Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/yHddlRmtjl0Y8Pv-JgF6YpFaez0.roa
File:                     yHddlRmtjl0Y8Pv-JgF6YpFaez0.roa (raw, json)
Hash identifier:          jLo2brkK7c+7+htkJRSSm22C1mRmqgAxSTW/6H3TSAc=
Subject key identifier:   C8:77:5D:95:19:AD:8E:5D:18:F0:FB:FE:26:01:7A:62:91:5A:7B:3D
Certificate issuer:       /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial:       086F4B6F
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/yHddlRmtjl0Y8Pv-JgF6YpFaez0.roa
Signing time:             Sat 01 Jan 2022 00:53:28 +0000
ROA not before:           Sat 01 Jan 2022 00:53:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24984
IP address blocks:        194.176.60.0/24 maxlen: 24
                          195.12.178.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141511535 (0x86f4b6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
        Validity
            Not Before: Jan  1 00:53:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c8775d9519ad8e5d18f0fbfe26017a62915a7b3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:cc:d6:f8:e3:da:eb:7b:76:e3:fd:71:2f:39:
                    27:5f:51:c4:4d:b8:cd:ec:9d:8c:83:b9:96:5c:43:
                    39:66:f5:a7:08:ea:6d:5b:9f:64:51:8d:c6:7a:69:
                    7e:2e:64:4a:22:52:d6:6d:2c:32:c4:3c:b0:38:04:
                    65:9b:af:d5:ca:72:97:61:8f:06:57:e7:03:a9:33:
                    bc:fd:ca:ae:70:e7:5d:15:d1:ca:9c:22:d6:7a:23:
                    fe:e3:44:45:ec:d0:2c:bb:94:26:52:ff:1d:0a:9d:
                    de:3e:17:a9:b4:0e:3d:0c:69:31:82:1f:f2:0b:32:
                    97:c9:d7:b5:d8:31:34:90:cb:b8:da:06:78:ee:4c:
                    64:94:d9:17:61:23:3c:90:31:16:89:0b:be:20:38:
                    62:60:93:9e:a8:91:d1:5a:2d:58:eb:7d:c4:65:31:
                    bd:7a:63:c2:85:bf:68:58:d4:57:cb:1e:50:0e:67:
                    7e:70:e2:d9:f4:54:32:f3:58:87:27:35:aa:82:a3:
                    ad:f3:44:95:3d:fd:0d:e4:77:da:35:52:81:5c:cc:
                    e2:22:88:92:e8:07:9a:cf:9e:08:5a:2d:39:af:27:
                    bb:04:7f:29:a3:d5:2a:dc:e4:13:21:db:ab:0b:82:
                    90:4c:50:0a:17:89:53:0a:92:93:98:8a:30:cb:68:
                    37:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:77:5D:95:19:AD:8E:5D:18:F0:FB:FE:26:01:7A:62:91:5A:7B:3D
            X509v3 Authority Key Identifier:
                keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/yHddlRmtjl0Y8Pv-JgF6YpFaez0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.176.60.0/24
                  195.12.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:3e:f0:2f:f4:51:be:aa:e8:38:5c:cf:08:dc:70:fb:e6:b5:
         2a:04:53:7f:1e:e6:55:91:53:9f:68:c4:87:17:b9:d4:fc:76:
         52:72:63:7f:d4:38:e5:c5:d4:25:64:28:37:27:1c:39:77:8e:
         a7:ac:03:e6:9d:a2:fe:b7:98:f2:6f:17:91:77:59:54:93:b4:
         6b:6f:32:0a:24:18:03:82:81:0a:ba:18:78:92:a3:97:29:92:
         b3:7b:05:a6:e2:53:6f:a1:79:a1:a9:0b:3e:55:cc:0f:c4:74:
         cc:b3:b7:78:ee:3b:e0:00:ac:4f:09:d4:01:74:13:1a:e0:0a:
         d4:3b:24:9b:ad:b2:b8:50:71:d4:63:21:9e:35:f4:08:c7:d4:
         c0:d3:c0:58:40:67:95:47:2b:60:32:e5:e0:d7:76:7c:67:2b:
         78:af:bc:92:15:14:9e:8e:73:d6:56:53:b4:86:fc:d6:d1:f9:
         a9:75:64:80:e3:f9:99:f9:da:0b:00:e8:14:da:9b:5b:72:51:
         c4:6e:15:a4:7f:ae:59:db:b7:ea:a9:56:eb:3c:87:c6:f5:45:
         94:d5:5b:f0:20:bd:30:f0:6c:97:d3:c9:b3:37:f1:15:b1:b7:
         ae:ed:b9:59:52:6c:3f:25:64:c4:fd:e7:75:17:90:31:16:2f:
         a0:6e:e5:a6
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECG9LbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjk4NzI0NDYxMWI1MjMwNTM2NzQ0YjZhODlmMDQ0ZjMyZjQ2MmVhMB4XDTIyMDEw
MTAwNTMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg3NzVkOTUxOWFk
OGU1ZDE4ZjBmYmZlMjYwMTdhNjI5MTVhN2IzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjM1vjj2ut7duP9cS85J19RxE24zeydjIO5llxDOWb1pwjq
bVufZFGNxnppfi5kSiJS1m0sMsQ8sDgEZZuv1cpyl2GPBlfnA6kzvP3KrnDnXRXR
ypwi1noj/uNERezQLLuUJlL/HQqd3j4XqbQOPQxpMYIf8gsyl8nXtdgxNJDLuNoG
eO5MZJTZF2EjPJAxFokLviA4YmCTnqiR0VotWOt9xGUxvXpjwoW/aFjUV8seUA5n
fnDi2fRUMvNYhyc1qoKjrfNElT39DeR32jVSgVzM4iKIkugHms+eCFotOa8nuwR/
KaPVKtzkEyHbqwuCkExQCheJUwqSk5iKMMtoN3UCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTId12VGa2OXRjw+/4mAXpikVp7PTAfBgNVHSMEGDAWgBT7mHJEYRtSMFNn
RLaonwRPMvRi6jAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ0LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEv
MS95SGRkbFJtdGpsMFk4UHYtSmdGNllwRmFlejAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0
LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEvMS8xLTVoeVJHRWJV
akJUWjBTMnFKOEVUekwwWXVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwrA8AwQAwwyyMA0GCSqGSIb3
DQEBCwUAA4IBAQAxPvAv9FG+qug4XM8I3HD75rUqBFN/HuZVkVOfaMSHF7nU/HZS
cmN/1DjlxdQlZCg3Jxw5d46nrAPmnaL+t5jybxeRd1lUk7RrbzIKJBgDgoEKuhh4
kqOXKZKzewWm4lNvoXmhqQs+VcwPxHTMs7d47jvgAKxPCdQBdBMa4ArUOySbrbK4
UHHUYyGeNfQIx9TA08BYQGeVRytgMuXg13Z8Zyt4r7ySFRSejnPWVlO0hvzW0fmp
dWSA4/mZ+doLAOgU2ptbclHEbhWkf65Z27fqqVbrPIfG9UWU1VvwIL0w8GyX08mz
N/EVsbeu7blZUmw/JWTE/ed1F5AxFi+gbuWm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:18 2024 by rpki-client on console-fra.rpki-client.org