Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/rxnFDfYBS3ewhVLshx7PMx9IioI.roa
File:                     rxnFDfYBS3ewhVLshx7PMx9IioI.roa (raw, json)
Hash identifier:          S48Uz8NQgcez6ZTo0/MgkaE4RBpkoMQcZfafqqn5fuA=
Subject key identifier:   AF:19:C5:0D:F6:01:4B:77:B0:85:52:EC:87:1E:CF:33:1F:48:8A:82
Certificate issuer:       /CN=d04265fb11c2a220bc350718673e0704d1edadde
Certificate serial:       03CE19B3
Authority key identifier: D0:42:65:FB:11:C2:A2:20:BC:35:07:18:67:3E:07:04:D1:ED:AD:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0EJl-xHCoiC8NQcYZz4HBNHtrd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/rxnFDfYBS3ewhVLshx7PMx9IioI.roa
Signing time:             Tue 28 Jun 2022 18:13:02 +0000
ROA not before:           Tue 28 Jun 2022 18:13:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204843
IP address blocks:        134.255.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63838643 (0x3ce19b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d04265fb11c2a220bc350718673e0704d1edadde
        Validity
            Not Before: Jun 28 18:13:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=af19c50df6014b77b08552ec871ecf331f488a82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:51:7b:96:96:41:e0:3a:3c:fa:a0:a4:ad:bf:
                    f0:97:2b:44:37:4f:2d:0d:db:d8:06:f6:e6:7e:80:
                    6a:e8:ae:4a:69:fe:f3:b0:3c:74:60:da:34:2c:61:
                    f4:b1:e4:53:ff:b9:15:7f:ae:27:2c:b3:37:68:19:
                    c8:00:71:e3:71:59:21:2c:d9:3a:a5:cf:0e:83:03:
                    cb:6b:97:69:88:dc:00:c6:71:2a:65:c0:d9:5c:c7:
                    27:eb:37:b1:d2:6a:93:ad:a9:16:42:34:a5:07:f0:
                    30:d1:73:b8:37:05:5f:21:9a:b0:7d:db:5b:bd:8e:
                    a6:0f:de:ce:17:34:01:c0:7e:ec:5f:c5:0e:30:df:
                    85:ef:06:bf:2d:55:78:c0:24:a6:6d:b1:92:97:38:
                    12:b3:59:f6:c7:2b:e3:a3:45:fa:5f:de:a6:46:d2:
                    3a:47:1f:c6:2f:1c:f7:9c:8b:cc:6f:b1:70:11:ab:
                    29:87:81:2f:b9:a1:f2:9b:2e:2c:9d:1a:43:8f:7d:
                    11:3e:8a:5e:a1:72:e4:34:49:b0:fc:e5:2a:52:f1:
                    72:5b:1a:eb:5c:57:d8:bd:d3:89:e5:12:da:df:c5:
                    94:dd:80:ec:74:4b:63:9d:fb:cd:0f:85:b2:34:c1:
                    45:d1:26:73:be:d8:6c:18:24:c7:96:08:d6:9b:21:
                    ee:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:19:C5:0D:F6:01:4B:77:B0:85:52:EC:87:1E:CF:33:1F:48:8A:82
            X509v3 Authority Key Identifier:
                keyid:D0:42:65:FB:11:C2:A2:20:BC:35:07:18:67:3E:07:04:D1:ED:AD:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EJl-xHCoiC8NQcYZz4HBNHtrd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/rxnFDfYBS3ewhVLshx7PMx9IioI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/0EJl-xHCoiC8NQcYZz4HBNHtrd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.255.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cd:d2:06:84:74:13:75:ca:88:85:e9:e9:8d:cf:68:10:cb:06:
         17:1c:93:ba:df:b1:76:19:c7:9b:76:8d:51:da:f9:97:df:e9:
         34:bb:75:aa:5b:d2:d9:7b:c1:57:a7:b2:a9:11:63:5c:09:ed:
         ac:16:08:f1:80:b2:b4:ca:07:8f:ee:54:c8:8a:12:8a:a2:86:
         31:c9:83:89:d8:e4:4a:d2:89:46:ff:a6:23:08:73:ac:2f:42:
         f7:1c:82:dc:7c:35:b0:b0:5c:1d:26:e2:dc:58:ce:d3:be:d3:
         01:02:54:40:bb:34:bf:30:b8:4a:16:08:97:1f:4a:f4:55:b4:
         de:a5:32:c9:56:d5:5a:be:2f:63:fd:23:07:83:27:92:5a:0f:
         b6:77:f6:8e:92:db:1c:c7:37:77:4b:b3:03:3d:ba:7d:18:e1:
         a1:a8:16:0d:a2:16:8f:87:15:af:04:f9:11:b5:fd:a9:25:ca:
         06:4a:61:a6:03:1b:72:1e:c9:dd:42:52:10:22:c7:71:15:14:
         d0:60:64:22:db:f3:fc:c6:b4:d2:cd:24:3d:b4:01:b4:89:45:
         6a:18:45:3e:bc:55:22:77:02:22:c2:2b:76:2d:a9:6d:51:6c:
         29:6d:e7:7d:3b:c1:5c:b0:a1:61:0e:35:cc:aa:67:bf:6f:e2:
         2a:b2:1d:28
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA84ZszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDQyNjVmYjExYzJhMjIwYmMzNTA3MTg2NzNlMDcwNGQxZWRhZGRlMB4XDTIyMDYy
ODE4MTMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWYxOWM1MGRmNjAx
NGI3N2IwODU1MmVjODcxZWNmMzMxZjQ4OGE4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlRe5aWQeA6PPqgpK2/8JcrRDdPLQ3b2Ab25n6AauiuSmn+
87A8dGDaNCxh9LHkU/+5FX+uJyyzN2gZyABx43FZISzZOqXPDoMDy2uXaYjcAMZx
KmXA2VzHJ+s3sdJqk62pFkI0pQfwMNFzuDcFXyGasH3bW72Opg/ezhc0AcB+7F/F
DjDfhe8Gvy1VeMAkpm2xkpc4ErNZ9scr46NF+l/epkbSOkcfxi8c95yLzG+xcBGr
KYeBL7mh8psuLJ0aQ499ET6KXqFy5DRJsPzlKlLxclsa61xX2L3TieUS2t/FlN2A
7HRLY537zQ+FsjTBRdEmc77YbBgkx5YI1psh7qECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvGcUN9gFLd7CFUuyHHs8zH0iKgjAfBgNVHSMEGDAWgBTQQmX7EcKiILw1
BxhnPgcE0e2t3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBFSmwteEhDb2lDOE5RY1laejRIQk5IdHJkNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvZmE3M2Y4LTMzZTAtNDAzMi04NGVjLWE5NmVmNmY2NDM1Yy8x
L3J4bkZEZllCUzNld2hWTHNoeDdQTXg5SWlvSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
ZmE3M2Y4LTMzZTAtNDAzMi04NGVjLWE5NmVmNmY2NDM1Yy8xLzBFSmwteEhDb2lD
OE5RY1laejRIQk5IdHJkNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIb/xzANBgkqhkiG9w0BAQsFAAOC
AQEAzdIGhHQTdcqIhenpjc9oEMsGFxyTut+xdhnHm3aNUdr5l9/pNLt1qlvS2XvB
V6eyqRFjXAntrBYI8YCytMoHj+5UyIoSiqKGMcmDidjkStKJRv+mIwhzrC9C9xyC
3Hw1sLBcHSbi3FjO077TAQJUQLs0vzC4ShYIlx9K9FW03qUyyVbVWr4vY/0jB4Mn
kloPtnf2jpLbHMc3d0uzAz26fRjhoagWDaIWj4cVrwT5EbX9qSXKBkphpgMbch7J
3UJSECLHcRUU0GBkItvz/Ma00s0kPbQBtIlFahhFPrxVIncCIsIrdi2pbVFsKW3n
fTvBXLChYQ41zKpnv2/iKrIdKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:46 2024 by rpki-client on console-fra.rpki-client.org