Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/dcd87f-4aa7-44ff-97bf-ce32d66f30a8/1/CtefO-c-LkQd2cCqkdZheZ6-dg4.roa
File:                     CtefO-c-LkQd2cCqkdZheZ6-dg4.roa (raw, json)
Hash identifier:          EvB4oA1cD+PwQ2tt4GdVjUfaK7ZYv38GElcZS3B6Fmc=
Subject key identifier:   0A:D7:9F:3B:E7:3E:2E:44:1D:D9:C0:AA:91:D6:61:79:9E:BE:76:0E
Certificate issuer:       /CN=676244de0190a6dd5a899a2b37b002b9ae632c86
Certificate serial:       09C9806D
Authority key identifier: 67:62:44:DE:01:90:A6:DD:5A:89:9A:2B:37:B0:02:B9:AE:63:2C:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z2JE3gGQpt1aiZorN7ACua5jLIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/dcd87f-4aa7-44ff-97bf-ce32d66f30a8/1/CtefO-c-LkQd2cCqkdZheZ6-dg4.roa
Signing time:             Sat 01 Jan 2022 10:05:08 +0000
ROA not before:           Sat 01 Jan 2022 10:05:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205863
IP address blocks:        185.203.156.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 164200557 (0x9c9806d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=676244de0190a6dd5a899a2b37b002b9ae632c86
        Validity
            Not Before: Jan  1 10:05:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0ad79f3be73e2e441dd9c0aa91d661799ebe760e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:03:db:7d:26:b5:0a:2f:09:86:84:ab:53:f9:
                    50:7f:e8:c0:9a:8c:80:2b:88:80:e7:7a:c2:f3:6a:
                    63:e6:d1:1c:c9:04:2c:d4:c2:1f:e0:a8:03:23:d4:
                    65:21:7f:ff:76:cc:06:19:75:d9:81:32:31:02:d4:
                    ea:9c:4c:db:f3:be:88:a5:f4:19:a2:ae:33:0c:bd:
                    17:a2:f0:28:26:03:80:1c:ac:fd:e7:87:ac:1f:b5:
                    3a:f5:5b:a0:1d:f1:74:79:05:b2:10:23:ba:ea:d9:
                    10:98:ad:4f:aa:2a:8e:80:83:e0:10:4c:85:92:aa:
                    ec:8a:82:aa:7b:54:69:0f:b5:61:d7:ce:b4:b5:bd:
                    f3:d4:74:bc:cc:ea:2d:54:a6:01:98:10:93:a4:a3:
                    05:c4:be:e8:10:99:ba:83:e9:33:bb:59:80:01:b6:
                    46:24:8b:f8:ab:cc:61:4c:e6:c0:a2:53:e1:7c:fb:
                    2d:ab:48:3a:31:2b:5c:1e:19:26:0b:8e:88:ff:18:
                    50:e0:06:e8:e6:19:cc:28:e3:78:e7:e3:1c:e3:10:
                    de:95:bc:17:89:d5:73:d5:0a:90:1b:45:bc:5d:14:
                    ce:29:00:86:e3:2d:03:a9:42:fe:de:98:3d:f2:ee:
                    28:00:9d:d1:7c:d7:f7:58:23:4b:93:c8:90:db:be:
                    9b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:D7:9F:3B:E7:3E:2E:44:1D:D9:C0:AA:91:D6:61:79:9E:BE:76:0E
            X509v3 Authority Key Identifier:
