Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5fb9fe-ddc7-4432-a4a3-16d9f7d074f3/1/53aGlVje8JG8L_joC6HJou1r1HI.roa
File:                     53aGlVje8JG8L_joC6HJou1r1HI.roa (raw, json)
Hash identifier:          RLRN0icQciVjaQA1x3qBsbQgzorcXvhEMfZNcpd+XaQ=
Subject key identifier:   E7:76:86:95:58:DE:F0:91:BC:2F:F8:E8:0B:A1:C9:A2:ED:6B:D4:72
Certificate issuer:       /CN=e8ca70c1fc95b9b1e9dc7775455badb9214f91d0
Certificate serial:       05326A03
Authority key identifier: E8:CA:70:C1:FC:95:B9:B1:E9:DC:77:75:45:5B:AD:B9:21:4F:91:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6MpwwfyVubHp3Hd1RVutuSFPkdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/5fb9fe-ddc7-4432-a4a3-16d9f7d074f3/1/53aGlVje8JG8L_joC6HJou1r1HI.roa
Signing time:             Sat 01 Jan 2022 10:57:37 +0000
ROA not before:           Sat 01 Jan 2022 10:57:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9136
IP address blocks:        194.39.104.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 87190019 (0x5326a03)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8ca70c1fc95b9b1e9dc7775455badb9214f91d0
        Validity
            Not Before: Jan  1 10:57:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e776869558def091bc2ff8e80ba1c9a2ed6bd472
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:4e:a2:64:27:0c:c9:d0:67:e0:22:c5:94:14:
                    d6:55:eb:af:0f:48:f4:b7:2b:16:5c:34:58:5c:da:
                    b2:e7:4c:cb:e4:04:13:de:8a:37:f6:ed:84:01:d7:
                    97:c2:5a:17:1e:6b:c9:2c:91:d9:53:c1:dd:49:7c:
                    39:37:0c:20:1d:e5:b1:7e:f6:9f:d2:d1:a1:bf:b8:
                    1c:0c:66:e1:75:a4:f4:2a:fe:58:81:07:30:67:47:
                    a4:09:22:7f:c7:be:62:8b:3a:c1:1f:b6:36:cb:b9:
                    5f:d1:7c:84:a7:da:4e:ba:26:c0:11:05:f5:af:2a:
                    3d:94:d0:6d:0a:12:4c:da:7f:7c:6a:41:0b:fa:86:
                    df:40:c7:ce:e4:33:b7:54:f5:79:ff:47:a7:d5:69:
                    57:09:6e:60:02:19:a4:a5:8c:9a:bf:8a:da:4c:20:
                    c4:8c:b5:5b:89:c8:d3:ec:f2:27:11:90:b8:fd:c8:
                    4d:a4:03:7a:b3:b9:23:53:8e:5c:e2:66:43:84:aa:
                    cb:20:57:50:73:58:d9:a2:5c:8a:65:8d:d2:33:25:
                    87:4a:49:93:5e:24:94:d7:fe:51:8e:f6:19:21:f0:
                    24:4d:21:3e:d7:4f:2b:00:7f:b1:17:69:20:c7:49:
                    d3:52:a1:8c:56:cf:19:c4:05:60:a9:6c:f6:73:f5:
                    ad:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:76:86:95:58:DE:F0:91:BC:2F:F8:E8:0B:A1:C9:A2:ED:6B:D4:72
            X509v3 Authority Key Identifier:
