Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/6s2oLssjxZrXMwL4QtS0A8jutAQ.roa
File:                     6s2oLssjxZrXMwL4QtS0A8jutAQ.roa (raw, json)
Hash identifier:          KocCuvsUQCWtsSXNdw86Krffezf8UR8CzQyfqqM8Whs=
Subject key identifier:   EA:CD:A8:2E:CB:23:C5:9A:D7:33:02:F8:42:D4:B4:03:C8:EE:B4:04
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       03E41D46
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/6s2oLssjxZrXMwL4QtS0A8jutAQ.roa
Signing time:             Sat 01 Jan 2022 13:04:11 +0000
ROA not before:           Sat 01 Jan 2022 13:04:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207136
IP address blocks:        94.198.44.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65281350 (0x3e41d46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 13:04:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eacda82ecb23c59ad73302f842d4b403c8eeb404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:95:7a:b0:20:6d:bb:e3:d9:16:83:e1:83:b5:
                    b8:05:b0:94:79:e2:23:50:fc:7a:e0:60:51:93:a3:
                    c4:4d:fa:f0:f7:23:20:f0:f3:83:5c:6a:c5:f2:1a:
                    88:a8:cd:72:91:e5:fd:1c:10:4b:1c:f2:9f:6c:8b:
                    4d:37:6d:79:b5:21:8c:6d:73:0e:80:bd:93:60:0f:
                    2d:37:e4:7e:43:3d:4a:47:ff:55:23:e1:c1:bc:cf:
                    52:e9:dd:ee:18:a8:32:61:1c:db:59:d5:c5:09:d3:
                    2a:1d:2e:4b:3c:59:6e:13:a1:d4:9a:4a:ec:c8:20:
                    ba:91:33:2c:e6:68:59:f7:12:c8:ab:60:e7:b9:50:
                    7c:d5:fe:18:61:8b:a5:3d:2e:ac:fc:30:85:2f:6b:
                    78:69:1f:fb:25:c9:90:3b:6a:52:8c:18:88:19:3f:
                    19:db:b3:ef:7d:5b:6c:d9:0f:ca:68:85:1b:93:0c:
                    69:c6:de:0c:5a:f3:bf:7a:88:d7:64:a9:ac:fc:a4:
                    89:d8:21:f7:98:1d:c5:36:c3:cb:07:8c:54:e9:c0:
                    21:a2:1a:33:89:7b:f4:fd:eb:ae:4d:1b:d1:e2:64:
                    f3:cb:98:64:4f:85:c0:4e:48:63:ff:b7:42:d6:6b:
                    ed:6c:e1:5a:07:5e:d9:70:fe:62:29:2a:24:51:17:
                    6e:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:CD:A8:2E:CB:23:C5:9A:D7:33:02:F8:42:D4:B4:03:C8:EE:B4:04
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/6s2oLssjxZrXMwL4QtS0A8jutAQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.198.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:4b:96:7a:e9:5b:35:46:09:b5:48:40:a0:42:a2:3c:d3:31:
         80:0b:8d:94:a6:9d:b5:d8:54:9c:ff:b7:11:9d:9d:5c:93:ab:
         ef:ad:3c:0f:7f:c5:aa:99:b2:c8:d8:b0:d3:25:dd:21:11:1f:
         f3:b4:7a:b5:b3:52:45:dc:ad:e8:10:7c:76:0c:cd:6d:e8:cc:
         d6:96:e0:e1:e3:f8:c1:ce:a2:77:f2:5b:62:a6:7d:60:dd:ab:
         2b:ab:bc:4c:57:9f:81:bb:cb:ec:43:5a:b7:87:dc:b1:56:70:
         a0:83:0a:00:26:da:92:12:46:b9:f0:11:a9:1f:f2:94:ca:1e:
         12:93:d7:96:b9:91:7b:c5:3f:c7:75:d7:a3:19:67:b1:a6:48:
         f2:ce:c1:d0:00:5d:83:c7:30:82:fc:cf:cf:f7:16:88:7b:55:
         0d:88:cb:3e:ef:fd:9f:66:d6:22:3b:63:99:55:c2:27:30:23:
         25:3f:78:ff:30:ac:71:50:62:68:fc:73:44:1a:7a:c3:1d:c9:
         76:d2:2b:28:21:26:2f:f1:ef:39:96:7f:7b:2b:73:fa:94:87:
         b8:90:71:c7:1d:94:67:b6:ca:ed:5c:dc:6c:c7:21:f2:54:80:
         eb:8c:42:60:49:74:7c:5e:a6:39:9b:2f:bc:08:7f:c6:71:d5:
         22:82:ca:fc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+QdRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDEw
MTEzMDQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFjZGE4MmVjYjIz
YzU5YWQ3MzMwMmY4NDJkNGI0MDNjOGVlYjQwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWVerAgbbvj2RaD4YO1uAWwlHniI1D8euBgUZOjxE368Pcj
IPDzg1xqxfIaiKjNcpHl/RwQSxzyn2yLTTdtebUhjG1zDoC9k2APLTfkfkM9Skf/
VSPhwbzPUund7hioMmEc21nVxQnTKh0uSzxZbhOh1JpK7MggupEzLOZoWfcSyKtg
57lQfNX+GGGLpT0urPwwhS9reGkf+yXJkDtqUowYiBk/Gduz731bbNkPymiFG5MM
acbeDFrzv3qI12SprPykidgh95gdxTbDyweMVOnAIaIaM4l79P3rrk0b0eJk88uY
ZE+FwE5IY/+3QtZr7WzhWgde2XD+YikqJFEXbkUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTqzaguyyPFmtczAvhC1LQDyO60BDAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
LzZzMm9Mc3NqeFpyWE13TDRRdFMwQThqdXRBUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8xL0JUVEVuOC1vcEZC
QjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF7GLDANBgkqhkiG9w0BAQsFAAOC
AQEAoUuWeulbNUYJtUhAoEKiPNMxgAuNlKadtdhUnP+3EZ2dXJOr7608D3/Fqpmy
yNiw0yXdIREf87R6tbNSRdyt6BB8dgzNbejM1pbg4eP4wc6id/JbYqZ9YN2rK6u8
TFefgbvL7ENat4fcsVZwoIMKACbakhJGufARqR/ylMoeEpPXlrmRe8U/x3XXoxln
saZI8s7B0ABdg8cwgvzPz/cWiHtVDYjLPu/9n2bWIjtjmVXCJzAjJT94/zCscVBi
aPxzRBp6wx3JdtIrKCEmL/HvOZZ/eytz+pSHuJBxxx2UZ7bK7VzcbMch8lSA64xC
YEl0fF6mOZsvvAh/xnHVIoLK/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org