Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/6diROflFPh-jg6JeXDQl5YRwU3g.roa
File:                     6diROflFPh-jg6JeXDQl5YRwU3g.roa (raw, json)
Hash identifier:          w34gI7KONyy0GmqrLXz9g2ymlQ9qTbkWgnknYxqurR0=
Subject key identifier:   E9:D8:91:39:F9:45:3E:1F:A3:83:A2:5E:5C:34:25:E5:84:70:53:78
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       018502754F0DBB42943D72A0733F4922C97A
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/6diROflFPh-jg6JeXDQl5YRwU3g.roa
Signing time:             Sun 11 Dec 2022 18:32:00 +0000
ROA not before:           Sun 11 Dec 2022 18:32:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50810
IP address blocks:        194.26.2.0/23 maxlen: 24
                          128.65.164.0/22 maxlen: 22
                          128.65.172.0/22 maxlen: 22
                          128.65.168.0/22 maxlen: 22
                          194.26.20.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:02:75:4f:0d:bb:42:94:3d:72:a0:73:3f:49:22:c9:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Dec 11 18:32:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e9d89139f9453e1fa383a25e5c3425e584705378
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:0d:ce:f9:c3:c6:2a:81:06:46:7c:f2:92:4c:
                    84:e3:4b:8a:01:fa:d7:2d:a0:9e:42:b5:cd:5f:52:
                    bc:e5:f6:bb:00:fb:e7:ff:7c:d9:f0:04:ec:10:b7:
                    4a:98:d2:59:be:ed:20:7c:c8:19:2c:2b:c7:77:92:
                    2b:d6:7e:24:03:4a:7a:22:df:bc:ca:11:f5:f0:0f:
                    df:37:05:d8:b0:ac:53:24:bb:55:04:9f:7d:04:18:
                    88:29:84:81:11:7f:77:9b:2c:21:3e:28:72:18:05:
                    99:4e:04:e2:67:cf:78:d2:e9:13:38:fd:7d:24:3e:
                    f6:5d:79:22:01:a5:d2:5a:95:e3:16:51:88:b8:9e:
                    8e:5a:df:f1:06:9d:26:57:16:2a:06:63:c2:95:45:
                    92:bd:ec:66:3c:80:62:67:c3:a0:91:d5:c4:3d:37:
                    ef:1a:38:b0:96:94:c8:1a:3a:de:85:18:59:1c:3c:
                    1a:ef:7a:34:9b:d6:fe:ba:81:2e:d8:ac:59:a8:03:
                    32:1d:8b:ef:5c:de:9a:d8:ab:ea:7f:54:f1:c1:a7:
                    fa:08:d1:74:63:7d:03:b9:94:ed:e5:87:a8:a3:10:
                    de:f5:7f:22:ee:55:94:fe:e5:6b:c7:e5:08:cc:40:
                    c2:50:15:9d:f6:b6:b7:2f:81:8f:0c:06:59:7f:38:
                    e1:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:D8:91:39:F9:45:3E:1F:A3:83:A2:5E:5C:34:25:E5:84:70:53:78
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/6diROflFPh-jg6JeXDQl5YRwU3g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.65.164.0-128.65.175.255
                  194.26.2.0/23
                  194.26.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         87:69:f4:3d:30:5a:a4:ee:19:b5:b6:0d:96:1e:74:22:6c:8d:
         0a:84:6a:c0:2c:94:c7:7d:59:2c:02:b1:fc:ce:4e:89:a8:c4:
         86:e4:fe:42:56:be:83:fc:e9:1b:21:d8:45:8a:0a:ea:b6:f1:
         02:e4:de:c6:c6:cd:02:b5:b1:d9:68:4b:3d:da:ff:3b:5c:6c:
         7c:fb:53:4b:bf:af:0e:dc:d5:73:26:18:96:0b:4e:72:15:98:
         1c:eb:58:b0:8d:40:77:5a:33:55:5e:5e:ac:31:1d:34:c7:2e:
         5b:0a:37:b7:35:77:19:79:ac:a2:73:b1:5a:9f:7f:db:d1:cf:
         39:31:a4:6e:18:cb:09:8c:46:63:77:2f:cb:01:37:8f:da:9b:
         af:4a:42:5a:93:ec:60:05:0f:68:b0:3a:b6:f7:32:22:02:ec:
         82:89:e9:39:30:6a:5e:69:af:27:a3:31:e3:67:4a:1d:de:ce:
         3b:49:f7:45:0b:2e:5d:22:36:ed:72:d6:0e:a4:56:c5:17:f3:
         97:9c:e9:a9:2d:65:fd:1d:f7:31:23:f5:7f:ee:f8:4c:a5:07:
         df:e4:9d:fa:35:b6:06:52:76:33:22:39:e2:e0:ea:5f:b9:6c:
         36:3b:9d:32:3c:13:d3:ef:f5:62:f1:00:ae:c2:1f:52:f0:20:
         64:bb:9a:27
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYUCdU8Nu0KUPXKgcz9JIsl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjIxMjExMTgzMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ4OTEzOWY5NDUzZTFmYTM4M2EyNWU1YzM0MjVlNTg0NzA1Mzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA3O+cPGKoEGRnzykkyE40uKAfrX
LaCeQrXNX1K85fa7APvn/3zZ8ATsELdKmNJZvu0gfMgZLCvHd5Ir1n4kA0p6It+8
yhH18A/fNwXYsKxTJLtVBJ99BBiIKYSBEX93mywhPihyGAWZTgTiZ8940ukTOP19
JD72XXkiAaXSWpXjFlGIuJ6OWt/xBp0mVxYqBmPClUWSvexmPIBiZ8OgkdXEPTfv
GjiwlpTIGjrehRhZHDwa73o0m9b+uoEu2KxZqAMyHYvvXN6a2Kvqf1Txwaf6CNF0
Y30DuZTt5YeooxDe9X8i7lWU/uVrx+UIzEDCUBWd9ra3L4GPDAZZfzjhdwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOnYkTn5RT4fo4OiXlw0JeWEcFN4MB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvNmRpUk9mbEZQaC1qZzZKZVhEUWw1WVJ3VTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKAQaQD
BASAQaADBAHCGgIDBAHCGhQwDQYJKoZIhvcNAQELBQADggEBAIdp9D0wWqTuGbW2
DZYedCJsjQqEasAslMd9WSwCsfzOTomoxIbk/kJWvoP86Rsh2EWKCuq28QLk3sbG
zQK1sdloSz3a/ztcbHz7U0u/rw7c1XMmGJYLTnIVmBzrWLCNQHdaM1VeXqwxHTTH
LlsKN7c1dxl5rKJzsVqff9vRzzkxpG4YywmMRmN3L8sBN4/am69KQlqT7GAFD2iw
Orb3MiIC7IKJ6Tkwal5pryejMeNnSh3ezjtJ90ULLl0iNu1y1g6kVsUX85ec6akt
Zf0d9zEj9X/u+EylB9/knfo1tgZSdjMiOeLg6l+5bDY7nTI8E9Pv9WLxAK7CH1Lw
IGS7mic=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org