Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/1-0DJU4K7exhg3K2ztPcx8L8oW8A.roa
File:                     1-0DJU4K7exhg3K2ztPcx8L8oW8A.roa (raw, json)
Hash identifier:          aleVvl1kWgaJZLeobKXkEl/YumvnciadU8XiuaS3IQg=
Subject key identifier:   FB:40:C9:53:82:BB:7B:18:60:DC:AD:B3:B4:F7:31:F0:BF:28:5B:C0
Certificate issuer:       /CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
Certificate serial:       047D4772
Authority key identifier: C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/1-0DJU4K7exhg3K2ztPcx8L8oW8A.roa
Signing time:             Sat 01 Jan 2022 13:54:14 +0000
ROA not before:           Sat 01 Jan 2022 13:54:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        194.116.188.0/23 maxlen: 32
                          2001:7f8:15::/48 maxlen: 128
                          2a04:80c0::/29 maxlen: 128

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75319154 (0x47d4772)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
        Validity
            Not Before: Jan  1 13:54:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb40c95382bb7b1860dcadb3b4f731f0bf285bc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9a:b0:ba:81:2c:dd:e1:88:a6:13:15:98:cf:
                    6b:c7:45:65:fa:d5:10:83:3a:5a:ee:b0:05:fa:62:
                    c6:3c:09:25:e6:df:0d:7e:e9:6f:31:ee:9f:26:8a:
                    09:a2:2c:ba:98:21:15:7f:8e:76:ec:a3:b6:cd:81:
                    65:bc:73:23:8c:af:0c:e0:31:19:39:01:63:7e:83:
                    56:cc:fb:1f:16:ef:bc:9c:51:1b:29:06:5f:44:00:
                    cd:d5:ec:c2:33:7a:12:03:61:85:a0:58:33:ce:cd:
                    90:1a:4e:ec:7b:1f:81:eb:a0:4e:ed:98:a8:1a:78:
                    ad:94:e0:93:e8:7b:ac:e5:d6:af:6c:81:05:84:0e:
                    93:fb:83:9d:d3:b0:c4:e7:e9:1d:7d:b6:e1:89:df:
                    33:7f:11:4b:8b:ee:d1:e3:3a:25:54:c2:d8:ae:16:
                    73:d6:1c:33:e8:df:e0:04:a0:b7:0d:b5:9c:96:57:
                    c8:01:df:a5:8c:52:96:83:c5:8a:8e:eb:f3:68:d2:
                    62:70:e5:4c:b5:d8:47:a8:9f:86:5c:e8:cc:01:c0:
                    a0:8e:02:74:65:2e:f6:b6:d6:10:2a:02:87:f4:96:
                    8c:d1:00:cb:39:b4:a2:64:8a:df:9d:e3:f1:bc:e3:
                    2e:d7:c7:00:2a:ac:da:5f:a2:da:c9:3b:62:ac:56:
                    78:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:40:C9:53:82:BB:7B:18:60:DC:AD:B3:B4:F7:31:F0:BF:28:5B:C0
            X509v3 Authority Key Identifier:
                keyid:C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/1-0DJU4K7exhg3K2ztPcx8L8oW8A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.116.188.0/23
                IPv6:
                  2001:7f8:15::/48
