Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1-mWaqvJLdn7Ig3hIqut7cy-V_T0.roa
File:                     1-mWaqvJLdn7Ig3hIqut7cy-V_T0.roa (raw, json)
Hash identifier:          VKLlEIgfK5pALufFNzmHRc7Gdx8D0KEBl171wX929AY=
Subject key identifier:   FA:65:9A:AA:F2:4B:76:7E:C8:83:78:48:AA:EB:7B:73:2F:95:FD:3D
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       03D9DCE3
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1-mWaqvJLdn7Ig3hIqut7cy-V_T0.roa
Signing time:             Sat 01 Jan 2022 13:04:05 +0000
ROA not before:           Sat 01 Jan 2022 13:04:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202375
IP address blocks:        89.45.209.0/24 maxlen: 24
                          89.42.71.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64609507 (0x3d9dce3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 13:04:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa659aaaf24b767ec8837848aaeb7b732f95fd3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e5:85:35:2f:18:cf:df:77:87:d9:4c:6a:03:
                    cc:c2:5e:18:5e:47:68:c4:1d:21:a1:15:e5:dd:b5:
                    f9:bc:ec:38:c9:21:af:ea:34:54:1b:85:9d:60:23:
                    7b:51:00:2e:15:69:0b:a4:60:a3:b7:70:0b:6b:8b:
                    5c:e4:eb:b3:65:38:48:17:65:dc:8c:61:e2:9e:ec:
                    2a:72:51:3d:7c:ce:a8:6b:ab:17:ab:df:cd:e3:c9:
                    17:d5:84:3e:50:c9:11:4d:52:b0:6a:3f:88:60:b9:
                    f1:8f:8b:9b:ea:3f:86:ff:14:8e:59:14:68:e6:e5:
                    e2:95:94:99:85:fc:86:11:81:c3:bd:23:21:c1:42:
                    4d:8c:78:fc:b0:75:2d:cc:04:cd:58:bc:5a:63:c7:
                    76:6b:45:f3:de:a2:39:56:92:a7:0d:90:3e:1b:78:
                    c0:45:fb:b7:b7:be:1d:08:9a:c7:a6:a0:34:55:e6:
                    ea:26:62:1f:a7:94:d4:67:0a:37:63:74:8b:52:65:
                    2e:3e:b3:6b:08:e3:85:a3:65:cd:1d:1c:b7:c5:db:
                    4b:f4:fc:c4:80:0c:af:4e:8a:25:f8:34:80:5f:51:
                    61:f0:26:14:58:62:2e:1a:94:3b:4c:97:5b:c0:20:
                    e7:48:91:48:3d:69:ca:7d:ed:ed:60:8a:25:56:4d:
                    4c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:65:9A:AA:F2:4B:76:7E:C8:83:78:48:AA:EB:7B:73:2F:95:FD:3D
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1-mWaqvJLdn7Ig3hIqut7cy-V_T0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.42.71.0/24
                  89.45.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:ab:36:33:05:c8:ed:c6:c2:b3:fe:d8:14:9e:47:f1:18:da:
         33:5f:fd:39:20:29:88:0d:ed:94:5b:6c:22:6f:56:a9:f4:0c:
         76:79:c0:3c:0d:63:8f:57:c9:10:6b:2c:26:cd:5a:da:a6:2f:
         e4:47:e1:37:be:c7:65:e5:1b:73:f7:ed:bf:1f:58:25:4a:e4:
         72:99:1a:af:39:67:e5:a1:55:57:ad:d6:79:59:17:e7:1c:49:
         e7:a5:41:c6:25:f8:20:2b:f3:b6:9c:3d:82:e9:71:6b:04:7c:
         d3:ee:ea:64:7b:2a:96:11:40:93:ce:87:d4:c5:4f:ff:26:7f:
         f1:dc:cc:8f:de:99:63:bd:60:4e:b7:78:cf:63:27:58:a8:0c:
         2f:86:95:8a:d9:4d:76:7d:c3:76:54:ec:27:e7:a9:65:cf:a4:
         79:73:9c:0d:15:2f:69:db:fb:21:af:d8:d7:8c:78:9a:19:15:
         60:b8:fd:a2:fa:6b:3f:79:8e:ea:f8:75:18:b8:04:b8:89:4b:
         a3:01:ff:9c:df:c0:08:a8:4c:d6:0a:30:bf:9b:1e:76:15:5f:
         06:da:2b:a3:93:25:ff:05:ab:43:3d:4d:8d:6e:67:95:db:81:
         31:ec:0d:86:90:e1:45:4f:db:1b:9b:a6:ab:27:2c:c6:bb:d1:
         eb:7d:f8:6b
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEA9nc4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDEw
MTEzMDQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE2NTlhYWFmMjRi
NzY3ZWM4ODM3ODQ4YWFlYjdiNzMyZjk1ZmQzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKblhTUvGM/fd4fZTGoDzMJeGF5HaMQdIaEV5d21+bzsOMkh
r+o0VBuFnWAje1EALhVpC6Rgo7dwC2uLXOTrs2U4SBdl3Ixh4p7sKnJRPXzOqGur
F6vfzePJF9WEPlDJEU1SsGo/iGC58Y+Lm+o/hv8UjlkUaObl4pWUmYX8hhGBw70j
IcFCTYx4/LB1LcwEzVi8WmPHdmtF896iOVaSpw2QPht4wEX7t7e+HQiax6agNFXm
6iZiH6eU1GcKN2N0i1JlLj6zawjjhaNlzR0ct8XbS/T8xIAMr06KJfg0gF9RYfAm
FFhiLhqUO0yXW8Ag50iRSD1pyn3t7WCKJVZNTJ8CAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT6ZZqq8kt2fsiDeEiq63tzL5X9PTAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
LzEtbVdhcXZKTGRuN0lnM2hJcXV0N2N5LVZfVDAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVh
LzBjY2JkYS1kNmYxLTQ1MjctODEwNi1jZDdlMDZjYmI1MzEvMS9CVFRFbjgtb3BG
QkIyVjdVMk5UOGFjY25wR2MuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABZKkcDBABZLdEwDQYJKoZIhvcN
AQELBQADggEBAC+rNjMFyO3GwrP+2BSeR/EY2jNf/TkgKYgN7ZRbbCJvVqn0DHZ5
wDwNY49XyRBrLCbNWtqmL+RH4Te+x2XlG3P37b8fWCVK5HKZGq85Z+WhVVet1nlZ
F+ccSeelQcYl+CAr87acPYLpcWsEfNPu6mR7KpYRQJPOh9TFT/8mf/HczI/emWO9
YE63eM9jJ1ioDC+GlYrZTXZ9w3ZU7CfnqWXPpHlznA0VL2nb+yGv2NeMeJoZFWC4
/aL6az95jur4dRi4BLiJS6MB/5zfwAioTNYKML+bHnYVXwbaK6OTJf8Fq0M9TY1u
Z5XbgTHsDYaQ4UVP2xubpqsnLMa70et9+Gs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org