Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/1-wfru910Dcj6xyMXVCgOghQuyOs.roa
File:                     1-wfru910Dcj6xyMXVCgOghQuyOs.roa (raw, json)
Hash identifier:          Mi6iNV5+BS++z+ofKT1sN3FjdUInoIjdu7TFcQ7bRK8=
Subject key identifier:   FB:07:EB:BB:DD:74:0D:C8:FA:C7:23:17:54:28:0E:82:14:2E:C8:EB
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       180B6287
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/1-wfru910Dcj6xyMXVCgOghQuyOs.roa
Signing time:             Sat 01 Jan 2022 04:00:37 +0000
ROA not before:           Sat 01 Jan 2022 04:00:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202690
IP address blocks:        212.5.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 403399303 (0x180b6287)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 04:00:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb07ebbbdd740dc8fac7231754280e82142ec8eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:61:3d:ce:7f:f4:ff:ec:01:06:83:b1:d3:de:
                    53:c5:ac:ce:c1:84:f0:9e:e5:e4:03:54:8c:fd:ea:
                    4c:4c:ff:3a:25:60:ae:7e:90:ef:de:d6:45:55:10:
                    fb:f3:79:ce:34:df:29:3a:9d:0f:cf:82:5b:c0:7f:
                    07:7e:95:24:61:0e:8a:48:00:b5:eb:70:ab:10:d4:
                    df:cd:4d:9b:0d:fa:ea:35:4c:b4:46:98:26:16:24:
                    45:a8:ab:f0:d6:fe:50:1a:13:be:f5:37:b6:b9:41:
                    c8:b2:a4:45:9e:9e:1a:ab:71:67:14:95:7c:53:5c:
                    45:2a:a4:c3:ef:c4:13:e2:79:86:b3:3c:27:7b:0b:
                    ed:f3:5f:80:65:20:6e:69:c5:ed:3e:65:76:97:43:
                    b2:05:76:80:12:d9:36:0a:6f:d4:00:22:21:0f:b1:
                    60:88:86:62:17:76:11:87:c0:8b:0f:a7:aa:f4:81:
                    19:7f:37:c4:cf:3f:5a:ca:c4:c7:45:b8:23:d7:2b:
                    dd:e6:7e:d1:0b:3e:31:dc:c9:9e:e7:08:44:55:09:
                    6d:20:2e:c4:b5:27:2b:ea:29:ee:0b:3b:b3:81:fe:
                    21:82:2e:8e:ac:d4:08:07:4c:67:99:fe:a9:1b:82:
                    20:34:51:ed:34:be:8d:23:25:7c:b2:67:a8:2b:3d:
                    01:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:07:EB:BB:DD:74:0D:C8:FA:C7:23:17:54:28:0E:82:14:2E:C8:EB
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/1-wfru910Dcj6xyMXVCgOghQuyOs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.5.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:da:e5:68:8c:db:be:50:42:b9:13:2d:73:3b:ad:c7:dd:7e:
         31:87:da:31:aa:43:e9:e2:52:24:86:d6:d8:d2:27:4d:2f:95:
         92:63:70:4c:cf:8f:c7:d9:33:6c:7f:56:7d:0a:1e:91:25:c7:
         85:b4:fb:fe:24:c3:af:ce:20:47:58:dd:5a:29:5c:0f:23:54:
         76:91:d2:77:f9:c5:55:49:fa:db:86:48:fe:25:d9:bb:5f:77:
         e4:92:bd:b9:fb:43:a4:5d:29:35:10:fc:a8:8e:a7:c4:2c:3e:
         01:b8:4c:c3:c7:e1:3d:73:cf:86:e0:76:69:27:35:22:2c:da:
         c8:93:d4:6a:1e:d1:4c:f2:97:0c:a5:e8:f9:90:0f:a1:c1:5c:
         a8:38:7c:ee:a7:71:d7:4e:10:76:25:60:ac:6f:6d:c2:98:94:
         de:6a:36:7b:cf:97:47:6a:0b:70:6e:83:58:ca:cc:23:c0:de:
         ec:a8:b4:e2:37:78:1f:f4:16:90:a0:34:0c:77:9d:1c:22:da:
         06:b0:aa:8c:db:23:e4:b6:12:bb:46:16:67:88:e0:d8:4c:7f:
         e5:5a:b9:6f:44:c3:38:a4:f0:ba:45:8b:15:9c:30:df:3d:98:
         18:e4:24:69:cb:bc:2c:6d:c5:b2:a5:83:c4:97:d2:85:10:2c:
         56:13:0b:d9
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEGAtihzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDEw
MTA0MDAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIwN2ViYmJkZDc0
MGRjOGZhYzcyMzE3NTQyODBlODIxNDJlYzhlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFhPc5/9P/sAQaDsdPeU8WszsGE8J7l5ANUjP3qTEz/OiVg
rn6Q797WRVUQ+/N5zjTfKTqdD8+CW8B/B36VJGEOikgAtetwqxDU381Nmw366jVM
tEaYJhYkRair8Nb+UBoTvvU3trlByLKkRZ6eGqtxZxSVfFNcRSqkw+/EE+J5hrM8
J3sL7fNfgGUgbmnF7T5ldpdDsgV2gBLZNgpv1AAiIQ+xYIiGYhd2EYfAiw+nqvSB
GX83xM8/WsrEx0W4I9cr3eZ+0Qs+MdzJnucIRFUJbSAuxLUnK+op7gs7s4H+IYIu
jqzUCAdMZ5n+qRuCIDRR7TS+jSMlfLJnqCs9AeMCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT7B+u73XQNyPrHIxdUKA6CFC7I6zAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
LzEtd2ZydTkxMERjajZ4eU1YVkNnT2doUXV5T3Mucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Iw
LzRhYTc4OS04NzhiLTQ3MmItYjg0Ny04NzJiYTJkOWY0NGMvMS9oTEwwLWxGanI1
WVdqb2o3LWN0TzBlMlB0TVEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADUBZwwDQYJKoZIhvcNAQELBQAD
ggEBAJ7a5WiM275QQrkTLXM7rcfdfjGH2jGqQ+niUiSG1tjSJ00vlZJjcEzPj8fZ
M2x/Vn0KHpElx4W0+/4kw6/OIEdY3VopXA8jVHaR0nf5xVVJ+tuGSP4l2btfd+SS
vbn7Q6RdKTUQ/KiOp8QsPgG4TMPH4T1zz4bgdmknNSIs2siT1Goe0Uzylwyl6PmQ
D6HBXKg4fO6ncddOEHYlYKxvbcKYlN5qNnvPl0dqC3Bug1jKzCPA3uyotOI3eB/0
FpCgNAx3nRwi2gawqozbI+S2ErtGFmeI4NhMf+VauW9Ewzik8LpFixWcMN89mBjk
JGnLvCxtxbKlg8SX0oUQLFYTC9k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org