Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/1-mce3iwh6peI2iFVxrAeG96HZ2M.roa
File:                     1-mce3iwh6peI2iFVxrAeG96HZ2M.roa (raw, json)
Hash identifier:          OXUIEiL1GHHIh6uruCBKTIYNIHgBH4zDLCZta+iaRl0=
Subject key identifier:   FA:67:1E:DE:2C:21:EA:97:88:DA:21:55:C6:B0:1E:1B:DE:87:67:63
Certificate issuer:       /CN=bf1d5974b4e599ca72dcc4dac066d7714202efc9
Certificate serial:       0911BA39
Authority key identifier: BF:1D:59:74:B4:E5:99:CA:72:DC:C4:DA:C0:66:D7:71:42:02:EF:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1ZdLTlmcpy3MTawGbXcUIC78k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/1-mce3iwh6peI2iFVxrAeG96HZ2M.roa
Signing time:             Sat 01 Jan 2022 15:02:35 +0000
ROA not before:           Sat 01 Jan 2022 15:02:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12843
IP address blocks:        194.180.204.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152156729 (0x911ba39)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5974b4e599ca72dcc4dac066d7714202efc9
        Validity
            Not Before: Jan  1 15:02:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa671ede2c21ea9788da2155c6b01e1bde876763
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:12:8b:04:d6:08:69:fc:78:af:26:cc:89:f3:
                    fd:41:b8:12:a2:f1:db:7d:9d:62:9e:18:3e:b4:43:
                    83:9e:80:c5:a6:ef:e7:63:a1:2a:6d:03:7f:00:98:
                    9d:11:6e:27:9c:25:48:a7:70:aa:9e:01:ec:84:85:
                    a2:d1:44:3c:51:6b:05:5f:62:42:25:6f:7f:4b:34:
                    0b:9c:0c:e5:d9:58:23:5c:d6:9e:aa:80:0f:8b:7b:
                    6f:cb:08:95:cd:69:32:d3:d5:67:9b:39:e0:a8:1f:
                    fd:f9:b5:36:8f:6c:64:82:e8:a0:c9:04:9c:02:ad:
                    e2:a9:92:cf:33:32:01:42:73:4d:9d:2e:fd:92:4e:
                    47:49:36:8e:ab:c6:29:e8:84:98:94:87:4a:d9:b8:
                    e8:bd:ee:9f:12:58:e7:c4:d4:b3:62:83:5f:74:14:
                    2a:a6:f5:ab:21:f9:50:38:28:d4:0d:15:86:62:e6:
                    f0:ff:c8:5b:8b:b9:e6:07:f2:0d:84:8b:a5:d9:72:
                    6e:c4:b4:77:8b:20:28:fb:c9:6c:ff:c9:03:9e:a8:
                    e3:e7:9b:97:bd:62:93:21:fa:91:c3:f9:7e:3b:14:
                    1d:b8:67:76:40:02:1b:b1:40:2e:4e:a7:56:b6:cb:
                    6b:9b:25:da:ce:29:5c:06:4c:6e:ec:c3:c6:16:e5:
                    e3:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:67:1E:DE:2C:21:EA:97:88:DA:21:55:C6:B0:1E:1B:DE:87:67:63
            X509v3 Authority Key Identifier:
                keyid:BF:1D:59:74:B4:E5:99:CA:72:DC:C4:DA:C0:66:D7:71:42:02:EF:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1ZdLTlmcpy3MTawGbXcUIC78k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/1-mce3iwh6peI2iFVxrAeG96HZ2M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/vx1ZdLTlmcpy3MTawGbXcUIC78k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.180.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:08:df:89:45:fe:3c:1b:92:77:95:5a:47:01:66:05:3b:94:
         40:87:ff:8a:bc:c2:4f:ae:f4:2b:43:35:e7:83:4a:b2:f5:75:
         f1:bb:ba:91:14:ce:4e:5e:bc:f5:dd:cd:02:3c:39:d1:b0:65:
         04:77:1a:d9:dc:5b:70:d5:80:49:09:62:f0:4c:20:30:4f:69:
         c8:8c:64:e9:ab:f3:0a:dd:38:7e:b0:d6:99:0c:79:bf:36:f9:
         6b:2b:f9:da:cf:e6:b4:b0:73:bf:d5:a3:b6:c1:62:f4:59:57:
         f3:0e:2f:44:2f:17:36:c2:f7:5f:44:7e:97:43:56:e4:93:25:
         fd:38:91:2b:5b:24:4d:e0:b1:ab:39:b1:7c:e9:0d:22:0b:7f:
         ed:40:42:45:3d:31:b4:37:e9:48:1d:b7:2b:99:0d:49:db:1a:
         44:5a:0d:ff:c4:24:99:63:cc:24:bc:ec:82:44:60:90:b1:ce:
         60:88:cb:2d:f4:88:6c:78:d7:46:1f:1f:7f:58:39:04:9a:ab:
         c8:91:17:e2:50:6f:e5:d8:d7:02:f8:ea:35:f9:e7:13:d6:c4:
         4d:18:46:ae:64:29:89:48:26:b3:11:5f:84:00:4d:51:1e:46:
         50:2f:af:28:52:4b:d1:43:f8:10:7e:ab:85:bd:2f:e3:80:42:
         9c:f4:4a:c6
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECRG6OTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZjFkNTk3NGI0ZTU5OWNhNzJkY2M0ZGFjMDY2ZDc3MTQyMDJlZmM5MB4XDTIyMDEw
MTE1MDIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE2NzFlZGUyYzIx
ZWE5Nzg4ZGEyMTU1YzZiMDFlMWJkZTg3Njc2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcSiwTWCGn8eK8mzInz/UG4EqLx232dYp4YPrRDg56Axabv
52OhKm0DfwCYnRFuJ5wlSKdwqp4B7ISFotFEPFFrBV9iQiVvf0s0C5wM5dlYI1zW
nqqAD4t7b8sIlc1pMtPVZ5s54Kgf/fm1No9sZILooMkEnAKt4qmSzzMyAUJzTZ0u
/ZJOR0k2jqvGKeiEmJSHStm46L3unxJY58TUs2KDX3QUKqb1qyH5UDgo1A0VhmLm
8P/IW4u55gfyDYSLpdlybsS0d4sgKPvJbP/JA56o4+ebl71ikyH6kcP5fjsUHbhn
dkACG7FALk6nVrbLa5sl2s4pXAZMbuzDxhbl48UCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6Zx7eLCHql4jaIVXGsB4b3odnYzAfBgNVHSMEGDAWgBS/HVl0tOWZynLc
xNrAZtdxQgLvyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Z4MVpkTFRsbWNweTNNVGF3R2JYY1VJQzc4ay5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvOTRhMDYyLTg1MTAtNDRkNS05ZTRiLWMzMmE5YTA4NWFlMC8x
LzEtbWNlM2l3aDZwZUkyaUZWeHJBZUc5NkhaMk0ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Ni
Lzk0YTA2Mi04NTEwLTQ0ZDUtOWU0Yi1jMzJhOWEwODVhZTAvMS92eDFaZExUbG1j
cHkzTVRhd0diWGNVSUM3OGsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCtMwwDQYJKoZIhvcNAQELBQAD
ggEBAE0I34lF/jwbkneVWkcBZgU7lECH/4q8wk+u9CtDNeeDSrL1dfG7upEUzk5e
vPXdzQI8OdGwZQR3GtncW3DVgEkJYvBMIDBPaciMZOmr8wrdOH6w1pkMeb82+Wsr
+drP5rSwc7/Vo7bBYvRZV/MOL0QvFzbC919EfpdDVuSTJf04kStbJE3gsas5sXzp
DSILf+1AQkU9MbQ36UgdtyuZDUnbGkRaDf/EJJljzCS87IJEYJCxzmCIyy30iGx4
10YfH39YOQSaq8iRF+JQb+XY1wL46jX55xPWxE0YRq5kKYlIJrMRX4QATVEeRlAv
ryhSS9FD+BB+q4W9L+OAQpz0SsY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:02 2024 by rpki-client on console-fra.rpki-client.org