Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/Jfu0b8Z57dM72NlBac3rb08KZoo.roa
File:                     Jfu0b8Z57dM72NlBac3rb08KZoo.roa (raw, json)
Hash identifier:          rvIJQ37aqRbOKj9dLy61lbdghHzzJeIc4i8RxiuKnlk=
Subject key identifier:   25:FB:B4:6F:C6:79:ED:D3:3B:D8:D9:41:69:CD:EB:6F:4F:0A:66:8A
Certificate issuer:       /CN=a3698b01053911607edb2a76090a6aced95a3ed5
Certificate serial:       070F50E5
Authority key identifier: A3:69:8B:01:05:39:11:60:7E:DB:2A:76:09:0A:6A:CE:D9:5A:3E:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2mLAQU5EWB-2yp2CQpqztlaPtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/Jfu0b8Z57dM72NlBac3rb08KZoo.roa
Signing time:             Sat 01 Jan 2022 04:03:15 +0000
ROA not before:           Sat 01 Jan 2022 04:03:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209154
IP address blocks:        194.61.224.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118444261 (0x70f50e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3698b01053911607edb2a76090a6aced95a3ed5
        Validity
            Not Before: Jan  1 04:03:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=25fbb46fc679edd33bd8d94169cdeb6f4f0a668a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3a:34:6b:98:8b:2d:4a:21:7b:0e:ea:5e:74:
                    a6:02:d2:b7:d6:cc:5b:dd:87:1d:eb:0e:15:d2:50:
                    06:74:05:77:88:65:74:ff:37:cb:32:61:85:ae:09:
                    c0:19:69:52:17:4b:de:fe:e7:3a:28:cb:ab:4e:32:
                    b7:d8:fe:81:67:b2:b1:2f:a2:0b:e9:0c:35:e1:e6:
                    81:ce:73:40:52:43:6b:92:82:c6:d8:5d:b7:7d:96:
                    74:cc:87:fd:90:53:19:70:11:79:42:2e:60:de:6a:
                    04:d0:81:43:66:43:ae:07:a2:12:b5:6b:cd:7c:db:
                    f5:91:61:5c:06:1c:4c:fe:e4:53:f3:27:8b:dd:06:
                    01:a1:7b:d9:1f:b0:a2:48:31:4b:5d:cc:5e:d7:f8:
                    33:f1:03:b9:40:56:70:ac:b1:03:df:2a:74:27:ea:
                    44:ca:a5:e8:c4:e1:73:41:cd:3c:f4:98:fe:34:cf:
                    9e:a7:64:62:fb:85:84:f2:82:20:8a:de:63:e5:3c:
                    5b:64:89:d0:87:bf:ab:4e:b6:a0:e8:3c:ee:c3:4d:
                    56:f5:07:3b:98:ed:29:64:23:ca:38:78:7e:94:6a:
                    1d:0c:29:33:0f:88:51:89:30:dd:d8:a9:2a:d9:81:
                    ee:2d:a1:82:ba:d6:a7:b4:2e:fc:76:48:3b:28:0f:
                    ce:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:FB:B4:6F:C6:79:ED:D3:3B:D8:D9:41:69:CD:EB:6F:4F:0A:66:8A
            X509v3 Authority Key Identifier:
                keyid:A3:69:8B:01:05:39:11:60:7E:DB:2A:76:09:0A:6A:CE:D9:5A:3E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2mLAQU5EWB-2yp2CQpqztlaPtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/Jfu0b8Z57dM72NlBac3rb08KZoo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/o2mLAQU5EWB-2yp2CQpqztlaPtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.61.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:4f:ef:29:d3:5e:b5:a6:89:21:0b:4e:41:89:82:ef:4c:81:
