Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/F2FhbmF7LhyK7CiS-Z6WY48VS30.roa
File:                     F2FhbmF7LhyK7CiS-Z6WY48VS30.roa (raw, json)
Hash identifier:          MSoFGIHXFI1+eWFAv+LxZGsfVrAzrWgNwilFd3VVQJ8=
Subject key identifier:   17:61:61:6E:61:7B:2E:1C:8A:EC:28:92:F9:9E:96:63:8F:15:4B:7D
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018534DFAB0CF37FC78FE3F3D88A37D15BE0
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/F2FhbmF7LhyK7CiS-Z6WY48VS30.roa
Signing time:             Wed 21 Dec 2022 13:29:11 +0000
ROA not before:           Wed 21 Dec 2022 13:29:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207459
IP address blocks:        188.191.96.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:34:df:ab:0c:f3:7f:c7:8f:e3:f3:d8:8a:37:d1:5b:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Dec 21 13:29:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1761616e617b2e1c8aec2892f99e96638f154b7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:e7:06:8c:18:2d:1d:75:b6:65:3b:41:5e:62:
                    e3:4e:74:78:4e:d4:27:d7:40:8b:13:8b:9a:62:94:
                    45:3a:fc:68:b0:15:30:45:aa:ce:c8:80:c1:9d:5e:
                    a2:6c:b6:af:5f:45:b3:8e:49:bc:d2:e6:4e:aa:48:
                    8d:f0:6f:1a:20:9b:70:6c:c3:75:59:97:5b:8a:a8:
                    be:24:e6:94:7a:fa:a0:98:0a:cc:67:37:a1:71:bb:
                    8b:35:b3:5f:cb:d8:77:5a:b0:35:a8:20:f2:4d:a2:
                    62:cb:43:b3:5b:3e:82:09:6f:c9:59:9e:9c:ad:bb:
                    6a:0e:47:24:98:c7:8a:c3:a0:bd:f7:e8:d0:bc:57:
                    5b:4a:87:c4:93:74:16:d4:27:0b:bc:53:13:d7:65:
                    be:fa:18:50:b2:a8:10:dd:c5:fb:c2:1c:83:d5:b7:
                    0b:2f:b0:02:04:e5:3e:27:6c:8c:16:b4:d9:e9:24:
                    cb:78:99:49:ae:c1:f0:47:7d:df:92:38:71:47:94:
                    af:c5:03:0a:19:15:64:c2:80:06:c2:21:ae:60:b8:
                    6c:1d:d0:e7:83:0e:47:69:c2:4a:af:52:e2:e4:5f:
                    4b:dc:18:15:5c:80:e7:2c:d4:58:0f:44:d7:c3:0c:
                    54:54:7b:35:41:93:b4:db:1a:84:ad:91:2d:c4:29:
                    97:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:61:61:6E:61:7B:2E:1C:8A:EC:28:92:F9:9E:96:63:8F:15:4B:7D
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/F2FhbmF7LhyK7CiS-Z6WY48VS30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:70:7a:4b:33:7d:c0:2f:bf:87:f1:5a:70:b3:3a:ae:45:30:
         46:c9:ae:8c:46:b6:4e:68:9e:f3:3d:7e:a1:5b:63:28:5e:9c:
         69:a4:e2:92:cd:2e:6d:1f:16:d9:1b:45:a8:f1:68:74:de:7f:
         65:f9:3b:d3:bb:de:e5:1f:cb:f0:aa:dd:36:e4:b7:03:05:85:
         0b:cd:9d:7b:62:92:c1:63:93:fd:17:3c:d6:7e:ab:15:02:ef:
         07:06:a9:17:53:63:b5:ee:4f:42:6d:c3:6e:65:e1:13:21:2e:
         fa:9c:b8:1b:f1:bc:8e:ae:d8:08:57:0f:95:da:35:3f:49:4c:
         89:b1:b9:0b:cb:56:f0:e8:fb:b5:eb:4b:23:4e:ed:cc:8b:44:
         b9:40:fe:7b:09:24:0e:ae:7c:03:f5:2b:50:ce:24:04:7f:f5:
         d4:2e:ea:c1:8e:60:49:64:15:2d:29:bd:f5:2e:72:3c:e0:e6:
         94:ee:33:00:7a:cf:cd:a7:2f:11:af:e4:c8:97:70:3e:ba:6a:
         18:5d:60:13:ac:ae:e0:7e:19:72:25:0c:c4:b3:19:f7:ea:e3:
         e7:80:45:3e:f5:82:48:cf:86:ad:71:98:ea:1f:8d:3c:3f:fc:
         b9:c7:45:75:07:3c:4f:e7:dd:ea:e7:6b:4e:f7:59:b7:a4:2c:
         48:f8:cd:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU036sM83/Hj+Pz2Io30VvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMjIxMTMyOTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzYxNjE2ZTYxN2IyZTFjOGFlYzI4OTJmOTllOTY2MzhmMTU0YjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOcGjBgtHXW2ZTtBXmLjTnR4TtQn
10CLE4uaYpRFOvxosBUwRarOyIDBnV6ibLavX0Wzjkm80uZOqkiN8G8aIJtwbMN1
WZdbiqi+JOaUevqgmArMZzehcbuLNbNfy9h3WrA1qCDyTaJiy0OzWz6CCW/JWZ6c
rbtqDkckmMeKw6C99+jQvFdbSofEk3QW1CcLvFMT12W++hhQsqgQ3cX7whyD1bcL
L7ACBOU+J2yMFrTZ6STLeJlJrsHwR33fkjhxR5SvxQMKGRVkwoAGwiGuYLhsHdDn
gw5HacJKr1Li5F9L3BgVXIDnLNRYD0TXwwxUVHs1QZO02xqErZEtxCmXawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBdhYW5hey4ciuwokvmelmOPFUt9MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvRjJGaGJtRjdMaHlLN0NpUy1aNldZNDhWUzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9gMA0G
CSqGSIb3DQEBCwUAA4IBAQAOcHpLM33AL7+H8VpwszquRTBGya6MRrZOaJ7zPX6h
W2MoXpxppOKSzS5tHxbZG0Wo8Wh03n9l+TvTu97lH8vwqt025LcDBYULzZ17YpLB
Y5P9FzzWfqsVAu8HBqkXU2O17k9CbcNuZeETIS76nLgb8byOrtgIVw+V2jU/SUyJ
sbkLy1bw6Pu160sjTu3Mi0S5QP57CSQOrnwD9StQziQEf/XULurBjmBJZBUtKb31
LnI84OaU7jMAes/Npy8Rr+TIl3A+umoYXWATrK7gfhlyJQzEsxn36uPngEU+9YJI
z4atcZjqH408P/y5x0V1BzxP593q52tO91m3pCxI+M0b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org