Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/enTEj-lpRGaVjikd3Vhl7Q_rb6c.roa
File:                     enTEj-lpRGaVjikd3Vhl7Q_rb6c.roa (raw, json)
Hash identifier:          VUw7tboy0xHPRqtsjVRWtIcJ2O4fsrpVghqUSbxLHqA=
Subject key identifier:   7A:74:C4:8F:E9:69:44:66:95:8E:29:1D:DD:58:65:ED:0F:EB:6F:A7
Certificate issuer:       /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial:       052F78F3
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/enTEj-lpRGaVjikd3Vhl7Q_rb6c.roa
Signing time:             Sat 01 Jan 2022 12:57:13 +0000
ROA not before:           Sat 01 Jan 2022 12:57:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211250
IP address blocks:        195.64.229.0/24 maxlen: 24
                          195.64.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86997235 (0x52f78f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
        Validity
            Not Before: Jan  1 12:57:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7a74c48fe9694466958e291ddd5865ed0feb6fa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:70:d2:73:8f:74:4f:0e:e3:81:16:89:41:83:
                    7a:c2:4b:4b:70:c2:ce:98:05:42:36:b8:2a:c2:07:
                    a5:3d:1a:a6:fc:79:5d:b2:17:28:0d:91:6b:aa:e4:
                    cf:23:4c:77:26:7c:fe:5a:a6:e0:a8:74:99:b0:c5:
                    43:de:b9:4f:2c:b2:d5:1a:72:7a:45:77:ce:f1:eb:
                    1b:9f:ca:85:99:69:a7:d6:7e:b4:fb:4a:dd:fa:99:
                    60:b0:80:22:9f:e8:3d:3e:12:03:87:cd:21:30:16:
                    2f:bd:2f:ef:d9:56:7b:20:70:7b:11:98:f7:ac:92:
                    0f:51:86:60:d0:ef:1b:c3:89:f6:0a:d4:a4:84:37:
                    32:2c:e3:6a:93:a2:92:11:c8:f8:bf:57:82:a6:65:
                    74:4d:e6:a3:cd:14:1a:01:17:37:62:d6:7d:a5:2d:
                    55:84:7e:43:b1:ed:7d:22:ef:d9:3e:0e:85:9b:88:
                    87:83:eb:38:5f:a8:17:73:a1:16:57:3c:5f:c1:76:
                    07:82:78:fe:12:d5:08:cc:4d:e2:53:d3:67:90:60:
                    d1:af:07:cf:c0:5d:df:8e:9c:62:90:76:fa:8f:31:
                    ae:8f:ca:d7:00:18:a7:b7:f9:07:58:d6:7f:5e:4b:
                    5f:72:83:6b:21:03:68:0c:5a:50:9a:3b:e6:15:da:
                    16:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:74:C4:8F:E9:69:44:66:95:8E:29:1D:DD:58:65:ED:0F:EB:6F:A7
            X509v3 Authority Key Identifier:
                keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/enTEj-lpRGaVjikd3Vhl7Q_rb6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.64.229.0/24
                  195.64.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:42:ea:a1:02:d0:9e:ed:38:58:bd:93:44:1a:db:af:5a:b9:
         4a:1d:43:0f:3b:89:90:92:17:d2:06:db:de:3a:b4:53:7f:93:
         7a:09:07:98:82:d3:43:26:0e:ba:94:ba:14:b0:15:8f:2d:bb:
         c5:63:37:7a:d5:64:62:7b:4e:8b:48:2a:11:72:4c:2f:78:4b:
         3c:d7:ad:7f:04:39:0a:a1:a5:77:60:c0:18:9f:73:03:5e:e4:
         39:b8:7e:b6:54:45:f5:14:f5:19:50:75:26:92:80:ab:75:87:
         c9:7a:88:73:14:a1:d9:bd:80:19:12:f8:48:21:6b:ff:62:69:
         df:ec:b5:b0:60:57:d7:d5:2e:1b:e3:7e:95:0c:8b:8a:45:e5:
         1c:5e:d3:e8:e3:54:f4:9a:5d:e1:a1:1b:bc:ae:5a:40:b7:5c:
         e3:59:1f:79:40:52:3c:37:7d:30:4c:d5:a5:25:a8:60:da:9f:
         18:15:c3:e7:ab:42:16:1f:95:b0:8e:6a:fa:c2:a2:4c:59:36:
         df:d8:c9:4c:3e:d7:91:ab:9f:30:6e:72:6e:5c:c6:ef:00:8e:
         b0:0c:fd:dd:64:fe:9e:3e:83:9d:6f:f1:c0:16:8d:45:c0:7f:
         f8:a4:a8:19:7c:b0:0f:a1:83:cc:ae:85:5b:7d:6d:05:d3:c0:
         15:26:8b:74
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBS948zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWZhNDhmNDBiYzg0NTQwYzQ2YmQyM2JlOWI5MDg5N2FhMTg0ZjRkMB4XDTIyMDEw
MTEyNTcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2E3NGM0OGZlOTY5
NDQ2Njk1OGUyOTFkZGQ1ODY1ZWQwZmViNmZhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhw0nOPdE8O44EWiUGDesJLS3DCzpgFQja4KsIHpT0apvx5
XbIXKA2Ra6rkzyNMdyZ8/lqm4Kh0mbDFQ965Tyyy1RpyekV3zvHrG5/KhZlpp9Z+
tPtK3fqZYLCAIp/oPT4SA4fNITAWL70v79lWeyBwexGY96ySD1GGYNDvG8OJ9grU
pIQ3MizjapOikhHI+L9XgqZldE3mo80UGgEXN2LWfaUtVYR+Q7HtfSLv2T4OhZuI
h4PrOF+oF3OhFlc8X8F2B4J4/hLVCMxN4lPTZ5Bg0a8Hz8Bd346cYpB2+o8xro/K
1wAYp7f5B1jWf15LX3KDayEDaAxaUJo75hXaFokCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR6dMSP6WlEZpWOKR3dWGXtD+tvpzAfBgNVHSMEGDAWgBSB+kj0C8hFQMRr
0jvpuQiXqhhPTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dmcEk5QXZJUlVERWE5STc2YmtJbDZvWVQwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvMTQ2MDc4LWY5YjItNDE2My1hZjFhLThlOTNjYjVjNTM1NS8x
L2VuVEVqLWxwUkdhVmppa2QzVmhsN1FfcmI2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
MTQ2MDc4LWY5YjItNDE2My1hZjFhLThlOTNjYjVjNTM1NS8xL2dmcEk5QXZJUlVE
RWE5STc2YmtJbDZvWVQwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMNA5QMEAMNA7zANBgkqhkiG9w0B
AQsFAAOCAQEApULqoQLQnu04WL2TRBrbr1q5Sh1DDzuJkJIX0gbb3jq0U3+TegkH
mILTQyYOupS6FLAVjy27xWM3etVkYntOi0gqEXJML3hLPNetfwQ5CqGld2DAGJ9z
A17kObh+tlRF9RT1GVB1JpKAq3WHyXqIcxSh2b2AGRL4SCFr/2Jp3+y1sGBX19Uu
G+N+lQyLikXlHF7T6ONU9Jpd4aEbvK5aQLdc41kfeUBSPDd9MEzVpSWoYNqfGBXD
56tCFh+VsI5q+sKiTFk239jJTD7XkaufMG5yblzG7wCOsAz93WT+nj6DnW/xwBaN
RcB/+KSoGXywD6GDzK6FW31tBdPAFSaLdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:56 2024 by rpki-client on console-fra.rpki-client.org