Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/r6iTIfKd-mSQTnhAiKKrQSvyfdk.roa
File:                     r6iTIfKd-mSQTnhAiKKrQSvyfdk.roa (raw, json)
Hash identifier:          /l5CzIYOJQiarokJp9DgYGp1IuvSiEzioqcSHzdjLU4=
Subject key identifier:   AF:A8:93:21:F2:9D:FA:64:90:4E:78:40:88:A2:AB:41:2B:F2:7D:D9
Certificate issuer:       /CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Certificate serial:       01C65B44
Authority key identifier: B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/r6iTIfKd-mSQTnhAiKKrQSvyfdk.roa
Signing time:             Thu 19 May 2022 12:36:29 +0000
ROA not before:           Thu 19 May 2022 12:36:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        194.26.215.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29776708 (0x1c65b44)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
        Validity
            Not Before: May 19 12:36:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=afa89321f29dfa64904e784088a2ab412bf27dd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:34:6c:3e:57:89:26:a3:be:b9:11:7c:ef:a3:
                    90:28:e4:59:f2:0e:5d:b8:e9:16:6d:f1:17:fb:56:
                    06:f6:60:df:0e:ce:d4:d8:73:3c:e3:31:8a:b2:c2:
                    1f:94:37:c3:ef:a3:dc:47:69:ed:42:7e:33:b9:39:
                    f5:eb:87:f7:64:1c:46:2b:f0:03:fd:89:19:55:25:
                    3e:92:b6:ab:68:dd:2d:5f:7f:34:c3:f5:68:44:af:
                    6e:f6:12:69:96:9e:1d:b7:bf:da:5a:25:6e:70:d7:
                    17:90:fa:5e:69:29:40:fe:a2:d1:43:68:13:0b:e9:
                    bc:ca:a9:3a:87:f9:58:e5:81:d1:c7:66:8f:05:f1:
                    dd:8a:b5:0e:94:dd:6d:ef:8b:77:dd:49:6f:b7:58:
                    9e:26:12:ea:69:e4:75:5f:41:74:1d:25:79:a4:21:
                    0e:30:8d:76:58:92:4e:a9:1d:4a:d2:eb:27:eb:14:
                    06:0a:09:6e:b0:91:a3:b0:1c:b2:89:14:6c:fa:5e:
                    19:7e:2d:a7:c0:c9:29:d0:30:1f:79:1f:e5:64:f3:
                    ee:ef:6f:7a:b2:34:db:e2:21:30:a0:c8:18:94:5e:
                    54:8b:58:c4:88:71:60:28:be:db:63:c8:8f:10:7b:
                    18:de:40:5a:11:36:da:39:21:59:da:aa:8d:fb:1f:
                    e9:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:A8:93:21:F2:9D:FA:64:90:4E:78:40:88:A2:AB:41:2B:F2:7D:D9
            X509v3 Authority Key Identifier:
                keyid:B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/r6iTIfKd-mSQTnhAiKKrQSvyfdk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/s-_qOnL68N9DIs2quaE2153oo-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:00:71:27:38:2d:59:b0:99:e7:6e:ba:79:5f:9f:17:25:7e:
         b5:0b:d6:03:f2:89:1a:9c:5f:76:ab:c6:e3:ce:23:f9:e8:e5:
         50:d4:9e:15:02:29:49:e6:be:ee:21:10:31:93:0e:b9:ef:1e:
         db:bb:7a:12:fd:41:aa:c1:1a:ff:3d:8c:77:39:03:b7:a0:63:
         bd:0b:6b:a8:2f:60:89:75:77:aa:d2:70:6d:bb:14:f5:ed:bb:
         c3:1f:7a:39:15:94:be:a6:8f:21:be:fe:93:e3:5e:a6:ea:02:
         2a:47:19:8e:09:7f:57:01:18:35:25:63:05:19:8b:fd:6b:fe:
         d2:c0:a6:ba:0f:9d:2f:11:ac:94:e7:80:57:61:4b:2c:0e:38:
         91:d8:44:49:42:f0:7f:d8:21:f9:02:04:d9:de:62:79:99:ee:
         83:2a:72:64:4a:8b:39:7a:b4:01:c5:2b:4b:48:a3:1e:e5:c6:
         75:c5:78:f2:f3:01:b2:b5:32:51:08:5f:e7:db:ed:f6:57:de:
         6e:ab:70:10:21:ea:fa:a3:54:13:c8:0a:b7:cc:00:c6:9e:c5:
         4f:bb:c8:11:a7:ad:08:56:20:31:6d:11:de:eb:81:b5:b1:88:
         07:fe:2d:0c:91:1c:a4:c2:8b:9b:b0:e2:8d:92:83:2f:88:dd:
         8c:74:4f:2f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAcZbRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2VmZWEzYTcyZmFmMGRmNDMyMmNkYWFiOWExMzZkNzlkZThhM2VmMB4XDTIyMDUx
OTEyMzYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZhODkzMjFmMjlk
ZmE2NDkwNGU3ODQwODhhMmFiNDEyYmYyN2RkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL00bD5XiSajvrkRfO+jkCjkWfIOXbjpFm3xF/tWBvZg3w7O
1NhzPOMxirLCH5Q3w++j3Edp7UJ+M7k59euH92QcRivwA/2JGVUlPpK2q2jdLV9/
NMP1aESvbvYSaZaeHbe/2lolbnDXF5D6XmkpQP6i0UNoEwvpvMqpOof5WOWB0cdm
jwXx3Yq1DpTdbe+Ld91Jb7dYniYS6mnkdV9BdB0leaQhDjCNdliSTqkdStLrJ+sU
BgoJbrCRo7AcsokUbPpeGX4tp8DJKdAwH3kf5WTz7u9verI02+IhMKDIGJReVItY
xIhxYCi+22PIjxB7GN5AWhE22jkhWdqqjfsf6UsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvqJMh8p36ZJBOeECIoqtBK/J92TAfBgNVHSMEGDAWgBSz7+o6cvrw30Mi
zaq5oTbXneij7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3MtX3FPbkw2OE45RElzMnF1YUUyMTUzb28tOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvY2Q5NGYyLTNiMTktNDgyNi1hMGViLWJmZTIyMTU1M2YwNy8x
L3I2aVRJZktkLW1TUVRuaEFpS0tyUVN2eWZkay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
Y2Q5NGYyLTNiMTktNDgyNi1hMGViLWJmZTIyMTU1M2YwNy8xL3MtX3FPbkw2OE45
RElzMnF1YUUyMTUzb28tOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIa1zANBgkqhkiG9w0BAQsFAAOC
AQEAVgBxJzgtWbCZ5266eV+fFyV+tQvWA/KJGpxfdqvG484j+ejlUNSeFQIpSea+
7iEQMZMOue8e27t6Ev1BqsEa/z2MdzkDt6BjvQtrqC9giXV3qtJwbbsU9e27wx96
ORWUvqaPIb7+k+NepuoCKkcZjgl/VwEYNSVjBRmL/Wv+0sCmug+dLxGslOeAV2FL
LA44kdhESULwf9gh+QIE2d5ieZnugypyZEqLOXq0AcUrS0ijHuXGdcV48vMBsrUy
UQhf59vt9lfebqtwECHq+qNUE8gKt8wAxp7FT7vIEaetCFYgMW0R3uuBtbGIB/4t
DJEcpMKLm7DijZKDL4jdjHRPLw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:08 2023 by rpki-client on console-ams.rpki-client.org