Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/oyKJS_5TUxErEVR2q9mX084XAA0.roa
File:                     oyKJS_5TUxErEVR2q9mX084XAA0.roa (raw, json)
Hash identifier:          ff5BlxeFZygq+V8GNdsF4TPbowWhYxpUur++6DWN9LA=
Subject key identifier:   A3:22:89:4B:FE:53:53:11:2B:11:54:76:AB:D9:97:D3:CE:17:00:0D
Certificate issuer:       /CN=af21dd2f772a5bb47925c28bb5d16cd930f206b1
Certificate serial:       0185624893B8EACE0E4ECEC9E0F07C993EB5
Authority key identifier: AF:21:DD:2F:77:2A:5B:B4:79:25:C2:8B:B5:D1:6C:D9:30:F2:06:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/oyKJS_5TUxErEVR2q9mX084XAA0.roa
Signing time:             Fri 30 Dec 2022 09:06:41 +0000
ROA not before:           Fri 30 Dec 2022 09:06:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28935
IP address blocks:        195.47.206.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:62:48:93:b8:ea:ce:0e:4e:ce:c9:e0:f0:7c:99:3e:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af21dd2f772a5bb47925c28bb5d16cd930f206b1
        Validity
            Not Before: Dec 30 09:06:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a322894bfe5353112b115476abd997d3ce17000d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:dc:78:8a:aa:e1:19:f1:dc:c3:52:7a:b0:70:
                    96:65:db:8c:32:1c:4d:77:c1:52:44:27:3c:03:bd:
                    ce:4e:e0:aa:37:1d:2d:f9:7f:44:39:bc:f8:00:bc:
                    c8:38:f7:6f:fe:c1:b5:ce:b0:4b:29:3a:44:09:2a:
                    8e:9d:1a:e3:cf:38:7a:1c:2b:47:ed:88:13:c6:fc:
                    9d:c4:ba:d5:fe:7e:25:f0:8d:3c:1b:a6:63:a5:23:
                    2d:91:89:43:8c:53:a8:bf:52:e8:39:f8:8d:9d:16:
                    ff:7e:3c:95:c5:b1:b0:bc:c3:e4:16:51:ac:5e:29:
                    3c:7e:4b:1b:b9:2b:d9:db:9a:97:92:8b:1b:8b:99:
                    e2:b2:da:a8:1a:fa:ba:6b:67:f4:c4:a8:43:94:0e:
                    1d:8c:da:3f:89:3d:ab:9c:f4:31:fd:42:ab:58:a6:
                    aa:99:ee:cf:64:05:8a:19:04:0d:e9:ab:a5:6e:02:
                    c6:5b:20:a7:87:24:00:c8:64:55:f1:70:7f:36:35:
                    fe:75:d3:bf:52:a6:f1:eb:f6:ca:9d:0c:2b:bd:1c:
                    e3:ce:30:ec:08:24:b3:86:e7:9f:97:c9:54:18:54:
                    76:d0:41:95:79:34:a2:a4:49:0d:c7:6f:76:6f:26:
                    73:c8:2a:75:b1:7e:fd:e8:34:be:58:2c:14:b2:e6:
                    90:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:22:89:4B:FE:53:53:11:2B:11:54:76:AB:D9:97:D3:CE:17:00:0D
            X509v3 Authority Key Identifier:
                keyid:AF:21:DD:2F:77:2A:5B:B4:79:25:C2:8B:B5:D1:6C:D9:30:F2:06:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/oyKJS_5TUxErEVR2q9mX084XAA0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.47.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:e2:e2:6c:73:05:fa:33:3c:d7:61:f5:63:d4:93:6d:58:86:
         46:aa:4e:58:45:8b:d3:c2:a5:97:6d:db:42:5a:b8:05:0c:73:
         24:63:9b:dd:ce:a3:ce:41:cd:b7:63:dd:a9:58:bc:15:c2:b2:
         79:3a:ff:af:08:cd:9e:bd:96:ad:32:16:81:f4:72:5a:ad:1e:
         af:67:fa:88:dc:1e:90:9d:5a:e8:50:6d:f6:4f:ee:95:57:91:
         75:b5:15:82:b8:29:ea:de:b5:a1:9c:e3:5f:d7:c2:ef:1a:db:
         48:8b:fc:51:d8:06:0c:7d:ac:91:a1:d9:8d:44:2a:0c:c7:57:
         61:0b:64:67:45:a8:3f:30:13:14:eb:49:35:b5:df:0b:c6:31:
         72:10:df:b2:6b:95:94:f9:4e:45:46:d4:db:91:40:83:49:41:
         53:48:9b:c3:bd:d1:f9:d1:c7:c8:97:6e:ed:0b:61:92:da:57:
         0a:51:e7:2d:b2:12:3e:68:9b:72:3e:e1:ca:9f:81:d4:9b:00:
         49:a3:45:f4:30:03:21:b6:15:36:88:74:d5:5a:5b:ab:29:95:
         87:c0:ef:ff:df:73:dc:6e:e4:aa:0f:c8:8a:fc:81:5e:db:e6:
         49:eb:36:65:ba:cf:95:ab:5e:69:79:2e:d3:19:00:c4:24:8f:
         4c:e9:20:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYViSJO46s4OTs7J4PB8mT61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMjFkZDJmNzcyYTViYjQ3OTI1YzI4YmI1ZDE2Y2Q5MzBm
MjA2YjEwHhcNMjIxMjMwMDkwNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzIyODk0YmZlNTM1MzExMmIxMTU0NzZhYmQ5OTdkM2NlMTcwMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9x4iqrhGfHcw1J6sHCWZduMMhxN
d8FSRCc8A73OTuCqNx0t+X9EObz4ALzIOPdv/sG1zrBLKTpECSqOnRrjzzh6HCtH
7YgTxvydxLrV/n4l8I08G6ZjpSMtkYlDjFOov1LoOfiNnRb/fjyVxbGwvMPkFlGs
Xik8fksbuSvZ25qXkosbi5nistqoGvq6a2f0xKhDlA4djNo/iT2rnPQx/UKrWKaq
me7PZAWKGQQN6aulbgLGWyCnhyQAyGRV8XB/NjX+ddO/Uqbx6/bKnQwrvRzjzjDs
CCSzhuefl8lUGFR20EGVeTSipEkNx292byZzyCp1sX796DS+WCwUsuaQMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKMiiUv+U1MRKxFUdqvZl9POFwANMB8GA1UdIwQY
MBaAFK8h3S93Klu0eSXCi7XRbNkw8gaxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wN2JhZGQtZmYzZi00ODg2LWFiZjEt
NTUyZTUxNTQyZDRkLzEvb3lLSlNfNVRVeEVyRVZSMnE5bVgwODRYQUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8wN2JhZGQtZmYzZi00ODg2LWFiZjEtNTUyZTUxNTQyZDRk
LzEvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/OMA0G
CSqGSIb3DQEBCwUAA4IBAQAs4uJscwX6MzzXYfVj1JNtWIZGqk5YRYvTwqWXbdtC
WrgFDHMkY5vdzqPOQc23Y92pWLwVwrJ5Ov+vCM2evZatMhaB9HJarR6vZ/qI3B6Q
nVroUG32T+6VV5F1tRWCuCnq3rWhnONf18LvGttIi/xR2AYMfayRodmNRCoMx1dh
C2RnRag/MBMU60k1td8LxjFyEN+ya5WU+U5FRtTbkUCDSUFTSJvDvdH50cfIl27t
C2GS2lcKUectshI+aJtyPuHKn4HUmwBJo0X0MAMhthU2iHTVWlurKZWHwO//33Pc
buSqD8iK/IFe2+ZJ6zZlus+Vq15peS7TGQDEJI9M6SBw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:55 2024 by rpki-client on console-ams.rpki-client.org