Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/Esa3lzxdPWh9CVbsMQcmRJLYhrw.roa
File:                     Esa3lzxdPWh9CVbsMQcmRJLYhrw.roa (raw, json)
Hash identifier:          G8eYmJt38AuEw1sxTS/+4zcG6WDppj+jEEokqXFij/Q=
Subject key identifier:   12:C6:B7:97:3C:5D:3D:68:7D:09:56:EC:31:07:26:44:92:D8:86:BC
Certificate issuer:       /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial:       0182693083ACCCEDE0251E84882226E8D7B5
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/Esa3lzxdPWh9CVbsMQcmRJLYhrw.roa
Signing time:             Thu 04 Aug 2022 14:09:23 +0000
ROA not before:           Thu 04 Aug 2022 14:09:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     54203
IP address blocks:        176.67.86.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:69:30:83:ac:cc:ed:e0:25:1e:84:88:22:26:e8:d7:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
        Validity
            Not Before: Aug  4 14:09:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=12c6b7973c5d3d687d0956ec3107264492d886bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:6c:b1:e9:bd:a0:4c:d4:92:81:a0:ea:52:71:
                    bb:a1:f8:56:f0:b7:f8:1b:00:63:c9:ab:25:e9:cb:
                    c2:0c:44:f2:ca:08:ef:67:71:3d:d1:67:a8:c6:63:
                    51:17:a5:58:85:5e:3f:cd:39:bc:ff:c6:96:2a:39:
                    e0:b1:c2:bd:47:ab:13:9e:1d:bf:55:46:58:ae:7e:
                    89:0a:80:75:03:8e:8f:02:f0:88:b7:dc:c9:3a:24:
                    ed:08:b0:32:e6:48:70:69:e0:7b:32:6e:c6:22:90:
                    07:33:ed:24:b6:7e:e7:3e:cd:06:eb:37:99:05:0b:
                    63:50:d6:ec:4f:e9:5f:d3:fe:c6:71:d5:59:78:4e:
                    bb:5e:76:7e:a1:ef:a9:74:60:fb:44:28:0a:38:f3:
                    f1:6d:6a:bf:cd:1d:c0:6e:7e:27:8f:14:a6:93:0f:
                    f3:0b:c1:d1:d8:37:59:6e:4f:07:2a:e7:1e:f2:9d:
                    21:08:60:19:4c:c3:6e:cc:bc:2f:33:b8:f3:47:7a:
                    4c:e4:ce:3f:91:4b:e7:57:6f:f8:3a:3f:44:78:3a:
                    ec:71:67:4e:a2:a6:ac:3c:82:cf:71:da:b3:01:52:
                    4c:f6:2a:19:31:f6:ea:9d:10:83:b0:38:ab:cd:2a:
                    fe:02:e1:89:73:d1:77:30:a5:b7:5b:d5:de:16:af:
                    63:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:C6:B7:97:3C:5D:3D:68:7D:09:56:EC:31:07:26:44:92:D8:86:BC
            X509v3 Authority Key Identifier:
                keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/Esa3lzxdPWh9CVbsMQcmRJLYhrw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.67.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:8d:40:ba:38:90:bb:af:ff:25:cf:ba:8d:0c:86:47:84:74:
         e5:3d:0d:e0:74:53:9c:eb:69:90:51:82:6f:88:6f:fd:70:47:
         81:52:2b:87:41:74:de:78:ef:43:56:b6:8f:b0:f3:aa:f2:9c:
         12:1c:60:e0:6a:f0:22:ef:3f:eb:1c:c4:26:35:e9:23:bf:9c:
         f1:9e:90:01:46:b0:93:14:a8:6e:3d:c1:ff:20:09:ee:60:58:
         fc:9c:9f:93:ed:9b:ac:41:9d:65:e7:da:7e:ee:01:8f:95:4e:
         d0:aa:86:14:c3:d0:b7:ed:a6:02:3c:0a:f4:e2:05:65:95:1a:
         5b:27:20:ec:ed:43:07:b8:4d:71:fb:52:52:6f:19:88:3d:b5:
         9d:81:94:0f:e8:69:27:94:02:5e:10:72:29:3b:09:26:61:ad:
         da:49:6e:d3:57:16:00:7d:42:89:7d:f3:b0:42:b4:4d:5f:1b:
         95:26:d0:08:4b:21:09:a1:c7:3d:70:3f:12:5f:5c:c3:2a:15:
         47:77:ac:03:f9:1a:67:06:7f:1f:df:ca:1d:b2:61:6f:17:1a:
         1a:2e:92:87:1a:f2:22:9a:41:9c:cc:8b:c4:ba:85:7a:92:e5:
         71:00:06:65:49:0a:5a:96:40:ff:2a:52:91:09:80:a7:43:37:
         ff:37:fc:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJpMIOszO3gJR6EiCIm6Ne1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjIwODA0MTQwOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmM2Yjc5NzNjNWQzZDY4N2QwOTU2ZWMzMTA3MjY0NDkyZDg4NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2yx6b2gTNSSgaDqUnG7ofhW8Lf4
GwBjyasl6cvCDETyygjvZ3E90WeoxmNRF6VYhV4/zTm8/8aWKjngscK9R6sTnh2/
VUZYrn6JCoB1A46PAvCIt9zJOiTtCLAy5khwaeB7Mm7GIpAHM+0ktn7nPs0G6zeZ
BQtjUNbsT+lf0/7GcdVZeE67XnZ+oe+pdGD7RCgKOPPxbWq/zR3Abn4njxSmkw/z
C8HR2DdZbk8HKuce8p0hCGAZTMNuzLwvM7jzR3pM5M4/kUvnV2/4Oj9EeDrscWdO
oqasPILPcdqzAVJM9ioZMfbqnRCDsDirzSr+AuGJc9F3MKW3W9XeFq9jTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBLGt5c8XT1ofQlW7DEHJkSS2Ia8MB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvRXNhM2x6eGRQV2g5Q1Zic01RY21SSkxZaHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsENWMA0G
CSqGSIb3DQEBCwUAA4IBAQBmjUC6OJC7r/8lz7qNDIZHhHTlPQ3gdFOc62mQUYJv
iG/9cEeBUiuHQXTeeO9DVraPsPOq8pwSHGDgavAi7z/rHMQmNekjv5zxnpABRrCT
FKhuPcH/IAnuYFj8nJ+T7ZusQZ1l59p+7gGPlU7QqoYUw9C37aYCPAr04gVllRpb
JyDs7UMHuE1x+1JSbxmIPbWdgZQP6GknlAJeEHIpOwkmYa3aSW7TVxYAfUKJffOw
QrRNXxuVJtAISyEJocc9cD8SX1zDKhVHd6wD+RpnBn8f38odsmFvFxoaLpKHGvIi
mkGczIvEuoV6kuVxAAZlSQpalkD/KlKRCYCnQzf/N/zX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:13 2024 by rpki-client on console-fra.rpki-client.org