixk_vDM5V7g9IIEro.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/9df811-07dc-4fdf-9118-77fd4d1e5b26/1/_3J2xNjPr8BMJvhfs0_Z7OR2lpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.60.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:2d:9c:fb:3d:72:23:9b:ab:5f:33:02:58:fc:40:27:eb:e1:
         db:69:f5:30:c7:b8:cc:02:a5:d2:c8:ed:53:2f:4f:b2:60:ae:
         ab:eb:67:2d:bf:7c:ac:7b:51:53:a6:d1:c1:d5:79:1d:7d:ad:
         9b:96:09:81:ea:f6:c9:2c:e0:01:de:4b:86:e0:16:39:a3:a1:
         88:90:8d:d3:0e:c8:e1:90:d4:4a:d6:53:3a:54:41:e9:2a:62:
         2b:a0:59:05:66:91:21:11:dd:60:dd:3b:ff:0b:2b:c7:6a:4d:
         31:da:84:ff:af:0d:8d:f5:79:f3:64:81:cd:b3:8f:ba:3f:58:
         35:7d:9c:6d:7f:27:52:b3:da:c9:83:24:25:27:21:2a:2b:74:
         1d:b3:f8:e9:25:06:51:64:9d:da:25:1b:47:7f:70:08:74:13:
         37:10:7e:a4:86:8b:7f:54:51:b2:dc:6e:59:17:83:72:31:e5:
         40:06:eb:33:30:83:00:64:16:e1:9f:98:2c:6b:ad:54:ad:56:
         43:43:b4:29:4e:a9:9d:fc:39:17:23:ca:15:89:5a:8f:42:76:
         e8:e9:fa:f3:3d:f9:12:12:fe:d5:38:f3:b9:9f:51:a0:3d:c7:
         1a:9c:20:12:94:7f:c7:cb:8d:ca:93:ea:04:f1:2f:39:f8:fd:
         43:db:ef:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUKoN7c1mjvyQUVs/1O/MqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNzI3NmM0ZDhjZmFmYzA0YzI2Zjg1ZmIzNGZkOWVjZTQ3
Njk2OTUwHhcNMjIxMjEzMDgzNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2M5NTFkNDgwODI3ZmE4YjE5M2ZiYzMzMzk1N2I4M2QyMDgxMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsPgbFnLi0VjfqpdxyJlnXd/ULZz
ZFFuGra1Dq3ipeko4e9aizGWsY9oLZhJ/NvTavUXAILxka8e9eqR0OAi0sIyUXdM
EtIhQzpJIoaEgH034ilS88ot3CXoFxgIBFbYQhPfKIBSars/LkhkocJR2vyk6Uko
Nt9PeoZOavDKmWDkvNdI6Rz1ZRWzTlTmk/O/3zlWeqTfWSOtSjZ+DXK4wZWUqaTf
+zew6QMLA1Ly2uRJLUVs1BKH0HYdFYLXiBMExKDRoFCpBblE3i3wbBtl8U02/yrN
P30GpCjkXtpH8r5fZ8qZ//M/OXEFjL8RT7XdGqod9NFnTsP+5INiTbwu0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfJUdSAgn+osZP7wzOVe4PSCBK6MB8GA1UdIwQY
MBaAFP9ydsTYz6/ATCb4X7NP2ezkdpaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzNKMnhOalByOEJNSnZoZnMwX1o3T1IybHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC85ZGY4MTEtMDdkYy00ZmRmLTkxMTgt
NzdmZDRkMWU1YjI2LzEvUjhsUjFJQ0NmNml4a192RE01VjdnOUlJRXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC85ZGY4MTEtMDdkYy00ZmRmLTkxMTgtNzdmZDRkMWU1YjI2
LzEvXzNKMnhOalByOEJNSnZoZnMwX1o3T1IybHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjzzMA0G
CSqGSIb3DQEBCwUAA4IBAQBALZz7PXIjm6tfMwJY/EAn6+HbafUwx7jMAqXSyO1T
L0+yYK6r62ctv3yse1FTptHB1Xkdfa2blgmB6vbJLOAB3kuG4BY5o6GIkI3TDsjh
kNRK1lM6VEHpKmIroFkFZpEhEd1g3Tv/CyvHak0x2oT/rw2N9XnzZIHNs4+6P1g1
fZxtfydSs9rJgyQlJyEqK3Qds/jpJQZRZJ3aJRtHf3AIdBM3EH6khot/VFGy3G5Z
F4NyMeVABuszMIMAZBbhn5gsa61UrVZDQ7QpTqmd/DkXI8oViVqPQnbo6frzPfkS
Ev7VOPO5n1GgPccanCASlH/Hy43Kk+oE8S85+P1D2+/M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:24 2024 by rpki-client on console-ams.rpki-client.org