Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/nkBV24Quy4qsTtOA5TplXnGdE2I.roa
File:                     nkBV24Quy4qsTtOA5TplXnGdE2I.roa (raw, json)
Hash identifier:          nD8gPNZYDAOC9VprzbE1hz+pEwy7mVrRLywaX8E2P4A=
Subject key identifier:   9E:40:55:DB:84:2E:CB:8A:AC:4E:D3:80:E5:3A:65:5E:71:9D:13:62
Certificate issuer:       /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial:       05DCEBB7
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/nkBV24Quy4qsTtOA5TplXnGdE2I.roa
Signing time:             Sat 01 Jan 2022 11:02:57 +0000
ROA not before:           Sat 01 Jan 2022 11:02:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     23454
IP address blocks:        80.67.75.0/24 maxlen: 24
                          193.108.92.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 98364343 (0x5dcebb7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
        Validity
            Not Before: Jan  1 11:02:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9e4055db842ecb8aac4ed380e53a655e719d1362
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4b:1f:0b:a9:39:c6:11:cf:fb:5a:f2:cf:60:
                    ef:89:5f:6d:14:bd:b6:84:e5:1f:4b:76:74:36:d8:
                    4b:40:fe:a9:42:c5:fc:10:c6:60:03:71:d0:1c:50:
                    6e:86:f3:1e:d2:ca:7e:fc:94:77:1e:31:50:bd:2b:
                    32:65:60:f7:39:c6:9c:12:f3:bb:ee:83:85:2a:f5:
                    ce:80:29:7a:6d:74:81:13:fc:0d:e7:7c:55:da:d2:
                    5b:19:b8:11:de:8c:89:52:5c:fd:1c:72:02:22:d9:
                    40:cc:1b:27:74:83:19:a3:e4:bf:6a:c7:d7:b5:82:
                    47:94:7c:19:66:33:43:27:60:d8:e2:d7:6e:f3:aa:
                    b1:13:5c:ef:40:7d:37:ad:18:36:c8:4a:81:36:c5:
                    89:94:4e:dd:fe:1a:29:8c:3a:e5:dd:f0:ce:76:ee:
                    eb:f9:ba:8c:7f:0d:45:92:05:2a:92:f1:f4:be:b3:
                    f3:89:95:6e:96:62:a9:a4:64:b4:16:09:02:22:59:
                    bf:85:5c:71:0d:41:7d:de:f6:d8:21:06:6b:52:bb:
                    92:af:42:d8:b4:49:50:13:39:03:0e:c0:c8:6b:f4:
                    50:d2:92:56:cf:39:d2:82:fb:eb:2c:e7:97:4f:f7:
                    c1:f7:58:2a:91:36:a5:14:ed:d1:f1:57:34:36:92:
                    93:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:40:55:DB:84:2E:CB:8A:AC:4E:D3:80:E5:3A:65:5E:71:9D:13:62
            X509v3 Authority Key Identifier:
                keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/nkBV24Quy4qsTtOA5TplXnGdE2I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.67.75.0/24
                  193.108.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:08:d3:e2:e8:90:a5:ff:31:1d:db:8b:0f:b7:32:27:75:86:
         c8:88:37:75:df:e2:6a:a8:0d:5c:48:1a:97:06:e7:a1:e5:7b:
         6f:8b:7d:f4:60:0d:82:ee:18:61:9a:54:2c:cf:fe:d0:44:4f:
         b8:14:28:ab:ef:82:14:2b:44:4a:f7:3a:a0:16:a0:8c:f0:d8:
         a8:72:9b:f1:22:5d:0b:82:c4:6d:1d:1e:c2:ea:96:58:7a:81:
         09:94:93:64:34:ab:e8:29:61:d7:4d:0a:1e:28:c5:bf:02:9b:
         a1:1f:98:7b:dc:01:c8:70:ed:97:15:0a:a5:3c:54:75:18:91:
         70:c3:14:ea:91:8d:d0:e2:ce:b6:07:fc:1e:c2:b7:36:01:f9:
         97:36:39:c6:54:9b:75:0f:30:9b:9d:41:bb:0f:3c:00:9d:1f:
         a9:0e:e1:80:d5:5c:e2:3c:94:18:11:c1:09:aa:c9:b3:2d:19:
         6b:59:fe:05:8f:03:73:d9:04:dd:a0:a6:06:45:7b:ce:07:d9:
         44:8f:07:61:53:eb:af:7b:09:a0:e5:b3:55:62:f8:1a:f0:06:
         3c:44:a1:7a:28:ec:13:10:dd:4f:19:a3:51:56:29:4a:9c:68:
         31:ac:0b:3a:55:76:d5:9d:6f:3a:a8:28:5c:de:29:7b:a1:43:
         9f:24:d5:d1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBdzrtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjVmY2JiZWE0ODkzN2E0NDJiYWJkYjMzMDIxMzJjNGJjOWJkNmFhMB4XDTIyMDEw
MTExMDI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU0MDU1ZGI4NDJl
Y2I4YWFjNGVkMzgwZTUzYTY1NWU3MTlkMTM2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBLHwupOcYRz/ta8s9g74lfbRS9toTlH0t2dDbYS0D+qULF
/BDGYANx0BxQbobzHtLKfvyUdx4xUL0rMmVg9znGnBLzu+6DhSr1zoApem10gRP8
Ded8VdrSWxm4Ed6MiVJc/RxyAiLZQMwbJ3SDGaPkv2rH17WCR5R8GWYzQydg2OLX
bvOqsRNc70B9N60YNshKgTbFiZRO3f4aKYw65d3wznbu6/m6jH8NRZIFKpLx9L6z
84mVbpZiqaRktBYJAiJZv4VccQ1Bfd722CEGa1K7kq9C2LRJUBM5Aw7AyGv0UNKS
Vs850oL76yznl0/3wfdYKpE2pRTt0fFXNDaSk/MCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSeQFXbhC7LiqxO04DlOmVecZ0TYjAfBgNVHSMEGDAWgBRrX8u+pIk3pEK6
vbMwITLEvJvWqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ExX0x2cVNKTjZSQ3VyMnpNQ0V5eEx5YjFxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvMDQyMTg4LWRmYjYtNGFkNC05MWE0LTg4ZDFjYWM5ZTRmMS8x
L25rQlYyNFF1eTRxc1R0T0E1VHBsWG5HZEUySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
MDQyMTg4LWRmYjYtNGFkNC05MWE0LTg4ZDFjYWM5ZTRmMS8xL2ExX0x2cVNKTjZS
Q3VyMnpNQ0V5eEx5YjFxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFBDSwMEAMFsXDANBgkqhkiG9w0B
AQsFAAOCAQEAHgjT4uiQpf8xHduLD7cyJ3WGyIg3dd/iaqgNXEgalwbnoeV7b4t9
9GANgu4YYZpULM/+0ERPuBQoq++CFCtESvc6oBagjPDYqHKb8SJdC4LEbR0ewuqW
WHqBCZSTZDSr6Clh100KHijFvwKboR+Ye9wByHDtlxUKpTxUdRiRcMMU6pGN0OLO
tgf8HsK3NgH5lzY5xlSbdQ8wm51Buw88AJ0fqQ7hgNVc4jyUGBHBCarJsy0Za1n+
BY8Dc9kE3aCmBkV7zgfZRI8HYVPrr3sJoOWzVWL4GvAGPESheijsExDdTxmjUVYp
SpxoMawLOlV21Z1vOqgoXN4pe6FDnyTV0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:32 2024 by rpki-client on console-fra.rpki-client.org