         01:a7:c5:22:dd:fa:17:83:dc:43:c8:7d:01:65:ec:3f:1e:19:
         a1:67:0b:69:4e:ec:eb:7c:71:2c:7b:33:15:83:42:d0:0a:cd:
         13:10:08:d7:a8:8d:11:fd:a3:a7:4d:53:6a:79:2e:a1:f4:1e:
         f3:39:27:d3:fd:2d:c7:a0:b2:93:e4:05:4f:6b:a2:e2:41:22:
         77:3d:6b:cd:82:00:e8:06:a3:27:d8:ec:ac:f4:ef:7a:e2:fd:
         c9:2c:af:af:ea:18:88:e6:24:99:a6:e6:90:fe:03:3c:7e:95:
         44:c6:a9:59:d6:74:80:af:7e:c3:4e:f7:e6:d1:42:e8:72:05:
         ba:4c:22:bc:a7:0e:4b:21:97:73:ad:6c:15:9a:dd:4b:00:3f:
         83:5b:16:ad:78:de:c8:c9:1f:60:1d:58:d7:4d:7c:2b:cd:f7:
         c8:ee:8d:d3:7b:0a:fa:24:fc:5c:7d:eb:59:0f:cf:d1:6f:bb:
         a3:c7:33:cc:5e:e7:1d:80:a0:bf:1a:94:0a:c2:e2:46:94:bd:
         1b:42:04:4b:28:91:15:6f:76:0f:9f:19:1b:1e:84:56:6f:38:
         41:41:8f:8c:e7:8c:39:fc:0a:1c:c7:87:f1:01:27:74:c6:86:
         4f:cc:9b:2d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBw9Q5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzY5OGIwMTA1MzkxMTYwN2VkYjJhNzYwOTBhNmFjZWQ5NWEzZWQ1MB4XDTIyMDEw
MTA0MDMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjVmYmI0NmZjNjc5
ZWRkMzNiZDhkOTQxNjljZGViNmY0ZjBhNjY4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ06NGuYiy1KIXsO6l50pgLSt9bMW92HHesOFdJQBnQFd4hl
dP83yzJhha4JwBlpUhdL3v7nOijLq04yt9j+gWeysS+iC+kMNeHmgc5zQFJDa5KC
xthdt32WdMyH/ZBTGXAReUIuYN5qBNCBQ2ZDrgeiErVrzXzb9ZFhXAYcTP7kU/Mn
i90GAaF72R+wokgxS13MXtf4M/EDuUBWcKyxA98qdCfqRMql6MThc0HNPPSY/jTP
nqdkYvuFhPKCIIreY+U8W2SJ0Ie/q062oOg87sNNVvUHO5jtKWQjyjh4fpRqHQwp
Mw+IUYkw3dipKtmB7i2hgrrWp7Qu/HZIOygPzn0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQl+7Rvxnnt0zvY2UFpzetvTwpmijAfBgNVHSMEGDAWgBSjaYsBBTkRYH7b
KnYJCmrO2Vo+1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28ybUxBUVU1RVdCLTJ5cDJDUXBxenRsYVB0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvODFkNjhhLTUzNmMtNDQ0Mi1iODUyLWJiZDMxMTE4Njk1MC8x
L0pmdTBiOFo1N2RNNzJObEJhYzNyYjA4S1pvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ODFkNjhhLTUzNmMtNDQ0Mi1iODUyLWJiZDMxMTE4Njk1MC8xL28ybUxBUVU1RVdC
LTJ5cDJDUXBxenRsYVB0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsI94DANBgkqhkiG9w0BAQsFAAOC
AQEAf0/vKdNetaaJIQtOQYmC70yBAafFIt36F4PcQ8h9AWXsPx4ZoWcLaU7s63xx
LHszFYNC0ArNExAI16iNEf2jp01TankuofQe8zkn0/0tx6Cyk+QFT2ui4kEidz1r
zYIA6AajJ9jsrPTveuL9ySyvr+oYiOYkmabmkP4DPH6VRMapWdZ0gK9+w0735tFC
6HIFukwivKcOSyGXc61sFZrdSwA/g1sWrXjeyMkfYB1Y1018K833yO6N03sK+iT8
XH3rWQ/P0W+7o8czzF7nHYCgvxqUCsLiRpS9G0IESyiRFW92D58ZGx6EVm84QUGP
jOeMOfwKHMeH8QEndMaGT8ybLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:00 2024 by rpki-client on console-fra.rpki-client.org