Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/205c19-b73a-48fe-a086-356c09380887/1/mErSlSfAd85rrpkAUvU0ACzVYuU.roa
File:                     mErSlSfAd85rrpkAUvU0ACzVYuU.roa (raw, json)
Hash identifier:          nYNKiFe1WZklzCq8t/Aew5rk9mZZPh+7PY9p62sl7Nk=
Subject key identifier:   98:4A:D2:95:27:C0:77:CE:6B:AE:99:00:52:F5:34:00:2C:D5:62:E5
Certificate issuer:       /CN=9f8e77e738313e6570684dd152c2e284332b2c5b
Certificate serial:       61D09C
Authority key identifier: 9F:8E:77:E7:38:31:3E:65:70:68:4D:D1:52:C2:E2:84:33:2B:2C:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n4535zgxPmVwaE3RUsLihDMrLFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/205c19-b73a-48fe-a086-356c09380887/1/mErSlSfAd85rrpkAUvU0ACzVYuU.roa
Signing time:             Sat 01 Jan 2022 02:58:02 +0000
ROA not before:           Sat 01 Jan 2022 02:58:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8412
IP address blocks:        193.227.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6410396 (0x61d09c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f8e77e738313e6570684dd152c2e284332b2c5b
        Validity
            Not Before: Jan  1 02:58:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=984ad29527c077ce6bae990052f534002cd562e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1e:6b:a0:52:89:12:69:59:5d:fb:55:a2:71:
                    d2:a8:a0:8c:ec:a8:f1:82:59:59:4a:ab:6b:7e:2e:
                    95:cd:18:29:fb:e2:3a:b4:9b:15:46:8a:95:f2:ca:
                    71:cd:89:bb:8b:fc:b7:0d:d0:b3:8e:23:5d:9f:1f:
                    6b:27:12:eb:60:76:77:a7:2e:51:82:cf:bb:85:6d:
                    59:49:a4:de:c5:2c:e6:0b:2d:61:c9:e6:a7:ab:f2:
                    3e:7a:96:b5:c6:f0:75:d9:03:a5:32:05:05:49:13:
                    7e:0e:03:4e:8d:ba:38:90:06:3c:0b:09:06:17:65:
                    ce:8d:ce:92:6b:ca:69:c5:9e:bb:f0:b3:79:65:3e:
                    dd:64:ad:89:ea:bd:76:87:91:a3:74:a9:07:4e:b6:
                    9a:e4:e8:f6:01:dc:78:8a:37:22:7a:98:a2:7d:e1:
                    26:32:56:26:d4:74:4c:01:bb:66:46:b5:ba:3c:ee:
                    fb:6a:e5:0b:18:90:48:b2:07:fc:44:2e:f3:8a:1f:
                    e3:b2:12:6a:24:57:94:7b:d5:d7:a3:9f:81:68:03:
                    e4:36:c5:22:e6:8f:6a:7d:3a:e7:21:a3:15:32:99:
                    6a:9b:b8:cc:16:07:9d:f3:36:c7:a8:9f:3a:32:b2:
                    14:d3:40:67:cf:12:98:3d:92:53:2c:68:2b:a2:11:
                    30:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:4A:D2:95:27:C0:77:CE:6B:AE:99:00:52:F5:34:00:2C:D5:62:E5
            X509v3 Authority Key Identifier:
                keyid:9F:8E:77:E7:38:31:3E:65:70:68:4D:D1:52:C2:E2:84:33:2B:2C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n4535zgxPmVwaE3RUsLihDMrLFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/205c19-b73a-48fe-a086-356c09380887/1/mErSlSfAd85rrpkAUvU0ACzVYuU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/205c19-b73a-48fe-a086-356c09380887/1/n4535zgxPmVwaE3RUsLihDMrLFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.227.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:6b:84:e4:05:70:1a:ae:78:2d:c6:6e:4e:86:65:f2:ee:b0:
         55:03:27:06:a2:cb:56:fd:ba:46:28:f4:f9:19:b5:02:a9:05:
         db:29:80:0c:c3:f9:f4:fe:35:87:71:4d:3a:de:35:47:ac:39:
         23:4e:48:e2:7a:9c:28:1b:aa:6b:04:5a:15:e7:04:f3:23:84:
         e8:eb:46:c1:ec:a0:07:9b:4b:a7:b5:6c:68:76:7c:07:05:2d:
         c5:81:1c:31:fb:03:b5:8d:96:26:f2:62:86:61:9d:0e:13:5b:
         ee:a0:62:37:63:09:68:2d:ae:e6:a1:38:86:af:e1:46:0a:0d:
         93:d4:d7:7b:77:ee:3d:c6:05:85:4d:45:9c:51:8b:ec:3d:10:
         ac:b9:ef:05:93:02:77:24:26:58:9c:60:6c:7e:72:73:5c:f0:
         57:37:36:7e:e9:2f:28:69:d8:26:77:a6:2c:c7:7b:c5:f3:92:
         4f:83:8f:24:20:4f:95:58:ef:15:e5:95:cc:ec:8f:19:3f:76:
         5b:e9:bd:b3:df:fc:2c:ed:bd:87:a9:2d:ca:97:60:82:3e:a3:
         97:08:54:2a:71:25:af:04:6a:d6:88:35:c8:b5:12:75:23:a7:
         0a:97:22:f8:25:be:21:5c:da:c3:93:d5:53:23:90:cd:91:c7:
         f0:6b:72:19
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDYdCcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlm
OGU3N2U3MzgzMTNlNjU3MDY4NGRkMTUyYzJlMjg0MzMyYjJjNWIwHhcNMjIwMTAx
MDI1ODAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ODRhZDI5NTI3YzA3
N2NlNmJhZTk5MDA1MmY1MzQwMDJjZDU2MmU1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArh5roFKJEmlZXftVonHSqKCM7KjxgllZSqtrfi6VzRgp++I6
tJsVRoqV8spxzYm7i/y3DdCzjiNdnx9rJxLrYHZ3py5Rgs+7hW1ZSaTexSzmCy1h
yeanq/I+epa1xvB12QOlMgUFSRN+DgNOjbo4kAY8CwkGF2XOjc6Sa8ppxZ678LN5
ZT7dZK2J6r12h5GjdKkHTraa5Oj2Adx4ijciepiifeEmMlYm1HRMAbtmRrW6PO77
auULGJBIsgf8RC7zih/jshJqJFeUe9XXo5+BaAPkNsUi5o9qfTrnIaMVMplqm7jM
Fged8zbHqJ86MrIU00BnzxKYPZJTLGgrohEweQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJhK0pUnwHfOa66ZAFL1NAAs1WLlMB8GA1UdIwQYMBaAFJ+Od+c4MT5lcGhN
0VLC4oQzKyxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bjQ1MzV6Z3hQbVZ3YUUzUlVzTGloRE1yTEZzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zZi8yMDVjMTktYjczYS00OGZlLWEwODYtMzU2YzA5MzgwODg3LzEv
bUVyU2xTZkFkODVycnBrQVV2VTBBQ3pWWXVVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8y
MDVjMTktYjczYS00OGZlLWEwODYtMzU2YzA5MzgwODg3LzEvbjQ1MzV6Z3hQbVZ3
YUUzUlVzTGloRE1yTEZzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAweNsMA0GCSqGSIb3DQEBCwUAA4IB
AQA2a4TkBXAarngtxm5OhmXy7rBVAycGostW/bpGKPT5GbUCqQXbKYAMw/n0/jWH
cU063jVHrDkjTkjiepwoG6prBFoV5wTzI4To60bB7KAHm0untWxodnwHBS3FgRwx
+wO1jZYm8mKGYZ0OE1vuoGI3YwloLa7moTiGr+FGCg2T1Nd7d+49xgWFTUWcUYvs
PRCsue8FkwJ3JCZYnGBsfnJzXPBXNzZ+6S8oadgmd6Ysx3vF85JPg48kIE+VWO8V
5ZXM7I8ZP3Zb6b2z3/ws7b2HqS3Kl2CCPqOXCFQqcSWvBGrWiDXItRJ1I6cKlyL4
Jb4hXNrDk9VTI5DNkcfwa3IZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:35 2024 by rpki-client on console-fra.rpki-client.org