Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/eJM5bwyWmgmZt6DsCHG_arddf0A.roa
File:                     eJM5bwyWmgmZt6DsCHG_arddf0A.roa (raw, json)
Hash identifier:          Smj/e9i69IiSz59lkoCPx0XHMVvxEW7iT7en2nmt9D8=
Subject key identifier:   78:93:39:6F:0C:96:9A:09:99:B7:A0:EC:08:71:BF:6A:B7:5D:7F:40
Certificate issuer:       /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial:       0807DE77
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/eJM5bwyWmgmZt6DsCHG_arddf0A.roa
Signing time:             Sat 01 Jan 2022 10:04:23 +0000
ROA not before:           Sat 01 Jan 2022 10:04:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199881
IP address blocks:        89.234.132.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 134733431 (0x807de77)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
        Validity
            Not Before: Jan  1 10:04:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7893396f0c969a0999b7a0ec0871bf6ab75d7f40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:31:ff:ee:f4:94:7c:ce:f9:1f:f8:78:57:86:
                    8f:94:9b:4d:0f:36:f0:f8:b7:ba:de:d8:64:52:4c:
                    7b:9f:62:7c:20:08:cc:8a:ce:47:9a:7b:08:f5:9b:
                    3a:45:84:f9:ed:5e:2f:9d:00:9b:f9:f9:ce:d2:64:
                    b7:33:0c:1d:85:a7:c8:ce:98:e7:01:70:71:3e:eb:
                    c4:45:ba:51:02:0b:f8:cf:be:78:60:a8:0a:77:92:
                    50:5c:ec:f9:cb:d7:b2:21:c0:0b:6b:0a:ac:50:36:
                    bd:2e:1c:9e:fd:0c:67:e5:43:ed:da:8b:7f:b5:be:
                    e3:70:1e:2a:6d:85:49:72:11:75:28:06:a4:81:96:
                    2a:e0:fb:d0:45:0a:e5:b8:81:a5:6e:c9:1f:df:1f:
                    ef:b1:31:c6:60:ad:0d:d8:2d:2a:c6:7c:cf:26:d5:
                    57:09:1d:db:47:7d:b1:17:e8:5b:95:33:2f:6f:00:
                    f7:79:f0:32:b6:58:ae:2d:95:35:96:2b:34:0c:8e:
                    5d:5e:e8:61:3d:c6:a4:c3:96:83:5f:e9:cb:8b:d7:
                    c3:e9:ed:d5:36:82:cd:1d:5b:9c:6e:84:62:69:cd:
                    0c:b9:85:1b:59:9d:f6:81:3a:fe:e2:69:93:1e:75:
                    86:ec:ef:66:2c:78:df:68:ac:db:0b:26:ff:84:03:
                    a3:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:93:39:6F:0C:96:9A:09:99:B7:A0:EC:08:71:BF:6A:B7:5D:7F:40
            X509v3 Authority Key Identifier:
                keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/eJM5bwyWmgmZt6DsCHG_arddf0A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.234.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:db:69:b0:9e:bf:8c:34:23:84:74:4f:a8:4d:fd:98:8c:c7:
         38:da:0d:ca:b2:2d:0d:d5:87:0e:67:99:db:65:65:d8:62:8f:
         af:db:d8:68:dc:58:1d:d1:a9:01:61:6e:cc:0a:0e:8f:e2:d6:
         ee:c8:47:cf:25:de:74:30:24:e7:15:a9:d2:2e:d1:16:81:9c:
         03:0b:b7:86:94:e3:7a:39:96:e3:d1:dc:fd:2a:36:48:e3:d3:
         b4:26:2e:0c:42:24:ea:14:41:5b:e8:ec:13:7d:c5:79:de:c0:
         a5:11:56:c0:d7:27:0b:e7:b7:b2:08:e3:13:c0:96:0b:33:ab:
         fd:c9:bc:07:4e:41:73:a0:33:73:51:39:7e:3e:f3:ce:8a:06:
         b0:4f:ba:28:9c:c9:f5:c8:40:8e:36:f6:50:5f:f7:20:b8:fb:
         4a:af:65:8d:95:b1:c2:61:ce:e0:2a:a5:58:f5:fb:59:63:7b:
         c3:b3:9c:56:f1:b7:d9:68:7b:3d:73:d0:61:54:b9:4b:f0:5a:
         90:8f:bd:52:13:e8:17:6a:9b:8a:6f:6f:14:a6:75:2b:18:70:
         b0:db:9d:17:5b:39:2d:ca:a0:37:a9:0b:0f:d9:37:3a:53:70:
         13:af:66:20:85:39:65:72:05:9e:03:61:e9:f8:e1:ed:3c:4e:
         e2:d1:f0:85
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECAfedzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODI1NTRhODU2YTQyMmIwNjFhZTY0YzU3NzYzMGY5MWQ0MDhjZDRhMB4XDTIyMDEw
MTEwMDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg5MzM5NmYwYzk2
OWEwOTk5YjdhMGVjMDg3MWJmNmFiNzVkN2Y0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYx/+70lHzO+R/4eFeGj5SbTQ828Pi3ut7YZFJMe59ifCAI
zIrOR5p7CPWbOkWE+e1eL50Am/n5ztJktzMMHYWnyM6Y5wFwcT7rxEW6UQIL+M++
eGCoCneSUFzs+cvXsiHAC2sKrFA2vS4cnv0MZ+VD7dqLf7W+43AeKm2FSXIRdSgG
pIGWKuD70EUK5biBpW7JH98f77ExxmCtDdgtKsZ8zybVVwkd20d9sRfoW5UzL28A
93nwMrZYri2VNZYrNAyOXV7oYT3GpMOWg1/py4vXw+nt1TaCzR1bnG6EYmnNDLmF
G1md9oE6/uJpkx51huzvZix432is2wsm/4QDowcCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBR4kzlvDJaaCZm3oOwIcb9qt11/QDAfBgNVHSMEGDAWgBT4JVSoVqQisGGu
ZMV3Yw+R1AjNSjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzRmLzk0MzdhMi0wN2U2LTRlNmEtYWEzZi05NjVkNmQ2MDNiZmEv
MS9lSk01Ynd5V21nbVp0NkRzQ0hHX2FyZGRmMEEucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRm
Lzk0MzdhMi0wN2U2LTRlNmEtYWEzZi05NjVkNmQ2MDNiZmEvMS8xLUNWVXFGYWtJ
ckJocm1URmQyTVBrZFFJelVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWeqEMA0GCSqGSIb3DQEBCwUA
A4IBAQAR22mwnr+MNCOEdE+oTf2YjMc42g3Ksi0N1YcOZ5nbZWXYYo+v29ho3Fgd
0akBYW7MCg6P4tbuyEfPJd50MCTnFanSLtEWgZwDC7eGlON6OZbj0dz9KjZI49O0
Ji4MQiTqFEFb6OwTfcV53sClEVbA1ycL57eyCOMTwJYLM6v9ybwHTkFzoDNzUTl+
PvPOigawT7oonMn1yECONvZQX/cguPtKr2WNlbHCYc7gKqVY9ftZY3vDs5xW8bfZ
aHs9c9BhVLlL8FqQj71SE+gXapuKb28UpnUrGHCw250XWzktyqA3qQsP2Tc6U3AT
r2YghTllcgWeA2Hp+OHtPE7i0fCF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:03 2024 by rpki-client on console-fra.rpki-client.org