Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/8ZiHU91oleZxSd-kYKM3tyALbbs.roa
File:                     8ZiHU91oleZxSd-kYKM3tyALbbs.roa (raw, json)
Hash identifier:          hvKDRRNN4MUWVeYsv1M/+g6kwjs1xISODig+Gv4oK1A=
Subject key identifier:   F1:98:87:53:DD:68:95:E6:71:49:DF:A4:60:A3:37:B7:20:0B:6D:BB
Certificate issuer:       /CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Certificate serial:       19E82152
Authority key identifier: 19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/8ZiHU91oleZxSd-kYKM3tyALbbs.roa
Signing time:             Sat 01 Jan 2022 05:01:56 +0000
ROA not before:           Sat 01 Jan 2022 05:01:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50941
IP address blocks:        37.152.79.0/24 maxlen: 24
                          85.95.255.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 434643282 (0x19e82152)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19f1a9dd126f37237ce200fb8616ff937bca966c
        Validity
            Not Before: Jan  1 05:01:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f1988753dd6895e67149dfa460a337b7200b6dbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:3e:65:f2:d5:2e:fb:1c:1e:62:63:1c:bb:02:
                    76:7d:57:eb:bf:19:65:a0:e8:bd:cd:7e:c3:02:d4:
                    ff:dd:95:00:6e:88:d3:64:08:06:97:0f:a8:81:7e:
                    40:34:96:c1:b6:5b:a9:bd:06:b2:7e:ef:9c:0d:31:
                    1d:7b:d2:2f:c4:da:c0:00:83:c4:2a:70:ee:c9:38:
                    21:c1:c7:01:b1:b5:17:25:03:ef:12:95:bc:93:0e:
                    83:7c:f0:89:9a:9a:bc:41:e6:c9:c9:e9:75:5a:c9:
                    8f:d1:71:d8:0b:68:a3:6c:2c:28:d9:1a:d7:75:45:
                    a6:73:ec:22:a7:5a:68:4a:0e:8e:01:6a:cb:f0:62:
                    de:8e:49:0b:3b:fa:c4:13:08:e1:24:11:0c:66:14:
                    72:37:69:11:67:f6:70:47:6e:ab:c1:f1:ff:55:14:
                    0e:ce:b3:c9:94:9f:23:5b:24:e8:4b:2e:76:61:5a:
                    ae:d2:f2:64:62:10:c0:b5:dc:0d:ab:b6:9a:7b:ca:
                    6e:71:11:45:eb:e3:fa:6e:36:80:41:b6:d2:4b:25:
                    a0:4f:2b:33:94:4e:71:51:d5:1b:41:52:5d:3b:13:
                    12:31:7a:6c:61:12:ce:28:d1:96:41:b6:a2:f5:bd:
                    24:11:e3:5c:50:45:c0:ed:69:96:26:d0:ef:07:7d:
                    54:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:98:87:53:DD:68:95:E6:71:49:DF:A4:60:A3:37:B7:20:0B:6D:BB
            X509v3 Authority Key Identifier:
                keyid:19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/8ZiHU91oleZxSd-kYKM3tyALbbs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.152.79.0/24
