Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/c1ab26-28b0-4637-b51b-3992c54e187b/1/CjveleFg8NeR5DRBEnvVTQaBdY8.roa
File:                     CjveleFg8NeR5DRBEnvVTQaBdY8.roa (raw, json)
Hash identifier:          IXaEgC8gcXtC5rRIgzVT+H1zouMQyvVCm0W9frGz8LM=
Subject key identifier:   0A:3B:DE:95:E1:60:F0:D7:91:E4:34:41:12:7B:D5:4D:06:81:75:8F
Certificate issuer:       /CN=47aa878f76b50947cbd7deca04ac832e287b514d
Certificate serial:       094795E8
Authority key identifier: 47:AA:87:8F:76:B5:09:47:CB:D7:DE:CA:04:AC:83:2E:28:7B:51:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R6qHj3a1CUfL197KBKyDLih7UU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/c1ab26-28b0-4637-b51b-3992c54e187b/1/CjveleFg8NeR5DRBEnvVTQaBdY8.roa
Signing time:             Sat 01 Jan 2022 09:59:39 +0000
ROA not before:           Sat 01 Jan 2022 09:59:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207188
IP address blocks:        194.61.102.0/23 maxlen: 24
                          2a03:98c7::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155686376 (0x94795e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47aa878f76b50947cbd7deca04ac832e287b514d
        Validity
            Not Before: Jan  1 09:59:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0a3bde95e160f0d791e43441127bd54d0681758f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:8b:6d:f7:4e:23:10:b4:16:9d:c5:6f:f5:dd:
                    cb:e1:52:d2:6a:03:7c:15:fd:1e:f1:a3:26:dc:54:
                    be:fe:16:c4:f3:5f:7f:f4:fc:f2:76:c4:21:e6:59:
                    99:08:e5:5a:52:b6:07:30:09:8d:f2:bc:62:e0:60:
                    c6:64:bd:9a:07:33:34:f1:07:7e:ef:ac:c6:b4:f1:
                    30:49:a4:47:eb:db:fe:64:b5:e2:bd:20:7a:dd:f4:
                    81:98:7a:e2:50:15:73:d3:4f:70:fd:54:00:e9:69:
                    49:64:f0:88:c9:1e:1c:04:01:c9:2d:79:23:76:80:
                    c2:ae:33:fe:09:ed:01:e1:ee:4c:a4:54:10:d4:52:
                    aa:7f:cd:d3:8d:59:7a:36:2c:c8:8c:5c:ec:4d:78:
                    4c:76:60:1e:9b:10:7d:ce:9a:6a:a4:bd:43:9b:39:
                    f6:b7:b0:0d:63:b8:55:7d:09:f2:bf:ac:d9:7f:3f:
                    14:38:de:de:b0:71:31:53:db:e5:47:24:ed:1c:ea:
                    e5:19:3f:c5:83:72:a7:fa:09:85:51:21:ac:1f:4d:
                    fb:0b:0a:87:e6:88:b1:d2:ef:32:da:52:7d:84:8f:
                    48:b3:33:3b:a0:59:1b:25:e4:97:d3:6f:56:19:95:
                    22:6d:05:8e:4a:6d:6e:f6:e5:91:97:94:1d:3e:44:
                    3b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:3B:DE:95:E1:60:F0:D7:91:E4:34:41:12:7B:D5:4D:06:81:75:8F
            X509v3 Authority Key Identifier:
                keyid:47:AA:87:8F:76:B5:09:47:CB:D7:DE:CA:04:AC:83:2E:28:7B:51:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R6qHj3a1CUfL197KBKyDLih7UU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/c1ab26-28b0-4637-b51b-3992c54e187b/1/CjveleFg8NeR5DRBEnvVTQaBdY8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/c1ab26-28b0-4637-b51b-3992c54e187b/1/R6qHj3a1CUfL197KBKyDLih7UU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.61.102.0/23
