Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/LOIaAQYfULogPDRiyW2AUrh4CFw.roa
File:                     LOIaAQYfULogPDRiyW2AUrh4CFw.roa (raw, json)
Hash identifier:          pnFLtAiCo8DBP5dwtA9Wui31jtIsWMyDYQcw3aeX4cw=
Subject key identifier:   2C:E2:1A:01:06:1F:50:BA:20:3C:34:62:C9:6D:80:52:B8:78:08:5C
Certificate issuer:       /CN=6e43d52cf5c721616638a1ab9c3d89fa9a97dc6d
Certificate serial:       11CBD4F8
Authority key identifier: 6E:43:D5:2C:F5:C7:21:61:66:38:A1:AB:9C:3D:89:FA:9A:97:DC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bkPVLPXHIWFmOKGrnD2J-pqX3G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/LOIaAQYfULogPDRiyW2AUrh4CFw.roa
Signing time:             Sat 01 Jan 2022 16:10:50 +0000
ROA not before:           Sat 01 Jan 2022 16:10:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20773
IP address blocks:        194.0.21.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 298571000 (0x11cbd4f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e43d52cf5c721616638a1ab9c3d89fa9a97dc6d
        Validity
            Not Before: Jan  1 16:10:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ce21a01061f50ba203c3462c96d8052b878085c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:43:4c:1a:45:5e:a2:af:db:6b:8a:3d:bf:23:
                    3e:59:66:b9:ac:3e:97:f3:bc:58:13:fe:44:42:e3:
                    45:e3:e0:ac:76:79:f4:26:86:e2:fc:dd:fa:ec:4f:
                    28:58:54:bd:06:57:f0:5e:6b:e4:da:0b:44:c6:89:
                    31:40:a8:39:c8:81:62:dc:27:a0:5c:46:ec:34:7d:
                    b6:23:bc:7a:6f:cf:33:fb:13:cc:fc:53:4f:2f:75:
                    a7:d8:1e:21:06:6a:89:0c:67:74:24:7f:f3:3f:b7:
                    07:3d:b6:c4:64:70:e9:76:55:15:82:bd:bb:2d:c7:
                    96:d7:c3:e6:7e:32:7a:4f:31:7a:f5:f1:f3:3e:7b:
                    6a:63:f8:86:f9:94:d9:a2:66:28:91:41:3e:8e:c2:
                    e4:d9:a6:6d:32:4a:5b:65:88:bb:75:a0:01:31:c1:
                    2a:7f:8e:cf:d1:32:f8:16:31:8c:02:75:ec:f5:ea:
                    fe:a5:85:42:5c:84:ad:6a:4b:01:28:35:6e:61:e4:
                    1d:95:cf:fb:80:99:be:db:58:e4:ba:e4:58:da:3c:
                    b0:81:b2:f1:71:0e:d2:12:60:b7:df:ae:47:1b:d3:
                    cf:bc:f7:be:02:a1:d3:ec:2b:8f:71:be:e0:42:2a:
                    62:36:13:e8:44:78:b3:8a:e3:04:cc:a7:b1:4f:f7:
                    50:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:E2:1A:01:06:1F:50:BA:20:3C:34:62:C9:6D:80:52:B8:78:08:5C
            X509v3 Authority Key Identifier:
                keyid:6E:43:D5:2C:F5:C7:21:61:66:38:A1:AB:9C:3D:89:FA:9A:97:DC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkPVLPXHIWFmOKGrnD2J-pqX3G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/LOIaAQYfULogPDRiyW2AUrh4CFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/bkPVLPXHIWFmOKGrnD2J-pqX3G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.0.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:0e:c7:e5:92:54:91:1d:c6:c8:43:c0:97:b8:e8:d7:66:b1:
         78:30:1d:36:5b:aa:6b:c3:65:a9:c7:d8:5a:8c:21:24:ae:4a:
         87:c2:99:67:db:0d:05:71:13:b5:a6:e3:46:05:6e:5e:ab:81:
         8b:63:0b:ab:f4:34:11:fb:eb:32:6c:99:d3:57:4c:4e:e4:ec:
         af:5b:35:6f:a4:6a:2e:5b:02:77:22:a2:71:97:39:99:7d:91:
         80:60:50:3a:b8:e2:4f:94:d4:41:b1:4a:69:93:f1:95:bb:ed:
         e8:65:c9:1c:5d:1c:2d:3e:da:91:f1:bc:9b:87:e4:9e:5c:d3:
         0a:27:61:3c:bb:6f:23:08:dd:77:8e:26:3e:12:56:e3:98:b6:
         2c:91:dd:82:65:09:42:ba:13:ae:b4:3a:c8:7e:1b:80:87:04:
         9a:16:ff:19:6f:5c:91:70:3c:15:69:cd:84:52:ed:e5:b6:f8:
         3b:6e:e8:40:71:37:59:3c:de:d3:c1:b2:08:24:8d:b7:4d:ff:
         4b:e3:de:43:74:5c:11:0f:61:f3:31:f5:33:92:d1:9f:71:0c:
         a8:45:29:18:16:86:01:94:14:77:a0:22:13:86:35:16:33:c6:
         54:ff:79:47:6c:2a:47:0a:f4:68:10:b7:69:40:a9:ec:e9:02:
         2c:8b:ce:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEcvU+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTQzZDUyY2Y1YzcyMTYxNjYzOGExYWI5YzNkODlmYTlhOTdkYzZkMB4XDTIyMDEw
MTE2MTA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNlMjFhMDEwNjFm
NTBiYTIwM2MzNDYyYzk2ZDgwNTJiODc4MDg1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxDTBpFXqKv22uKPb8jPllmuaw+l/O8WBP+RELjRePgrHZ5
9CaG4vzd+uxPKFhUvQZX8F5r5NoLRMaJMUCoOciBYtwnoFxG7DR9tiO8em/PM/sT
zPxTTy91p9geIQZqiQxndCR/8z+3Bz22xGRw6XZVFYK9uy3HltfD5n4yek8xevXx
8z57amP4hvmU2aJmKJFBPo7C5NmmbTJKW2WIu3WgATHBKn+Oz9Ey+BYxjAJ17PXq
/qWFQlyErWpLASg1bmHkHZXP+4CZvttY5LrkWNo8sIGy8XEO0hJgt9+uRxvTz7z3
vgKh0+wrj3G+4EIqYjYT6ER4s4rjBMynsU/3UPcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQs4hoBBh9QuiA8NGLJbYBSuHgIXDAfBgNVHSMEGDAWgBRuQ9Us9cchYWY4
oaucPYn6mpfcbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JrUFZMUFhISVdGbU9LR3JuRDJKLXBxWDNHMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvN2QwM2VhLTg3MDItNGI0Yy1hMTE3LTZiMWM4MmNlNzE2ZC8x
L0xPSWFBUVlmVUxvZ1BEUml5VzJBVXJoNENGdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
N2QwM2VhLTg3MDItNGI0Yy1hMTE3LTZiMWM4MmNlNzE2ZC8xL2JrUFZMUFhISVdG
bU9LR3JuRDJKLXBxWDNHMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIAFTANBgkqhkiG9w0BAQsFAAOC
AQEAmQ7H5ZJUkR3GyEPAl7jo12axeDAdNluqa8NlqcfYWowhJK5Kh8KZZ9sNBXET
tabjRgVuXquBi2MLq/Q0EfvrMmyZ01dMTuTsr1s1b6RqLlsCdyKicZc5mX2RgGBQ
OrjiT5TUQbFKaZPxlbvt6GXJHF0cLT7akfG8m4fknlzTCidhPLtvIwjdd44mPhJW
45i2LJHdgmUJQroTrrQ6yH4bgIcEmhb/GW9ckXA8FWnNhFLt5bb4O27oQHE3WTze
08GyCCSNt03/S+PeQ3RcEQ9h8zH1M5LRn3EMqEUpGBaGAZQUd6AiE4Y1FjPGVP95
R2wqRwr0aBC3aUCp7OkCLIvOuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:34 2024 by rpki-client on console-ams.rpki-client.org