Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/8XqSwMWEYJ2sBeyo5BfmUWhc17g.roa
File:                     8XqSwMWEYJ2sBeyo5BfmUWhc17g.roa (raw, json)
Hash identifier:          AGwnQuEZBdVazXh3mMuIclTJr90RZp7mvT37d2BXYT4=
Subject key identifier:   F1:7A:92:C0:C5:84:60:9D:AC:05:EC:A8:E4:17:E6:51:68:5C:D7:B8
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       07AF2CB5
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/8XqSwMWEYJ2sBeyo5BfmUWhc17g.roa
Signing time:             Sat 01 Jan 2022 08:01:51 +0000
ROA not before:           Sat 01 Jan 2022 08:01:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207193
IP address blocks:        194.104.152.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128920757 (0x7af2cb5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  1 08:01:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f17a92c0c584609dac05eca8e417e651685cd7b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b4:53:71:89:29:13:bb:7d:76:e6:06:48:02:
                    f7:59:a2:af:81:72:f7:81:f6:1c:bf:66:ab:21:12:
                    48:03:77:5d:0b:15:b8:b3:1c:c3:aa:8b:64:39:b4:
                    50:8a:b2:8e:35:53:a8:c7:3c:10:2f:12:0f:c3:35:
                    86:38:40:e2:f8:1c:f2:ce:a3:3c:60:8f:2e:89:0f:
                    92:9d:e9:30:a7:37:aa:bf:91:30:75:15:16:ec:96:
                    2e:b7:91:a1:bb:4d:e2:74:a2:e9:97:eb:25:bb:81:
                    1b:bc:9f:bc:91:d6:7e:f6:92:9b:f5:be:76:ce:2a:
                    8a:43:c2:4a:13:86:23:98:3c:7d:e3:60:31:a1:b7:
                    ee:f4:a0:5b:e7:56:d7:e7:c0:54:19:ae:f6:d6:f9:
                    5e:e5:b9:34:43:1d:aa:3a:75:96:d2:56:4a:45:62:
                    79:22:96:1b:c1:8b:d7:ae:45:d4:85:78:7f:dd:66:
                    c2:76:7f:16:ef:0c:83:f4:0f:fa:84:81:cc:30:6f:
                    1d:51:ee:0c:04:01:28:71:5a:24:e3:c2:08:6a:5f:
                    82:a7:57:01:5d:c8:ee:02:80:d0:e0:e5:0d:9f:23:
                    c7:23:7c:05:62:7a:61:2b:21:9e:a4:37:fb:52:13:
                    36:64:5f:1f:ae:b2:32:74:82:7b:d4:67:86:05:d1:
                    24:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:7A:92:C0:C5:84:60:9D:AC:05:EC:A8:E4:17:E6:51:68:5C:D7:B8
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/8XqSwMWEYJ2sBeyo5BfmUWhc17g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:f4:93:e2:49:98:b5:29:2c:95:83:67:64:ac:85:99:7c:cc:
         da:b8:76:a7:63:5d:71:f4:a9:20:fb:3c:26:28:47:34:5c:0f:
         e1:16:09:ec:18:e8:53:f9:10:71:af:9c:00:b6:e4:74:67:b4:
         ee:98:53:a1:ee:e8:7e:2e:4a:2a:56:9f:4d:9c:f7:20:6f:24:
         09:1e:19:e4:95:69:b2:13:41:a5:24:f2:3e:02:3c:91:b5:7a:
         0d:94:f3:16:1f:ea:b2:48:f8:a8:4a:93:f8:87:af:e3:14:0d:
         53:bc:20:6f:a4:1b:f2:9a:30:5a:cf:02:05:f9:08:a6:39:1f:
         13:76:92:80:19:30:b5:1c:fa:6f:1c:10:0b:bd:54:13:f5:16:
         8d:3d:91:30:f6:35:15:9c:b4:e2:80:09:18:29:f3:5e:8c:87:
         dc:f9:4d:9e:6e:04:83:60:e4:71:89:f5:33:0f:b8:7c:76:fa:
         89:f0:95:b6:a8:04:84:80:70:55:1c:f2:10:ab:5f:91:f2:02:
         d5:e4:b4:60:b9:af:c7:e2:ab:15:a1:4d:6e:88:a6:5e:0d:11:
         31:42:44:48:af:0a:2a:5b:eb:06:f4:fd:1a:a7:6b:f6:0e:a4:
         5a:cf:b2:94:0a:ca:d9:43:59:56:a0:c4:c2:c3:5d:80:29:5e:
         62:72:dd:60
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB68stTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
MTA4MDE1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjE3YTkyYzBjNTg0
NjA5ZGFjMDVlY2E4ZTQxN2U2NTE2ODVjZDdiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANe0U3GJKRO7fXbmBkgC91mir4Fy94H2HL9mqyESSAN3XQsV
uLMcw6qLZDm0UIqyjjVTqMc8EC8SD8M1hjhA4vgc8s6jPGCPLokPkp3pMKc3qr+R
MHUVFuyWLreRobtN4nSi6ZfrJbuBG7yfvJHWfvaSm/W+ds4qikPCShOGI5g8feNg
MaG37vSgW+dW1+fAVBmu9tb5XuW5NEMdqjp1ltJWSkVieSKWG8GL165F1IV4f91m
wnZ/Fu8Mg/QP+oSBzDBvHVHuDAQBKHFaJOPCCGpfgqdXAV3I7gKA0ODlDZ8jxyN8
BWJ6YSshnqQ3+1ITNmRfH66yMnSCe9RnhgXRJGUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTxepLAxYRgnawF7KjkF+ZRaFzXuDAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
LzhYcVN3TVdFWUoyc0JleW81QmZtVVdoYzE3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJomDANBgkqhkiG9w0BAQsFAAOC
AQEAgPST4kmYtSkslYNnZKyFmXzM2rh2p2NdcfSpIPs8JihHNFwP4RYJ7BjoU/kQ
ca+cALbkdGe07phToe7ofi5KKlafTZz3IG8kCR4Z5JVpshNBpSTyPgI8kbV6DZTz
Fh/qskj4qEqT+Iev4xQNU7wgb6Qb8powWs8CBfkIpjkfE3aSgBkwtRz6bxwQC71U
E/UWjT2RMPY1FZy04oAJGCnzXoyH3PlNnm4Eg2DkcYn1Mw+4fHb6ifCVtqgEhIBw
VRzyEKtfkfIC1eS0YLmvx+KrFaFNboimXg0RMUJESK8KKlvrBvT9Gqdr9g6kWs+y
lArK2UNZVqDEwsNdgCleYnLdYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org