                  2a04:80c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         1f:70:b9:6e:dd:78:b2:52:6f:c4:41:9f:a5:5d:c7:ff:40:27:
         d4:45:d5:b2:b2:06:9a:f7:cf:c8:ec:45:a2:9a:0a:51:eb:6d:
         84:a4:9b:00:b7:10:1c:81:50:2a:b9:20:f0:45:23:ee:2c:6d:
         6e:d0:d3:3f:fb:79:17:4b:1a:85:d4:26:72:bc:28:ff:21:c3:
         55:51:83:a1:f0:e4:76:97:64:4c:4c:19:11:92:61:63:51:36:
         ea:f1:93:fe:2a:6d:a0:33:d9:ef:c5:58:3f:6c:3a:46:5f:ae:
         4b:fd:13:a1:b5:16:ee:39:38:e1:3b:12:fd:e1:7a:b1:ea:ec:
         f6:4d:4a:18:1c:fd:b3:fc:f5:2c:3f:e6:08:1f:6c:84:40:b8:
         f2:19:89:e8:2d:4c:27:3c:dd:19:f8:14:88:78:ed:e2:a9:38:
         46:1b:d6:1e:08:09:85:18:0d:b9:ed:77:71:d1:ca:ce:b3:40:
         33:1a:e1:ec:2a:89:a5:21:c8:75:2c:0b:6b:7b:a5:d9:24:83:
         62:93:2b:8c:08:bc:cc:58:0d:97:9f:24:c3:d7:a6:57:1a:50:
         4d:5d:31:15:7b:2d:d3:cc:7a:88:8e:45:b0:84:c3:50:19:b4:
         44:21:9e:f4:a3:d9:a5:24:f7:9a:12:69:9a:ea:eb:bf:6f:f9:
         0f:d7:a7:9b
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIEBH1HcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWQ3MTBkOGFjMzFiMWY2ZGFmNzA0NmM0NTM3NGFlOGU0MDVmMThlMB4XDTIyMDEw
MTEzNTQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI0MGM5NTM4MmJi
N2IxODYwZGNhZGIzYjRmNzMxZjBiZjI4NWJjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6asLqBLN3hiKYTFZjPa8dFZfrVEIM6Wu6wBfpixjwJJebf
DX7pbzHunyaKCaIsupghFX+Oduyjts2BZbxzI4yvDOAxGTkBY36DVsz7HxbvvJxR
GykGX0QAzdXswjN6EgNhhaBYM87NkBpO7HsfgeugTu2YqBp4rZTgk+h7rOXWr2yB
BYQOk/uDndOwxOfpHX224YnfM38RS4vu0eM6JVTC2K4Wc9YcM+jf4ASgtw21nJZX
yAHfpYxSloPFio7r82jSYnDlTLXYR6ifhlzozAHAoI4CdGUu9rbWECoCh/SWjNEA
yzm0omSK353j8bzjLtfHACqs2l+i2sk7YqxWeHECAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBT7QMlTgrt7GGDcrbO09zHwvyhbwDAfBgNVHSMEGDAWgBTB1xDYrDGx9tr3
BGxFN0ro5AXxjjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dkY1EyS3d4c2ZiYTl3UnNSVGRLNk9RRjhZNC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvZGIzMzAzLTc4NzktNGI2OS04ODQ4LTExNWYxNWIyMGRlNy8x
LzEtMERKVTRLN2V4aGczSzJ6dFBjeDhMOG9XOEEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg2
L2RiMzMwMy03ODc5LTRiNjktODg0OC0xMTVmMTViMjBkZTcvMS93ZGNRMkt3eHNm
YmE5d1JzUlRkSzZPUUY4WTQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NwYIKwYBBQUHAQcBAf8EKDAmMAwEAgABMAYDBAHCdLwwFgQCAAIwEAMHACABB/gA
FQMFAyoEgMAwDQYJKoZIhvcNAQELBQADggEBAB9wuW7deLJSb8RBn6Vdx/9AJ9RF
1bKyBpr3z8jsRaKaClHrbYSkmwC3EByBUCq5IPBFI+4sbW7Q0z/7eRdLGoXUJnK8
KP8hw1VRg6Hw5HaXZExMGRGSYWNRNurxk/4qbaAz2e/FWD9sOkZfrkv9E6G1Fu45
OOE7Ev3herHq7PZNShgc/bP89Sw/5ggfbIRAuPIZiegtTCc83Rn4FIh47eKpOEYb
1h4ICYUYDbntd3HRys6zQDMa4ewqiaUhyHUsC2t7pdkkg2KTK4wIvMxYDZefJMPX
plcaUE1dMRV7LdPMeoiORbCEw1AZtEQhnvSj2aUk95oSaZrq679v+Q/Xp5s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:42 2024 by rpki-client on console-fra.rpki-client.org