Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/64e1ef-9ba8-4307-bfad-6587f76fd810/1/VK1thEjdEY5C0VdoV1MtkTR5E1w.roa
File:                     VK1thEjdEY5C0VdoV1MtkTR5E1w.roa (raw, json)
Hash identifier:          hmbwxWaYRNuK5wTvhWCiEJAvlhOFFFN7EVcuma+d26o=
Subject key identifier:   54:AD:6D:84:48:DD:11:8E:42:D1:57:68:57:53:2D:91:34:79:13:5C
Certificate issuer:       /CN=fe1d18d9a222736dbac231110b88deac8db0336d
Certificate serial:       0839F6D6
Authority key identifier: FE:1D:18:D9:A2:22:73:6D:BA:C2:31:11:0B:88:DE:AC:8D:B0:33:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_h0Y2aIic226wjERC4jerI2wM20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/64e1ef-9ba8-4307-bfad-6587f76fd810/1/VK1thEjdEY5C0VdoV1MtkTR5E1w.roa
Signing time:             Sat 01 Jan 2022 03:56:52 +0000
ROA not before:           Sat 01 Jan 2022 03:56:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9186
IP address blocks:        213.58.0.0/16 maxlen: 24
                          195.245.128.0/18 maxlen: 24
                          2001:a40::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 138016470 (0x839f6d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1d18d9a222736dbac231110b88deac8db0336d
        Validity
            Not Before: Jan  1 03:56:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54ad6d8448dd118e42d1576857532d913479135c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:02:c1:87:b5:26:e1:84:38:31:2d:da:9c:06:
                    97:82:aa:a3:61:df:d3:12:8d:02:74:b2:c5:c3:09:
                    99:ac:0a:e0:07:1f:24:0f:32:47:3a:2d:f3:e7:bb:
                    81:5d:81:b3:a1:e2:a4:fd:84:ed:ca:8e:b2:b1:36:
                    1f:31:b5:96:27:96:57:94:93:34:30:32:fc:0e:ca:
                    c5:8e:8e:32:d6:ad:0a:d1:8b:98:28:a6:dd:34:80:
                    74:89:c3:c7:4d:5a:03:7e:8c:74:b6:1e:00:50:5d:
                    19:b2:bc:ad:53:8d:5e:41:f0:ed:d8:12:18:35:f6:
                    f9:ad:18:50:b0:0e:d6:96:4a:38:71:b3:43:54:a2:
                    35:2a:37:04:0f:91:1c:84:85:09:7d:4e:b8:b1:0c:
                    72:62:ad:0f:6b:8b:4b:6d:5b:83:12:90:a2:6c:35:
                    91:85:50:f0:65:d9:7a:a2:23:33:fa:88:ca:53:f4:
                    30:74:b5:a2:cd:02:35:12:4d:ad:1b:69:1e:8b:93:
                    40:0f:f8:e8:f1:cf:a6:16:d2:2b:f1:d6:87:4d:77:
                    d1:46:d6:8f:78:56:42:a4:6c:e7:30:d0:37:50:36:
                    cd:5f:f7:3d:45:41:a3:82:5c:70:8a:1e:62:dd:06:
                    12:ff:2a:6e:2b:2c:a7:28:6a:4e:12:e9:2f:f9:bd:
                    c6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:AD:6D:84:48:DD:11:8E:42:D1:57:68:57:53:2D:91:34:79:13:5C
            X509v3 Authority Key Identifier:
                keyid:FE:1D:18:D9:A2:22:73:6D:BA:C2:31:11:0B:88:DE:AC:8D:B0:33:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_h0Y2aIic226wjERC4jerI2wM20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/64e1ef-9ba8-4307-bfad-6587f76fd810/1/VK1thEjdEY5C0VdoV1MtkTR5E1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/64e1ef-9ba8-4307-bfad-6587f76fd810/1/_h0Y2aIic226wjERC4jerI2wM20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.245.128.0/18
