Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/oT4oL-i1smt2OMjLT_pIiPYVI9Q.roa
File:                     oT4oL-i1smt2OMjLT_pIiPYVI9Q.roa (raw, json)
Hash identifier:          VdvPCal/v4eMMKaMCsKaqKK+mMqzt7mYPck+JIegf0Q=
Subject key identifier:   A1:3E:28:2F:E8:B5:B2:6B:76:38:C8:CB:4F:FA:48:88:F6:15:23:D4
Certificate issuer:       /CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
Certificate serial:       19F292E6
Authority key identifier: 6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/oT4oL-i1smt2OMjLT_pIiPYVI9Q.roa
Signing time:             Sat 01 Jan 2022 16:05:03 +0000
ROA not before:           Sat 01 Jan 2022 16:05:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209242
IP address blocks:        80.94.83.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 435327718 (0x19f292e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
        Validity
            Not Before: Jan  1 16:05:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a13e282fe8b5b26b7638c8cb4ffa4888f61523d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:38:5c:c0:29:78:bf:fc:e3:d2:d1:6f:97:ce:
                    9f:21:bd:59:49:7d:6d:56:23:5a:ec:ec:9a:b9:f7:
                    f8:8a:48:24:b9:10:0f:69:52:c9:3e:bb:e5:64:35:
                    8f:a9:b0:6f:24:2f:b7:e4:25:14:ef:09:41:2b:3e:
                    e8:2d:ab:f2:ea:e8:3f:76:7c:c8:63:d7:a5:68:76:
                    60:8d:4d:6f:e7:b4:2d:11:03:a8:26:be:29:16:ee:
                    01:72:b8:6c:46:4e:e2:43:47:57:1d:8c:78:db:10:
                    b8:09:07:3a:35:80:b9:e0:47:ef:f1:2c:19:d0:b0:
                    20:e6:f9:3e:6a:ab:2b:9f:ac:35:95:2d:4a:d2:1d:
                    e2:6b:6b:bb:29:cf:fd:4a:1b:36:17:66:d6:32:8a:
                    b8:57:39:68:33:28:91:44:8e:1d:66:ee:e4:8e:80:
                    33:60:2d:36:07:1a:22:d1:8d:1d:5c:e0:66:17:62:
                    b9:ae:9c:7c:3b:2b:a7:32:9e:76:5a:6c:d4:d1:3c:
                    b0:3e:59:b0:d0:44:67:fc:10:da:db:b8:55:fe:f8:
                    07:05:19:50:15:28:c3:ff:44:ef:a7:ce:5f:bf:c6:
                    00:8a:55:04:a7:c0:8a:22:60:2f:39:70:fe:b2:45:
                    d9:31:bd:3f:25:cd:b6:44:69:94:84:e5:e0:9f:97:
                    02:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:3E:28:2F:E8:B5:B2:6B:76:38:C8:CB:4F:FA:48:88:F6:15:23:D4
            X509v3 Authority Key Identifier:
                keyid:6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/oT4oL-i1smt2OMjLT_pIiPYVI9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.94.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:3e:fb:da:1e:11:49:60:20:84:f8:ed:06:d5:3c:db:5b:8f:
         49:1b:1a:05:f1:83:06:cd:de:bc:e4:52:a7:5f:86:0a:96:e5:
         6f:83:d3:26:00:75:39:44:ff:50:ed:77:6e:79:95:65:86:eb:
         1c:9e:ed:6b:fd:3d:23:48:9b:82:75:96:06:a7:c7:2e:8a:16:
         15:ab:77:ff:7a:c7:b7:88:44:a4:7f:c6:72:3d:f0:b9:c8:30:
         1f:2b:76:a9:d7:c1:fb:e5:dc:ba:a6:55:7a:4f:5c:9f:5b:42:
         80:10:a0:c0:4d:06:5e:89:b2:fa:a1:96:67:f9:06:9d:05:0d:
         9d:6b:7b:60:c9:f2:56:9f:9f:96:1e:70:2c:48:0b:00:00:83:
         1e:4a:e0:4f:09:f8:25:a6:c3:9f:f1:a3:3a:dd:c7:92:d6:88:
         84:ce:90:12:c8:fe:69:b4:47:94:54:60:0f:9a:a4:79:99:94:
         4f:9f:f0:63:90:89:f5:82:82:39:b0:8c:88:74:70:85:cb:72:
         3b:9c:c2:50:27:6f:42:22:d6:d7:92:f7:9f:50:92:b5:df:09:
         d8:14:9d:b7:ff:ac:fe:de:df:5b:e4:a7:9e:b3:3c:5f:8d:84:
         d5:a6:18:7e:2a:8d:37:5c:d4:b9:88:8e:6d:18:36:a3:f7:30:
         e4:c9:b1:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGfKS5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZmE4NmQxYzE2NzZhNTlhNDZhY2YzNzMzNjE5MmU5ODVjZmYwZTViMB4XDTIyMDEw
MTE2MDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEzZTI4MmZlOGI1
YjI2Yjc2MzhjOGNiNGZmYTQ4ODhmNjE1MjNkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMg4XMApeL/849LRb5fOnyG9WUl9bVYjWuzsmrn3+IpIJLkQ
D2lSyT675WQ1j6mwbyQvt+QlFO8JQSs+6C2r8uroP3Z8yGPXpWh2YI1Nb+e0LRED
qCa+KRbuAXK4bEZO4kNHVx2MeNsQuAkHOjWAueBH7/EsGdCwIOb5PmqrK5+sNZUt
StId4mtruynP/UobNhdm1jKKuFc5aDMokUSOHWbu5I6AM2AtNgcaItGNHVzgZhdi
ua6cfDsrpzKedlps1NE8sD5ZsNBEZ/wQ2tu4Vf74BwUZUBUow/9E76fOX7/GAIpV
BKfAiiJgLzlw/rJF2TG9PyXNtkRplITl4J+XAhUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShPigv6LWya3Y4yMtP+kiI9hUj1DAfBgNVHSMEGDAWgBRvqG0cFnalmkas
83M2GS6YXP8OWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I2aHRIQloycFpwR3JQTnpOaGt1bUZ6X0Rscy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYWZlMzczLWU1YmMtNDAxMC04YWQ2LTZhYWIyYjFiOTIyYy8x
L29UNG9MLWkxc210Mk9NakxUX3BJaVBZVkk5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YWZlMzczLWU1YmMtNDAxMC04YWQ2LTZhYWIyYjFiOTIyYy8xL2I2aHRIQloycFpw
R3JQTnpOaGt1bUZ6X0Rscy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFBeUzANBgkqhkiG9w0BAQsFAAOC
AQEAMT772h4RSWAghPjtBtU821uPSRsaBfGDBs3evORSp1+GCpblb4PTJgB1OUT/
UO13bnmVZYbrHJ7ta/09I0ibgnWWBqfHLooWFat3/3rHt4hEpH/Gcj3wucgwHyt2
qdfB++XcuqZVek9cn1tCgBCgwE0GXomy+qGWZ/kGnQUNnWt7YMnyVp+flh5wLEgL
AACDHkrgTwn4JabDn/GjOt3HktaIhM6QEsj+abRHlFRgD5qkeZmUT5/wY5CJ9YKC
ObCMiHRwhctyO5zCUCdvQiLW15L3n1CStd8J2BSdt/+s/t7fW+SnnrM8X42E1aYY
fiqNN1zUuYiObRg2o/cw5MmxGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:25 2024 by rpki-client on console-ams.rpki-client.org