Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/e6ac01-8bfb-4ef3-bfa7-e57440260be0/1/sI8H1WzkHGF-zFJeo084Pnt3vws.roa
File:                     sI8H1WzkHGF-zFJeo084Pnt3vws.roa (raw, json)
Hash identifier:          ryJ0AkCBYJrTi+XyScMmz8hbsuVqtS6pJp1UGM7DLGg=
Subject key identifier:   B0:8F:07:D5:6C:E4:1C:61:7E:CC:52:5E:A3:4F:38:3E:7B:77:BF:0B
Certificate issuer:       /CN=1d157824c638c718a07b535e0d824cb24afc070c
Certificate serial:       090F17E4
Authority key identifier: 1D:15:78:24:C6:38:C7:18:A0:7B:53:5E:0D:82:4C:B2:4A:FC:07:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRV4JMY4xxige1NeDYJMskr8Bww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/e6ac01-8bfb-4ef3-bfa7-e57440260be0/1/sI8H1WzkHGF-zFJeo084Pnt3vws.roa
Signing time:             Sat 01 Jan 2022 00:55:04 +0000
ROA not before:           Sat 01 Jan 2022 00:55:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211802
IP address blocks:        88.218.222.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 151984100 (0x90f17e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d157824c638c718a07b535e0d824cb24afc070c
        Validity
            Not Before: Jan  1 00:55:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b08f07d56ce41c617ecc525ea34f383e7b77bf0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2b:f5:bd:88:2b:3a:3e:d4:a6:e2:58:70:07:
                    a1:56:59:a2:d3:a8:2b:9d:c2:4e:ce:ac:a1:40:47:
                    50:37:cf:84:b0:b3:5c:e5:5f:f7:a8:89:85:4f:5f:
                    ab:26:31:e9:50:7e:b5:12:7a:1a:96:36:53:32:4a:
                    4e:06:3d:41:2c:a4:8f:6f:c0:40:e5:52:f3:86:0b:
                    73:5d:63:54:3f:cb:87:46:18:1b:02:7f:07:66:4c:
                    f4:83:dd:48:5a:44:c8:0e:67:49:34:ac:5e:59:33:
                    13:cb:0b:cc:45:11:98:b2:0e:ba:a0:fb:72:aa:b0:
                    ff:41:ec:66:4f:72:a5:f3:24:b7:29:b6:73:e9:5c:
                    6b:46:98:d6:a1:12:b8:25:f3:5d:82:4f:8d:a8:6e:
                    63:ba:a7:1f:7c:eb:c2:9e:1c:8e:4b:5e:9a:7e:07:
                    a8:22:52:21:06:54:13:8e:9e:08:66:42:d4:19:36:
                    50:58:52:56:9a:ce:ae:56:a8:e9:e1:82:ab:f8:b5:
                    0c:40:42:42:ff:06:39:f8:1d:4f:01:cf:46:f4:ae:
                    0c:28:49:1d:90:11:ff:e6:19:da:f3:03:57:ec:68:
                    eb:01:e0:9b:ea:30:c9:0c:63:a6:47:2f:51:b7:1e:
                    cd:ca:92:97:e0:ee:ac:a1:5b:62:92:84:f9:ab:98:
                    1a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:8F:07:D5:6C:E4:1C:61:7E:CC:52:5E:A3:4F:38:3E:7B:77:BF:0B
            X509v3 Authority Key Identifier:
                keyid:1D:15:78:24:C6:38:C7:18:A0:7B:53:5E:0D:82:4C:B2:4A:FC:07:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRV4JMY4xxige1NeDYJMskr8Bww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/e6ac01-8bfb-4ef3-bfa7-e57440260be0/1/sI8H1WzkHGF-zFJeo084Pnt3vws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/e6ac01-8bfb-4ef3-bfa7-e57440260be0/1/HRV4JMY4xxige1NeDYJMskr8Bww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:83:1b:34:87:be:5d:11:e0:d0:5f:9d:8a:a4:cc:dc:1b:19:
         35:b4:f1:b1:9f:1d:81:1c:c9:db:07:fc:a9:11:2c:69:ec:8d:
         fa:47:59:39:c4:01:3f:a8:8d:56:18:03:15:7e:6a:fe:6b:04:
         26:25:27:12:6b:1f:4d:2f:7e:be:e1:7a:db:a8:7c:73:c6:1c:
         ca:7c:b3:58:08:33:5e:22:08:83:52:0d:23:2c:27:66:36:11:
         f2:ac:2e:33:e7:fd:8a:86:bd:c3:1b:37:f3:9f:da:7f:a1:d9:
         a3:8f:49:24:dc:79:84:28:01:4d:2f:73:e4:a3:e7:7c:82:72:
         e0:92:7e:cc:75:d5:cb:c5:e1:a2:ff:cb:51:88:d1:df:8b:c1:
         27:e3:e6:ca:83:2f:ce:0a:b4:47:88:3b:1d:0f:08:20:db:9a:
         b1:e0:42:14:11:07:8a:fb:e4:5b:7d:66:eb:00:e7:ed:21:7b:
         14:6c:3c:10:72:f0:5c:38:23:a3:d9:c8:fe:a1:1d:9e:fd:b2:
         b4:ac:a3:ce:f0:ea:57:97:0f:3b:15:d7:f5:0c:c0:b5:82:92:
         58:2c:a4:e8:88:93:33:3b:10:84:55:cd:8a:5c:2f:5b:26:20:
         e7:25:e5:57:7f:8a:b8:a9:9b:38:e7:ac:94:bc:ae:43:6c:e5:
         12:18:2d:42
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECQ8X5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDE1NzgyNGM2MzhjNzE4YTA3YjUzNWUwZDgyNGNiMjRhZmMwNzBjMB4XDTIyMDEw
MTAwNTUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjA4ZjA3ZDU2Y2U0
MWM2MTdlY2M1MjVlYTM0ZjM4M2U3Yjc3YmYwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYr9b2IKzo+1KbiWHAHoVZZotOoK53CTs6soUBHUDfPhLCz
XOVf96iJhU9fqyYx6VB+tRJ6GpY2UzJKTgY9QSykj2/AQOVS84YLc11jVD/Lh0YY
GwJ/B2ZM9IPdSFpEyA5nSTSsXlkzE8sLzEURmLIOuqD7cqqw/0HsZk9ypfMktym2
c+lca0aY1qESuCXzXYJPjahuY7qnH3zrwp4cjktemn4HqCJSIQZUE46eCGZC1Bk2
UFhSVprOrlao6eGCq/i1DEBCQv8GOfgdTwHPRvSuDChJHZAR/+YZ2vMDV+xo6wHg
m+owyQxjpkcvUbcezcqSl+DurKFbYpKE+auYGh8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSwjwfVbOQcYX7MUl6jTzg+e3e/CzAfBgNVHSMEGDAWgBQdFXgkxjjHGKB7
U14NgkyySvwHDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hSVjRKTVk0eHhpZ2UxTmVEWUpNc2tyOEJ3dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvZTZhYzAxLThiZmItNGVmMy1iZmE3LWU1NzQ0MDI2MGJlMC8x
L3NJOEgxV3prSEdGLXpGSmVvMDg0UG50M3Z3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
ZTZhYzAxLThiZmItNGVmMy1iZmE3LWU1NzQ0MDI2MGJlMC8xL0hSVjRKTVk0eHhp
Z2UxTmVEWUpNc2tyOEJ3dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFja3jANBgkqhkiG9w0BAQsFAAOC
AQEAR4MbNIe+XRHg0F+diqTM3BsZNbTxsZ8dgRzJ2wf8qREsaeyN+kdZOcQBP6iN
VhgDFX5q/msEJiUnEmsfTS9+vuF626h8c8YcynyzWAgzXiIIg1INIywnZjYR8qwu
M+f9ioa9wxs385/af6HZo49JJNx5hCgBTS9z5KPnfIJy4JJ+zHXVy8Xhov/LUYjR
34vBJ+PmyoMvzgq0R4g7HQ8IINuaseBCFBEHivvkW31m6wDn7SF7FGw8EHLwXDgj
o9nI/qEdnv2ytKyjzvDqV5cPOxXX9QzAtYKSWCyk6IiTMzsQhFXNilwvWyYg5yXl
V3+KuKmbOOeslLyuQ2zlEhgtQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:25 2024 by rpki-client on console-ams.rpki-client.org