Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/bgrGINlBU1V1vl9AzpD8Adfk3Nw.roa
File:                     bgrGINlBU1V1vl9AzpD8Adfk3Nw.roa (raw, json)
Hash identifier:          w3OkjtTBH07ZKunCowrQ9IhbxnGJEWdEYZDfh+9ZRh4=
Subject key identifier:   6E:0A:C6:20:D9:41:53:55:75:BE:5F:40:CE:90:FC:01:D7:E4:DC:DC
Certificate issuer:       /CN=51618df006d548d1d87ed6419550662db6fc0606
Certificate serial:       07BB9CEB
Authority key identifier: 51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/bgrGINlBU1V1vl9AzpD8Adfk3Nw.roa
Signing time:             Sat 01 Jan 2022 10:56:28 +0000
ROA not before:           Sat 01 Jan 2022 10:56:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211240
IP address blocks:        176.116.176.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129735915 (0x7bb9ceb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51618df006d548d1d87ed6419550662db6fc0606
        Validity
            Not Before: Jan  1 10:56:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e0ac620d941535575be5f40ce90fc01d7e4dcdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:2e:44:fa:85:75:cc:4d:c9:d9:b9:1e:e6:0c:
                    b0:08:56:17:4c:06:72:d2:ff:06:2f:2e:e4:46:26:
                    5e:a9:34:cc:e6:19:57:83:29:e0:b0:ce:ae:16:b8:
                    05:84:8c:f2:8e:e2:79:00:34:bf:6d:82:dd:40:cb:
                    43:39:cd:08:ed:81:b6:04:75:13:49:2c:b1:79:4d:
                    d4:c5:fe:20:7f:16:e5:7c:eb:62:a2:bc:e1:6f:7c:
                    51:4f:0b:ee:f1:49:08:98:49:ee:64:79:ce:f0:72:
                    ee:50:1d:54:a4:28:0a:5e:f6:3a:99:02:e6:c2:b3:
                    5c:17:c4:4a:c0:f7:81:5e:bd:89:96:d4:a8:87:e4:
                    75:e3:5e:01:b5:23:4f:92:5e:02:65:44:34:4f:82:
                    92:ea:b0:20:26:3c:d4:a2:46:73:36:b4:1a:66:42:
                    b0:30:07:5e:37:6b:83:b5:5a:73:fb:59:36:a1:f1:
                    db:ea:68:78:bc:09:01:82:b3:0f:fd:bc:47:72:28:
                    41:02:25:8d:5b:ba:a4:b1:61:08:5c:7e:f9:b0:fa:
                    ed:42:70:9d:20:c4:83:fc:75:f6:e8:26:74:4a:9b:
                    97:47:d6:e7:74:a3:d7:b8:be:c0:27:5d:67:ec:54:
                    84:6b:e2:36:a6:0d:b0:a1:df:a4:09:d8:a4:21:eb:
                    cd:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:0A:C6:20:D9:41:53:55:75:BE:5F:40:CE:90:FC:01:D7:E4:DC:DC
            X509v3 Authority Key Identifier:
                keyid:51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/bgrGINlBU1V1vl9AzpD8Adfk3Nw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/UWGN8AbVSNHYftZBlVBmLbb8BgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.116.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:59:a7:b5:af:39:c1:7b:05:23:58:a2:63:24:7b:64:f2:d5:
