Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/db724a-cbca-4ed1-9b79-9a1ab11abded/1/mWM0ZzySeXZTG0Dny7ipLW1mQtQ.roa
File:                     mWM0ZzySeXZTG0Dny7ipLW1mQtQ.roa (raw, json)
Hash identifier:          8l8qoVweEwKp6q1Qj3fYXigTo4pqxvXKNzbM4Oxh0B0=
Subject key identifier:   99:63:34:67:3C:92:79:76:53:1B:40:E7:CB:B8:A9:2D:6D:66:42:D4
Certificate issuer:       /CN=b0809dc07bc0775198f2f31554152f356a83f770
Certificate serial:       18C22096
Authority key identifier: B0:80:9D:C0:7B:C0:77:51:98:F2:F3:15:54:15:2F:35:6A:83:F7:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sICdwHvAd1GY8vMVVBUvNWqD93A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/db724a-cbca-4ed1-9b79-9a1ab11abded/1/mWM0ZzySeXZTG0Dny7ipLW1mQtQ.roa
Signing time:             Sat 01 Jan 2022 05:58:49 +0000
ROA not before:           Sat 01 Jan 2022 05:58:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1103
IP address blocks:        194.104.124.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 415375510 (0x18c22096)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0809dc07bc0775198f2f31554152f356a83f770
        Validity
            Not Before: Jan  1 05:58:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=996334673c927976531b40e7cbb8a92d6d6642d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:85:39:23:bd:90:ca:82:c9:54:9e:79:8c:26:
                    e0:93:83:35:d8:64:90:2d:e7:41:e5:af:8f:58:25:
                    d2:89:f5:7b:63:91:51:10:8a:ed:f4:0b:d7:72:5f:
                    b9:97:a8:d7:a1:8b:c8:f3:cf:e5:8e:49:17:d1:a4:
                    4d:c9:4f:ec:a9:f4:2c:70:72:fa:e5:51:65:bb:80:
                    d3:b9:41:3b:1a:06:bf:0e:0e:50:b4:f1:49:2a:90:
                    e1:75:46:86:fe:38:2e:77:cc:d9:d4:15:4c:ec:a4:
                    c0:70:18:44:99:e1:dd:86:c1:e5:6d:77:c7:02:25:
                    e3:38:a0:e6:21:db:12:ba:b5:00:59:21:cc:f2:34:
                    d4:c1:73:ed:ec:6b:a8:29:1c:fc:a2:b1:70:13:27:
                    0d:ce:21:c4:64:0f:d0:a0:6f:15:c4:af:ee:17:b5:
                    37:f6:f3:00:b2:e2:05:d3:f6:1a:87:cc:1b:5f:58:
                    ca:23:9b:d2:b8:87:cc:3d:fc:43:52:04:8a:3a:de:
                    5b:5e:a4:57:6b:87:1c:f2:1d:e6:7b:f0:8e:d6:c2:
                    d9:7b:8e:9b:1d:80:6a:1e:80:37:0d:a1:66:7a:f8:
                    e8:39:58:0f:c3:4b:17:2f:14:27:e1:88:3c:2f:45:
                    66:37:02:d5:71:9c:d6:12:71:36:f3:a9:f1:13:90:
                    22:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:63:34:67:3C:92:79:76:53:1B:40:E7:CB:B8:A9:2D:6D:66:42:D4
            X509v3 Authority Key Identifier:
