Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/VRDXJAQBcizArZdpQpPBmuBNPHY.roa
File:                     VRDXJAQBcizArZdpQpPBmuBNPHY.roa (raw, json)
Hash identifier:          n3F5sKiZi2/N2oMm78tr2iw5QJz84dBYGg8/5+sRxUY=
Subject key identifier:   55:10:D7:24:04:01:72:2C:C0:AD:97:69:42:93:C1:9A:E0:4D:3C:76
Certificate issuer:       /CN=fb236b213d56493f3b077e6b41f42e4f3df8cdce
Certificate serial:       01E4FB5D
Authority key identifier: FB:23:6B:21:3D:56:49:3F:3B:07:7E:6B:41:F4:2E:4F:3D:F8:CD:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-yNrIT1WST87B35rQfQuTz34zc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/VRDXJAQBcizArZdpQpPBmuBNPHY.roa
Signing time:             Sat 01 Jan 2022 04:03:14 +0000
ROA not before:           Sat 01 Jan 2022 04:03:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        80.210.95.0/24 maxlen: 24
                          85.194.254.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 31783773 (0x1e4fb5d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb236b213d56493f3b077e6b41f42e4f3df8cdce
        Validity
            Not Before: Jan  1 04:03:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5510d7240401722cc0ad97694293c19ae04d3c76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b4:56:00:df:55:39:95:77:57:b4:6a:48:58:
                    d3:13:66:3c:fb:7d:78:76:ff:3f:fd:fd:e8:36:58:
                    6f:ae:12:e4:00:89:7f:62:88:59:3c:9f:50:62:c3:
                    bc:4f:54:48:75:b7:0b:ad:31:0e:64:04:4f:db:2f:
                    5d:c4:00:a7:10:61:50:0f:b5:ef:26:49:2c:dd:41:
                    76:96:08:e9:27:35:48:56:e4:b6:32:2c:2d:ed:fc:
                    63:e2:b3:28:ac:6c:d7:44:98:c4:15:59:92:5e:36:
                    90:69:ff:9c:cd:63:aa:e5:59:1f:cb:8f:1f:30:74:
                    40:a6:8c:49:1c:b8:18:6d:d6:a7:d8:6a:98:de:bf:
                    4f:3c:4d:aa:bf:2a:ff:dd:4e:a9:c4:60:fb:f0:12:
                    4d:67:05:eb:0d:2b:50:16:0d:39:db:16:1e:5a:f8:
                    88:f8:db:1e:66:45:02:5b:1c:5e:3f:f8:5d:35:7a:
                    85:eb:34:4f:68:0f:87:2d:51:9c:6b:d9:05:d2:34:
                    0a:5f:45:78:bd:95:70:bd:35:91:f9:dd:52:e1:73:
                    d8:92:04:2f:cf:8a:5d:6a:5e:36:e3:89:25:fa:e5:
                    e4:3d:28:86:10:c2:4d:b3:3d:50:0b:46:64:4c:0f:
                    7a:86:60:aa:f0:cd:9f:d6:96:23:93:0a:91:6e:c1:
                    03:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:10:D7:24:04:01:72:2C:C0:AD:97:69:42:93:C1:9A:E0:4D:3C:76
            X509v3 Authority Key Identifier:
                keyid:FB:23:6B:21:3D:56:49:3F:3B:07:7E:6B:41:F4:2E:4F:3D:F8:CD:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yNrIT1WST87B35rQfQuTz34zc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/VRDXJAQBcizArZdpQpPBmuBNPHY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/1-yNrIT1WST87B35rQfQuTz34zc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.210.95.0/24
