Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/_6sgCLlUTP0UHBUlZIi0qLB8Lzk.roa
File:                     _6sgCLlUTP0UHBUlZIi0qLB8Lzk.roa (raw, json)
Hash identifier:          LBpQNVyYtSjn6sxFmX8WWrr+WVcAjFMv5IIGBiUJQ1k=
Subject key identifier:   FF:AB:20:08:B9:54:4C:FD:14:1C:15:25:64:88:B4:A8:B0:7C:2F:39
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17DA295A
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/_6sgCLlUTP0UHBUlZIi0qLB8Lzk.roa
Signing time:             Sat 01 Jan 2022 04:54:35 +0000
ROA not before:           Sat 01 Jan 2022 04:54:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200325
IP address blocks:        194.156.156.0/24 maxlen: 24
                          185.190.83.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 400173402 (0x17da295a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ffab2008b9544cfd141c15256488b4a8b07c2f39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:ec:da:8c:e1:eb:c0:42:ec:7d:53:fd:6e:a4:
                    f1:5f:5a:52:93:90:2e:33:1a:7e:f7:ae:f6:1f:64:
                    56:9d:a1:b8:d5:c7:04:b9:2e:e6:2b:3c:28:07:2a:
                    15:f9:b5:5f:d7:b3:52:ea:97:5e:f0:a1:98:a0:07:
                    7a:5e:34:83:c4:18:fb:4d:ff:eb:2f:f5:f1:8f:2c:
                    21:6e:67:1e:b4:a1:59:66:67:0e:af:6b:64:53:18:
                    a7:3a:3c:30:40:87:6a:f8:95:45:07:7a:b0:23:34:
                    ef:c4:11:53:50:94:62:44:21:a3:b2:c3:6a:04:1d:
                    fb:b0:4e:49:c8:1f:f5:ee:90:00:20:e0:1e:9b:22:
                    8f:6d:c4:65:06:44:94:6d:98:b0:de:2a:4f:f3:d9:
                    60:f7:be:66:dd:bb:c4:20:56:5b:b1:df:d2:d5:83:
                    5a:59:68:b8:96:94:66:32:42:7d:67:ec:04:f6:49:
                    14:5d:35:35:00:8e:d2:5d:44:74:69:2a:ea:ea:8f:
                    5e:f8:06:68:3a:e2:3d:ea:b9:25:0e:bb:17:31:23:
                    2e:e6:32:20:80:22:d4:0c:72:b7:48:42:74:b7:72:
                    07:fa:3e:ec:aa:b4:0a:ec:61:7f:30:fc:bf:4a:c9:
                    db:51:24:d4:8b:b1:da:5c:20:ee:74:7e:fe:65:f0:
                    b4:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:AB:20:08:B9:54:4C:FD:14:1C:15:25:64:88:B4:A8:B0:7C:2F:39
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/_6sgCLlUTP0UHBUlZIi0qLB8Lzk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.190.83.0/24
                  194.156.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:47:f9:7a:aa:32:9e:f4:82:be:70:de:39:9d:86:ad:69:ae:
         0a:92:fc:b9:a5:25:6e:e0:51:c0:31:cf:2e:7d:e8:0b:bc:84:
         8b:6e:06:d7:1b:ca:d2:fc:b0:12:e1:c8:fe:46:24:32:2c:4f:
         de:ae:76:2d:74:1d:46:d4:95:63:0b:ae:ee:46:e8:14:54:a8:
         4d:4b:3a:26:87:b7:03:3c:18:2c:c9:5b:79:10:a9:93:55:32:
         61:56:68:00:ff:26:0b:96:7d:3d:83:67:84:2d:02:07:9a:6b:
         d1:c5:5c:68:65:4d:07:df:5c:3d:80:53:78:39:23:51:ce:f2:
         ab:23:16:e7:4b:20:1e:de:bf:75:3b:6d:c2:d5:89:1d:ef:1e:
         76:93:b6:be:be:2b:fa:70:b9:56:70:c8:b0:2e:6e:f0:e2:a4:
         24:6a:ca:6f:6f:b6:7c:e6:ea:fb:85:ec:c9:2c:8c:59:d4:b3:
         b4:c5:9f:55:bd:24:e0:6b:64:ad:dc:38:d8:ae:a3:6d:6c:ad:
         be:a2:3e:97:c3:8a:40:e2:9a:62:0e:8b:ab:aa:e7:ef:c7:b2:
         03:d8:01:90:f7:69:d6:e0:d0:fd:0f:ab:08:bb:47:55:78:65:
         20:49:fd:78:77:31:eb:31:d2:60:a3:c6:a2:ee:44:65:2e:2b:
         9b:1f:3f:5a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF9opWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZhYjIwMDhiOTU0
NGNmZDE0MWMxNTI1NjQ4OGI0YThiMDdjMmYzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPDs2ozh68BC7H1T/W6k8V9aUpOQLjMafveu9h9kVp2huNXH
BLku5is8KAcqFfm1X9ezUuqXXvChmKAHel40g8QY+03/6y/18Y8sIW5nHrShWWZn
Dq9rZFMYpzo8MECHaviVRQd6sCM078QRU1CUYkQho7LDagQd+7BOScgf9e6QACDg
Hpsij23EZQZElG2YsN4qT/PZYPe+Zt27xCBWW7Hf0tWDWllouJaUZjJCfWfsBPZJ
FF01NQCO0l1EdGkq6uqPXvgGaDriPeq5JQ67FzEjLuYyIIAi1Axyt0hCdLdyB/o+
7Kq0CuxhfzD8v0rJ21Ek1Iux2lwg7nR+/mXwtKECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT/qyAIuVRM/RQcFSVkiLSosHwvOTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L182c2dDTGxVVFAwVUhCVWxaSWkwcUxCOEx6ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALm+UwMEAMKcnDANBgkqhkiG9w0B
AQsFAAOCAQEAXkf5eqoynvSCvnDeOZ2GrWmuCpL8uaUlbuBRwDHPLn3oC7yEi24G
1xvK0vywEuHI/kYkMixP3q52LXQdRtSVYwuu7kboFFSoTUs6Joe3AzwYLMlbeRCp
k1UyYVZoAP8mC5Z9PYNnhC0CB5pr0cVcaGVNB99cPYBTeDkjUc7yqyMW50sgHt6/
dTttwtWJHe8edpO2vr4r+nC5VnDIsC5u8OKkJGrKb2+2fObq+4XsySyMWdSztMWf
Vb0k4Gtkrdw42K6jbWytvqI+l8OKQOKaYg6Lq6rn78eyA9gBkPdp1uDQ/Q+rCLtH
VXhlIEn9eHcx6zHSYKPGou5EZS4rmx8/Wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org