Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/qH6cLTyFl6v9Ddu5CfmXEepqqHo.roa
File:                     qH6cLTyFl6v9Ddu5CfmXEepqqHo.roa (raw, json)
Hash identifier:          Bnk/0rxgftN+DDz/D/jW/IFeg0rUZHLbH1DA2N0aY6c=
Subject key identifier:   A8:7E:9C:2D:3C:85:97:AB:FD:0D:DB:B9:09:F9:97:11:EA:6A:A8:7A
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       1B66B108
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/qH6cLTyFl6v9Ddu5CfmXEepqqHo.roa
Signing time:             Sat 01 Jan 2022 10:02:38 +0000
ROA not before:           Sat 01 Jan 2022 10:02:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41694
IP address blocks:        195.56.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 459714824 (0x1b66b108)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  1 10:02:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a87e9c2d3c8597abfd0ddbb909f99711ea6aa87a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:4b:c0:93:f2:d3:a6:60:19:10:ae:84:5f:1a:
                    9c:93:d9:3e:17:58:24:aa:0e:87:91:b1:23:c7:d7:
                    d1:0d:af:04:d8:a8:16:35:70:e7:cc:3b:f7:a7:c9:
                    0c:86:50:2b:96:2e:e9:77:f5:20:09:61:6c:c8:24:
                    4c:9d:b3:c6:03:6d:24:8a:04:fd:1a:cd:af:62:e7:
                    e0:a8:5e:03:39:df:5d:83:b5:65:cb:21:60:0f:32:
                    91:23:39:9e:d0:25:0a:65:96:06:e4:0f:7b:2e:dd:
                    2b:5c:f1:6b:67:80:ce:30:fe:cd:fe:cf:b6:e8:71:
                    8b:3a:bc:17:88:42:e9:36:ac:b1:4d:4b:ce:a8:46:
                    dc:1f:8c:60:b0:3a:1f:04:cb:93:72:dd:f2:90:bd:
                    4a:f3:ce:e3:da:97:6d:41:27:2a:35:b0:ef:e6:91:
                    38:98:15:b9:45:80:cd:8d:7e:b2:0d:8d:ab:f7:60:
                    f6:42:6c:f6:8c:43:be:1a:4b:3d:51:de:76:d1:cb:
                    f1:7f:1b:db:6a:d0:f7:0f:18:a2:34:45:0c:0b:81:
                    f3:df:80:0d:35:4a:62:e9:d5:59:f4:c3:fe:55:11:
                    0b:71:54:8a:5b:68:d9:2c:da:38:f1:97:10:76:7d:
                    43:01:c5:f3:13:c8:22:1f:6c:75:73:b2:3a:b4:a7:
                    bf:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:7E:9C:2D:3C:85:97:AB:FD:0D:DB:B9:09:F9:97:11:EA:6A:A8:7A
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/qH6cLTyFl6v9Ddu5CfmXEepqqHo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.56.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:2d:44:f4:9c:69:4a:8a:30:33:05:e6:c3:c4:93:8e:a7:b0:
         c4:15:b5:0f:bd:c1:f7:0c:6a:00:c1:ee:c1:7a:22:66:06:5e:
         d4:b8:a0:21:62:42:61:a6:39:79:5d:c1:d6:51:10:40:42:34:
         60:8a:fc:62:15:b1:5d:f6:69:25:35:37:f6:4a:4c:cc:c4:2a:
         1d:a1:66:a1:60:63:cf:9a:98:18:60:51:8d:b1:0e:1e:24:ba:
         52:a0:3e:61:27:b5:06:0a:fd:29:b4:f6:91:7f:0f:37:85:ce:
         f2:36:07:26:84:bd:32:77:9b:15:bc:f8:d2:a0:30:2c:76:24:
         77:4d:38:f0:10:98:3c:ed:75:6f:d0:76:be:d7:ab:49:d3:5a:
         87:d4:33:eb:05:ad:56:ab:d4:75:19:2c:e9:d3:20:17:68:16:
         43:dd:24:2b:dd:7f:76:e9:17:56:c7:14:a5:df:91:b1:80:fc:
         0d:fd:14:71:86:f7:1f:f8:22:33:c6:2f:24:c3:03:9a:99:93:
         15:9c:83:5c:3f:1f:fb:81:11:cd:fb:5c:2b:6a:13:37:0e:59:
         2c:52:8f:aa:ef:80:7d:87:69:fd:95:66:aa:3c:8f:ed:74:64:
         d0:fc:d8:92:c8:e3:b0:5d:eb:2f:16:4c:f9:60:2d:1a:96:a8:
         fb:88:99:14
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG2axCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDJkYWM2MDVmNDY1OTcxOGMwYTE1ZTFmNzMyY2JkNGY0OGFhZTdiMB4XDTIyMDEw
MTEwMDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg3ZTljMmQzYzg1
OTdhYmZkMGRkYmI5MDlmOTk3MTFlYTZhYTg3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpLwJPy06ZgGRCuhF8anJPZPhdYJKoOh5GxI8fX0Q2vBNio
FjVw58w796fJDIZQK5Yu6Xf1IAlhbMgkTJ2zxgNtJIoE/RrNr2Ln4KheAznfXYO1
ZcshYA8ykSM5ntAlCmWWBuQPey7dK1zxa2eAzjD+zf7Ptuhxizq8F4hC6TassU1L
zqhG3B+MYLA6HwTLk3Ld8pC9SvPO49qXbUEnKjWw7+aROJgVuUWAzY1+sg2Nq/dg
9kJs9oxDvhpLPVHedtHL8X8b22rQ9w8YojRFDAuB89+ADTVKYunVWfTD/lURC3FU
ilto2SzaOPGXEHZ9QwHF8xPIIh9sdXOyOrSnvykCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSofpwtPIWXq/0N27kJ+ZcR6mqoejAfBgNVHSMEGDAWgBTwLaxgX0ZZcYwK
FeH3MsvU9IquezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhDMnNZRjlHV1hHTUNoWGg5ekxMMVBTS3Jucy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8x
L3FINmNMVHlGbDZ2OURkdTVDZm1YRWVwcXFIby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8xLzhDMnNZRjlHV1hH
TUNoWGg5ekxMMVBTS3Jucy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMM4xzANBgkqhkiG9w0BAQsFAAOC
AQEAfi1E9JxpSoowMwXmw8STjqewxBW1D73B9wxqAMHuwXoiZgZe1LigIWJCYaY5
eV3B1lEQQEI0YIr8YhWxXfZpJTU39kpMzMQqHaFmoWBjz5qYGGBRjbEOHiS6UqA+
YSe1Bgr9KbT2kX8PN4XO8jYHJoS9MnebFbz40qAwLHYkd0048BCYPO11b9B2vter
SdNah9Qz6wWtVqvUdRks6dMgF2gWQ90kK91/dukXVscUpd+RsYD8Df0UcYb3H/gi
M8YvJMMDmpmTFZyDXD8f+4ERzftcK2oTNw5ZLFKPqu+AfYdp/ZVmqjyP7XRk0PzY
ksjjsF3rLxZM+WAtGpao+4iZFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org