Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/NgIwhZck2eNiyEcpxE1loAz0VAo.roa
File:                     NgIwhZck2eNiyEcpxE1loAz0VAo.roa (raw, json)
Hash identifier:          Oc5SBQSdHwEtzd4ZZoMQAaNajPz6KqIZ+m6jVMkoPyQ=
Subject key identifier:   36:02:30:85:97:24:D9:E3:62:C8:47:29:C4:4D:65:A0:0C:F4:54:0A
Certificate issuer:       /CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Certificate serial:       06EA43E8
Authority key identifier: 2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/NgIwhZck2eNiyEcpxE1loAz0VAo.roa
Signing time:             Sat 01 Jan 2022 07:53:17 +0000
ROA not before:           Sat 01 Jan 2022 07:53:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6900
IP address blocks:        141.93.0.0/16 maxlen: 24
                          141.93.23.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116016104 (0x6ea43e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
        Validity
            Not Before: Jan  1 07:53:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=360230859724d9e362c84729c44d65a00cf4540a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f8:0d:1f:56:ba:4d:76:d2:b1:bf:49:f5:77:
                    88:d3:30:28:88:c7:99:0b:15:97:2e:82:3a:10:74:
                    eb:2c:40:86:a7:39:7a:99:28:da:84:20:7c:64:6f:
                    e6:5f:5c:ff:85:12:b9:6f:42:51:ed:63:4c:69:90:
                    7b:4e:e4:c6:a8:a2:6f:83:35:94:f0:2e:3c:b2:d0:
                    85:8b:6a:5d:d5:d6:bb:aa:a8:79:f1:01:57:55:23:
                    85:72:90:2c:55:c8:68:0b:70:14:03:ed:a5:07:9c:
                    61:52:23:c0:71:43:95:32:a9:f3:a8:a4:aa:7f:82:
                    dc:f4:19:9b:81:f4:36:e4:bf:53:45:7d:fd:76:b5:
                    7f:9d:b4:75:fd:20:d4:7a:d8:d7:0a:de:fe:17:d7:
                    a9:f6:70:e8:e2:48:fc:e0:66:f8:18:fd:5b:b0:0e:
                    35:9b:34:84:e4:c9:39:b4:d7:4e:32:54:f8:49:60:
                    ea:18:4a:5a:e4:91:44:0e:3d:1b:81:ac:fb:9b:67:
                    9d:49:1c:30:13:1e:a4:bb:e1:79:7a:2d:cc:85:a8:
                    49:f5:fe:30:d3:6c:f4:dd:c1:9f:bc:56:e6:b0:16:
                    20:1d:55:65:4e:b1:59:58:08:36:17:3a:5a:37:c0:
                    6e:84:4b:e1:b3:2e:b6:85:65:49:0d:9c:f5:94:ac:
                    67:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:02:30:85:97:24:D9:E3:62:C8:47:29:C4:4D:65:A0:0C:F4:54:0A
            X509v3 Authority Key Identifier:
                keyid:2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/NgIwhZck2eNiyEcpxE1loAz0VAo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/LxF62jy5UVptim3MFfKwsafZvh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.93.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6b:39:39:b6:39:cd:c4:22:7a:8c:45:4c:d6:9d:9d:a7:a8:21:
         e2:a1:ee:69:15:5e:43:e6:8b:96:bc:54:81:2b:5d:e2:f2:77:
         4b:03:1d:6b:8c:c7:4b:dc:93:b8:bb:52:67:0d:65:97:7d:25:
         1d:7f:cf:ca:57:62:a1:50:aa:e6:f3:2e:51:cd:c8:ca:42:0b:
         6a:77:22:0e:55:fa:0c:b9:42:91:62:cb:1c:57:61:88:5e:eb:
         da:ed:c6:fa:bb:45:43:cd:dc:86:4b:c9:cb:60:54:69:ee:47:
         4f:7c:63:a6:05:5e:c8:e6:b3:7e:81:c1:4b:0a:57:f5:20:09:
         57:dc:9f:e4:1d:2c:cd:f6:fc:68:9c:1d:86:ed:4a:0e:80:68:
         94:ae:af:5a:cf:e3:8c:47:74:04:4e:48:09:f1:1f:33:4c:10:
         75:4d:6b:3a:7a:78:d3:eb:b1:b5:a6:86:e0:1a:8d:30:29:c6:
         50:ec:43:75:a2:2a:3e:fa:47:16:85:85:6f:6e:a6:7c:0a:a2:
         2c:e3:9d:86:91:76:a2:9a:77:08:0c:43:29:3a:fc:c0:9e:c8:
         48:a1:8a:5e:6d:14:0b:41:ca:9c:38:0f:e7:d7:53:85:09:41:
         f3:6f:a6:d3:63:2b:88:8c:b8:53:2e:01:14:e8:15:c7:af:bf:
         34:77:7c:8b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEBupD6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjExN2FkYTNjYjk1MTVhNmQ4YTZkY2MxNWYyYjBiMWE3ZDliZTFkMB4XDTIyMDEw
MTA3NTMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzYwMjMwODU5NzI0
ZDllMzYyYzg0NzI5YzQ0ZDY1YTAwY2Y0NTQwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALX4DR9Wuk120rG/SfV3iNMwKIjHmQsVly6COhB06yxAhqc5
epko2oQgfGRv5l9c/4USuW9CUe1jTGmQe07kxqiib4M1lPAuPLLQhYtqXdXWu6qo
efEBV1UjhXKQLFXIaAtwFAPtpQecYVIjwHFDlTKp86ikqn+C3PQZm4H0NuS/U0V9
/Xa1f520df0g1HrY1wre/hfXqfZw6OJI/OBm+Bj9W7AONZs0hOTJObTXTjJU+Elg
6hhKWuSRRA49G4Gs+5tnnUkcMBMepLvheXotzIWoSfX+MNNs9N3Bn7xW5rAWIB1V
ZU6xWVgINhc6WjfAboRL4bMutoVlSQ2c9ZSsZ5MCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQ2AjCFlyTZ42LIRynETWWgDPRUCjAfBgNVHSMEGDAWgBQvEXraPLlRWm2K
bcwV8rCxp9m+HTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x4RjYyank1VVZwdGltM01GZkt3c2FmWnZoMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvZWZmNDRkLTI0ZmQtNDM4NC05NTA3LTdhMDM0ZDE3MGI4NS8x
L05nSXdoWmNrMmVOaXlFY3B4RTFsb0F6MFZBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ZWZmNDRkLTI0ZmQtNDM4NC05NTA3LTdhMDM0ZDE3MGI4NS8xL0x4RjYyank1VVZw
dGltM01GZkt3c2FmWnZoMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAI1dMA0GCSqGSIb3DQEBCwUAA4IB
AQBrOTm2Oc3EInqMRUzWnZ2nqCHioe5pFV5D5ouWvFSBK13i8ndLAx1rjMdL3JO4
u1JnDWWXfSUdf8/KV2KhUKrm8y5RzcjKQgtqdyIOVfoMuUKRYsscV2GIXuva7cb6
u0VDzdyGS8nLYFRp7kdPfGOmBV7I5rN+gcFLClf1IAlX3J/kHSzN9vxonB2G7UoO
gGiUrq9az+OMR3QETkgJ8R8zTBB1TWs6enjT67G1pobgGo0wKcZQ7EN1oio++kcW
hYVvbqZ8CqIs452GkXaimncIDEMpOvzAnshIoYpebRQLQcqcOA/n11OFCUHzb6bT
YyuIjLhTLgEU6BXHr780d3yL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-fra.rpki-client.org