Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/H4q6_T613HFdSueXTXTvC-qvoxA.roa
File:                     H4q6_T613HFdSueXTXTvC-qvoxA.roa (raw, json)
Hash identifier:          QULtbvXA2okioI8ZjusaUTaCUe2q8/Sz7l8C6oFZtlA=
Subject key identifier:   1F:8A:BA:FD:3E:B5:DC:71:5D:4A:E7:97:4D:74:EF:0B:EA:AF:A3:10
Certificate issuer:       /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial:       2D9E0261
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/H4q6_T613HFdSueXTXTvC-qvoxA.roa
Signing time:             Sat 01 Jan 2022 04:59:21 +0000
ROA not before:           Sat 01 Jan 2022 04:59:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198949
IP address blocks:        194.8.123.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 765330017 (0x2d9e0261)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
        Validity
            Not Before: Jan  1 04:59:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1f8abafd3eb5dc715d4ae7974d74ef0beaafa310
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:ad:93:f6:3c:a4:ef:e1:66:ea:05:49:9f:e8:
                    5d:2a:25:0a:31:67:d7:a6:f3:9b:c4:bd:34:a2:60:
                    5d:ef:92:5c:5f:45:65:af:37:5f:1d:3e:b6:16:75:
                    bc:6d:e4:04:76:d1:53:1e:41:c4:a4:07:f2:74:2f:
                    59:e2:a9:41:74:78:48:f1:fa:89:75:6f:25:d9:cf:
                    43:f9:94:7d:f4:d5:f0:cf:1e:ae:62:c2:30:1c:6d:
                    2a:de:6a:ff:ea:a0:83:af:e0:a3:e4:50:3d:02:8f:
                    ab:1e:4b:b6:84:60:0a:ca:5a:24:a4:e3:d6:4a:c7:
                    c0:7e:f3:51:d8:6a:ae:23:3a:6b:29:7c:52:f8:53:
                    13:51:c1:90:70:b4:c8:6a:06:32:de:97:26:7b:df:
                    75:d3:44:eb:1a:bf:87:94:c5:4d:c8:fd:bf:ef:de:
                    62:6a:e1:63:79:68:58:b0:58:e8:df:98:f4:4a:5f:
                    df:e5:79:66:f4:19:b4:b9:53:e3:42:f1:ea:81:bc:
                    0c:7d:05:10:d7:74:aa:c3:d3:32:9a:8e:3c:70:c7:
                    1c:61:d5:39:3a:4f:bc:cb:18:09:6d:82:da:42:e8:
                    37:b3:e6:8c:33:06:63:89:14:bd:85:b0:d2:60:19:
                    ca:1c:6f:53:7d:37:89:87:20:48:f4:f0:05:ef:45:
                    16:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:8A:BA:FD:3E:B5:DC:71:5D:4A:E7:97:4D:74:EF:0B:EA:AF:A3:10
            X509v3 Authority Key Identifier:
                keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/H4q6_T613HFdSueXTXTvC-qvoxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.8.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:8b:5a:6c:9d:ee:95:82:07:13:4c:3b:1d:96:23:ac:d9:f9:
         c1:5f:b1:b3:51:8c:56:d8:2a:8d:59:e5:9f:ac:ec:ce:d1:db:
         46:33:57:15:d2:c1:3a:e8:63:2c:d5:85:69:70:da:41:03:79:
         6b:97:6c:03:87:21:e0:33:33:f4:fe:ce:2d:db:b8:82:13:bf:
         1d:24:1d:34:1c:a3:fc:6a:18:82:31:3c:e4:8f:86:cd:78:40:
         c3:d3:55:34:3c:f3:2f:67:00:2d:80:43:54:bb:39:eb:52:85:
         2c:6e:64:62:e4:cc:78:f4:e3:f1:c5:d0:cb:0f:32:01:89:17:
         a0:46:be:c6:cd:dc:b6:e3:33:6e:0e:7f:b0:59:77:95:39:c5:
         6c:e7:86:4d:a3:0a:2e:fd:3d:db:87:d6:ad:6e:6a:e7:c4:bd:
         34:27:c4:de:81:67:54:a1:c2:d1:07:26:07:26:ff:66:4a:bd:
         2b:80:0f:b5:ee:32:08:d7:09:44:12:4b:b5:a6:a3:d3:04:b0:
         66:74:fe:4f:49:0c:99:53:17:b4:f2:03:fa:ae:e3:92:26:dc:
         d9:5d:23:3d:c8:d6:b5:0f:f1:9d:7f:6f:1c:30:6f:d2:c3:4d:
         34:bc:a6:5f:b8:5c:0a:56:e3:7c:8e:1c:a3:c9:f6:01:8b:7f:
         cc:2a:61:e3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIELZ4CYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDVkZTQ5MGZmODc0ZTk2ODljZWNmNzI2Y2JiNGUyZjUxZjZjNzMxMB4XDTIyMDEw
MTA0NTkyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY4YWJhZmQzZWI1
ZGM3MTVkNGFlNzk3NGQ3NGVmMGJlYWFmYTMxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO6tk/Y8pO/hZuoFSZ/oXSolCjFn16bzm8S9NKJgXe+SXF9F
Za83Xx0+thZ1vG3kBHbRUx5BxKQH8nQvWeKpQXR4SPH6iXVvJdnPQ/mUffTV8M8e
rmLCMBxtKt5q/+qgg6/go+RQPQKPqx5LtoRgCspaJKTj1krHwH7zUdhqriM6ayl8
UvhTE1HBkHC0yGoGMt6XJnvfddNE6xq/h5TFTcj9v+/eYmrhY3loWLBY6N+Y9Epf
3+V5ZvQZtLlT40Lx6oG8DH0FENd0qsPTMpqOPHDHHGHVOTpPvMsYCW2C2kLoN7Pm
jDMGY4kUvYWw0mAZyhxvU303iYcgSPTwBe9FFt0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQfirr9PrXccV1K55dNdO8L6q+jEDAfBgNVHSMEGDAWgBSdXeSQ/4dOlonO
z3Jsu04vUfbHMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25WM2trUC1IVHBhSnpzOXliTHRPTDFIMnh6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNzQ1YmRiLTEwNGItNDljNy05OWQ1LWNlYzMzYmExYmRmNS8x
L0g0cTZfVDYxM0hGZFN1ZVhUWFR2Qy1xdm94QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NzQ1YmRiLTEwNGItNDljNy05OWQ1LWNlYzMzYmExYmRmNS8xL25WM2trUC1IVHBh
SnpzOXliTHRPTDFIMnh6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIIezANBgkqhkiG9w0BAQsFAAOC
AQEADYtabJ3ulYIHE0w7HZYjrNn5wV+xs1GMVtgqjVnln6zsztHbRjNXFdLBOuhj
LNWFaXDaQQN5a5dsA4ch4DMz9P7OLdu4ghO/HSQdNByj/GoYgjE85I+GzXhAw9NV
NDzzL2cALYBDVLs561KFLG5kYuTMePTj8cXQyw8yAYkXoEa+xs3ctuMzbg5/sFl3
lTnFbOeGTaMKLv0924fWrW5q58S9NCfE3oFnVKHC0QcmByb/Zkq9K4APte4yCNcJ
RBJLtaaj0wSwZnT+T0kMmVMXtPID+q7jkibc2V0jPcjWtQ/xnX9vHDBv0sNNNLym
X7hcClbjfI4co8n2AYt/zCph4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:37 2024 by rpki-client on console-fra.rpki-client.org