Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/2IJL6VF159_Vd_6ZhKtiTMjqdPU.roa
File:                     2IJL6VF159_Vd_6ZhKtiTMjqdPU.roa (raw, json)
Hash identifier:          2J3iwICUn+b5WxzHNSzKEIrh0UdxChMlWGZfIX4051U=
Subject key identifier:   D8:82:4B:E9:51:75:E7:DF:D5:77:FE:99:84:AB:62:4C:C8:EA:74:F5
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       1B739319
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/2IJL6VF159_Vd_6ZhKtiTMjqdPU.roa
Signing time:             Sat 01 Jan 2022 10:02:46 +0000
ROA not before:           Sat 01 Jan 2022 10:02:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204494
IP address blocks:        84.2.55.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 460559129 (0x1b739319)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  1 10:02:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d8824be95175e7dfd577fe9984ab624cc8ea74f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ba:3d:93:19:8b:92:81:82:c6:3a:11:31:ae:
                    5e:1b:96:d6:0e:e7:1c:2a:88:88:21:97:62:a2:b9:
                    6f:17:6f:98:aa:b1:37:54:bc:dc:91:86:54:ef:73:
                    fe:35:04:a8:f1:4e:29:8b:c5:47:95:51:07:c2:00:
                    eb:27:96:c1:5b:91:8b:ae:91:6e:27:bd:be:df:70:
                    18:28:03:b0:6e:53:24:ad:5b:15:d8:28:74:1f:12:
                    74:50:4b:8a:d3:28:f6:1a:86:80:1d:7c:db:8b:a0:
                    b8:03:be:f1:5e:03:09:40:2b:e1:08:89:a4:e7:0d:
                    5e:4a:fc:bd:86:ec:f4:5e:5a:e5:4f:ea:88:b5:0c:
                    ff:65:5a:3c:84:a4:39:0d:2d:75:97:a3:8e:17:3d:
                    44:9e:62:96:a8:f0:7d:0b:b3:c3:a5:34:40:e5:83:
                    f5:d7:58:b1:ae:13:7a:2f:e0:74:9c:ad:6e:10:d8:
                    26:85:48:20:7a:74:17:f8:72:1e:72:5c:4c:c9:12:
                    19:38:87:f1:47:3f:4c:4e:39:7e:91:b1:fc:e4:30:
                    52:c4:b6:95:91:53:a3:10:1e:d1:8e:4f:65:e5:2c:
                    d2:91:84:71:78:84:37:44:f9:d2:75:13:01:e7:4e:
                    25:20:fd:a0:9d:7f:6a:1a:d6:47:0b:f5:92:16:43:
                    aa:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:82:4B:E9:51:75:E7:DF:D5:77:FE:99:84:AB:62:4C:C8:EA:74:F5
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/2IJL6VF159_Vd_6ZhKtiTMjqdPU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.2.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:9a:68:98:51:f7:d5:bd:44:3d:7a:51:b5:40:fe:35:b3:81:
         7c:58:b8:45:4b:08:98:56:e9:41:73:ca:23:1b:e6:4c:e2:52:
         8b:62:f3:30:59:56:1f:2a:93:0a:86:e1:43:1d:18:40:8a:09:
         2e:86:d8:9e:19:ea:d7:65:55:da:22:57:79:e7:85:d2:7d:a7:
         2b:e5:f2:e1:6c:2c:f1:88:a8:c7:8d:e3:f8:ec:b3:88:15:bd:
         5c:ec:93:6a:a1:26:4a:56:20:71:ed:b2:82:ed:58:92:6b:9a:
         94:5b:21:8a:8d:8f:9d:3d:c5:fe:19:27:38:f9:67:6e:f8:88:
         ef:cb:e3:28:d1:e1:2c:24:0e:ee:8b:fe:46:0c:b1:29:ed:c8:
         a2:e4:48:44:76:1f:ca:85:7c:2a:4d:99:31:fe:f2:46:46:68:
         24:d4:3d:0c:8c:06:82:9e:c6:c5:59:1c:b8:38:33:1f:72:1b:
         e4:36:90:6a:39:04:2c:4d:0f:3d:2c:82:b8:68:c0:f3:71:18:
         9c:d4:08:d2:df:39:ef:be:58:8f:35:c1:87:03:95:a4:94:7c:
         e1:fc:12:c9:2c:ea:80:6d:50:70:f3:52:55:f1:69:7b:f8:19:
         37:a7:5d:46:8d:e7:bb:a3:22:a3:bb:ed:12:6c:54:04:07:49:
         e8:c1:b4:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG3OTGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDJkYWM2MDVmNDY1OTcxOGMwYTE1ZTFmNzMyY2JkNGY0OGFhZTdiMB4XDTIyMDEw
MTEwMDI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg4MjRiZTk1MTc1
ZTdkZmQ1NzdmZTk5ODRhYjYyNGNjOGVhNzRmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMC6PZMZi5KBgsY6ETGuXhuW1g7nHCqIiCGXYqK5bxdvmKqx
N1S83JGGVO9z/jUEqPFOKYvFR5VRB8IA6yeWwVuRi66Rbie9vt9wGCgDsG5TJK1b
FdgodB8SdFBLitMo9hqGgB1824uguAO+8V4DCUAr4QiJpOcNXkr8vYbs9F5a5U/q
iLUM/2VaPISkOQ0tdZejjhc9RJ5ilqjwfQuzw6U0QOWD9ddYsa4Tei/gdJytbhDY
JoVIIHp0F/hyHnJcTMkSGTiH8Uc/TE45fpGx/OQwUsS2lZFToxAe0Y5PZeUs0pGE
cXiEN0T50nUTAedOJSD9oJ1/ahrWRwv1khZDqvsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTYgkvpUXXn39V3/pmEq2JMyOp09TAfBgNVHSMEGDAWgBTwLaxgX0ZZcYwK
FeH3MsvU9IquezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhDMnNZRjlHV1hHTUNoWGg5ekxMMVBTS3Jucy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8x
LzJJSkw2VkYxNTlfVmRfNlpoS3RpVE1qcWRQVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8xLzhDMnNZRjlHV1hH
TUNoWGg5ekxMMVBTS3Jucy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFQCNzANBgkqhkiG9w0BAQsFAAOC
AQEAdZpomFH31b1EPXpRtUD+NbOBfFi4RUsImFbpQXPKIxvmTOJSi2LzMFlWHyqT
CobhQx0YQIoJLobYnhnq12VV2iJXeeeF0n2nK+Xy4Wws8Yiox43j+OyziBW9XOyT
aqEmSlYgce2ygu1YkmualFshio2PnT3F/hknOPlnbviI78vjKNHhLCQO7ov+Rgyx
Ke3IouRIRHYfyoV8Kk2ZMf7yRkZoJNQ9DIwGgp7GxVkcuDgzH3Ib5DaQajkELE0P
PSyCuGjA83EYnNQI0t85775YjzXBhwOVpJR84fwSySzqgG1QcPNSVfFpe/gZN6dd
Ro3nu6Mio7vtEmxUBAdJ6MG0Yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org