Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/bf8411-6960-4cef-91f9-13b6a6d71a41/1/XdFB2PmydwEEwYoGhQiv_eWc0Uo.roa
File:                     XdFB2PmydwEEwYoGhQiv_eWc0Uo.roa (raw, json)
Hash identifier:          aT794wo0RyrPH4HB83KtMrQ3StioxUvF+YHo55D3X7w=
Subject key identifier:   5D:D1:41:D8:F9:B2:77:01:04:C1:8A:06:85:08:AF:FD:E5:9C:D1:4A
Certificate issuer:       /CN=a77325e495cb0150203b79f246f4cd4c0fec24ff
Certificate serial:       0E7B
Authority key identifier: A7:73:25:E4:95:CB:01:50:20:3B:79:F2:46:F4:CD:4C:0F:EC:24:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p3Ml5JXLAVAgO3nyRvTNTA_sJP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/bf8411-6960-4cef-91f9-13b6a6d71a41/1/XdFB2PmydwEEwYoGhQiv_eWc0Uo.roa
Signing time:             Thu 12 May 2022 10:11:32 +0000
ROA not before:           Thu 12 May 2022 10:11:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15520
IP address blocks:        194.176.172.0/24 maxlen: 24
                          194.176.168.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3707 (0xe7b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a77325e495cb0150203b79f246f4cd4c0fec24ff
        Validity
            Not Before: May 12 10:11:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5dd141d8f9b2770104c18a068508affde59cd14a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1b:da:de:bd:76:f4:a4:d7:a3:b3:87:03:4c:
                    fb:d4:75:60:2d:3b:41:1b:0e:cc:18:6a:1a:9b:9f:
                    55:bf:95:e9:a0:8b:64:71:a2:cd:5f:80:43:81:aa:
                    dd:1e:b8:30:6f:a5:be:4e:21:2f:02:7c:60:38:9b:
                    df:6f:79:ca:48:4a:8c:f8:6d:f5:e1:ad:03:39:2f:
                    44:d0:53:e1:3f:97:1a:82:5a:e8:3e:02:c7:2c:d0:
                    df:39:62:5a:f6:c3:1e:3d:9e:a6:78:c9:6a:6b:b5:
                    1b:e3:50:68:2b:8c:4e:5d:43:e8:48:b3:22:c4:14:
                    7b:ea:6f:ab:d4:2c:6b:14:88:d9:7f:93:2c:b8:e4:
                    3a:d9:10:ee:66:ec:7e:6f:88:a6:8a:2e:24:1c:8a:
                    2c:cb:e8:b7:68:19:75:68:ab:13:4f:b6:2f:bc:ab:
                    0b:94:3b:67:9a:65:80:e0:42:ee:10:f6:2d:80:7a:
                    c3:a9:6c:e2:a2:17:14:22:48:84:09:29:c1:20:d2:
                    21:d0:f7:17:72:d7:75:ce:a5:c3:2b:14:3e:f6:70:
                    80:32:8c:4f:63:6d:3c:44:e7:da:2d:43:31:00:46:
                    50:fb:01:5c:c2:71:da:f0:dc:26:8a:5e:2e:0f:7f:
                    7e:95:09:6d:a8:be:d9:c8:89:14:0a:7f:02:7e:51:
                    2e:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:D1:41:D8:F9:B2:77:01:04:C1:8A:06:85:08:AF:FD:E5:9C:D1:4A
            X509v3 Authority Key Identifier:
                keyid:A7:73:25:E4:95:CB:01:50:20:3B:79:F2:46:F4:CD:4C:0F:EC:24:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p3Ml5JXLAVAgO3nyRvTNTA_sJP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/bf8411-6960-4cef-91f9-13b6a6d71a41/1/XdFB2PmydwEEwYoGhQiv_eWc0Uo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/bf8411-6960-4cef-91f9-13b6a6d71a41/1/p3Ml5JXLAVAgO3nyRvTNTA_sJP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.176.168.0-194.176.172.255

