Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/DbDPvLe0zOAQbLX0egnwfdQyxas.roa
File:                     DbDPvLe0zOAQbLX0egnwfdQyxas.roa (raw, json)
Hash identifier:          rc6yVTO/aZM13kyfgjvk9qY7eO1qUnhqgxkjLGqRKEs=
Subject key identifier:   0D:B0:CF:BC:B7:B4:CC:E0:10:6C:B5:F4:7A:09:F0:7D:D4:32:C5:AB
Certificate issuer:       /CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Certificate serial:       3FC0DB3A
Authority key identifier: F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/DbDPvLe0zOAQbLX0egnwfdQyxas.roa
Signing time:             Sat 01 Jan 2022 08:55:07 +0000
ROA not before:           Sat 01 Jan 2022 08:55:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197427
IP address blocks:        195.150.9.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1069603642 (0x3fc0db3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
        Validity
            Not Before: Jan  1 08:55:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0db0cfbcb7b4cce0106cb5f47a09f07dd432c5ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:68:46:b2:10:95:cc:06:2e:40:d7:84:1a:98:
                    8f:05:a3:b5:87:e6:00:62:51:79:aa:2b:ca:5c:d4:
                    13:84:cf:a6:db:12:93:bb:31:81:af:fe:9d:cf:20:
                    2e:d3:ec:d8:e5:1f:43:f6:00:e8:e5:ad:94:ee:7f:
                    e3:e1:2b:a3:6c:b9:06:9f:05:86:81:1e:b3:7d:41:
                    1c:96:1b:fc:49:d0:a9:de:ff:af:64:34:44:c0:ea:
                    bb:8b:2a:46:c1:2c:8d:9a:27:a2:fa:b1:2a:b5:50:
                    e8:42:fe:ef:97:67:7d:ab:f2:0d:0b:ea:c2:1e:ff:
                    75:a5:3f:8e:e3:6c:8f:e8:f5:b1:c2:72:a9:1e:ed:
                    35:e8:5e:ce:65:8c:63:ae:51:a6:4a:0d:f1:50:e1:
                    69:9c:35:4c:88:48:f4:df:90:34:a9:3d:8d:59:07:
                    23:90:59:33:8a:18:91:f7:66:10:66:ed:78:55:36:
                    ae:7f:ba:4d:9e:cb:b3:53:3e:a3:61:d5:f0:7b:68:
                    9e:6e:17:c9:0c:c7:e6:54:71:8f:61:d3:58:ce:78:
                    eb:7b:b0:d5:99:68:5f:1d:2b:7b:e3:48:0f:24:d2:
                    6a:db:92:10:85:4e:bc:8a:db:5d:50:0c:e2:a7:18:
                    38:fd:c2:9d:a5:9c:6b:13:19:c9:e2:3a:7a:21:c9:
                    6d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:B0:CF:BC:B7:B4:CC:E0:10:6C:B5:F4:7A:09:F0:7D:D4:32:C5:AB
            X509v3 Authority Key Identifier:
                keyid:F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/DbDPvLe0zOAQbLX0egnwfdQyxas.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.150.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:c1:d2:57:5b:11:91:73:d3:6e:42:8c:48:9c:86:36:d4:73:
         9c:61:55:b2:28:2b:f6:cc:20:b0:b3:a8:ba:6b:49:82:08:36:
         0b:39:67:44:8b:bd:ea:65:41:8d:41:a9:13:95:7d:ff:3f:09:
         06:77:cc:c5:99:59:9c:1f:8b:d2:e5:96:4a:58:c6:01:14:85:
         fc:2f:1a:83:4a:14:9c:1b:e7:ed:1e:67:5e:a0:e4:14:3f:91:
         ed:6a:4f:7b:02:7c:aa:74:cc:3b:6d:e0:6a:72:f1:78:76:55:
         06:f4:f9:87:84:06:5f:e1:66:52:05:80:0f:fc:be:aa:ea:ee:
         71:8b:53:ca:ef:fa:68:e5:95:44:b0:0a:74:ae:8b:31:e0:d7:
         e5:d2:ca:fc:ce:66:d3:a5:9a:05:d1:ae:59:4d:b8:74:dc:9b:
         35:29:cf:b9:0d:3b:f1:12:72:30:e9:ce:3b:2a:ae:c8:29:45:
         e6:3e:62:30:d2:98:2d:c7:c4:46:28:59:21:a2:4e:9a:f2:fb:
         10:93:9f:2e:5f:d4:08:1d:31:f9:8d:a7:a5:7f:ff:36:59:64:
         7d:5f:ae:64:be:36:a7:a0:58:4c:f1:17:f1:74:00:27:e2:69:
         b5:d7:f3:94:88:ee:ec:09:34:ad:4c:7d:26:d4:fe:71:43:e7:
         29:cf:55:f9
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEP8DbOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGYxOWUyMjRjNzNmODNjNGZkZDE5NmQwNjYwOGFlYjNhODgxODA0MB4XDTIyMDEw
MTA4NTUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRiMGNmYmNiN2I0
Y2NlMDEwNmNiNWY0N2EwOWYwN2RkNDMyYzVhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVoRrIQlcwGLkDXhBqYjwWjtYfmAGJReaorylzUE4TPptsS
k7sxga/+nc8gLtPs2OUfQ/YA6OWtlO5/4+Ero2y5Bp8FhoEes31BHJYb/EnQqd7/
r2Q0RMDqu4sqRsEsjZonovqxKrVQ6EL+75dnfavyDQvqwh7/daU/juNsj+j1scJy
qR7tNehezmWMY65RpkoN8VDhaZw1TIhI9N+QNKk9jVkHI5BZM4oYkfdmEGbteFU2
rn+6TZ7Ls1M+o2HV8Htonm4XyQzH5lRxj2HTWM5463uw1ZloXx0re+NIDyTSatuS
EIVOvIrbXVAM4qcYOP3CnaWcaxMZyeI6eiHJbYsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQNsM+8t7TM4BBstfR6CfB91DLFqzAfBgNVHSMEGDAWgBT48Z4iTHP4PE/d
GW0GYIrrOogYBDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtUEdlSWt4ei1EeFAzUmx0Qm1DSzZ6cUlHQVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc3L2Y0MDQ4Ni0yY2Q5LTQ3NWItYmJlMS0xNmNkOGY0ZmI0Yjkv
MS9EYkRQdkxlMHpPQVFiTFgwZWdud2ZkUXl4YXMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc3
L2Y0MDQ4Ni0yY2Q5LTQ3NWItYmJlMS0xNmNkOGY0ZmI0YjkvMS8xLVBHZUlreHot
RHhQM1JsdEJtQ0s2enFJR0FRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5YJMA0GCSqGSIb3DQEBCwUA
A4IBAQBrwdJXWxGRc9NuQoxInIY21HOcYVWyKCv2zCCws6i6a0mCCDYLOWdEi73q
ZUGNQakTlX3/PwkGd8zFmVmcH4vS5ZZKWMYBFIX8LxqDShScG+ftHmdeoOQUP5Ht
ak97AnyqdMw7beBqcvF4dlUG9PmHhAZf4WZSBYAP/L6q6u5xi1PK7/po5ZVEsAp0
rosx4Nfl0sr8zmbTpZoF0a5ZTbh03Js1Kc+5DTvxEnIw6c47Kq7IKUXmPmIw0pgt
x8RGKFkhok6a8vsQk58uX9QIHTH5jaelf/82WWR9X65kvjanoFhM8RfxdAAn4mm1
1/OUiO7sCTStTH0m1P5xQ+cpz1X5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:31 2024 by rpki-client on console-fra.rpki-client.org