Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/1heXFl0SgYOVNXnAbYByDOO9FYU.roa
File:                     1heXFl0SgYOVNXnAbYByDOO9FYU.roa (raw, json)
Hash identifier:          hj3XYGrY2M0u1L6ToDNAvln/eXcK2k7GW4j1lC9T+VE=
Subject key identifier:   D6:17:97:16:5D:12:81:83:95:35:79:C0:6D:80:72:0C:E3:BD:15:85
Certificate issuer:       /CN=b146010283a8202eeaa3fef32534e3e97e04079e
Certificate serial:       0182107448ECE26CC49CB25BA932F6742542
Authority key identifier: B1:46:01:02:83:A8:20:2E:EA:A3:FE:F3:25:34:E3:E9:7E:04:07:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sUYBAoOoIC7qo_7zJTTj6X4EB54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/1heXFl0SgYOVNXnAbYByDOO9FYU.roa
Signing time:             Mon 18 Jul 2022 08:37:12 +0000
ROA not before:           Mon 18 Jul 2022 08:37:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197107
IP address blocks:        88.151.218.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:10:74:48:ec:e2:6c:c4:9c:b2:5b:a9:32:f6:74:25:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b146010283a8202eeaa3fef32534e3e97e04079e
        Validity
            Not Before: Jul 18 08:37:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d61797165d128183953579c06d80720ce3bd1585
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:20:69:ad:10:c2:b1:e4:e0:e7:ca:60:89:99:
                    e9:ac:1b:d4:00:37:41:53:9a:b5:8c:83:8b:54:34:
                    68:7c:0d:13:b7:51:3d:c2:e2:85:24:3e:c0:a6:9d:
                    ba:f9:f8:74:1c:7b:13:92:81:42:59:e3:23:52:27:
                    7b:4d:b8:53:1e:e6:7a:3a:56:83:7e:1c:d5:7a:c0:
                    82:63:b4:fb:e8:b7:19:06:69:2b:d3:56:93:b6:c2:
                    6b:44:0c:4f:81:59:6c:2e:b0:8c:02:bb:9d:b2:a3:
                    ae:7c:92:b2:83:6a:b9:b9:79:11:69:e1:27:f8:1f:
                    af:5b:bf:e7:6a:52:d3:54:16:03:7f:4f:44:9b:6f:
                    e1:51:7e:aa:71:61:d5:2c:19:ad:89:b9:fc:42:d3:
                    9a:f9:00:64:dd:d9:97:dd:9e:4e:25:24:af:04:7e:
                    9e:98:95:a4:6a:0d:eb:a3:07:77:c5:26:46:80:ba:
                    58:b6:90:2d:90:10:f9:7d:c8:da:5b:4b:c3:25:ac:
                    41:f3:4e:0d:e8:98:e4:ee:f8:77:10:c1:a7:1f:38:
                    69:f1:13:65:39:a5:30:19:93:4d:78:1d:84:70:18:
                    cf:e9:a2:73:60:29:55:d0:13:97:00:43:b3:e2:ae:
                    6f:06:68:a4:d6:b9:6a:ef:84:3a:d0:a1:51:4c:e6:
                    88:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:17:97:16:5D:12:81:83:95:35:79:C0:6D:80:72:0C:E3:BD:15:85
            X509v3 Authority Key Identifier:
                keyid:B1:46:01:02:83:A8:20:2E:EA:A3:FE:F3:25:34:E3:E9:7E:04:07:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUYBAoOoIC7qo_7zJTTj6X4EB54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/1heXFl0SgYOVNXnAbYByDOO9FYU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/sUYBAoOoIC7qo_7zJTTj6X4EB54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.151.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:21:96:78:8d:0f:05:82:4a:30:85:c6:db:9a:16:e2:09:bd:
         60:d7:83:9b:c4:82:b4:63:95:30:09:53:95:c2:8f:4f:07:ef:
         0b:d1:14:69:48:f2:f8:01:f1:e8:c5:67:68:3f:e5:8b:42:ec:
         d4:42:53:e2:13:d5:3a:29:aa:a5:31:ae:71:8d:97:8c:4e:cd:
         e6:2d:03:75:28:3b:82:f9:c5:95:df:10:2a:cb:b4:ea:ac:c7:
         00:e0:99:ee:3b:20:9e:20:48:af:81:82:78:db:d7:1b:b2:6d:
         be:a3:5c:39:f0:37:1c:26:3b:33:7b:c2:93:bf:2b:95:b2:f2:
         8d:ba:55:35:29:11:9e:ee:1d:5a:51:1e:1d:8e:00:03:07:04:
         c9:35:f1:67:74:aa:08:6b:9d:59:5f:4c:70:f6:70:8f:5d:6e:
         27:20:b8:4d:bf:75:a3:0f:15:07:9f:73:79:5f:b9:59:a4:40:
         2a:a9:02:11:4e:72:6a:48:b2:95:9a:38:21:e6:28:33:4f:73:
         62:4d:4a:43:71:30:33:4f:b2:e7:e7:6b:5f:dc:20:b2:11:6a:
         8c:01:34:62:bf:da:66:c0:96:4e:a4:74:19:4c:ee:88:35:b9:
         79:eb:b1:17:cb:d6:a1:4a:e2:eb:b3:04:8f:0a:98:f1:70:66:
         3f:94:73:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIQdEjs4mzEnLJbqTL2dCVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDYwMTAyODNhODIwMmVlYWEzZmVmMzI1MzRlM2U5N2Uw
NDA3OWUwHhcNMjIwNzE4MDgzNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE3OTcxNjVkMTI4MTgzOTUzNTc5YzA2ZDgwNzIwY2UzYmQxNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyBprRDCseTg58pgiZnprBvUADdB
U5q1jIOLVDRofA0Tt1E9wuKFJD7App26+fh0HHsTkoFCWeMjUid7TbhTHuZ6OlaD
fhzVesCCY7T76LcZBmkr01aTtsJrRAxPgVlsLrCMArudsqOufJKyg2q5uXkRaeEn
+B+vW7/nalLTVBYDf09Em2/hUX6qcWHVLBmtibn8QtOa+QBk3dmX3Z5OJSSvBH6e
mJWkag3rowd3xSZGgLpYtpAtkBD5fcjaW0vDJaxB804N6Jjk7vh3EMGnHzhp8RNl
OaUwGZNNeB2EcBjP6aJzYClV0BOXAEOz4q5vBmik1rlq74Q60KFRTOaIMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYXlxZdEoGDlTV5wG2AcgzjvRWFMB8GA1UdIwQY
MBaAFLFGAQKDqCAu6qP+8yU04+l+BAeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VZQkFvT29JQzdxb183ekpUVGo2WDRFQjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iYWMwYjktYzk5Zi00OWJiLTkwNWIt
YzAzMDdiMGY2MmRjLzEvMWhlWEZsMFNnWU9WTlhuQWJZQnlET085RllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iYWMwYjktYzk5Zi00OWJiLTkwNWItYzAzMDdiMGY2MmRj
LzEvc1VZQkFvT29JQzdxb183ekpUVGo2WDRFQjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJfaMA0G
CSqGSIb3DQEBCwUAA4IBAQAaIZZ4jQ8FgkowhcbbmhbiCb1g14ObxIK0Y5UwCVOV
wo9PB+8L0RRpSPL4AfHoxWdoP+WLQuzUQlPiE9U6KaqlMa5xjZeMTs3mLQN1KDuC
+cWV3xAqy7TqrMcA4JnuOyCeIEivgYJ429cbsm2+o1w58DccJjsze8KTvyuVsvKN
ulU1KRGe7h1aUR4djgADBwTJNfFndKoIa51ZX0xw9nCPXW4nILhNv3WjDxUHn3N5
X7lZpEAqqQIRTnJqSLKVmjgh5igzT3NiTUpDcTAzT7Ln52tf3CCyEWqMATRiv9pm
wJZOpHQZTO6INbl567EXy9ahSuLrswSPCpjxcGY/lHMk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org