    Signature Algorithm: sha256WithRSAEncryption
         be:57:ee:3d:8b:04:7b:15:79:61:43:34:af:11:d3:8f:5d:a6:
         ae:a0:d2:42:6a:93:d4:ec:5e:7a:31:c0:30:8b:90:d1:0a:6e:
         02:8f:c3:1f:48:dc:b9:f5:80:a7:47:a2:30:75:08:7c:04:f7:
         07:43:88:20:0f:87:2e:b1:6a:59:2c:ba:6b:02:10:8d:72:5f:
         2d:76:af:92:31:24:b0:f8:fa:6d:32:1a:aa:04:85:5a:1d:3b:
         7d:83:23:7f:04:33:7a:83:f2:b6:4b:c2:04:d9:d3:de:e5:8d:
         b3:42:d2:ce:f9:ea:cc:5e:9e:db:ee:9d:0a:d2:63:fc:d6:d5:
         b6:b9:c0:ac:18:09:ac:e3:c6:19:cb:bc:28:68:8d:4f:1e:b2:
         d4:b5:e6:3b:5c:c1:80:fa:b1:39:c1:81:e9:22:a7:c8:32:f2:
         e2:52:6e:b2:ae:a3:c8:5b:16:d6:a6:db:7b:92:b8:7c:8f:fe:
         08:4b:a1:34:40:78:e9:4b:9f:f5:d5:46:cb:e1:77:e1:8f:f7:
         82:a1:ed:3a:db:46:8f:66:30:24:23:15:fc:56:bc:05:05:bf:
         72:d2:fa:7d:1e:e0:a4:8b:e0:3c:b2:36:db:a2:53:3f:da:99:
         fe:92:9d:f1:4b:e3:c0:97:86:22:57:e6:af:a8:6c:21:e8:24:
         9d:d4:14:ee
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgICDnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoYTc3
MzI1ZTQ5NWNiMDE1MDIwM2I3OWYyNDZmNGNkNGMwZmVjMjRmZjAeFw0yMjA1MTIx
MDExMzJaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVkZDE0MWQ4ZjliMjc3
MDEwNGMxOGEwNjg1MDhhZmZkZTU5Y2QxNGEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbG9revXb0pNejs4cDTPvUdWAtO0EbDswYahqbn1W/lemgi2Rx
os1fgEOBqt0euDBvpb5OIS8CfGA4m99vecpISoz4bfXhrQM5L0TQU+E/lxqCWug+
Ascs0N85Ylr2wx49nqZ4yWprtRvjUGgrjE5dQ+hIsyLEFHvqb6vULGsUiNl/kyy4
5DrZEO5m7H5viKaKLiQciizL6LdoGXVoqxNPti+8qwuUO2eaZYDgQu4Q9i2AesOp
bOKiFxQiSIQJKcEg0iHQ9xdy13XOpcMrFD72cIAyjE9jbTxE59otQzEARlD7AVzC
cdrw3CaKXi4Pf36VCW2ovtnIiRQKfwJ+US49AgMBAAGjggIRMIICDTAdBgNVHQ4E
FgQUXdFB2PmydwEEwYoGhQiv/eWc0UowHwYDVR0jBBgwFoAUp3Ml5JXLAVAgO3ny
RvTNTA/sJP8wDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9w
M01sNUpYTEFWQWdPM255UnZUTlRBX3NKUDguY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2JjL2JmODQxMS02OTYwLTRjZWYtOTFmOS0xM2I2YTZkNzFhNDEvMS9Y
ZEZCMlBteWR3RUV3WW9HaFFpdl9lV2MwVW8ucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjL2Jm
ODQxMS02OTYwLTRjZWYtOTFmOS0xM2I2YTZkNzFhNDEvMS9wM01sNUpYTEFWQWdP
M255UnZUTlRBX3NKUDguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJwYI
KwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEA8KwqAMEAMKwrDANBgkqhkiG9w0B
AQsFAAOCAQEAvlfuPYsEexV5YUM0rxHTj12mrqDSQmqT1OxeejHAMIuQ0QpuAo/D
H0jcufWAp0eiMHUIfAT3B0OIIA+HLrFqWSy6awIQjXJfLXavkjEksPj6bTIaqgSF
Wh07fYMjfwQzeoPytkvCBNnT3uWNs0LSzvnqzF6e2+6dCtJj/NbVtrnArBgJrOPG
Gcu8KGiNTx6y1LXmO1zBgPqxOcGB6SKnyDLy4lJusq6jyFsW1qbbe5K4fI/+CEuh
NEB46Uuf9dVGy+F34Y/3gqHtOttGj2YwJCMV/Fa8BQW/ctL6fR7gpIvgPLI226JT
P9qZ/pKd8UvjwJeGIlfmr6hsIegkndQU7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:16 2024 by rpki-client on console-ams.rpki-client.org