Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/Iuvuo5-2hjgOSlGjBG6xIkjOe9w.roa
File:                     Iuvuo5-2hjgOSlGjBG6xIkjOe9w.roa (raw, json)
Hash identifier:          Fvdgqr9D0GIl36MVAdFhUV5YYF1U7tQpQlqhFKVo4qo=
Subject key identifier:   22:EB:EE:A3:9F:B6:86:38:0E:4A:51:A3:04:6E:B1:22:48:CE:7B:DC
Certificate issuer:       /CN=24b660a611980c68273139e32affb74b454a9d32
Certificate serial:       01835C219D303522FA81C6DDEE1835B2B66C
Authority key identifier: 24:B6:60:A6:11:98:0C:68:27:31:39:E3:2A:FF:B7:4B:45:4A:9D:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JLZgphGYDGgnMTnjKv-3S0VKnTI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/Iuvuo5-2hjgOSlGjBG6xIkjOe9w.roa
Signing time:             Tue 20 Sep 2022 18:20:50 +0000
ROA not before:           Tue 20 Sep 2022 18:20:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59979
IP address blocks:        195.43.138.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:5c:21:9d:30:35:22:fa:81:c6:dd:ee:18:35:b2:b6:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24b660a611980c68273139e32affb74b454a9d32
        Validity
            Not Before: Sep 20 18:20:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22ebeea39fb686380e4a51a3046eb12248ce7bdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:b5:c2:85:5e:8d:e9:b9:69:d2:87:0d:3d:85:
                    16:a2:e5:a0:8a:7e:43:bf:f3:60:e5:ad:40:5b:6d:
                    df:a0:e8:5b:49:5a:00:31:9f:72:b3:29:cf:e5:90:
                    42:02:6c:79:d3:65:92:b4:d3:66:b7:81:0c:ba:40:
                    bf:d9:c4:df:e7:b3:9f:6e:c4:d2:24:bd:b0:0d:5d:
                    b8:9e:66:a1:6a:1c:a7:7e:de:c4:f2:6f:2b:b9:6c:
                    42:55:a1:3d:f3:7b:74:4d:cf:92:0f:b5:7c:54:01:
                    9c:8a:8d:c9:c3:9a:19:6d:9e:eb:35:b4:8b:3d:d8:
                    ba:47:79:3e:1e:01:6f:af:6a:a4:86:2c:e7:0b:fd:
                    3a:3e:77:eb:9e:5d:44:56:7a:6a:6b:01:07:20:10:
                    27:33:c5:71:5f:41:46:7f:57:38:fb:0f:ca:79:c6:
                    82:18:e3:7e:db:1c:04:55:6b:e9:c4:23:1c:80:ec:
                    6e:2b:61:e7:20:a4:f5:0b:ce:a5:64:ba:f2:c2:84:
                    22:86:ab:fa:97:16:43:6b:e5:73:12:15:c4:67:e9:
                    cd:27:a4:4c:47:b2:9f:4b:20:4a:a5:a2:7a:ff:3c:
                    5a:ab:04:5f:2f:bb:4a:bd:fc:5a:43:92:56:c5:8c:
                    74:89:43:97:04:27:a0:f6:07:4e:24:97:d6:fe:d7:
                    39:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:EB:EE:A3:9F:B6:86:38:0E:4A:51:A3:04:6E:B1:22:48:CE:7B:DC
            X509v3 Authority Key Identifier:
                keyid:24:B6:60:A6:11:98:0C:68:27:31:39:E3:2A:FF:B7:4B:45:4A:9D:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLZgphGYDGgnMTnjKv-3S0VKnTI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/Iuvuo5-2hjgOSlGjBG6xIkjOe9w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/JLZgphGYDGgnMTnjKv-3S0VKnTI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.43.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:2c:36:15:4c:56:92:4a:2e:1c:8f:6a:b0:34:82:78:53:e1:
         4c:06:27:a0:0f:6a:d9:99:c4:2c:5d:68:4c:cc:4f:24:e2:b9:
         9b:d6:5f:f4:5c:05:9a:bc:07:ca:f7:98:f9:51:92:e6:67:dd:
         80:86:47:48:1b:9c:26:e0:02:d6:a6:29:18:c4:61:d7:b5:58:
         c3:c5:5a:36:4f:f5:48:9f:74:d6:8a:72:50:df:bd:be:20:ed:
         2d:1c:75:14:ee:b6:8e:31:8e:72:d5:82:e9:35:ad:e5:e9:31:
         a1:54:d1:42:c9:2b:bb:3b:b4:a3:97:cb:57:51:8c:ab:92:ca:
         87:88:e4:28:fc:4e:fc:95:9a:94:86:de:ae:f3:64:31:63:92:
         3f:73:1d:78:d5:dd:f0:7d:ad:3f:b0:80:9a:4d:aa:2e:88:11:
         66:a2:39:63:c4:e7:fc:2c:69:bb:f1:ac:91:15:29:82:aa:09:
         36:c8:d9:d6:28:9b:7b:e1:b4:6a:bd:a4:36:d1:c4:7c:2a:b6:
         63:d8:82:35:c3:13:9e:41:3b:24:29:f5:32:92:82:09:2b:7b:
         e1:33:e1:68:1b:e4:1b:10:74:fe:ea:6a:a4:f6:e6:76:10:e6:
         44:1d:1b:b2:84:dc:b8:47:e0:4a:45:16:9a:02:d7:b1:77:bb:
         96:6e:9b:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNcIZ0wNSL6gcbd7hg1srZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YjY2MGE2MTE5ODBjNjgyNzMxMzllMzJhZmZiNzRiNDU0
YTlkMzIwHhcNMjIwOTIwMTgyMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmViZWVhMzlmYjY4NjM4MGU0YTUxYTMwNDZlYjEyMjQ4Y2U3YmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7XChV6N6blp0ocNPYUWouWgin5D
v/Ng5a1AW23foOhbSVoAMZ9ysynP5ZBCAmx502WStNNmt4EMukC/2cTf57OfbsTS
JL2wDV24nmahahynft7E8m8ruWxCVaE983t0Tc+SD7V8VAGcio3Jw5oZbZ7rNbSL
Pdi6R3k+HgFvr2qkhiznC/06Pnfrnl1EVnpqawEHIBAnM8VxX0FGf1c4+w/KecaC
GON+2xwEVWvpxCMcgOxuK2HnIKT1C86lZLrywoQihqv6lxZDa+VzEhXEZ+nNJ6RM
R7KfSyBKpaJ6/zxaqwRfL7tKvfxaQ5JWxYx0iUOXBCeg9gdOJJfW/tc5pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLr7qOftoY4DkpRowRusSJIznvcMB8GA1UdIwQY
MBaAFCS2YKYRmAxoJzE54yr/t0tFSp0yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxaZ3BoR1lER2duTVRuakt2LTNTMFZLblRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNmQ0YjUtNzZiYi00MzI0LTlhODYt
NzA1MTk3NTA3YTU5LzEvSXV2dW81LTJoamdPU2xHakJHNnhJa2pPZTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNmQ0YjUtNzZiYi00MzI0LTlhODYtNzA1MTk3NTA3YTU5
LzEvSkxaZ3BoR1lER2duTVRuakt2LTNTMFZLblRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyuKMA0G
CSqGSIb3DQEBCwUAA4IBAQArLDYVTFaSSi4cj2qwNIJ4U+FMBiegD2rZmcQsXWhM
zE8k4rmb1l/0XAWavAfK95j5UZLmZ92AhkdIG5wm4ALWpikYxGHXtVjDxVo2T/VI
n3TWinJQ372+IO0tHHUU7raOMY5y1YLpNa3l6TGhVNFCySu7O7Sjl8tXUYyrksqH
iOQo/E78lZqUht6u82QxY5I/cx141d3wfa0/sICaTaouiBFmojljxOf8LGm78ayR
FSmCqgk2yNnWKJt74bRqvaQ20cR8KrZj2II1wxOeQTskKfUykoIJK3vhM+FoG+Qb
EHT+6mqk9uZ2EOZEHRuyhNy4R+BKRRaaAtexd7uWbptB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:27 2024 by rpki-client on console-fra.rpki-client.org