Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/CEFe_yUN96GAC8Np8g9dngPwAhM.roa
File:                     CEFe_yUN96GAC8Np8g9dngPwAhM.roa (raw, json)
Hash identifier:          v/zVna6vHuVbuJlp70PxRY0yF/WcC5PLhSgevPdPRGA=
Subject key identifier:   08:41:5E:FF:25:0D:F7:A1:80:0B:C3:69:F2:0F:5D:9E:03:F0:02:13
Certificate issuer:       /CN=d31af2872c3f5503073866dffef488b71783dab6
Certificate serial:       03B1E191
Authority key identifier: D3:1A:F2:87:2C:3F:55:03:07:38:66:DF:FE:F4:88:B7:17:83:DA:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0xryhyw_VQMHOGbf_vSItxeD2rY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/CEFe_yUN96GAC8Np8g9dngPwAhM.roa
Signing time:             Sat 01 Jan 2022 07:01:01 +0000
ROA not before:           Sat 01 Jan 2022 07:01:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198076
IP address blocks:        176.123.49.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61989265 (0x3b1e191)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d31af2872c3f5503073866dffef488b71783dab6
        Validity
            Not Before: Jan  1 07:01:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=08415eff250df7a1800bc369f20f5d9e03f00213
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:7e:44:ea:9e:9b:e8:d1:9a:ae:3c:01:32:36:
                    b9:75:ca:6e:d0:f6:d4:76:0a:6a:de:6f:7b:10:24:
                    c9:cc:1a:0c:93:96:31:09:10:9b:53:03:e7:95:45:
                    24:08:82:2a:c9:cf:5a:7c:8e:9e:3c:a3:be:0d:fe:
                    d0:aa:a9:d4:97:9f:7f:9b:8a:f5:02:b3:59:80:d1:
                    fd:9e:f5:2d:d0:72:7a:0e:e7:d8:3d:03:f8:cc:bd:
                    d7:51:c3:8c:20:40:e9:97:f9:6e:af:72:16:b3:c7:
                    b4:d6:75:2e:0a:c3:2d:50:0b:4c:fa:fc:84:62:dc:
                    5a:2d:df:b4:ae:ee:1e:28:81:f0:45:24:68:58:af:
                    ee:29:7a:44:74:9f:c9:68:45:09:c8:8b:46:f0:f0:
                    bc:e3:f1:45:87:fd:66:3e:34:c0:e2:c1:b3:d1:c3:
                    b4:55:c7:41:bc:af:3d:08:a0:30:d4:ac:e2:9c:fa:
                    19:43:1c:df:ab:2b:d4:c6:07:88:b3:58:0b:4a:47:
                    ef:7c:4a:93:94:bb:0c:a6:c9:24:b7:15:26:b6:c1:
                    0e:ce:18:f3:80:08:c3:a8:a3:1a:77:16:09:a8:7b:
                    ec:b3:52:ad:15:63:e2:46:14:42:a6:40:04:6c:f5:
                    21:04:86:6b:3c:4e:df:aa:29:a5:75:1f:76:16:55:
                    fe:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:41:5E:FF:25:0D:F7:A1:80:0B:C3:69:F2:0F:5D:9E:03:F0:02:13
            X509v3 Authority Key Identifier:
                keyid:D3:1A:F2:87:2C:3F:55:03:07:38:66:DF:FE:F4:88:B7:17:83:DA:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0xryhyw_VQMHOGbf_vSItxeD2rY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/CEFe_yUN96GAC8Np8g9dngPwAhM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/0xryhyw_VQMHOGbf_vSItxeD2rY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.123.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:7e:5b:97:84:39:94:93:1b:ca:e8:5a:af:09:c3:52:ad:98:
