Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/DIT6F0HWM7ZjG59QZd7h9CgLJHs.roa
File:                     DIT6F0HWM7ZjG59QZd7h9CgLJHs.roa (raw, json)
Hash identifier:          xFdDHcGEffXdhPcDt9i6tQOrzzJCn6RkEEDIsTQE8Nk=
Subject key identifier:   0C:84:FA:17:41:D6:33:B6:63:1B:9F:50:65:DE:E1:F4:28:0B:24:7B
Certificate issuer:       /CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Certificate serial:       06A62D32
Authority key identifier: F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/DIT6F0HWM7ZjG59QZd7h9CgLJHs.roa
Signing time:             Sat 01 Jan 2022 09:54:40 +0000
ROA not before:           Sat 01 Jan 2022 09:54:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43366
IP address blocks:        195.35.114.0/23 maxlen: 24
                          185.103.76.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 111553842 (0x6a62d32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
        Validity
            Not Before: Jan  1 09:54:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c84fa1741d633b6631b9f5065dee1f4280b247b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:5a:33:0f:1e:c0:64:18:d9:13:cb:e6:97:71:
                    31:eb:89:e0:92:4b:b1:83:4d:d1:4c:c1:2b:c6:08:
                    9c:3f:a1:a2:dc:8c:5b:46:fa:b7:ae:8e:5f:9c:16:
                    be:c6:36:5d:7f:e1:2d:32:7b:65:81:c4:b3:bc:e7:
                    95:b0:1c:d8:e1:c7:28:17:59:8e:52:2b:b4:ec:ee:
                    14:1b:74:63:26:30:6e:f5:4f:ff:e8:c8:20:d0:08:
                    6a:cb:5e:b8:2f:e3:af:87:64:9c:33:32:00:c5:1e:
                    47:ad:99:ab:55:96:6b:a4:35:54:fa:ea:b6:3c:b7:
                    df:81:96:3d:fc:32:79:94:65:07:29:1a:a1:d1:67:
                    d3:cf:94:fe:cf:db:72:05:a8:ad:af:84:bc:32:3d:
                    c6:86:be:68:25:62:27:14:67:ba:5a:ea:31:a7:89:
                    51:be:45:cb:12:fa:4c:64:8d:f4:f1:de:9b:f6:3a:
                    a2:93:46:b5:f1:da:ea:fe:6a:77:f5:69:ad:13:93:
                    e9:2c:f3:ee:45:b9:9f:45:61:dc:5a:04:3f:97:78:
                    36:12:30:7a:da:fb:4c:3b:5b:07:8f:e8:86:b3:c8:
                    e6:28:ea:88:0d:76:43:aa:21:95:9d:13:8b:a3:6b:
                    61:43:7e:7a:34:06:1b:72:e1:03:5d:73:3f:ff:0d:
                    64:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:84:FA:17:41:D6:33:B6:63:1B:9F:50:65:DE:E1:F4:28:0B:24:7B
            X509v3 Authority Key Identifier:
                keyid:F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/DIT6F0HWM7ZjG59QZd7h9CgLJHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.103.76.0/22
                  195.35.114.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:97:50:b4:87:32:87:2b:3a:25:7a:c6:f9:05:5a:73:a1:5d:
         8c:9a:db:4c:d6:36:7a:5f:8f:99:ee:79:ef:c6:7a:22:b0:0f:
         e5:0c:fb:96:4b:37:27:2d:9b:1c:9e:35:7b:76:ac:15:e2:a7:
         bc:8d:25:22:df:cc:eb:8f:6e:31:fa:6c:52:bd:cb:dd:df:6b:
         69:b0:f5:1f:d0:11:9a:ae:d4:1f:39:13:f9:4d:66:ff:e6:5a:
         5c:9d:36:b8:e1:a5:ad:34:00:92:ff:34:53:5e:9c:e9:ad:45:
         e9:a9:4f:97:fc:d8:e1:43:f6:72:de:d5:56:35:80:5d:c8:d2:
         e0:71:71:cb:18:67:56:20:78:92:35:97:2e:7b:51:32:e9:b1:
         2f:6b:6c:75:6f:ad:e9:34:c7:b6:7f:40:57:be:b3:f6:b8:21:
         e6:f5:8c:00:c1:97:37:80:86:49:62:90:fa:6c:85:1e:43:77:
         ac:2b:4f:9c:32:f4:13:46:b0:b0:83:96:9a:b3:04:65:38:3b:
         8b:9c:3c:1f:56:ba:a6:37:ea:95:28:ed:e1:a1:d5:ab:d2:48:
         13:85:1f:12:c2:8b:21:08:1e:fc:91:83:19:d5:1d:b6:c5:03:
         f1:41:2e:b1:8a:3c:db:70:8e:bb:63:92:c0:3a:b8:ac:06:c6:
         eb:3e:04:db
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBqYtMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTZiMjA0OWIzYTlhYTZmMjM2OGU2ZWViNGJmY2QxNjc5NTNhNWU5MB4XDTIyMDEw
MTA5NTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM4NGZhMTc0MWQ2
MzNiNjYzMWI5ZjUwNjVkZWUxZjQyODBiMjQ3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZaMw8ewGQY2RPL5pdxMeuJ4JJLsYNN0UzBK8YInD+hotyM
W0b6t66OX5wWvsY2XX/hLTJ7ZYHEs7znlbAc2OHHKBdZjlIrtOzuFBt0YyYwbvVP
/+jIINAIasteuC/jr4dknDMyAMUeR62Zq1WWa6Q1VPrqtjy334GWPfwyeZRlByka
odFn08+U/s/bcgWora+EvDI9xoa+aCViJxRnulrqMaeJUb5FyxL6TGSN9PHem/Y6
opNGtfHa6v5qd/VprROT6Szz7kW5n0Vh3FoEP5d4NhIwetr7TDtbB4/ohrPI5ijq
iA12Q6ohlZ0Ti6NrYUN+ejQGG3LhA11zP/8NZMMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQMhPoXQdYztmMbn1Bl3uH0KAskezAfBgNVHSMEGDAWgBT1ayBJs6mqbyNo
5u60v80WeVOl6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlXc2dTYk9wcW04amFPYnV0TF9ORm5sVHBlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvZDFhNzFjLWI4ZjgtNDEyZC05ZGExLTI0MDFiNzQyMDZmMy8x
L0RJVDZGMEhXTTdaakc1OVFaZDdoOUNnTEpIcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
ZDFhNzFjLWI4ZjgtNDEyZC05ZGExLTI0MDFiNzQyMDZmMy8xLzlXc2dTYk9wcW04
amFPYnV0TF9ORm5sVHBlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlnTAMEAcMjcjANBgkqhkiG9w0B
AQsFAAOCAQEAN5dQtIcyhys6JXrG+QVac6FdjJrbTNY2el+Pme5578Z6IrAP5Qz7
lks3Jy2bHJ41e3asFeKnvI0lIt/M649uMfpsUr3L3d9rabD1H9ARmq7UHzkT+U1m
/+ZaXJ02uOGlrTQAkv80U16c6a1F6alPl/zY4UP2ct7VVjWAXcjS4HFxyxhnViB4
kjWXLntRMumxL2tsdW+t6TTHtn9AV76z9rgh5vWMAMGXN4CGSWKQ+myFHkN3rCtP
nDL0E0awsIOWmrMEZTg7i5w8H1a6pjfqlSjt4aHVq9JIE4UfEsKLIQge/JGDGdUd
tsUD8UEusYo823COu2OSwDq4rAbG6z4E2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:07 2024 by rpki-client on console-fra.rpki-client.org