Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/baOk1WsPWOwhFWRgvCbdBuZ_Xn8.roa
File:                     baOk1WsPWOwhFWRgvCbdBuZ_Xn8.roa (raw, json)
Hash identifier:          Pd/nj9+CVUbqlQdEHmmrXtvfxG4Z8cK229uwYNFxlSE=
Subject key identifier:   6D:A3:A4:D5:6B:0F:58:EC:21:15:64:60:BC:26:DD:06:E6:7F:5E:7F
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       1C3C2FE9
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/baOk1WsPWOwhFWRgvCbdBuZ_Xn8.roa
Signing time:             Sat 01 Jan 2022 07:55:36 +0000
ROA not before:           Sat 01 Jan 2022 07:55:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51561
IP address blocks:        195.178.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 473706473 (0x1c3c2fe9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: Jan  1 07:55:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6da3a4d56b0f58ec21156460bc26dd06e67f5e7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:25:4c:e0:84:5a:4f:67:a5:be:1d:27:67:f0:
                    0d:0d:1f:4a:d4:f3:5a:e1:ee:e4:b3:74:33:28:4b:
                    a6:98:bd:bd:33:60:03:d1:1e:b5:da:d3:6a:ce:b0:
                    c6:59:73:94:95:4f:ce:ca:b5:ca:cf:8d:62:f6:85:
                    56:c1:ff:00:11:cc:0b:83:85:05:fe:06:6f:84:c2:
                    39:d4:0f:27:5d:b5:93:6b:32:be:9f:87:1c:ea:f6:
                    b5:5b:59:e4:f3:45:b8:3d:0f:55:fe:06:5b:f4:2d:
                    29:48:1e:0b:c5:14:7c:39:5b:bf:e7:73:fd:bb:65:
                    55:f7:52:f3:70:e8:80:61:61:2e:fb:f9:aa:f2:be:
                    40:f0:ed:06:82:a4:26:50:47:1f:62:e3:89:70:d8:
                    99:35:09:da:2f:11:4e:5f:b4:e6:6a:c4:13:b8:9b:
                    2b:34:cc:e4:7c:56:5b:43:97:8d:17:1b:96:c2:82:
                    ae:c2:64:2f:18:da:82:5e:58:db:75:eb:f5:e7:d5:
                    f1:a9:14:a6:d9:fe:be:02:21:f2:80:3a:33:5a:b1:
                    6b:7f:2e:f6:9a:81:e9:68:d5:72:96:6f:62:cb:cc:
                    b9:ea:56:19:25:23:f9:ab:7e:80:fa:35:6f:9b:a6:
                    93:79:9c:92:82:f0:39:98:f1:13:da:3e:b2:01:ae:
                    01:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:A3:A4:D5:6B:0F:58:EC:21:15:64:60:BC:26:DD:06:E6:7F:5E:7F
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/baOk1WsPWOwhFWRgvCbdBuZ_Xn8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.178.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:1a:43:0d:04:0b:47:bb:6e:8a:6d:03:9d:fc:0f:c4:34:93:
         de:1c:93:f0:3b:c4:90:75:4e:52:af:95:ae:be:c0:47:6d:15:
         07:e6:57:2f:65:17:dd:f5:41:68:95:2c:7d:b7:09:fc:b5:dd:
         47:ca:b3:cb:99:19:ea:78:11:f2:bc:78:7f:48:05:66:2e:2b:
         a6:6d:6c:1c:76:f2:a5:1f:e9:31:2d:20:c1:4f:10:65:ae:2e:
         92:46:7b:e9:4c:61:e0:a1:e3:e3:58:f4:90:28:74:6d:50:fc:
         29:13:18:4c:5e:94:c7:a7:71:18:5b:c6:64:4b:0c:a8:8b:d8:
         87:2e:1b:cf:d8:4e:58:ca:06:e8:b7:33:f2:44:ef:5c:5a:34:
         2d:1d:3c:ce:ac:ae:9e:3e:a7:37:bf:1d:52:44:c1:d0:68:d0:
         6b:da:f5:cf:97:45:ec:d0:d0:51:5a:7b:ae:01:8e:34:d6:9f:
         13:55:bd:d8:bf:38:46:85:e2:d7:ea:73:76:68:fb:a9:b8:7a:
         27:ee:ca:ad:75:f6:59:d9:a4:d0:bd:30:2e:f2:10:f2:31:dc:
         c9:e9:96:85:80:e0:3c:d9:f9:8e:51:e3:1b:50:ea:64:06:6c:
         a1:10:16:62:60:0d:33:19:a8:f2:ce:ac:e0:3d:dc:b9:d8:91:
         7a:4d:e2:f6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHDwv6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDEw
MTA3NTUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRhM2E0ZDU2YjBm
NThlYzIxMTU2NDYwYmMyNmRkMDZlNjdmNWU3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJslTOCEWk9npb4dJ2fwDQ0fStTzWuHu5LN0MyhLppi9vTNg
A9EetdrTas6wxllzlJVPzsq1ys+NYvaFVsH/ABHMC4OFBf4Gb4TCOdQPJ121k2sy
vp+HHOr2tVtZ5PNFuD0PVf4GW/QtKUgeC8UUfDlbv+dz/btlVfdS83DogGFhLvv5
qvK+QPDtBoKkJlBHH2LjiXDYmTUJ2i8RTl+05mrEE7ibKzTM5HxWW0OXjRcblsKC
rsJkLxjagl5Y23Xr9efV8akUptn+vgIh8oA6M1qxa38u9pqB6WjVcpZvYsvMuepW
GSUj+at+gPo1b5umk3mckoLwOZjxE9o+sgGuAe8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRto6TVaw9Y7CEVZGC8Jt0G5n9efzAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
L2JhT2sxV3NQV093aEZXUmd2Q2JkQnVaX1huOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOynDANBgkqhkiG9w0BAQsFAAOC
AQEABBpDDQQLR7tuim0DnfwPxDST3hyT8DvEkHVOUq+Vrr7AR20VB+ZXL2UX3fVB
aJUsfbcJ/LXdR8qzy5kZ6ngR8rx4f0gFZi4rpm1sHHbypR/pMS0gwU8QZa4ukkZ7
6Uxh4KHj41j0kCh0bVD8KRMYTF6Ux6dxGFvGZEsMqIvYhy4bz9hOWMoG6Lcz8kTv
XFo0LR08zqyunj6nN78dUkTB0GjQa9r1z5dF7NDQUVp7rgGONNafE1W92L84RoXi
1+pzdmj7qbh6J+7KrXX2Wdmk0L0wLvIQ8jHcyemWhYDgPNn5jlHjG1DqZAZsoRAW
YmANMxmo8s6s4D3cudiRek3i9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org