Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/k_euCWWjG3hb3UYdo2-V-v06kt0.roa
File:                     k_euCWWjG3hb3UYdo2-V-v06kt0.roa (raw, json)
Hash identifier:          1G3OeUo6mVUW270IAQclIGbnRRm+L3FB19IWPS/9wK4=
Subject key identifier:   93:F7:AE:09:65:A3:1B:78:5B:DD:46:1D:A3:6F:95:FA:FD:3A:92:DD
Certificate issuer:       /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial:       042B3BE5
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/k_euCWWjG3hb3UYdo2-V-v06kt0.roa
Signing time:             Fri 29 Apr 2022 13:16:16 +0000
ROA not before:           Fri 29 Apr 2022 13:16:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207967
IP address blocks:        89.185.84.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69942245 (0x42b3be5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
        Validity
            Not Before: Apr 29 13:16:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=93f7ae0965a31b785bdd461da36f95fafd3a92dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:3c:0a:a0:30:1b:3e:54:03:93:fc:ef:89:91:
                    85:1c:00:98:94:95:e5:82:6c:6e:60:05:a4:64:e0:
                    e9:88:7e:aa:05:fd:01:d0:53:8e:01:da:5a:2e:43:
                    0c:a4:9b:eb:a0:d0:bd:ae:11:7f:ac:9d:cf:5c:ad:
                    b7:97:4e:3c:b0:b4:17:d2:10:6c:61:a9:9d:f1:be:
                    3c:82:5c:3a:76:cb:d6:f3:cf:f6:76:37:da:83:78:
                    10:49:d1:fd:79:e0:d5:5b:94:37:ff:6e:22:d5:78:
                    4d:4a:4f:ef:e4:38:53:94:4f:9f:70:15:bb:ef:00:
                    57:74:71:32:cf:af:33:46:f1:d9:e9:27:a7:c7:9c:
                    e4:5b:d5:af:62:8f:00:01:24:f7:a0:a0:bb:93:1b:
                    ad:02:0c:af:58:7c:4d:8e:60:71:59:20:22:dd:97:
                    9d:24:e4:55:56:db:82:21:3d:09:d9:fb:77:9c:1c:
                    4f:aa:2b:73:eb:d8:31:d2:89:d5:41:6a:c6:e3:e7:
                    fc:de:8f:7a:a7:61:01:f1:5b:8b:7c:85:96:a0:58:
                    58:ae:e6:19:66:b4:80:5b:ef:cc:7c:68:48:5d:d0:
                    e5:b0:c3:9e:d3:ba:64:60:71:6e:05:8e:87:a3:16:
                    cf:c6:14:b1:d4:c4:30:46:a0:07:89:17:6d:35:4c:
                    6f:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:F7:AE:09:65:A3:1B:78:5B:DD:46:1D:A3:6F:95:FA:FD:3A:92:DD
            X509v3 Authority Key Identifier:
                keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/k_euCWWjG3hb3UYdo2-V-v06kt0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.185.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:bf:6b:13:51:1c:c3:d9:fa:77:d7:84:c0:a6:3b:a3:fc:d1:
         b3:8e:8d:40:33:b9:7e:17:ff:3c:7a:93:76:39:3c:93:0f:69:
         4c:e3:7d:53:68:21:c3:cb:a4:0f:d5:1d:cd:3f:d9:57:39:9e:
         4f:19:a2:18:ee:bf:05:ee:3c:40:19:3b:9c:4b:9e:7f:48:6a:
         dd:0c:74:ff:84:77:5b:fd:6a:20:10:9f:8c:c1:17:64:85:9b:
         7b:6e:79:cb:fd:5a:4d:8c:34:52:e0:78:28:d6:86:f4:86:9c:
         91:81:10:b7:e5:c8:79:dc:ee:1c:20:ae:2c:c4:d4:5b:7b:89:
         d9:93:c4:56:01:df:3d:77:a3:1a:69:c1:b0:c3:fa:e4:ab:28:
         d5:c4:5c:08:0d:e5:ce:45:8d:63:2e:0c:51:be:1f:d1:64:fe:
         f8:0b:96:a9:72:4a:d7:a2:d6:e2:b5:fc:04:1b:7b:2d:3a:18:
         b1:cd:5e:ee:36:db:23:d9:33:36:67:e4:19:e0:1f:0e:26:cd:
         3b:76:b2:d2:20:90:98:2c:1e:ee:3d:2c:97:1e:58:58:7f:f7:
         92:c3:a6:05:87:b3:65:5d:e9:f8:9d:3e:03:00:4d:c6:96:d4:
         25:c9:0d:f9:b1:81:17:dd:8f:56:54:60:6e:75:a7:e9:fa:4b:
         60:8e:4b:72
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCs75TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjU3YzJkOWQ5M2FjN2NmOWIyZjE3Y2FhNzg1OWI2OTg1YjM5YjlkMB4XDTIyMDQy
OTEzMTYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTNmN2FlMDk2NWEz
MWI3ODViZGQ0NjFkYTM2Zjk1ZmFmZDNhOTJkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPM8CqAwGz5UA5P874mRhRwAmJSV5YJsbmAFpGTg6Yh+qgX9
AdBTjgHaWi5DDKSb66DQva4Rf6ydz1ytt5dOPLC0F9IQbGGpnfG+PIJcOnbL1vPP
9nY32oN4EEnR/Xng1VuUN/9uItV4TUpP7+Q4U5RPn3AVu+8AV3RxMs+vM0bx2ekn
p8ec5FvVr2KPAAEk96Cgu5MbrQIMr1h8TY5gcVkgIt2XnSTkVVbbgiE9Cdn7d5wc
T6orc+vYMdKJ1UFqxuPn/N6PeqdhAfFbi3yFlqBYWK7mGWa0gFvvzHxoSF3Q5bDD
ntO6ZGBxbgWOh6MWz8YUsdTEMEagB4kXbTVMb9cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBST964JZaMbeFvdRh2jb5X6/TqS3TAfBgNVHSMEGDAWgBTvV8LZ2TrHz5sv
F8qnhZtphbObnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzcxZkMyZGs2eDgtYkx4ZktwNFdiYVlXem01MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8x
L2tfZXVDV1dqRzNoYjNVWWRvMi1WLXYwNmt0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8xLzcxZkMyZGs2eDgt
Ykx4ZktwNFdiYVlXem01MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFm5VDANBgkqhkiG9w0BAQsFAAOC
AQEAmL9rE1Ecw9n6d9eEwKY7o/zRs46NQDO5fhf/PHqTdjk8kw9pTON9U2ghw8uk
D9UdzT/ZVzmeTxmiGO6/Be48QBk7nEuef0hq3Qx0/4R3W/1qIBCfjMEXZIWbe255
y/1aTYw0UuB4KNaG9IackYEQt+XIedzuHCCuLMTUW3uJ2ZPEVgHfPXejGmnBsMP6
5Kso1cRcCA3lzkWNYy4MUb4f0WT++AuWqXJK16LW4rX8BBt7LToYsc1e7jbbI9kz
NmfkGeAfDibNO3ay0iCQmCwe7j0slx5YWH/3ksOmBYezZV3p+J0+AwBNxpbUJckN
+bGBF92PVlRgbnWn6fpLYI5Lcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org