Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/uDHmXJLag6qmEGEHaUHdkQo_2T4.roa
File:                     uDHmXJLag6qmEGEHaUHdkQo_2T4.roa (raw, json)
Hash identifier:          859tRianwPCLACZ//XixHlBiOfnodxT7E8Xr7lPNxGk=
Subject key identifier:   B8:31:E6:5C:92:DA:83:AA:A6:10:61:07:69:41:DD:91:0A:3F:D9:3E
Certificate issuer:       /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial:       0D660D38
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/uDHmXJLag6qmEGEHaUHdkQo_2T4.roa
Signing time:             Sat 01 Jan 2022 13:04:20 +0000
ROA not before:           Sat 01 Jan 2022 13:04:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50870
IP address blocks:        94.243.208.0/22 maxlen: 22
                          94.243.212.0/22 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 224791864 (0xd660d38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
        Validity
            Not Before: Jan  1 13:04:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b831e65c92da83aaa61061076941dd910a3fd93e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:96:ee:a6:b5:49:09:07:99:90:38:44:13:c9:
                    4e:d6:5c:70:fc:53:d8:ac:bd:0c:ba:a4:34:e9:f5:
                    c5:3b:d5:77:1b:db:2f:22:3c:44:21:20:49:b0:05:
                    ff:1e:53:16:03:29:7b:fa:55:4e:28:e8:2b:49:c1:
                    2d:aa:72:a4:c1:3d:af:c2:00:6d:2b:ce:91:fd:2f:
                    b2:4a:fa:63:66:d3:8c:d5:2e:31:70:5e:c3:85:74:
                    fc:a7:6e:16:a9:dc:f6:6c:fb:6b:c7:6b:ee:b4:67:
                    64:62:51:70:fb:d5:c5:e4:f7:e0:cd:c5:5a:05:e2:
                    35:65:b9:c3:fa:1e:8a:6e:60:83:cc:e5:c5:d7:53:
                    4b:d4:69:b0:57:6e:54:4d:a4:bc:e8:ce:0d:91:64:
                    c4:97:5e:62:85:a5:8d:0f:ad:0a:d1:2c:79:cf:05:
                    b5:75:02:9f:e6:fb:ae:cf:3e:1f:33:18:74:23:89:
                    2d:27:26:1f:39:be:1e:c6:86:ce:3e:a3:b3:43:32:
                    ae:fc:93:20:2c:42:fd:54:5d:57:30:24:28:a5:37:
                    4f:e2:fb:90:86:39:aa:d6:9b:59:e7:72:ab:2f:c9:
                    47:65:e1:91:a7:c1:78:d7:1d:af:0f:15:3a:7d:43:
                    cc:55:a0:07:a8:93:3e:f3:36:39:b9:7c:bb:e7:95:
                    ab:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:31:E6:5C:92:DA:83:AA:A6:10:61:07:69:41:DD:91:0A:3F:D9:3E
            X509v3 Authority Key Identifier:
                keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/uDHmXJLag6qmEGEHaUHdkQo_2T4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.243.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         15:9e:2f:ab:01:a4:46:13:bc:5f:75:b7:fa:83:f4:f8:f4:06:
         01:0c:69:45:cf:5e:bb:eb:ec:3c:89:3c:7b:d1:a2:9b:1f:54:
         33:80:fa:29:6a:a0:5b:4e:57:6f:34:03:02:bb:17:b7:0c:3c:
         d2:fb:60:f4:cd:64:99:de:57:0e:f0:df:8d:91:02:3c:1b:c5:
         ea:6f:f9:d6:70:7e:60:71:58:14:98:27:f2:85:06:ba:29:c8:
         10:5d:dd:ce:c9:32:1b:e5:3d:29:3f:39:01:50:fc:b9:7f:a7:
         9c:1d:b3:3c:67:a8:a7:1d:f7:4a:2d:1d:4e:a3:45:32:eb:5a:
         cd:46:c6:94:43:b5:07:54:24:91:a2:57:2b:99:cc:50:12:28:
         a7:c6:9d:f9:47:54:5d:7d:f4:d5:5d:a7:24:53:04:ee:5c:24:
         6b:16:9b:c6:5a:51:b0:e3:f9:0c:d5:84:ed:ce:0f:e1:24:d8:
         84:81:a5:18:16:46:9a:2f:68:f6:1e:ff:3f:1b:2d:dc:fb:4b:
         81:f9:4b:4c:8c:03:e3:0f:ef:97:87:e5:47:dd:8f:41:74:70:
         ca:0f:ad:89:36:8e:1c:6f:87:2c:0a:75:fd:93:9a:39:bb:96:
         b3:62:71:f8:8f:0c:8f:c7:16:3b:e3:e5:1c:6b:cc:03:78:54:
         b7:af:dd:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDWYNODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODAwOTlhODFiMzQ2ZjlhYmNhZjI2MDU2ZjViNzcwOTRkMWNmMTEzMB4XDTIyMDEw
MTEzMDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjgzMWU2NWM5MmRh
ODNhYWE2MTA2MTA3Njk0MWRkOTEwYTNmZDkzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2W7qa1SQkHmZA4RBPJTtZccPxT2Ky9DLqkNOn1xTvVdxvb
LyI8RCEgSbAF/x5TFgMpe/pVTijoK0nBLapypME9r8IAbSvOkf0vskr6Y2bTjNUu
MXBew4V0/KduFqnc9mz7a8dr7rRnZGJRcPvVxeT34M3FWgXiNWW5w/oeim5gg8zl
xddTS9RpsFduVE2kvOjODZFkxJdeYoWljQ+tCtEsec8FtXUCn+b7rs8+HzMYdCOJ
LScmHzm+HsaGzj6js0MyrvyTICxC/VRdVzAkKKU3T+L7kIY5qtabWedyqy/JR2Xh
kafBeNcdrw8VOn1DzFWgB6iTPvM2Obl8u+eVq5sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS4MeZcktqDqqYQYQdpQd2RCj/ZPjAfBgNVHSMEGDAWgBQ4AJmoGzRvmryv
JgVvW3cJTRzxEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09BQ1pxQnMwYjVxOHJ5WUZiMXQzQ1UwYzhSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvOGU1MDFkLWMwODgtNDg5NS1hZWUzLTQ1MGZlMzM1OTVkMS8x
L3VESG1YSkxhZzZxbUVHRUhhVUhka1FvXzJUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
OGU1MDFkLWMwODgtNDg5NS1hZWUzLTQ1MGZlMzM1OTVkMS8xL09BQ1pxQnMwYjVx
OHJ5WUZiMXQzQ1UwYzhSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA17z0DANBgkqhkiG9w0BAQsFAAOC
AQEAFZ4vqwGkRhO8X3W3+oP0+PQGAQxpRc9eu+vsPIk8e9Gimx9UM4D6KWqgW05X
bzQDArsXtww80vtg9M1kmd5XDvDfjZECPBvF6m/51nB+YHFYFJgn8oUGuinIEF3d
zskyG+U9KT85AVD8uX+nnB2zPGeopx33Si0dTqNFMutazUbGlEO1B1QkkaJXK5nM
UBIop8ad+UdUXX301V2nJFME7lwkaxabxlpRsOP5DNWE7c4P4STYhIGlGBZGmi9o
9h7/Pxst3PtLgflLTIwD4w/vl4flR92PQXRwyg+tiTaOHG+HLAp1/ZOaObuWs2Jx
+I8Mj8cWO+PlHGvMA3hUt6/dJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:00 2024 by rpki-client on console-fra.rpki-client.org