Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0bc9e6-4198-4067-9597-74d4c2c5b694/1/iDlGXI56pIspMsbOJy2aVuHLv_I.roa
File:                     iDlGXI56pIspMsbOJy2aVuHLv_I.roa (raw, json)
Hash identifier:          WfxPhUUHL/wBsna4Y0u+HVv2g0gSBs3B+/s0gnzPDQw=
Subject key identifier:   88:39:46:5C:8E:7A:A4:8B:29:32:C6:CE:27:2D:9A:56:E1:CB:BF:F2
Certificate issuer:       /CN=76aa33e7e1c2394c663be85d73b9ee34b769495f
Certificate serial:       01833E
Authority key identifier: 76:AA:33:E7:E1:C2:39:4C:66:3B:E8:5D:73:B9:EE:34:B7:69:49:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dqoz5-HCOUxmO-hdc7nuNLdpSV8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0bc9e6-4198-4067-9597-74d4c2c5b694/1/iDlGXI56pIspMsbOJy2aVuHLv_I.roa
Signing time:             Thu 17 Mar 2022 19:43:02 +0000
ROA not before:           Thu 17 Mar 2022 19:43:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213269
IP address blocks:        86.111.212.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99134 (0x1833e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76aa33e7e1c2394c663be85d73b9ee34b769495f
        Validity
            Not Before: Mar 17 19:43:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8839465c8e7aa48b2932c6ce272d9a56e1cbbff2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7d:9e:bd:43:36:60:5a:fa:fe:73:18:13:57:
                    be:b5:62:f2:ce:a8:c1:ee:0e:2a:99:b0:da:a4:15:
                    7e:db:c6:68:d5:6b:15:9f:bd:1d:86:b0:ee:07:c8:
                    16:79:a5:35:c5:c3:dc:32:c6:79:73:ab:af:c1:d5:
                    3e:48:fc:e8:03:6c:34:99:12:97:50:a6:20:2d:fa:
                    78:62:4e:4f:2e:e7:fd:4f:1b:6b:ad:be:38:63:d7:
                    2e:37:69:a4:86:2b:8b:1c:a2:dd:e7:f3:89:10:75:
                    0e:e7:dd:6e:51:2c:94:05:26:d8:f3:bd:45:6c:8b:
                    75:bd:77:d2:b0:79:fd:f8:6b:44:ae:6e:1d:a4:af:
                    5f:20:30:5a:65:e4:c0:87:dd:e3:39:8f:e4:62:21:
                    b9:00:32:a5:c8:66:4a:9f:2c:58:44:1b:42:a9:3b:
                    a1:48:99:4c:af:6a:93:43:be:7c:c5:f4:42:a6:cf:
                    65:42:38:b3:d9:a7:14:4f:3f:7c:7d:ca:cd:db:4e:
                    b8:e1:96:4e:6d:72:a9:76:68:1c:af:1e:19:00:89:
                    19:11:bf:5b:79:17:93:1a:15:1d:51:a4:bc:32:c2:
                    fd:3a:2e:ae:bf:7a:c2:85:32:d0:cf:b0:b6:99:88:
                    05:e0:b9:ac:a6:a5:e2:b5:06:94:bf:94:ff:11:14:
                    6c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:39:46:5C:8E:7A:A4:8B:29:32:C6:CE:27:2D:9A:56:E1:CB:BF:F2
            X509v3 Authority Key Identifier:
                keyid:76:AA:33:E7:E1:C2:39:4C:66:3B:E8:5D:73:B9:EE:34:B7:69:49:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqoz5-HCOUxmO-hdc7nuNLdpSV8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0bc9e6-4198-4067-9597-74d4c2c5b694/1/iDlGXI56pIspMsbOJy2aVuHLv_I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0bc9e6-4198-4067-9597-74d4c2c5b694/1/dqoz5-HCOUxmO-hdc7nuNLdpSV8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.111.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:5d:35:53:9c:a2:fd:11:41:4a:23:b9:95:f2:cb:18:0f:1c:
         5c:60:5f:b3:fe:10:65:47:a9:7c:f8:59:86:19:0a:5f:19:8e:
         5a:12:32:d5:5f:11:da:00:de:42:a8:86:85:03:b2:fb:aa:10:
         22:76:ed:41:e0:62:56:99:9e:1d:0a:b6:73:7a:b7:e2:61:a4:
         f8:21:a8:33:bc:3a:c7:1c:1f:c4:96:f4:3d:5a:7f:df:28:ee:
         b6:b1:dc:fb:79:be:99:d8:a2:36:cb:1f:30:31:fe:86:60:bb:
         d6:62:1a:1b:e1:ea:47:9c:2d:6b:08:80:5a:5e:b7:ef:6f:a5:
         f6:ac:a3:a9:ac:19:45:a6:3f:e3:fa:ab:05:48:c8:d8:07:a5:
         84:37:0f:0f:c0:9d:f1:49:0f:d6:0c:a0:d9:88:2a:6c:b6:e2:
         43:bd:3d:67:95:d7:f6:09:1e:81:03:4a:00:6c:93:ac:ea:4c:
         4f:04:4e:f4:a9:4b:1f:f7:f5:40:6d:c1:66:eb:04:53:0c:cc:
         73:08:2e:81:d6:61:de:b9:4a:52:75:f8:20:08:27:99:cb:43:
         ab:18:c2:b1:b0:23:6e:c4:53:fc:98:19:7d:d5:cb:70:2b:04:
         58:49:28:a2:8c:52:39:82:0c:94:99:3e:fc:4c:e5:ce:55:07:
         59:cf:7a:e8
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAYM+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc2
YWEzM2U3ZTFjMjM5NGM2NjNiZTg1ZDczYjllZTM0Yjc2OTQ5NWYwHhcNMjIwMzE3
MTk0MzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4ODM5NDY1YzhlN2Fh
NDhiMjkzMmM2Y2UyNzJkOWE1NmUxY2JiZmYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtH2evUM2YFr6/nMYE1e+tWLyzqjB7g4qmbDapBV+28Zo1WsV
n70dhrDuB8gWeaU1xcPcMsZ5c6uvwdU+SPzoA2w0mRKXUKYgLfp4Yk5PLuf9Txtr
rb44Y9cuN2mkhiuLHKLd5/OJEHUO591uUSyUBSbY871FbIt1vXfSsHn9+GtErm4d
pK9fIDBaZeTAh93jOY/kYiG5ADKlyGZKnyxYRBtCqTuhSJlMr2qTQ758xfRCps9l
Qjiz2acUTz98fcrN20644ZZObXKpdmgcrx4ZAIkZEb9beReTGhUdUaS8MsL9Oi6u
v3rChTLQz7C2mYgF4LmspqXitQaUv5T/ERRsRwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIg5RlyOeqSLKTLGzictmlbhy7/yMB8GA1UdIwQYMBaAFHaqM+fhwjlMZjvo
XXO57jS3aUlfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZHFvejUtSENPVXhtTy1oZGM3bnVOTGRwU1Y4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Zi8wYmM5ZTYtNDE5OC00MDY3LTk1OTctNzRkNGMyYzViNjk0LzEv
aURsR1hJNTZwSXNwTXNiT0p5MmFWdUhMdl9JLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8w
YmM5ZTYtNDE5OC00MDY3LTk1OTctNzRkNGMyYzViNjk0LzEvZHFvejUtSENPVXht
Ty1oZGM3bnVOTGRwU1Y4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm/UMA0GCSqGSIb3DQEBCwUAA4IB
AQB/XTVTnKL9EUFKI7mV8ssYDxxcYF+z/hBlR6l8+FmGGQpfGY5aEjLVXxHaAN5C
qIaFA7L7qhAidu1B4GJWmZ4dCrZzerfiYaT4IagzvDrHHB/ElvQ9Wn/fKO62sdz7
eb6Z2KI2yx8wMf6GYLvWYhob4epHnC1rCIBaXrfvb6X2rKOprBlFpj/j+qsFSMjY
B6WENw8PwJ3xSQ/WDKDZiCpstuJDvT1nldf2CR6BA0oAbJOs6kxPBE70qUsf9/VA
bcFm6wRTDMxzCC6B1mHeuUpSdfggCCeZy0OrGMKxsCNuxFP8mBl91ctwKwRYSSii
jFI5ggyUmT78TOXOVQdZz3ro
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:34 2024 by rpki-client on console-fra.rpki-client.org