Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/gF5ropn0xBVOO3ZYJQmBmAFww5Q.roa
File:                     gF5ropn0xBVOO3ZYJQmBmAFww5Q.roa (raw, json)
Hash identifier:          LsFCwiteUWhr4KgHjzH5u/d/N25a5gd6/th9eyCc+Uo=
Subject key identifier:   80:5E:6B:A2:99:F4:C4:15:4E:3B:76:58:25:09:81:98:01:70:C3:94
Certificate issuer:       /CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Certificate serial:       018217C3D05F72FCC1AA79B82E07AB1D8DB5
Authority key identifier: 62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/gF5ropn0xBVOO3ZYJQmBmAFww5Q.roa
Signing time:             Tue 19 Jul 2022 18:41:24 +0000
ROA not before:           Tue 19 Jul 2022 18:41:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24961
IP address blocks:        194.169.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:17:c3:d0:5f:72:fc:c1:aa:79:b8:2e:07:ab:1d:8d:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
        Validity
            Not Before: Jul 19 18:41:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=805e6ba299f4c4154e3b7658250981980170c394
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d8:de:5d:44:5d:9d:c8:81:43:1f:be:89:52:
                    ef:ba:f0:6e:2f:50:78:d7:d9:a8:f3:a1:b0:a9:93:
                    56:dc:ab:d1:2b:41:0e:aa:99:b7:a1:09:89:c4:16:
                    86:ad:e5:78:a3:86:9c:50:90:2e:4e:98:4f:1f:41:
                    cb:b9:3e:9f:23:35:a2:a0:c1:05:63:e9:d7:80:d0:
                    05:ff:c4:f0:10:77:91:43:9b:2d:62:26:4e:0b:f5:
                    4c:52:d5:ac:43:53:e6:90:1f:f7:c0:19:99:7d:b9:
                    3f:bd:f0:6e:65:80:d8:9d:c4:f3:8f:1e:e9:4a:66:
                    2b:50:e3:a3:49:c9:f0:64:80:c2:44:55:0b:e8:5e:
                    c1:f1:96:db:88:7a:71:b2:e7:6a:0d:ea:17:54:04:
                    2b:37:fe:dd:00:d8:4b:1e:4f:8f:17:55:44:9f:6c:
                    78:f2:ab:f9:57:48:a6:2f:69:df:5f:ce:ed:5c:e2:
                    f3:01:07:ea:0a:1c:f8:6e:67:a2:72:f0:6c:44:e9:
                    fa:0f:54:d2:c0:2f:77:ac:4c:a9:15:f7:b9:5d:c5:
                    a5:c3:fd:e7:9f:35:15:1c:cd:42:90:d0:c0:7f:70:
                    19:16:ec:42:fd:a0:7d:06:36:c1:65:e8:20:e8:34:
                    3b:1c:0e:24:e2:ef:0c:8d:8b:41:77:e8:9c:82:e1:
                    7b:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:5E:6B:A2:99:F4:C4:15:4E:3B:76:58:25:09:81:98:01:70:C3:94
            X509v3 Authority Key Identifier:
                keyid:62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/gF5ropn0xBVOO3ZYJQmBmAFww5Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.169.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:0e:c2:20:95:7b:9f:ce:00:05:29:91:64:cf:b6:93:56:fc:
         11:bf:ec:6f:c1:ad:2e:06:20:b9:66:a9:d7:7f:59:75:01:c1:
         2b:78:cb:88:d9:e2:36:e7:75:1d:62:dd:df:9e:93:5c:fb:40:
         36:44:c7:cf:04:71:26:c6:ab:db:bd:f3:41:de:a1:82:fc:ff:
         06:50:09:f7:f1:d7:a8:be:14:c9:bb:d9:78:82:4a:64:db:d2:
         05:aa:82:86:2e:6a:b2:6d:fb:cb:c7:83:af:13:0c:f8:b5:99:
         dd:6b:98:e6:f3:00:fc:8d:8f:2d:72:d0:46:ca:53:9c:a2:4d:
         38:de:0f:7e:5d:a7:64:01:57:cf:61:41:e8:91:25:36:a0:4b:
         bf:b7:17:f1:27:f6:12:a1:ff:bf:ba:2f:e1:92:26:87:3c:d5:
         25:6d:ad:41:70:09:ce:3d:e7:fa:d8:8a:5b:ff:6f:86:91:7a:
         1d:58:46:c3:5a:d5:48:d3:79:4b:77:ce:de:f1:d5:8b:0d:10:
         97:81:75:88:93:b5:9b:5d:db:3c:c4:6f:52:97:8d:10:97:c0:
         15:18:1e:69:67:9f:04:1d:a9:95:91:b7:f2:05:92:24:dc:3d:
         0f:e1:03:54:26:8c:ac:86:69:a4:6f:a3:fd:97:5c:24:a4:78:
         2a:8c:23:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIXw9BfcvzBqnm4LgerHY21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMzUyNmFkOWZiZWM1NzRmYTRlYzNkOWJhZGI1NDMzZmRh
YWNhN2IwHhcNMjIwNzE5MTg0MTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDVlNmJhMjk5ZjRjNDE1NGUzYjc2NTgyNTA5ODE5ODAxNzBjMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltjeXURdnciBQx++iVLvuvBuL1B4
19mo86GwqZNW3KvRK0EOqpm3oQmJxBaGreV4o4acUJAuTphPH0HLuT6fIzWioMEF
Y+nXgNAF/8TwEHeRQ5stYiZOC/VMUtWsQ1PmkB/3wBmZfbk/vfBuZYDYncTzjx7p
SmYrUOOjScnwZIDCRFUL6F7B8ZbbiHpxsudqDeoXVAQrN/7dANhLHk+PF1VEn2x4
8qv5V0imL2nfX87tXOLzAQfqChz4bmeicvBsROn6D1TSwC93rEypFfe5XcWlw/3n
nzUVHM1CkNDAf3AZFuxC/aB9BjbBZegg6DQ7HA4k4u8MjYtBd+icguF7VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBea6KZ9MQVTjt2WCUJgZgBcMOUMB8GA1UdIwQY
MBaAFGI1Jq2fvsV0+k7D2brbVDP9qsp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2Yt
ODFjOGNlNzUwMTI0LzEvZ0Y1cm9wbjB4QlZPTzNaWUpRbUJtQUZ3dzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2YtODFjOGNlNzUwMTI0
LzEvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqnGMA0G
CSqGSIb3DQEBCwUAA4IBAQBHDsIglXufzgAFKZFkz7aTVvwRv+xvwa0uBiC5ZqnX
f1l1AcEreMuI2eI253UdYt3fnpNc+0A2RMfPBHEmxqvbvfNB3qGC/P8GUAn38deo
vhTJu9l4gkpk29IFqoKGLmqybfvLx4OvEwz4tZnda5jm8wD8jY8tctBGylOcok04
3g9+XadkAVfPYUHokSU2oEu/txfxJ/YSof+/ui/hkiaHPNUlba1BcAnOPef62Ipb
/2+GkXodWEbDWtVI03lLd87e8dWLDRCXgXWIk7WbXds8xG9Sl40Ql8AVGB5pZ58E
HamVkbfyBZIk3D0P4QNUJoyshmmkb6P9l1wkpHgqjCOV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:01 2024 by rpki-client on console-ams.rpki-client.org