                  85.194.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a4:6a:e1:2b:58:8b:2f:58:60:4f:82:16:8c:77:62:d6:a1:19:
         19:4d:fe:b7:69:5c:14:cb:4f:90:3e:33:79:54:1d:18:aa:37:
         07:c2:f6:ea:80:ec:13:03:5c:b2:81:64:4c:3f:e3:9f:53:04:
         07:20:d7:28:f4:fc:c1:4b:50:c6:c9:70:8a:77:36:be:d4:eb:
         80:d4:f1:fa:60:d9:49:91:52:fc:da:80:15:61:a0:36:48:7d:
         73:42:7c:41:9f:e5:8f:f0:42:e0:20:2e:99:a8:6f:50:7a:1a:
         bb:5f:57:d9:c7:d5:26:6b:68:10:fe:72:a5:03:5d:53:ba:4a:
         01:d4:14:b9:28:12:ae:a2:53:e4:99:08:80:d1:55:71:e9:4e:
         f0:86:2c:7a:27:ff:e6:c8:0f:56:40:3a:7c:2c:fc:34:44:ff:
         b8:cc:cd:c2:c8:32:47:eb:cd:a4:30:bc:37:ea:7f:4c:c3:1e:
         fe:31:5e:0c:4e:c7:38:0f:0b:63:38:64:71:9a:34:2f:30:c5:
         54:c1:b0:ef:f1:44:79:89:ac:53:4e:ec:97:cc:2c:d8:56:17:
         28:70:55:39:6d:d5:82:ae:ca:8e:4f:d0:60:d0:08:5a:af:d9:
         ab:bd:e2:89:47:16:b0:43:18:4f:bb:ad:8f:22:6d:53:de:6e:
         c8:1f:5c:6c
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAeT7XTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjIzNmIyMTNkNTY0OTNmM2IwNzdlNmI0MWY0MmU0ZjNkZjhjZGNlMB4XDTIyMDEw
MTA0MDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTUxMGQ3MjQwNDAx
NzIyY2MwYWQ5NzY5NDI5M2MxOWFlMDRkM2M3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK60VgDfVTmVd1e0akhY0xNmPPt9eHb/P/396DZYb64S5ACJ
f2KIWTyfUGLDvE9USHW3C60xDmQET9svXcQApxBhUA+17yZJLN1BdpYI6Sc1SFbk
tjIsLe38Y+KzKKxs10SYxBVZkl42kGn/nM1jquVZH8uPHzB0QKaMSRy4GG3Wp9hq
mN6/TzxNqr8q/91OqcRg+/ASTWcF6w0rUBYNOdsWHlr4iPjbHmZFAlscXj/4XTV6
hes0T2gPhy1RnGvZBdI0Cl9FeL2VcL01kfndUuFz2JIEL8+KXWpeNuOJJfrl5D0o
hhDCTbM9UAtGZEwPeoZgqvDNn9aWI5MKkW7BA3MCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRVENckBAFyLMCtl2lCk8Ga4E08djAfBgNVHSMEGDAWgBT7I2shPVZJPzsH
fmtB9C5PPfjNzjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteU5ySVQxV1NUODdCMzVyUWZRdVR6MzR6YzQuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzg1LzIwZjRhYy04MGQ5LTQwZTItYTllNi0xYzg4ZWViZWIyOTMv
MS9WUkRYSkFRQmNpekFyWmRwUXBQQm11Qk5QSFkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1
LzIwZjRhYy04MGQ5LTQwZTItYTllNi0xYzg4ZWViZWIyOTMvMS8xLXlOcklUMVdT
VDg3QjM1clFmUXVUejM0emM0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUNJfAwQBVcL+MA0GCSqGSIb3
DQEBCwUAA4IBAQCkauErWIsvWGBPghaMd2LWoRkZTf63aVwUy0+QPjN5VB0YqjcH
wvbqgOwTA1yygWRMP+OfUwQHINco9PzBS1DGyXCKdza+1OuA1PH6YNlJkVL82oAV
YaA2SH1zQnxBn+WP8ELgIC6ZqG9Qehq7X1fZx9Uma2gQ/nKlA11TukoB1BS5KBKu
olPkmQiA0VVx6U7whix6J//myA9WQDp8LPw0RP+4zM3CyDJH682kMLw36n9Mwx7+
MV4MTsc4DwtjOGRxmjQvMMVUwbDv8UR5iaxTTuyXzCzYVhcocFU5bdWCrsqOT9Bg
0Ahar9mrveKJRxawQxhPu62PIm1T3m7IH1xs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:19 2024 by rpki-client on console-ams.rpki-client.org