Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N6v8IfChtjqs_QWC68CoX9mPTFw.roa
File:                     N6v8IfChtjqs_QWC68CoX9mPTFw.roa (raw, json)
Hash identifier:          CRSOd0YB6X1xJsjfiiajzgYIOw0CZYGm9whyBqsq2nk=
Subject key identifier:   37:AB:FC:21:F0:A1:B6:3A:AC:FD:05:82:EB:C0:A8:5F:D9:8F:4C:5C
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0D7FE999
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N6v8IfChtjqs_QWC68CoX9mPTFw.roa
Signing time:             Wed 09 Mar 2022 16:21:37 +0000
ROA not before:           Wed 09 Mar 2022 16:21:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210558
IP address blocks:        193.26.115.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 226486681 (0xd7fe999)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Mar  9 16:21:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=37abfc21f0a1b63aacfd0582ebc0a85fd98f4c5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5d:27:e6:d6:2b:cc:8d:98:cc:4a:3c:67:eb:
                    54:8b:ce:a4:70:09:0a:66:9e:35:55:3c:3b:2f:f5:
                    83:9c:c3:3e:aa:d7:cf:0c:ad:e2:79:9a:ba:75:4a:
                    8b:ff:bb:c8:5b:9b:90:67:57:65:fe:d7:f9:1c:59:
                    56:66:8e:a8:cf:c2:3f:a0:f8:96:a6:34:71:35:74:
                    d8:f8:ea:e1:ec:26:c6:9b:8f:06:16:3e:2e:9b:c7:
                    cc:28:4a:27:21:a3:07:6b:10:be:36:bd:f1:39:46:
                    43:84:4a:24:29:37:cd:a4:65:ad:fe:a3:cb:76:f2:
                    25:13:1e:a5:01:24:18:26:e3:23:97:c6:b9:51:80:
                    55:6f:43:46:c1:8a:86:7a:37:da:de:aa:3e:ee:f0:
                    92:be:bf:f8:c0:4f:42:be:02:bf:1c:91:b6:f1:86:
                    72:30:f3:61:7f:83:ad:25:23:9a:1e:bd:aa:82:6c:
                    62:18:5c:6e:85:a9:44:db:73:1f:c4:b4:f2:7f:39:
                    87:de:05:3f:be:9c:b9:7c:32:e4:02:11:98:26:a6:
                    2d:f1:d3:5c:ca:28:8d:ab:77:80:c9:c5:23:b4:f2:
                    a3:9e:33:d5:06:d9:54:24:05:af:57:a1:47:6f:fd:
                    d6:40:d5:b9:7f:59:2a:55:68:c0:c6:61:5b:63:a9:
                    f8:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:AB:FC:21:F0:A1:B6:3A:AC:FD:05:82:EB:C0:A8:5F:D9:8F:4C:5C
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N6v8IfChtjqs_QWC68CoX9mPTFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.26.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:ee:36:d6:cf:4c:72:05:09:4f:d4:87:97:2f:d9:71:5d:35:
         da:a2:d0:e6:80:c3:3a:16:b6:03:59:d9:f2:3e:7c:af:ce:57:
         38:76:88:50:46:f3:9e:7d:8f:93:d8:9d:fb:3c:5d:bd:65:2c:
         9a:4f:22:fd:6d:87:c4:80:2a:4e:b4:36:dd:f5:f3:da:62:a0:
         f4:60:99:27:11:50:e5:79:c1:c2:ea:e9:44:c6:3c:6c:34:f2:
         56:2f:05:55:06:48:fe:35:c2:a3:9a:43:06:4f:a7:9b:a7:e4:
         fd:a3:59:9e:01:7a:90:00:39:d1:c9:20:fb:f0:2a:1c:8a:73:
         f3:c7:c6:f8:22:19:6d:82:47:fb:99:13:0f:24:01:96:31:95:
         1d:8c:cf:82:fe:26:c8:29:61:37:f7:3c:65:f7:3b:28:c4:48:
         f0:a6:4a:38:46:f3:e0:26:4d:ea:4f:42:39:2a:9f:96:cf:80:
         1f:ab:65:08:02:a2:50:d2:ed:72:f9:52:15:bb:04:bb:57:86:
         5b:2f:f1:58:3a:23:e2:6d:fc:f9:5e:f2:79:fd:a3:40:5d:18:
         3f:ea:79:57:c0:64:d6:09:13:d3:33:02:17:f6:07:a1:da:b7:
         17:a5:f6:b8:56:43:9a:89:42:c5:48:a6:78:e9:e4:fb:fc:60:
         e3:e5:42:4c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDX/pmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDMw
OTE2MjEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdhYmZjMjFmMGEx
YjYzYWFjZmQwNTgyZWJjMGE4NWZkOThmNGM1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJdJ+bWK8yNmMxKPGfrVIvOpHAJCmaeNVU8Oy/1g5zDPqrX
zwyt4nmaunVKi/+7yFubkGdXZf7X+RxZVmaOqM/CP6D4lqY0cTV02Pjq4ewmxpuP
BhY+LpvHzChKJyGjB2sQvja98TlGQ4RKJCk3zaRlrf6jy3byJRMepQEkGCbjI5fG
uVGAVW9DRsGKhno32t6qPu7wkr6/+MBPQr4CvxyRtvGGcjDzYX+DrSUjmh69qoJs
YhhcboWpRNtzH8S08n85h94FP76cuXwy5AIRmCamLfHTXMoojat3gMnFI7Tyo54z
1QbZVCQFr1ehR2/91kDVuX9ZKlVowMZhW2Op+M0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ3q/wh8KG2Oqz9BYLrwKhf2Y9MXDAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L042djhJZkNodGpxc19RV0M2OENvWDltUFRGdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEaczANBgkqhkiG9w0BAQsFAAOC
AQEAJe421s9McgUJT9SHly/ZcV012qLQ5oDDOha2A1nZ8j58r85XOHaIUEbznn2P
k9id+zxdvWUsmk8i/W2HxIAqTrQ23fXz2mKg9GCZJxFQ5XnBwurpRMY8bDTyVi8F
VQZI/jXCo5pDBk+nm6fk/aNZngF6kAA50ckg+/AqHIpz88fG+CIZbYJH+5kTDyQB
ljGVHYzPgv4myClhN/c8Zfc7KMRI8KZKOEbz4CZN6k9COSqfls+AH6tlCAKiUNLt
cvlSFbsEu1eGWy/xWDoj4m38+V7yef2jQF0YP+p5V8Bk1gkT0zMCF/YHodq3F6X2
uFZDmolCxUimeOnk+/xg4+VCTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org