Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/xr0tM4o2zrExqR6UELmQMBZpz5A.roa
File:                     xr0tM4o2zrExqR6UELmQMBZpz5A.roa (raw, json)
Hash identifier:          jPLP3oM5S/HVejd9k/jaEeiAvswGPElGYxd/wf4q9qM=
Subject key identifier:   C6:BD:2D:33:8A:36:CE:B1:31:A9:1E:94:10:B9:90:30:16:69:CF:90
Certificate issuer:       /CN=230340d27e4b24f9124977322edb36942e2d160c
Certificate serial:       10EBBC99
Authority key identifier: 23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/xr0tM4o2zrExqR6UELmQMBZpz5A.roa
Signing time:             Sat 01 Jan 2022 08:52:59 +0000
ROA not before:           Sat 01 Jan 2022 08:52:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8308
IP address blocks:        81.26.31.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 283884697 (0x10ebbc99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=230340d27e4b24f9124977322edb36942e2d160c
        Validity
            Not Before: Jan  1 08:52:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c6bd2d338a36ceb131a91e9410b990301669cf90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ed:81:93:e6:f8:fa:bb:1a:51:01:c6:c5:96:
                    7c:3c:20:cd:eb:7d:16:3e:73:ea:9d:d9:38:5f:c5:
                    52:de:3d:71:46:3d:bd:45:35:99:2e:65:a0:09:c9:
                    0f:32:c3:52:e4:bc:7e:27:d7:1f:7d:43:07:a7:6e:
                    e8:2c:c0:66:f6:46:a8:48:46:9b:d6:e6:54:81:15:
                    42:81:3f:87:b7:4d:c7:bc:27:56:e8:44:9a:cf:f8:
                    a2:46:8f:15:f5:82:d4:c0:14:8e:f8:c4:2c:29:24:
                    f8:b1:64:57:a4:74:c7:ac:31:62:10:85:d6:da:02:
                    9c:e7:98:97:0a:fc:46:f6:4a:e0:04:bd:48:5b:ef:
                    80:69:e7:39:72:8b:a0:14:bb:c0:2b:a5:91:a9:e7:
                    c7:7a:e2:98:e0:1b:dd:6a:10:4d:0e:46:55:f4:3b:
                    42:37:58:36:86:a8:65:da:8d:6e:99:1e:8b:ce:05:
                    e2:bd:62:36:bd:78:44:10:15:61:08:12:0a:3a:4e:
                    9e:60:39:6b:8d:a0:7b:a4:42:47:cf:1d:97:08:0b:
                    f0:9d:80:76:57:44:d3:ff:aa:52:5d:ec:75:14:30:
                    a5:e7:31:8d:bc:29:f2:0b:6e:18:51:5c:0b:dc:b4:
                    bf:d0:72:45:d6:54:29:22:2e:fd:f6:90:18:b0:c0:
                    dc:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:BD:2D:33:8A:36:CE:B1:31:A9:1E:94:10:B9:90:30:16:69:CF:90
            X509v3 Authority Key Identifier:
                keyid:23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/xr0tM4o2zrExqR6UELmQMBZpz5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.26.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:9f:f0:6f:30:15:a0:0f:15:57:f6:43:42:b4:54:c7:47:23:
         6e:06:b0:f1:e9:52:3e:77:6c:7a:5a:e9:db:16:3a:56:e0:c0:
         98:01:d5:7f:5b:fa:a7:53:6b:8d:b9:82:fe:ea:47:7c:d7:09:
         bd:8d:65:ca:b8:fb:a6:88:98:db:e5:09:d2:ff:b7:67:96:5a:
         f8:a7:28:c2:a6:9a:a7:c7:3f:64:4e:ac:42:54:71:3d:29:ff:
         06:65:01:2f:89:98:08:db:67:18:a9:58:57:73:20:cc:fa:aa:
         0c:e2:e7:df:f3:12:a6:0f:d7:a4:6a:1a:8b:b5:36:a7:41:76:
         99:92:b2:2a:76:c6:ca:ff:9b:ab:21:bb:e4:a0:60:65:a2:d3:
         97:9d:b9:fe:ea:0b:39:10:17:2d:02:84:2c:d4:8a:01:dc:51:
         f4:e6:6f:ab:1b:2e:38:ad:95:60:08:4a:af:18:60:c8:80:3d:
         9a:8b:08:ae:3a:c2:14:15:bb:9f:35:b2:71:28:23:73:3d:26:
         f9:ee:02:7f:a2:95:a3:72:67:97:32:b0:49:cc:03:98:7c:e5:
         6c:8d:2c:0a:63:f5:06:21:a6:70:dd:af:6c:ac:98:25:ed:95:
         4b:06:32:66:42:d0:fd:5b:62:c4:ae:80:ba:50:bf:70:80:10:
         3d:41:99:5a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEOu8mTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzAzNDBkMjdlNGIyNGY5MTI0OTc3MzIyZWRiMzY5NDJlMmQxNjBjMB4XDTIyMDEw
MTA4NTI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZiZDJkMzM4YTM2
Y2ViMTMxYTkxZTk0MTBiOTkwMzAxNjY5Y2Y5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPtgZPm+Pq7GlEBxsWWfDwgzet9Fj5z6p3ZOF/FUt49cUY9
vUU1mS5loAnJDzLDUuS8fifXH31DB6du6CzAZvZGqEhGm9bmVIEVQoE/h7dNx7wn
VuhEms/4okaPFfWC1MAUjvjELCkk+LFkV6R0x6wxYhCF1toCnOeYlwr8RvZK4AS9
SFvvgGnnOXKLoBS7wCulkannx3rimOAb3WoQTQ5GVfQ7QjdYNoaoZdqNbpkei84F
4r1iNr14RBAVYQgSCjpOnmA5a42ge6RCR88dlwgL8J2AdldE0/+qUl3sdRQwpecx
jbwp8gtuGFFcC9y0v9ByRdZUKSIu/faQGLDA3PUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTGvS0zijbOsTGpHpQQuZAwFmnPkDAfBgNVHSMEGDAWgBQjA0DSfksk+RJJ
dzIu2zaULi0WDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l3TkEwbjVMSlBrU1NYY3lMdHMybEM0dEZndy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvN2JkZjUyLTZhYzUtNGMyNC1iZmQwLWI1NzA5MDdiNTllYi8x
L3hyMHRNNG8yenJFeHFSNlVFTG1RTUJacHo1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
N2JkZjUyLTZhYzUtNGMyNC1iZmQwLWI1NzA5MDdiNTllYi8xL0l3TkEwbjVMSlBr
U1NYY3lMdHMybEM0dEZndy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFEaHzANBgkqhkiG9w0BAQsFAAOC
AQEAN5/wbzAVoA8VV/ZDQrRUx0cjbgaw8elSPndselrp2xY6VuDAmAHVf1v6p1Nr
jbmC/upHfNcJvY1lyrj7poiY2+UJ0v+3Z5Za+Kcowqaap8c/ZE6sQlRxPSn/BmUB
L4mYCNtnGKlYV3MgzPqqDOLn3/MSpg/XpGoai7U2p0F2mZKyKnbGyv+bqyG75KBg
ZaLTl525/uoLORAXLQKELNSKAdxR9OZvqxsuOK2VYAhKrxhgyIA9mosIrjrCFBW7
nzWycSgjcz0m+e4Cf6KVo3JnlzKwScwDmHzlbI0sCmP1BiGmcN2vbKyYJe2VSwYy
ZkLQ/VtixK6AulC/cIAQPUGZWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:17 2024 by rpki-client on console-fra.rpki-client.org