                keyid:E8:CA:70:C1:FC:95:B9:B1:E9:DC:77:75:45:5B:AD:B9:21:4F:91:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MpwwfyVubHp3Hd1RVutuSFPkdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5fb9fe-ddc7-4432-a4a3-16d9f7d074f3/1/53aGlVje8JG8L_joC6HJou1r1HI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5fb9fe-ddc7-4432-a4a3-16d9f7d074f3/1/6MpwwfyVubHp3Hd1RVutuSFPkdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.39.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:d9:9b:c4:8c:51:94:e3:65:44:ca:8f:81:41:83:00:18:08:
         7e:35:66:50:ce:32:0b:08:a1:b8:f8:7e:9b:ab:51:51:69:d8:
         ab:85:ca:c5:06:f6:10:f4:2e:6e:31:f8:a1:ba:94:ca:ba:e0:
         a6:8d:4b:9d:0c:1e:45:68:96:52:29:f1:e1:ba:2d:49:4c:32:
         99:e0:0a:dd:46:0a:a6:73:80:75:53:51:92:19:b9:12:b3:66:
         d8:62:1d:2a:cf:78:21:81:34:de:88:0b:58:9e:af:08:ff:76:
         cb:9a:01:97:e3:2e:74:c8:27:0c:f1:a6:23:6b:81:fc:9d:7f:
         94:55:7d:f6:75:8a:fc:26:3e:fb:92:12:d3:a7:72:19:0f:3b:
         d7:b1:43:47:ae:a4:b5:73:f4:df:eb:2b:5a:4f:03:78:1e:df:
         82:da:4b:84:73:17:b2:82:a3:4c:a6:7c:67:a1:91:c9:8e:02:
         6c:89:e6:5e:da:d3:84:73:14:8a:22:3d:c5:ad:a9:dc:cd:33:
         95:11:48:44:b2:14:bc:7a:43:67:72:f8:51:24:89:04:ca:9b:
         56:90:94:16:12:ba:15:41:16:e2:83:d4:93:70:cd:6f:ee:9a:
         40:96:d9:bb:7d:f6:42:55:ce:9d:9a:4d:9c:02:90:05:cb:0c:
         3e:71:93:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBTJqAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGNhNzBjMWZjOTViOWIxZTlkYzc3NzU0NTViYWRiOTIxNGY5MWQwMB4XDTIyMDEw
MTEwNTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTc3Njg2OTU1OGRl
ZjA5MWJjMmZmOGU4MGJhMWM5YTJlZDZiZDQ3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN5OomQnDMnQZ+AixZQU1lXrrw9I9LcrFlw0WFzasudMy+QE
E96KN/bthAHXl8JaFx5rySyR2VPB3Ul8OTcMIB3lsX72n9LRob+4HAxm4XWk9Cr+
WIEHMGdHpAkif8e+Yos6wR+2Nsu5X9F8hKfaTromwBEF9a8qPZTQbQoSTNp/fGpB
C/qG30DHzuQzt1T1ef9Hp9VpVwluYAIZpKWMmr+K2kwgxIy1W4nI0+zyJxGQuP3I
TaQDerO5I1OOXOJmQ4SqyyBXUHNY2aJcimWN0jMlh0pJk14klNf+UY72GSHwJE0h
PtdPKwB/sRdpIMdJ01KhjFbPGcQFYKls9nP1rVMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTndoaVWN7wkbwv+OgLocmi7WvUcjAfBgNVHSMEGDAWgBToynDB/JW5senc
d3VFW625IU+R0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZNcHd3ZnlWdWJIcDNIZDFSVnV0dVNGUGtkQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNWZiOWZlLWRkYzctNDQzMi1hNGEzLTE2ZDlmN2QwNzRmMy8x
LzUzYUdsVmplOEpHOExfam9DNkhKb3UxcjFISS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NWZiOWZlLWRkYzctNDQzMi1hNGEzLTE2ZDlmN2QwNzRmMy8xLzZNcHd3ZnlWdWJI
cDNIZDFSVnV0dVNGUGtkQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsInaDANBgkqhkiG9w0BAQsFAAOC
AQEATtmbxIxRlONlRMqPgUGDABgIfjVmUM4yCwihuPh+m6tRUWnYq4XKxQb2EPQu
bjH4obqUyrrgpo1LnQweRWiWUinx4botSUwymeAK3UYKpnOAdVNRkhm5ErNm2GId
Ks94IYE03ogLWJ6vCP92y5oBl+MudMgnDPGmI2uB/J1/lFV99nWK/CY++5IS06dy
GQ8717FDR66ktXP03+srWk8DeB7fgtpLhHMXsoKjTKZ8Z6GRyY4CbInmXtrThHMU
iiI9xa2p3M0zlRFIRLIUvHpDZ3L4USSJBMqbVpCUFhK6FUEW4oPUk3DNb+6aQJbZ
u332QlXOnZpNnAKQBcsMPnGTCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:36 2024 by rpki-client on console-ams.rpki-client.org