                IPv6:
                  2a03:98c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         62:46:4b:e6:ee:fd:46:b2:65:e3:af:53:df:a7:38:5b:bc:12:
         1c:c3:a6:db:27:77:9b:a4:1d:5c:33:32:6a:7c:85:27:85:96:
         9b:58:e9:17:fb:ea:fc:17:df:10:43:0d:af:6c:c3:24:61:02:
         e6:1c:22:a9:13:9d:c2:c3:7a:e4:6c:77:aa:ae:4f:b2:bf:86:
         ff:6b:81:1b:01:3f:80:16:9c:1b:40:56:c3:f0:ad:42:de:39:
         f3:3d:59:6e:9e:94:fb:2b:12:bd:f9:0a:fd:7f:4e:7b:fe:29:
         7d:16:4b:aa:af:b3:45:7a:ec:d2:af:53:21:92:9e:2e:23:a9:
         1a:bc:2a:dc:d4:c7:fe:77:23:8f:99:c3:dd:0d:e4:44:eb:82:
         b9:10:12:d4:10:e7:ce:cc:7e:8a:cf:24:d7:2c:e7:02:66:79:
         15:96:d8:e6:b6:4b:82:97:ac:70:24:2d:bd:68:e7:9d:49:67:
         53:32:6a:71:85:c2:b5:b8:73:71:62:8a:b8:ec:32:78:9c:df:
         ed:d2:a4:a0:c6:79:7d:42:ff:64:7e:a0:86:ba:93:91:4d:7b:
         04:50:05:e9:a6:48:cf:14:25:6d:1f:46:1f:a7:9d:88:43:97:
         09:93:06:dd:f8:28:01:a7:af:70:31:39:95:30:95:d6:9b:16:
         5a:da:c3:d3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECUeV6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
N2FhODc4Zjc2YjUwOTQ3Y2JkN2RlY2EwNGFjODMyZTI4N2I1MTRkMB4XDTIyMDEw
MTA5NTkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGEzYmRlOTVlMTYw
ZjBkNzkxZTQzNDQxMTI3YmQ1NGQwNjgxNzU4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyLbfdOIxC0Fp3Fb/Xdy+FS0moDfBX9HvGjJtxUvv4WxPNf
f/T88nbEIeZZmQjlWlK2BzAJjfK8YuBgxmS9mgczNPEHfu+sxrTxMEmkR+vb/mS1
4r0get30gZh64lAVc9NPcP1UAOlpSWTwiMkeHAQByS15I3aAwq4z/gntAeHuTKRU
ENRSqn/N041ZejYsyIxc7E14THZgHpsQfc6aaqS9Q5s59rewDWO4VX0J8r+s2X8/
FDje3rBxMVPb5Uck7Rzq5Rk/xYNyp/oJhVEhrB9N+wsKh+aIsdLvMtpSfYSPSLMz
O6BZGyXkl9NvVhmVIm0FjkptbvblkZeUHT5EO90CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQKO96V4WDw15HkNEESe9VNBoF1jzAfBgNVHSMEGDAWgBRHqoePdrUJR8vX
3soErIMuKHtRTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1I2cUhqM2ExQ1VmTDE5N0tCS3lETGloN1VVMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvYzFhYjI2LTI4YjAtNDYzNy1iNTFiLTM5OTJjNTRlMTg3Yi8x
L0NqdmVsZUZnOE5lUjVEUkJFbnZWVFFhQmRZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
YzFhYjI2LTI4YjAtNDYzNy1iNTFiLTM5OTJjNTRlMTg3Yi8xL1I2cUhqM2ExQ1Vm
TDE5N0tCS3lETGloN1VVMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAcI9ZjANBAIAAjAHAwUAKgOYxzAN
BgkqhkiG9w0BAQsFAAOCAQEAYkZL5u79RrJl469T36c4W7wSHMOm2yd3m6QdXDMy
anyFJ4WWm1jpF/vq/BffEEMNr2zDJGEC5hwiqROdwsN65Gx3qq5Psr+G/2uBGwE/
gBacG0BWw/CtQt458z1Zbp6U+ysSvfkK/X9Oe/4pfRZLqq+zRXrs0q9TIZKeLiOp
Grwq3NTH/ncjj5nD3Q3kROuCuRAS1BDnzsx+is8k1yznAmZ5FZbY5rZLgpescCQt
vWjnnUlnUzJqcYXCtbhzcWKKuOwyeJzf7dKkoMZ5fUL/ZH6ghrqTkU17BFAF6aZI
zxQlbR9GH6ediEOXCZMG3fgoAaevcDE5lTCV1psWWtrD0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org