         cd:24:2a:f5:c6:dc:df:fd:b6:e3:63:48:81:08:bf:81:63:f6:
         75:f7:ca:3f:56:76:85:42:b2:34:4a:41:a4:35:6b:5c:be:f7:
         5f:28:66:ab:28:79:b1:06:d6:98:18:00:84:e8:4d:e1:ca:23:
         37:31:88:0a:14:81:78:e8:05:5d:d0:e7:2a:b6:64:70:08:7b:
         40:9f:0e:82:45:ba:7f:0b:4a:a1:93:62:74:9b:5e:e8:1a:f5:
         35:0c:28:e0:62:78:af:53:6c:41:29:c7:41:c5:02:58:5f:aa:
         d1:a2:13:51:bc:03:09:40:7d:01:39:09:9a:75:84:38:f6:ca:
         e1:04:5e:e4:c8:f3:cf:82:1e:b5:e7:12:3f:22:b6:2e:00:1b:
         0d:83:15:d6:6e:30:81:ee:8a:bf:5d:b2:28:5b:66:b0:65:8e:
         ef:81:17:6e:3b:9e:5c:82:5f:c6:bc:a3:58:ad:b3:06:9d:c2:
         f0:9c:88:1e:18:ce:6d:fd:76:36:a5:bd:20:e6:d2:8b:9d:2f:
         c8:0e:e8:1e:2d:30:09:29:49:78:26:7a:5f:88:c5:12:6d:f6:
         30:ef:5a:33:d6:49:50:3d:9a:62:fc:76:5e:10:10:10:02:f8:
         ef:d5:ce:92
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7HhkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzFhZjI4NzJjM2Y1NTAzMDczODY2ZGZmZWY0ODhiNzE3ODNkYWI2MB4XDTIyMDEw
MTA3MDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg0MTVlZmYyNTBk
ZjdhMTgwMGJjMzY5ZjIwZjVkOWUwM2YwMDIxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1+ROqem+jRmq48ATI2uXXKbtD21HYKat5vexAkycwaDJOW
MQkQm1MD55VFJAiCKsnPWnyOnjyjvg3+0Kqp1Jeff5uK9QKzWYDR/Z71LdByeg7n
2D0D+My911HDjCBA6Zf5bq9yFrPHtNZ1LgrDLVALTPr8hGLcWi3ftK7uHiiB8EUk
aFiv7il6RHSfyWhFCciLRvDwvOPxRYf9Zj40wOLBs9HDtFXHQbyvPQigMNSs4pz6
GUMc36sr1MYHiLNYC0pH73xKk5S7DKbJJLcVJrbBDs4Y84AIw6ijGncWCah77LNS
rRVj4kYUQqZABGz1IQSGazxO36oppXUfdhZV/hUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQIQV7/JQ33oYALw2nyD12eA/ACEzAfBgNVHSMEGDAWgBTTGvKHLD9VAwc4
Zt/+9Ii3F4PatjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB4cnloeXdfVlFNSE9HYmZfdlNJdHhlRDJyWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvNjhiNzVjLTgzZGYtNDc0ZS1hOWZlLTAxYmYxZjE0NWMyNi8x
L0NFRmVfeVVOOTZHQUM4TnA4ZzlkbmdQd0FoTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
NjhiNzVjLTgzZGYtNDc0ZS1hOWZlLTAxYmYxZjE0NWMyNi8xLzB4cnloeXdfVlFN
SE9HYmZfdlNJdHhlRDJyWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB7MTANBgkqhkiG9w0BAQsFAAOC
AQEAUH5bl4Q5lJMbyuharwnDUq2YzSQq9cbc3/2242NIgQi/gWP2dffKP1Z2hUKy
NEpBpDVrXL73Xyhmqyh5sQbWmBgAhOhN4cojNzGIChSBeOgFXdDnKrZkcAh7QJ8O
gkW6fwtKoZNidJte6Br1NQwo4GJ4r1NsQSnHQcUCWF+q0aITUbwDCUB9ATkJmnWE
OPbK4QRe5Mjzz4IetecSPyK2LgAbDYMV1m4wge6Kv12yKFtmsGWO74EXbjueXIJf
xryjWK2zBp3C8JyIHhjObf12NqW9IObSi50vyA7oHi0wCSlJeCZ6X4jFEm32MO9a
M9ZJUD2aYvx2XhAQEAL479XOkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:30 2024 by rpki-client on console-fra.rpki-client.org