         d7:10:13:5d:b1:3a:cc:46:d7:c5:4e:80:52:a3:b6:34:a2:62:
         d7:b6:03:84:bc:99:8f:04:24:20:dd:77:aa:35:23:1e:3b:71:
         d9:8c:dc:ef:9c:76:92:ed:1d:a2:1a:32:e1:a2:49:95:98:a7:
         c7:c9:3c:ad:60:c5:cb:e9:05:91:44:ce:12:9f:bd:3c:09:b1:
         01:7f:2c:4c:0f:10:44:2d:1a:8f:4a:d8:be:16:86:88:6d:53:
         51:a5:47:57:ea:d9:d1:8a:04:fc:6f:df:dd:91:38:13:78:2a:
         d1:90:65:88:79:a2:a2:10:e2:e5:24:ba:8c:74:6d:13:f0:d6:
         3e:f8:8e:2b:a3:2a:f6:bb:da:a1:85:70:f8:96:c6:74:77:cb:
         c2:a8:86:cd:ba:22:67:44:7f:da:ce:ad:ee:a5:e6:f2:a8:f7:
         d2:25:8c:76:ed:63:44:b2:98:86:ec:64:9b:ed:0f:81:e1:74:
         64:8f:e4:87:8e:6a:54:69:d3:82:0d:54:86:5a:01:99:4c:88:
         db:92:90:bf:69:8f:05:31:51:65:90:6f:f4:39:fc:bb:d1:af:
         bc:b0:97:bf:60:01:cc:55:d6:75:64:00:26:44:81:5c:d2:ef:
         11:7e:7a:14
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7uc6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MTYxOGRmMDA2ZDU0OGQxZDg3ZWQ2NDE5NTUwNjYyZGI2ZmMwNjA2MB4XDTIyMDEw
MTEwNTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmUwYWM2MjBkOTQx
NTM1NTc1YmU1ZjQwY2U5MGZjMDFkN2U0ZGNkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkuRPqFdcxNydm5HuYMsAhWF0wGctL/Bi8u5EYmXqk0zOYZ
V4Mp4LDOrha4BYSM8o7ieQA0v22C3UDLQznNCO2BtgR1E0kssXlN1MX+IH8W5Xzr
YqK84W98UU8L7vFJCJhJ7mR5zvBy7lAdVKQoCl72OpkC5sKzXBfESsD3gV69iZbU
qIfkdeNeAbUjT5JeAmVENE+CkuqwICY81KJGcza0GmZCsDAHXjdrg7Vac/tZNqHx
2+poeLwJAYKzD/28R3IoQQIljVu6pLFhCFx++bD67UJwnSDEg/x19ugmdEqbl0fW
53Sj17i+wCddZ+xUhGviNqYNsKHfpAnYpCHrzd0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRuCsYg2UFTVXW+X0DOkPwB1+Tc3DAfBgNVHSMEGDAWgBRRYY3wBtVI0dh+
1kGVUGYttvwGBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VXR044QWJWU05IWWZ0WkJsVkJtTGJiOEJnWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvZDVmZmU3LTNiNDgtNGY4MC04ZDZhLTMxN2MyZmIwYTM1Yi8x
L2JnckdJTmxCVTFWMXZsOUF6cEQ4QWRmazNOdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
ZDVmZmU3LTNiNDgtNGY4MC04ZDZhLTMxN2MyZmIwYTM1Yi8xL1VXR044QWJWU05I
WWZ0WkJsVkJtTGJiOEJnWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB0sDANBgkqhkiG9w0BAQsFAAOC
AQEABVmnta85wXsFI1iiYyR7ZPLV1xATXbE6zEbXxU6AUqO2NKJi17YDhLyZjwQk
IN13qjUjHjtx2Yzc75x2ku0dohoy4aJJlZinx8k8rWDFy+kFkUTOEp+9PAmxAX8s
TA8QRC0aj0rYvhaGiG1TUaVHV+rZ0YoE/G/f3ZE4E3gq0ZBliHmiohDi5SS6jHRt
E/DWPviOK6Mq9rvaoYVw+JbGdHfLwqiGzboiZ0R/2s6t7qXm8qj30iWMdu1jRLKY
huxkm+0PgeF0ZI/kh45qVGnTgg1UhloBmUyI25KQv2mPBTFRZZBv9Dn8u9GvvLCX
v2ABzFXWdWQAJkSBXNLvEX56FA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org