Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8FvZzL6JzGLJnuQSKmuz77OiKG8.roa
File:                     8FvZzL6JzGLJnuQSKmuz77OiKG8.roa (raw, json)
Hash identifier:          pfAvGUI7B0xYOxl35CzBXEvTTp9ZW06ca1IkB7jENRs=
Subject key identifier:   F0:5B:D9:CC:BE:89:CC:62:C9:9E:E4:12:2A:6B:B3:EF:B3:A2:28:6F
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0CB1C136
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8FvZzL6JzGLJnuQSKmuz77OiKG8.roa
Signing time:             Sat 01 Jan 2022 05:04:55 +0000
ROA not before:           Sat 01 Jan 2022 05:04:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33801
IP address blocks:        178.239.206.0/23 maxlen: 24
                          178.239.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 212975926 (0xcb1c136)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  1 05:04:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f05bd9ccbe89cc62c99ee4122a6bb3efb3a2286f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:81:9f:db:5e:75:78:ae:58:88:90:ad:9b:f8:
                    75:32:3e:f7:c1:ae:f7:11:83:06:cc:42:83:fe:c0:
                    8d:76:4c:37:9f:8f:4a:11:56:63:c3:09:fe:84:f9:
                    67:83:71:e8:ac:46:09:bb:86:54:96:af:9a:e5:df:
                    aa:78:dc:bf:86:a4:93:17:4b:dd:fd:f4:44:4f:9c:
                    80:74:e1:00:5f:44:65:e4:55:d6:f3:74:d4:10:bb:
                    c0:9e:f5:5c:71:a6:75:f1:15:4c:a1:32:f0:6f:04:
                    9f:93:27:fc:f7:15:4f:7e:a7:a8:c2:61:5a:ba:11:
                    8f:98:23:c0:52:e5:33:ff:47:7b:68:62:b7:a9:de:
                    13:7d:68:59:7a:3e:b4:96:7f:ce:ed:da:87:51:a1:
                    c8:6b:04:3b:a5:9d:3f:ac:8a:70:06:7e:e5:0e:6e:
                    83:ec:49:83:c7:7b:3b:cf:11:21:a1:6c:30:a3:d4:
                    ee:e0:71:19:c4:7b:4d:5f:ca:18:37:8e:94:97:38:
                    5b:44:74:5c:e2:fb:99:ae:b6:26:f2:8a:84:99:52:
                    62:f8:d6:ed:48:a2:fc:ce:77:0f:a7:bc:0b:46:61:
                    19:55:20:17:5b:e8:0c:dd:90:be:e7:9c:6f:1d:cb:
                    62:ee:02:12:7a:21:bb:11:8d:2f:6c:e1:b7:90:57:
                    a5:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:5B:D9:CC:BE:89:CC:62:C9:9E:E4:12:2A:6B:B3:EF:B3:A2:28:6F
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8FvZzL6JzGLJnuQSKmuz77OiKG8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.239.196.0/24
                  178.239.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         25:9c:9b:d8:e3:c5:dd:7f:50:49:00:0a:b2:86:b4:7c:47:c3:
         36:43:fe:e3:45:9c:e5:4a:73:1c:7a:5a:0c:7f:ce:a7:5f:f7:
         84:38:35:79:ec:8b:39:8e:1d:e5:b5:4e:12:31:fe:d1:69:aa:
         58:c3:6a:b1:92:75:f5:ef:d5:ed:24:4a:34:e5:e8:7e:66:f7:
         41:d4:04:1b:6f:50:53:b3:75:17:c4:d7:f9:d0:2e:11:eb:04:
         82:46:50:98:62:7f:89:0a:ca:bb:64:22:fb:31:cf:ab:50:60:
         24:55:a7:50:c5:2f:f3:e4:c4:b8:20:64:67:65:fb:6f:8c:8a:
         c6:40:44:2c:2f:db:f1:32:a1:52:8c:4c:2e:cd:ec:f7:68:84:
         46:fe:6f:77:50:8e:6c:12:e2:02:ea:b2:23:d2:6a:55:6d:cc:
         84:21:de:49:31:77:15:48:de:97:27:a4:30:cc:c2:06:05:0d:
         19:3a:9e:84:4c:0f:08:77:a0:59:85:cd:f4:1a:04:a3:1d:dc:
         f9:dd:8e:bd:bf:a0:94:78:03:28:1d:1f:ff:5a:5b:ad:96:db:
         2f:a1:93:11:c0:18:bf:44:1c:10:cc:f3:0e:f4:ea:49:5e:65:
         00:19:8d:6d:2d:a3:24:19:bd:e3:01:e4:1a:6e:d4:b6:57:fd:
         34:c5:1c:0b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDLHBNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA1YmQ5Y2NiZTg5
Y2M2MmM5OWVlNDEyMmE2YmIzZWZiM2EyMjg2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmBn9tedXiuWIiQrZv4dTI+98Gu9xGDBsxCg/7AjXZMN5+P
ShFWY8MJ/oT5Z4Nx6KxGCbuGVJavmuXfqnjcv4akkxdL3f30RE+cgHThAF9EZeRV
1vN01BC7wJ71XHGmdfEVTKEy8G8En5Mn/PcVT36nqMJhWroRj5gjwFLlM/9He2hi
t6neE31oWXo+tJZ/zu3ah1GhyGsEO6WdP6yKcAZ+5Q5ug+xJg8d7O88RIaFsMKPU
7uBxGcR7TV/KGDeOlJc4W0R0XOL7ma62JvKKhJlSYvjW7Uii/M53D6e8C0ZhGVUg
F1voDN2Qvuecbx3LYu4CEnohuxGNL2zht5BXpcECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTwW9nMvonMYsme5BIqa7Pvs6IobzAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
LzhGdlp6TDZKekdMSm51UVNLbXV6NzdPaUtHOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALLvxAMEAbLvzjANBgkqhkiG9w0B
AQsFAAOCAQEAJZyb2OPF3X9QSQAKsoa0fEfDNkP+40Wc5UpzHHpaDH/Op1/3hDg1
eeyLOY4d5bVOEjH+0WmqWMNqsZJ19e/V7SRKNOXofmb3QdQEG29QU7N1F8TX+dAu
EesEgkZQmGJ/iQrKu2Qi+zHPq1BgJFWnUMUv8+TEuCBkZ2X7b4yKxkBELC/b8TKh
UoxMLs3s92iERv5vd1CObBLiAuqyI9JqVW3MhCHeSTF3FUjelyekMMzCBgUNGTqe
hEwPCHegWYXN9BoEox3c+d2Ovb+glHgDKB0f/1pbrZbbL6GTEcAYv0QcEMzzDvTq
SV5lABmNbS2jJBm94wHkGm7Utlf9NMUcCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org