                keyid:67:62:44:DE:01:90:A6:DD:5A:89:9A:2B:37:B0:02:B9:AE:63:2C:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2JE3gGQpt1aiZorN7ACua5jLIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/dcd87f-4aa7-44ff-97bf-ce32d66f30a8/1/CtefO-c-LkQd2cCqkdZheZ6-dg4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/dcd87f-4aa7-44ff-97bf-ce32d66f30a8/1/Z2JE3gGQpt1aiZorN7ACua5jLIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.203.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a5:1c:6e:b0:56:08:7b:fd:ef:b1:29:cf:5e:2b:66:5a:44:34:
         4d:f4:1b:20:cc:91:8f:5d:85:dd:67:0a:47:d4:2d:ef:f9:c8:
         80:a6:02:ea:10:09:53:24:b4:9f:d4:34:12:b6:9b:a7:bb:bf:
         4f:a3:a0:0b:1d:27:e1:be:d6:f0:9a:a6:9c:da:07:51:4f:0f:
         65:0f:43:81:71:14:4c:d4:d4:99:14:cb:cd:de:77:95:46:f5:
         d3:7c:93:3c:66:b9:89:ee:4a:7b:7d:92:30:0d:56:22:1d:66:
         c1:c5:44:5c:0f:b6:79:71:51:8f:52:00:56:71:1d:e5:31:8e:
         92:1e:08:0f:cf:9d:b7:ef:0c:39:18:f5:e6:c4:be:bd:d7:df:
         59:da:4d:d1:9f:53:e3:d2:4d:0d:95:ab:b2:e7:77:1e:1d:50:
         1d:c7:12:68:ea:67:73:09:e1:12:ed:88:98:7b:ba:bd:42:0f:
         6e:96:4c:12:f6:53:c1:cb:c6:8f:ef:4a:d8:c3:a7:0e:e2:66:
         76:b7:8d:cb:08:7f:6e:9a:69:e3:81:c2:8e:a1:f9:5a:61:47:
         bc:c9:bb:56:85:66:4b:40:e0:3c:4d:2c:e6:15:7d:ae:ec:15:
         a2:f2:65:a4:44:7d:d8:9d:da:8a:d9:51:d7:7c:ed:e6:e7:f3:
         84:8a:c7:52
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECcmAbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzYyNDRkZTAxOTBhNmRkNWE4OTlhMmIzN2IwMDJiOWFlNjMyYzg2MB4XDTIyMDEw
MTEwMDUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFkNzlmM2JlNzNl
MmU0NDFkZDljMGFhOTFkNjYxNzk5ZWJlNzYwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgD230mtQovCYaEq1P5UH/owJqMgCuIgOd6wvNqY+bRHMkE
LNTCH+CoAyPUZSF//3bMBhl12YEyMQLU6pxM2/O+iKX0GaKuMwy9F6LwKCYDgBys
/eeHrB+1OvVboB3xdHkFshAjuurZEJitT6oqjoCD4BBMhZKq7IqCqntUaQ+1YdfO
tLW989R0vMzqLVSmAZgQk6SjBcS+6BCZuoPpM7tZgAG2RiSL+KvMYUzmwKJT4Xz7
LatIOjErXB4ZJguOiP8YUOAG6OYZzCjjeOfjHOMQ3pW8F4nVc9UKkBtFvF0UzikA
huMtA6lC/t6YPfLuKACd0XzX91gjS5PIkNu+m9UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQK15875z4uRB3ZwKqR1mF5nr52DjAfBgNVHSMEGDAWgBRnYkTeAZCm3VqJ
mis3sAK5rmMshjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1oySkUzZ0dRcHQxYWlab3JON0FDdWE1akxJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvZGNkODdmLTRhYTctNDRmZi05N2JmLWNlMzJkNjZmMzBhOC8x
L0N0ZWZPLWMtTGtRZDJjQ3FrZFpoZVo2LWRnNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
ZGNkODdmLTRhYTctNDRmZi05N2JmLWNlMzJkNjZmMzBhOC8xL1oySkUzZ0dRcHQx
YWlab3JON0FDdWE1akxJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnLnDANBgkqhkiG9w0BAQsFAAOC
AQEApRxusFYIe/3vsSnPXitmWkQ0TfQbIMyRj12F3WcKR9Qt7/nIgKYC6hAJUyS0
n9Q0Erabp7u/T6OgCx0n4b7W8JqmnNoHUU8PZQ9DgXEUTNTUmRTLzd53lUb103yT
PGa5ie5Ke32SMA1WIh1mwcVEXA+2eXFRj1IAVnEd5TGOkh4ID8+dt+8MORj15sS+
vdffWdpN0Z9T49JNDZWrsud3Hh1QHccSaOpncwnhEu2ImHu6vUIPbpZMEvZTwcvG
j+9K2MOnDuJmdreNywh/bppp44HCjqH5WmFHvMm7VoVmS0DgPE0s5hV9ruwVovJl
pER92J3aitlR13zt5ufzhIrHUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:33 2024 by rpki-client on console-fra.rpki-client.org