Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/s6pgyakn53dHQ2XB-G8EQRDbb1M.roa
File:                     s6pgyakn53dHQ2XB-G8EQRDbb1M.roa (raw, json)
Hash identifier:          SCFHvH+cgh7C5Y32aPOrsV6yYJEkYfUacR9Ea3heVkQ=
Subject key identifier:   B3:AA:60:C9:A9:27:E7:77:47:43:65:C1:F8:6F:04:41:10:DB:6F:53
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       018A40878BF425E06077C4E8DF0C6E986425
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/s6pgyakn53dHQ2XB-G8EQRDbb1M.roa
Signing time:             Tue 29 Aug 2023 09:02:19 +0000
ROA not before:           Tue 29 Aug 2023 09:02:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        195.178.147.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:40:87:8b:f4:25:e0:60:77:c4:e8:df:0c:6e:98:64:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: Aug 29 09:02:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3aa60c9a927e777474365c1f86f044110db6f53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:ca:c1:83:1b:e0:3d:8b:37:64:cf:5d:3e:31:
                    d5:8f:c2:e5:f4:15:18:95:79:8f:9f:ca:a3:86:0c:
                    16:d1:cb:46:34:df:d6:d0:86:f4:78:fe:bc:51:76:
                    65:c1:6f:c2:b5:bd:8d:12:3c:0c:49:8c:d3:85:79:
                    e8:2f:bc:be:21:23:55:9a:5e:86:5c:46:7b:64:74:
                    3d:62:a1:ac:8d:ca:1b:ef:76:e1:25:5b:2e:b2:fd:
                    08:31:92:b5:4e:8e:aa:cc:81:54:3b:5e:8a:14:4c:
                    50:2a:f4:c7:08:ab:f5:4a:48:c2:d4:3b:c9:4a:23:
                    6c:84:e4:37:d1:a9:2e:24:93:1c:3e:10:a4:52:93:
                    66:3a:ee:a2:4a:59:87:9a:e2:1a:d9:bd:08:02:3e:
                    f0:cd:42:68:dc:57:f2:14:8c:b8:21:de:5d:46:64:
                    a0:74:54:fb:06:ab:36:86:2e:0f:88:00:33:57:e4:
                    58:43:cb:a7:51:99:a7:49:d0:27:1f:d8:8a:d6:c2:
                    64:5a:c7:f5:d2:14:75:e0:4b:a1:ce:b3:ce:de:47:
                    a4:5b:75:3d:5f:84:a6:85:6d:f5:f5:d1:2f:98:8a:
                    34:4a:42:2a:f5:c8:75:c5:19:d8:2b:d6:99:b8:76:
                    8e:f9:5b:f8:3e:f2:5f:f7:c6:36:c1:32:e6:ef:2a:
                    a0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:AA:60:C9:A9:27:E7:77:47:43:65:C1:F8:6F:04:41:10:DB:6F:53
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/s6pgyakn53dHQ2XB-G8EQRDbb1M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.178.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:7d:c7:b7:53:64:fd:20:c5:97:4d:91:ff:0e:d2:28:88:e5:
         ca:96:9f:90:af:aa:aa:6a:f4:07:0e:6c:8f:95:8a:4a:34:21:
         1e:b1:80:36:de:60:f7:12:7f:2b:64:bf:99:e9:5c:b5:5d:c0:
         4d:10:07:09:0d:96:5d:58:8a:7b:d5:85:b2:09:62:3f:4a:28:
         17:33:ca:60:b3:f7:78:b2:92:70:f3:ba:48:6d:0b:41:de:5d:
         05:6b:85:09:97:1e:2d:7e:74:08:cf:6b:fa:ee:e4:5e:16:12:
         75:64:6e:ad:d5:f3:2f:a7:84:ae:91:2f:d4:8a:08:10:68:9b:
         30:66:3f:52:70:ef:37:ad:76:e4:77:c2:a7:90:ad:b9:46:df:
         59:52:41:78:27:96:76:16:8f:28:4a:83:0f:6e:b7:cd:c8:90:
         b8:9e:80:7b:31:6c:b9:58:55:46:cf:7b:12:35:5a:d9:0f:c4:
         50:52:e6:06:22:c6:05:a0:a4:38:57:d2:0e:03:3e:ea:f8:cf:
         b2:0a:d5:67:58:7e:b8:72:e3:cb:dc:df:92:b4:58:fb:d0:a2:
         73:4d:d9:98:3f:37:b0:64:b2:bd:5d:d7:80:89:06:b0:0a:99:
         6c:50:9e:c2:a0:6d:60:19:5d:39:d7:8a:cb:00:75:3a:9c:0a:
         9c:fb:4d:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpAh4v0JeBgd8To3wxumGQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwODI5MDkwMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FhNjBjOWE5MjdlNzc3NDc0MzY1YzFmODZmMDQ0MTEwZGI2ZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMrBgxvgPYs3ZM9dPjHVj8Ll9BUY
lXmPn8qjhgwW0ctGNN/W0Ib0eP68UXZlwW/Ctb2NEjwMSYzThXnoL7y+ISNVml6G
XEZ7ZHQ9YqGsjcob73bhJVsusv0IMZK1To6qzIFUO16KFExQKvTHCKv1SkjC1DvJ
SiNshOQ30akuJJMcPhCkUpNmOu6iSlmHmuIa2b0IAj7wzUJo3FfyFIy4Id5dRmSg
dFT7Bqs2hi4PiAAzV+RYQ8unUZmnSdAnH9iK1sJkWsf10hR14EuhzrPO3kekW3U9
X4SmhW319dEvmIo0SkIq9ch1xRnYK9aZuHaO+Vv4PvJf98Y2wTLm7yqgXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOqYMmpJ+d3R0NlwfhvBEEQ229TMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvczZwZ3lha241M2RIUTJYQi1HOEVRUkRiYjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7KTMA0G
CSqGSIb3DQEBCwUAA4IBAQCxfce3U2T9IMWXTZH/DtIoiOXKlp+Qr6qqavQHDmyP
lYpKNCEesYA23mD3En8rZL+Z6Vy1XcBNEAcJDZZdWIp71YWyCWI/SigXM8pgs/d4
spJw87pIbQtB3l0Fa4UJlx4tfnQIz2v67uReFhJ1ZG6t1fMvp4SukS/UiggQaJsw
Zj9ScO83rXbkd8KnkK25Rt9ZUkF4J5Z2Fo8oSoMPbrfNyJC4noB7MWy5WFVGz3sS
NVrZD8RQUuYGIsYFoKQ4V9IOAz7q+M+yCtVnWH64cuPL3N+StFj70KJzTdmYPzew
ZLK9XdeAiQawCplsUJ7CoG1gGV0514rLAHU6nAqc+00Z
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:47:42 2025 by rpki-client