                keyid:B0:80:9D:C0:7B:C0:77:51:98:F2:F3:15:54:15:2F:35:6A:83:F7:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sICdwHvAd1GY8vMVVBUvNWqD93A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/db724a-cbca-4ed1-9b79-9a1ab11abded/1/mWM0ZzySeXZTG0Dny7ipLW1mQtQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/db724a-cbca-4ed1-9b79-9a1ab11abded/1/sICdwHvAd1GY8vMVVBUvNWqD93A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         cf:cd:df:f6:b3:33:96:39:fa:5b:2e:94:56:20:fc:4f:f2:1b:
         cc:75:33:68:8f:00:f4:d4:87:7e:c7:c9:fa:e8:6e:1f:d4:fa:
         0a:58:81:e2:d1:9d:0b:96:98:8f:2c:b3:7f:23:d7:37:29:9a:
         d9:bd:b9:08:26:70:0c:24:1f:1e:c6:a6:17:d0:9e:f6:71:50:
         7f:c3:d9:00:12:c3:1b:4b:d8:fa:76:86:2c:c2:f3:23:ab:54:
         3f:1d:3a:b3:f2:9c:cf:dd:39:35:f4:c0:f4:91:ad:c0:5f:e7:
         1f:c3:b0:f5:bc:e2:d2:8f:48:d0:23:77:1a:e5:cc:21:a2:25:
         aa:bb:22:ba:59:89:22:b6:cd:3b:cb:be:09:81:04:c7:97:37:
         c6:a4:5c:b6:a4:61:b3:4b:87:9f:b4:0d:e5:fd:e3:c4:b3:79:
         5e:8a:33:96:65:97:51:12:29:92:b2:24:61:7e:96:94:0a:b3:
         e1:2f:3a:5c:35:5b:bf:1d:fb:cf:06:42:19:b2:cd:a0:fe:5b:
         38:b3:cd:47:07:5e:a5:0f:87:0a:dd:a3:65:13:5b:92:f4:fc:
         ab:3e:93:a7:86:41:e9:4b:38:d9:24:00:65:c1:b3:49:68:93:
         eb:09:e5:f1:fe:f0:49:a6:2d:6e:dc:a7:be:3b:55:0e:a9:16:
         78:4e:99:b0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGMIgljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDgwOWRjMDdiYzA3NzUxOThmMmYzMTU1NDE1MmYzNTZhODNmNzcwMB4XDTIyMDEw
MTA1NTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk2MzM0NjczYzky
Nzk3NjUzMWI0MGU3Y2JiOGE5MmQ2ZDY2NDJkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPSFOSO9kMqCyVSeeYwm4JODNdhkkC3nQeWvj1gl0on1e2OR
URCK7fQL13JfuZeo16GLyPPP5Y5JF9GkTclP7Kn0LHBy+uVRZbuA07lBOxoGvw4O
ULTxSSqQ4XVGhv44LnfM2dQVTOykwHAYRJnh3YbB5W13xwIl4zig5iHbErq1AFkh
zPI01MFz7exrqCkc/KKxcBMnDc4hxGQP0KBvFcSv7he1N/bzALLiBdP2GofMG19Y
yiOb0riHzD38Q1IEijreW16kV2uHHPId5nvwjtbC2XuOmx2Aah6ANw2hZnr46DlY
D8NLFy8UJ+GIPC9FZjcC1XGc1hJxNvOp8ROQIn8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSZYzRnPJJ5dlMbQOfLuKktbWZC1DAfBgNVHSMEGDAWgBSwgJ3Ae8B3UZjy
8xVUFS81aoP3cDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NJQ2R3SHZBZDFHWTh2TVZWQlV2TldxRDkzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZGI3MjRhLWNiY2EtNGVkMS05Yjc5LTlhMWFiMTFhYmRlZC8x
L21XTTBaenlTZVhaVEcwRG55N2lwTFcxbVF0US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
ZGI3MjRhLWNiY2EtNGVkMS05Yjc5LTlhMWFiMTFhYmRlZC8xL3NJQ2R3SHZBZDFH
WTh2TVZWQlV2TldxRDkzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcJofDANBgkqhkiG9w0BAQsFAAOC
AQEAz83f9rMzljn6Wy6UViD8T/IbzHUzaI8A9NSHfsfJ+uhuH9T6CliB4tGdC5aY
jyyzfyPXNyma2b25CCZwDCQfHsamF9Ce9nFQf8PZABLDG0vY+naGLMLzI6tUPx06
s/Kcz905NfTA9JGtwF/nH8Ow9bzi0o9I0CN3GuXMIaIlqrsiulmJIrbNO8u+CYEE
x5c3xqRctqRhs0uHn7QN5f3jxLN5XoozlmWXURIpkrIkYX6WlAqz4S86XDVbvx37
zwZCGbLNoP5bOLPNRwdepQ+HCt2jZRNbkvT8qz6Tp4ZB6Us42SQAZcGzSWiT6wnl
8f7wSaYtbtynvjtVDqkWeE6ZsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:08 2024 by rpki-client on console-fra.rpki-client.org