                  85.95.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:f6:cb:b9:24:32:41:44:29:f6:a6:1e:bb:8c:32:38:1e:3c:
         84:6b:e5:95:18:5d:68:3c:cd:a4:69:38:57:8d:ad:47:2d:aa:
         c4:6b:d6:b4:cc:9c:d5:95:61:b9:25:92:f6:df:73:97:83:c6:
         f1:71:af:21:f8:d1:c1:31:72:69:d0:59:de:f2:dc:5c:da:d1:
         15:1b:3f:a8:fb:e7:29:ce:09:53:7b:9a:5a:71:e4:cc:33:fc:
         33:36:e7:59:d1:57:51:25:c5:d6:30:aa:2f:12:db:5c:f7:0d:
         08:50:d1:53:75:d2:27:bc:df:38:fa:b1:bb:66:ca:33:6d:1b:
         36:d8:af:46:20:f6:06:8f:e1:a3:25:cc:de:ff:fd:cd:bb:5e:
         da:c7:27:66:99:ca:a2:13:c5:86:4e:12:62:3f:90:79:1d:f1:
         03:62:04:1b:08:1a:ac:90:69:e0:9c:f9:a8:6d:57:55:85:e0:
         a5:b0:94:d0:13:52:e2:66:22:24:49:3c:e9:19:51:fa:a6:1d:
         f8:a8:ab:22:da:d2:43:f6:d5:eb:31:e2:ab:8e:69:63:28:b1:
         3e:b3:57:b0:46:33:50:8f:bd:7d:bd:c1:c0:61:4f:58:06:90:
         09:45:7b:a4:3c:5b:57:88:a6:06:23:6a:f9:5f:9d:a8:2c:06:
         73:f6:0c:2d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGeghUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OWYxYTlkZDEyNmYzNzIzN2NlMjAwZmI4NjE2ZmY5MzdiY2E5NjZjMB4XDTIyMDEw
MTA1MDE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjE5ODg3NTNkZDY4
OTVlNjcxNDlkZmE0NjBhMzM3YjcyMDBiNmRiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKA+ZfLVLvscHmJjHLsCdn1X678ZZaDovc1+wwLU/92VAG6I
02QIBpcPqIF+QDSWwbZbqb0Gsn7vnA0xHXvSL8TawACDxCpw7sk4IcHHAbG1FyUD
7xKVvJMOg3zwiZqavEHmycnpdVrJj9Fx2Atoo2wsKNka13VFpnPsIqdaaEoOjgFq
y/Bi3o5JCzv6xBMI4SQRDGYUcjdpEWf2cEduq8Hx/1UUDs6zyZSfI1sk6EsudmFa
rtLyZGIQwLXcDau2mnvKbnERRevj+m42gEG20ksloE8rM5ROcVHVG0FSXTsTEjF6
bGESzijRlkG2ovW9JBHjXFBFwO1plibQ7wd9VB8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTxmIdT3WiV5nFJ36Rgoze3IAttuzAfBgNVHSMEGDAWgBQZ8andEm83I3zi
APuGFv+Te8qWbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dmR3AzUkp2TnlOODRnRDdoaGJfazN2S2xtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvZjhhNjNkLTE3MzAtNGQ4OC1hYjM4LTNmZDMwOTg4ZjY3Ny8x
LzhaaUhVOTFvbGVaeFNkLWtZS00zdHlBTGJicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
ZjhhNjNkLTE3MzAtNGQ4OC1hYjM4LTNmZDMwOTg4ZjY3Ny8xL0dmR3AzUkp2TnlO
ODRnRDdoaGJfazN2S2xtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEACWYTwMEAFVf/zANBgkqhkiG9w0B
AQsFAAOCAQEAevbLuSQyQUQp9qYeu4wyOB48hGvllRhdaDzNpGk4V42tRy2qxGvW
tMyc1ZVhuSWS9t9zl4PG8XGvIfjRwTFyadBZ3vLcXNrRFRs/qPvnKc4JU3uaWnHk
zDP8MzbnWdFXUSXF1jCqLxLbXPcNCFDRU3XSJ7zfOPqxu2bKM20bNtivRiD2Bo/h
oyXM3v/9zbte2scnZpnKohPFhk4SYj+QeR3xA2IEGwgarJBp4Jz5qG1XVYXgpbCU
0BNS4mYiJEk86RlR+qYd+KirItrSQ/bV6zHiq45pYyixPrNXsEYzUI+9fb3BwGFP
WAaQCUV7pDxbV4imBiNq+V+dqCwGc/YMLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:14 2024 by rpki-client on console-ams.rpki-client.org