                  213.58.0.0/16
                IPv6:
                  2001:a40::/29

    Signature Algorithm: sha256WithRSAEncryption
         9b:45:d3:c6:13:31:b8:e3:87:0a:cf:4c:e4:b5:90:d9:c8:b3:
         e8:25:cd:bd:b3:90:1d:8a:06:06:57:73:79:e1:0c:ca:2a:e8:
         b2:c2:15:db:b5:38:cc:28:5d:27:d9:27:f1:17:90:a0:0c:44:
         ac:cb:3b:8c:09:40:67:a8:6a:ec:23:d7:2d:00:41:b6:db:83:
         c8:8c:cf:84:ea:df:46:54:f7:74:93:d7:8a:95:0f:f4:14:59:
         cf:bb:00:07:06:cd:ac:27:4c:e6:76:0b:53:bd:23:95:3a:a2:
         7d:56:20:0a:59:a7:8d:b2:53:73:9b:1e:c8:ce:0d:3c:e7:84:
         45:86:70:47:e6:4a:e7:34:c9:71:ae:ec:f6:cd:d5:c2:59:73:
         09:fb:01:ed:85:04:8b:a5:71:d9:8c:70:c6:fc:53:c2:4a:b8:
         2b:c0:d7:da:e0:63:b8:6a:74:79:2a:d0:3d:4f:d4:63:4a:83:
         4a:ad:b2:9f:05:7c:b9:0d:0c:36:34:db:b3:d8:e1:b2:76:bf:
         86:4b:f8:5c:4a:67:8b:0a:e4:32:b6:c2:65:af:80:f8:f3:c5:
         ca:fa:d3:3d:03:78:d6:b8:a8:e2:3a:9f:7f:02:ae:8e:4a:ad:
         7d:01:bb:3a:89:b6:96:0a:ff:16:27:45:9d:59:cd:9a:c6:3f:
         b4:98:ab:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECDn21jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTFkMThkOWEyMjI3MzZkYmFjMjMxMTEwYjg4ZGVhYzhkYjAzMzZkMB4XDTIyMDEw
MTAzNTY1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRhZDZkODQ0OGRk
MTE4ZTQyZDE1NzY4NTc1MzJkOTEzNDc5MTM1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYCwYe1JuGEODEt2pwGl4Kqo2Hf0xKNAnSyxcMJmawK4Acf
JA8yRzot8+e7gV2Bs6HipP2E7cqOsrE2HzG1lieWV5STNDAy/A7KxY6OMtatCtGL
mCim3TSAdInDx01aA36MdLYeAFBdGbK8rVONXkHw7dgSGDX2+a0YULAO1pZKOHGz
Q1SiNSo3BA+RHISFCX1OuLEMcmKtD2uLS21bgxKQomw1kYVQ8GXZeqIjM/qIylP0
MHS1os0CNRJNrRtpHouTQA/46PHPphbSK/HWh0130UbWj3hWQqRs5zDQN1A2zV/3
PUVBo4JccIoeYt0GEv8qbisspyhqThLpL/m9xgcCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRUrW2ESN0RjkLRV2hXUy2RNHkTXDAfBgNVHSMEGDAWgBT+HRjZoiJzbbrC
MRELiN6sjbAzbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19oMFkyYUlpYzIyNndqRVJDNGplckkyd00yMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNjRlMWVmLTliYTgtNDMwNy1iZmFkLTY1ODdmNzZmZDgxMC8x
L1ZLMXRoRWpkRVk1QzBWZG9WMU10a1RSNUUxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NjRlMWVmLTliYTgtNDMwNy1iZmFkLTY1ODdmNzZmZDgxMC8xL19oMFkyYUlpYzIy
NndqRVJDNGplckkyd00yMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMEBsP1gAMDANU6MA0EAgACMAcDBQMg
AQpAMA0GCSqGSIb3DQEBCwUAA4IBAQCbRdPGEzG444cKz0zktZDZyLPoJc29s5Ad
igYGV3N54QzKKuiywhXbtTjMKF0n2SfxF5CgDESsyzuMCUBnqGrsI9ctAEG224PI
jM+E6t9GVPd0k9eKlQ/0FFnPuwAHBs2sJ0zmdgtTvSOVOqJ9ViAKWaeNslNzmx7I
zg0854RFhnBH5krnNMlxruz2zdXCWXMJ+wHthQSLpXHZjHDG/FPCSrgrwNfa4GO4
anR5KtA9T9RjSoNKrbKfBXy5DQw2NNuz2OGydr+GS/hcSmeLCuQytsJlr4D488XK
+tM9A3jWuKjiOp9/Aq6OSq19Abs6ibaWCv8WJ0WdWc2axj+0mKuo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:34 2024 by rpki-client on console-ams.rpki-client.org