Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7db7a8-827f-4cf0-abc9-b8c46f95640e/1/k-xFyGKh5CvrligewvEHHzsgORY.roa
File:                     k-xFyGKh5CvrligewvEHHzsgORY.roa (raw, json)
Hash identifier:          pYoVUkQ5v6mHSMAkBLo+JPHtO1SOE5syaBR08AM+zUY=
Subject key identifier:   93:EC:45:C8:62:A1:E4:2B:EB:96:28:1E:C2:F1:07:1F:3B:20:39:16
Certificate issuer:       /CN=1089a0251e32bf3c480f5a94abb5fb4eb906a5b3
Certificate serial:       0564C157
Authority key identifier: 10:89:A0:25:1E:32:BF:3C:48:0F:5A:94:AB:B5:FB:4E:B9:06:A5:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EImgJR4yvzxID1qUq7X7TrkGpbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/7db7a8-827f-4cf0-abc9-b8c46f95640e/1/k-xFyGKh5CvrligewvEHHzsgORY.roa
Signing time:             Sat 01 Jan 2022 12:01:48 +0000
ROA not before:           Sat 01 Jan 2022 12:01:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203412
IP address blocks:        194.55.162.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90489175 (0x564c157)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1089a0251e32bf3c480f5a94abb5fb4eb906a5b3
        Validity
            Not Before: Jan  1 12:01:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=93ec45c862a1e42beb96281ec2f1071f3b203916
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:6f:c0:5f:85:71:7b:29:c9:2d:c1:34:20:aa:
                    c6:93:80:c2:be:a8:e6:6c:7d:58:e2:11:66:b4:46:
                    3e:cf:1a:a9:d6:64:3e:75:a6:9e:80:3d:69:30:76:
                    0c:12:61:c8:af:23:7a:fb:b6:13:87:9b:92:49:a2:
                    1e:3b:e5:6e:8b:aa:31:82:fb:24:a9:83:07:c7:e1:
                    b9:37:85:98:cb:72:36:b2:68:d8:ba:ed:e8:cb:2b:
                    12:d2:91:01:e4:cc:ec:14:be:34:36:87:85:5e:68:
                    6b:d7:f5:5d:92:9c:c0:35:6b:be:d0:59:c3:83:79:
                    8a:28:f3:f9:20:84:49:2b:35:57:e6:58:88:07:67:
                    0f:8f:35:14:d1:34:f3:5f:78:16:d2:16:a4:6d:2a:
                    e7:64:40:8c:c1:48:9a:6c:e1:f2:c0:5b:ed:ca:9d:
                    23:8f:df:d1:29:a6:7c:ab:a4:ad:45:62:87:f4:61:
                    bc:86:70:93:49:29:ad:02:98:e2:45:02:d7:03:a5:
                    fa:04:43:13:ad:32:d8:50:16:d3:37:df:31:36:97:
                    99:cd:d1:8c:d9:b2:fc:76:90:73:32:0a:14:c0:b6:
                    db:5a:3f:b7:80:2a:bf:45:d4:9e:e1:a6:14:52:b7:
                    ac:f4:1b:85:ba:1f:c2:7c:9a:04:b8:1b:c4:c3:5d:
                    10:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:EC:45:C8:62:A1:E4:2B:EB:96:28:1E:C2:F1:07:1F:3B:20:39:16
            X509v3 Authority Key Identifier:
                keyid:10:89:A0:25:1E:32:BF:3C:48:0F:5A:94:AB:B5:FB:4E:B9:06:A5:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EImgJR4yvzxID1qUq7X7TrkGpbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7db7a8-827f-4cf0-abc9-b8c46f95640e/1/k-xFyGKh5CvrligewvEHHzsgORY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7db7a8-827f-4cf0-abc9-b8c46f95640e/1/EImgJR4yvzxID1qUq7X7TrkGpbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.55.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:c7:6f:ed:d6:97:56:3e:23:60:7f:3e:60:96:6a:76:3f:df:
         8d:6f:74:cc:9b:5a:5d:06:37:e7:73:08:49:00:aa:6c:8f:2d:
         64:42:e2:58:1e:6b:78:bd:8d:4e:c9:ba:4b:1b:fc:13:18:10:
         26:84:f6:3a:cb:a6:d8:ff:82:58:46:9d:d9:56:fc:25:d9:99:
         1b:5f:69:21:a1:d0:ab:1b:c4:bb:a1:26:ec:de:a5:34:34:c9:
         8f:b0:c2:0b:9a:42:bb:ce:fd:c5:fd:32:08:b2:57:47:ec:ab:
         32:ea:68:32:d4:a5:83:6b:0b:5d:b3:2b:89:3f:37:2f:e1:69:
         88:0c:44:0e:3f:ec:51:2a:d6:da:a4:fe:de:f4:26:6b:6d:c9:
         6b:8e:8b:2c:a3:38:e7:dd:81:52:f6:0d:fb:b0:a9:37:f1:ae:
         34:af:3a:43:48:82:b5:96:b9:8a:0d:13:4a:42:9c:06:e5:b8:
         da:f6:14:96:da:a6:c7:50:5f:9c:2f:37:93:68:1d:a7:a7:51:
         70:cf:01:50:98:95:89:0e:a4:12:c9:62:4d:a3:53:a0:5c:b5:
         8c:e7:4a:18:b4:24:d1:09:d4:12:f1:b5:d3:d8:1d:dc:fb:9c:
         e4:d6:8f:fd:5d:fc:9b:b9:38:58:a9:d8:42:74:7e:60:79:37:
         61:fd:bf:91
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWTBVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDg5YTAyNTFlMzJiZjNjNDgwZjVhOTRhYmI1ZmI0ZWI5MDZhNWIzMB4XDTIyMDEw
MTEyMDE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTNlYzQ1Yzg2MmEx
ZTQyYmViOTYyODFlYzJmMTA3MWYzYjIwMzkxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhvwF+FcXspyS3BNCCqxpOAwr6o5mx9WOIRZrRGPs8aqdZk
PnWmnoA9aTB2DBJhyK8jevu2E4ebkkmiHjvlbouqMYL7JKmDB8fhuTeFmMtyNrJo
2Lrt6MsrEtKRAeTM7BS+NDaHhV5oa9f1XZKcwDVrvtBZw4N5iijz+SCESSs1V+ZY
iAdnD481FNE08194FtIWpG0q52RAjMFImmzh8sBb7cqdI4/f0SmmfKukrUVih/Rh
vIZwk0kprQKY4kUC1wOl+gRDE60y2FAW0zffMTaXmc3RjNmy/HaQczIKFMC221o/
t4Aqv0XUnuGmFFK3rPQbhbofwnyaBLgbxMNdEKkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBST7EXIYqHkK+uWKB7C8QcfOyA5FjAfBgNVHSMEGDAWgBQQiaAlHjK/PEgP
WpSrtftOuQalszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VJbWdKUjR5dnp4SUQxcVVxN1g3VHJrR3BiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvN2RiN2E4LTgyN2YtNGNmMC1hYmM5LWI4YzQ2Zjk1NjQwZS8x
L2steEZ5R0toNUN2cmxpZ2V3dkVISHpzZ09SWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
N2RiN2E4LTgyN2YtNGNmMC1hYmM5LWI4YzQ2Zjk1NjQwZS8xL0VJbWdKUjR5dnp4
SUQxcVVxN1g3VHJrR3BiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMI3ojANBgkqhkiG9w0BAQsFAAOC
AQEAicdv7daXVj4jYH8+YJZqdj/fjW90zJtaXQY353MISQCqbI8tZELiWB5reL2N
Tsm6Sxv8ExgQJoT2Osum2P+CWEad2Vb8JdmZG19pIaHQqxvEu6Em7N6lNDTJj7DC
C5pCu879xf0yCLJXR+yrMupoMtSlg2sLXbMriT83L+FpiAxEDj/sUSrW2qT+3vQm
a23Ja46LLKM4592BUvYN+7CpN/GuNK86Q0iCtZa5ig0TSkKcBuW42vYUltqmx1Bf
nC83k2gdp6dRcM8BUJiViQ6kEsliTaNToFy1jOdKGLQk0QnUEvG109gd3Puc5NaP
/V38m7k4WKnYQnR+YHk3Yf2/kQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:50 2024 by rpki-client on console-ams.rpki-client.org