Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/tSrfJDkJpue76yGNn-N3R9lTufQ.roa
File:                     tSrfJDkJpue76yGNn-N3R9lTufQ.roa (raw, json)
Hash identifier:          6vyzP3+e+7hLaCr/iQ6yvyaAslDGXmpIOMNvPj8C3Cc=
Subject key identifier:   B5:2A:DF:24:39:09:A6:E7:BB:EB:21:8D:9F:E3:77:47:D9:53:B9:F4
Certificate issuer:       /CN=a674015d509b5d4f396ea363369e9d74ffad7593
Certificate serial:       04F3F907
Authority key identifier: A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/tSrfJDkJpue76yGNn-N3R9lTufQ.roa
Signing time:             Sat 01 Jan 2022 06:57:09 +0000
ROA not before:           Sat 01 Jan 2022 06:57:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200804
IP address blocks:        185.94.112.0/23 maxlen: 23
                          185.94.114.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83097863 (0x4f3f907)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a674015d509b5d4f396ea363369e9d74ffad7593
        Validity
            Not Before: Jan  1 06:57:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b52adf243909a6e7bbeb218d9fe37747d953b9f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:08:1b:ce:08:06:6e:aa:16:a9:17:dd:4d:d4:
                    97:67:ec:8c:c3:ef:0b:6d:7d:1d:eb:b1:5b:98:a1:
                    02:8b:be:5b:86:69:f1:a4:1b:d7:e9:81:4a:6e:cc:
                    07:f5:95:67:16:31:5f:55:2e:eb:b8:5b:f1:20:92:
                    88:38:c2:94:37:3b:89:31:65:a3:98:e5:c2:b1:ff:
                    4d:bb:b9:a6:56:77:26:a7:d8:23:e6:ac:04:87:b7:
                    a7:fd:a4:d8:97:eb:00:bf:d4:2e:d1:19:0d:8a:ce:
                    5d:ab:aa:e1:61:ff:9d:41:c5:e1:33:be:01:6a:11:
                    7a:51:6e:76:44:8c:01:78:12:e8:62:e4:17:38:4d:
                    96:aa:78:d3:52:c9:7c:a8:03:27:e4:3f:74:f8:7f:
                    eb:19:49:a5:0c:2d:50:09:a4:7d:4c:ab:5b:21:d6:
                    bc:a8:e8:48:67:af:d6:fe:4a:ed:e4:82:8c:1f:3e:
                    19:eb:16:db:b6:5b:c1:7f:5e:36:e6:2b:ac:ff:9e:
                    cc:d7:f4:c7:29:ee:e8:d6:69:73:37:ae:d8:3f:3a:
                    4e:6d:65:d6:6f:00:3c:ac:3b:95:4f:ec:94:de:c5:
                    ff:be:2a:ac:87:3a:47:1a:5b:70:96:b2:d9:2d:20:
                    66:3f:73:6e:a2:6d:46:d6:ab:95:e5:71:8a:2f:b4:
                    a4:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:2A:DF:24:39:09:A6:E7:BB:EB:21:8D:9F:E3:77:47:D9:53:B9:F4
            X509v3 Authority Key Identifier:
                keyid:A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/tSrfJDkJpue76yGNn-N3R9lTufQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.94.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:17:e6:2f:3b:35:86:1d:78:fd:7b:a8:ff:80:6d:a6:d0:7d:
         1f:2d:c0:bb:00:a6:7f:09:ff:73:da:5a:05:a6:43:43:08:52:
         12:7a:f5:16:2f:80:92:62:5a:e0:09:03:7b:1f:f4:a3:39:83:
         a7:20:f3:40:b0:98:6f:11:52:9f:24:f7:ca:80:1b:3e:7c:cc:
         9d:6d:c1:b7:6c:9f:44:9a:f7:a4:74:ea:99:53:3a:8a:95:b4:
         9d:bb:fc:bd:38:61:2d:70:82:df:bd:b0:05:4a:6e:ee:ca:55:
         c2:64:d0:d3:89:6d:cf:84:5d:30:9b:e0:f6:71:c4:a0:91:67:
         8c:d1:b6:17:0c:3c:10:81:d0:f7:01:ed:10:ed:74:d2:cd:ce:
         41:91:16:81:8c:86:b9:f7:4a:28:18:68:1a:da:d8:dd:b0:1b:
         93:8f:02:f9:ec:bf:64:62:83:31:c4:a5:0e:97:24:26:c5:1a:
         ae:53:d6:e6:c8:19:44:80:e1:85:03:ab:f3:3c:ff:82:3e:59:
         d9:98:f5:7a:bc:8d:07:68:5f:54:3b:a3:8d:1f:6b:fa:3a:ff:
         c7:f2:30:76:d2:d7:f3:0d:5e:85:ff:49:36:c5:ef:2a:8a:cf:
         49:ea:e2:f8:f0:2d:43:7a:0b:f6:72:0e:11:8e:ca:0b:0e:22:
         9e:a1:58:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBPP5BzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Njc0MDE1ZDUwOWI1ZDRmMzk2ZWEzNjMzNjllOWQ3NGZmYWQ3NTkzMB4XDTIyMDEw
MTA2NTcwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUyYWRmMjQzOTA5
YTZlN2JiZWIyMThkOWZlMzc3NDdkOTUzYjlmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoIG84IBm6qFqkX3U3Ul2fsjMPvC219HeuxW5ihAou+W4Zp
8aQb1+mBSm7MB/WVZxYxX1Uu67hb8SCSiDjClDc7iTFlo5jlwrH/Tbu5plZ3JqfY
I+asBIe3p/2k2JfrAL/ULtEZDYrOXauq4WH/nUHF4TO+AWoRelFudkSMAXgS6GLk
FzhNlqp401LJfKgDJ+Q/dPh/6xlJpQwtUAmkfUyrWyHWvKjoSGev1v5K7eSCjB8+
GesW27ZbwX9eNuYrrP+ezNf0xynu6NZpczeu2D86Tm1l1m8APKw7lU/slN7F/74q
rIc6RxpbcJay2S0gZj9zbqJtRtarleVxii+0pPkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS1Kt8kOQmm57vrIY2f43dH2VO59DAfBgNVHSMEGDAWgBSmdAFdUJtdTzlu
o2M2np10/611kzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BuUUJYVkNiWFU4NWJxTmpOcDZkZFAtdGRaTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvNjg5ZTcwLWUzOGQtNGZmMS1hOTcyLTQxMTNkNjg2ZGQ2Ni8x
L3RTcmZKRGtKcHVlNzZ5R05uLU4zUjlsVHVmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
Njg5ZTcwLWUzOGQtNGZmMS1hOTcyLTQxMTNkNjg2ZGQ2Ni8xL3BuUUJYVkNiWFU4
NWJxTmpOcDZkZFAtdGRaTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlecDANBgkqhkiG9w0BAQsFAAOC
AQEARRfmLzs1hh14/Xuo/4BtptB9Hy3AuwCmfwn/c9paBaZDQwhSEnr1Fi+AkmJa
4AkDex/0ozmDpyDzQLCYbxFSnyT3yoAbPnzMnW3Bt2yfRJr3pHTqmVM6ipW0nbv8
vThhLXCC372wBUpu7spVwmTQ04ltz4RdMJvg9nHEoJFnjNG2Fww8EIHQ9wHtEO10
0s3OQZEWgYyGufdKKBhoGtrY3bAbk48C+ey/ZGKDMcSlDpckJsUarlPW5sgZRIDh
hQOr8zz/gj5Z2Zj1eryNB2hfVDujjR9r+jr/x/IwdtLX8w1ehf9JNsXvKorPSeri
+PAtQ3oL9nIOEY7KCw4inqFY1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:02 2024 by rpki-client on console-fra.rpki-client.org