Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/18SwXFykRVzzXlBeQwOICTQBpUY.roa
File:                     18SwXFykRVzzXlBeQwOICTQBpUY.roa (raw, json)
Hash identifier:          qIXVaYNsJJ6EDFEzJXC9hEGzDKrxmZF9XErF8nGqTtU=
Subject key identifier:   D7:C4:B0:5C:5C:A4:45:5C:F3:5E:50:5E:43:03:88:09:34:01:A5:46
Certificate issuer:       /CN=dee623e2aff7b03afeb94260348c1633b54d9056
Certificate serial:       0184A3CB8D4547449E1C3101CF38FA17DE1A
Authority key identifier: DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/18SwXFykRVzzXlBeQwOICTQBpUY.roa
Signing time:             Wed 23 Nov 2022 09:22:16 +0000
ROA not before:           Wed 23 Nov 2022 09:22:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210021
IP address blocks:        194.127.111.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a3:cb:8d:45:47:44:9e:1c:31:01:cf:38:fa:17:de:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dee623e2aff7b03afeb94260348c1633b54d9056
        Validity
            Not Before: Nov 23 09:22:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7c4b05c5ca4455cf35e505e430388093401a546
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c8:19:cf:e0:bb:6a:0a:82:e8:1a:16:2c:53:
                    30:cb:be:d4:ab:78:42:5a:62:d8:5e:f4:d0:27:48:
                    74:86:b3:eb:c2:b1:24:51:47:6a:a5:23:09:6c:59:
                    97:28:97:9f:4c:22:82:b6:85:d6:32:92:df:81:7f:
                    7c:1a:f3:6b:3f:ce:c6:1e:01:e5:19:3e:21:5f:1c:
                    74:b9:c4:ed:b5:1d:4f:58:5c:aa:36:5f:a5:e9:5a:
                    15:86:2c:09:26:4d:d2:31:b3:fb:20:85:bc:e9:27:
                    b4:44:0e:0c:97:40:15:d3:81:02:97:71:d7:43:d8:
                    c1:2d:c2:39:dc:12:fa:79:53:42:b0:05:61:23:e7:
                    45:cb:ae:11:7b:82:97:0f:fa:58:13:7f:29:87:c7:
                    17:77:68:65:b7:39:26:97:e2:f3:d1:a2:dd:d9:88:
                    a0:9f:ae:c7:45:90:24:23:42:1a:76:ec:5b:70:4b:
                    23:8c:ed:57:1e:44:d6:0d:74:01:9a:41:54:73:a3:
                    70:80:38:e7:7f:d2:1b:00:74:93:63:97:83:21:6d:
                    aa:fe:7f:22:3a:42:06:98:3f:57:51:d4:de:40:12:
                    b9:6d:12:41:94:d2:ed:4c:60:b8:52:81:18:3a:e6:
                    0d:8b:10:16:e9:25:18:8d:7f:11:d9:d1:7e:5c:15:
                    81:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:C4:B0:5C:5C:A4:45:5C:F3:5E:50:5E:43:03:88:09:34:01:A5:46
            X509v3 Authority Key Identifier:
                keyid:DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/18SwXFykRVzzXlBeQwOICTQBpUY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.127.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:cf:5d:d7:fd:45:1b:a5:31:72:5a:18:65:ef:53:34:a2:e6:
         21:f0:ab:bc:4b:d0:f1:0a:e9:30:20:f6:8d:0b:08:7b:59:8c:
         8b:71:63:44:e0:c1:90:fa:dc:55:b1:18:bc:64:bf:f5:0f:13:
         18:2d:05:63:1e:88:ea:ff:e0:e7:f8:83:d1:a3:b5:80:55:21:
         c1:2f:d7:a0:1a:45:a2:63:6f:a0:f0:e1:61:ce:e0:b9:d1:e4:
         8a:ed:bd:8f:92:94:c6:dc:1c:51:e4:8b:1f:6d:a8:1b:59:da:
         c9:c5:26:d5:d9:4e:68:ff:62:81:7b:75:5a:6a:3d:32:69:6d:
         3d:2d:dd:24:92:9f:3e:5e:dc:4f:f5:69:3d:33:87:70:56:c1:
         a8:29:b0:31:93:e5:ce:96:4d:36:44:e5:21:1b:2c:e5:0a:71:
         78:ce:3a:ce:43:e1:da:f5:07:3c:b1:ef:cb:88:0a:c2:f8:17:
         c1:ea:75:62:0a:ac:bd:b5:21:4d:04:1a:19:f5:54:d3:19:9a:
         3e:a1:64:70:ca:16:39:f0:6f:ee:60:07:3d:be:b4:6b:29:dd:
         86:01:fb:83:1e:39:89:3b:a5:a2:63:18:d3:d2:94:8c:92:b7:
         8a:0e:e9:38:41:c5:1a:92:eb:88:38:d8:f5:b6:08:21:ca:e6:
         ad:35:35:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSjy41FR0SeHDEBzzj6F94aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTYyM2UyYWZmN2IwM2FmZWI5NDI2MDM0OGMxNjMzYjU0
ZDkwNTYwHhcNMjIxMTIzMDkyMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2M0YjA1YzVjYTQ0NTVjZjM1ZTUwNWU0MzAzODgwOTM0MDFhNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMgZz+C7agqC6BoWLFMwy77Uq3hC
WmLYXvTQJ0h0hrPrwrEkUUdqpSMJbFmXKJefTCKCtoXWMpLfgX98GvNrP87GHgHl
GT4hXxx0ucTttR1PWFyqNl+l6VoVhiwJJk3SMbP7IIW86Se0RA4Ml0AV04ECl3HX
Q9jBLcI53BL6eVNCsAVhI+dFy64Re4KXD/pYE38ph8cXd2hltzkml+Lz0aLd2Yig
n67HRZAkI0IaduxbcEsjjO1XHkTWDXQBmkFUc6NwgDjnf9IbAHSTY5eDIW2q/n8i
OkIGmD9XUdTeQBK5bRJBlNLtTGC4UoEYOuYNixAW6SUYjX8R2dF+XBWBGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfEsFxcpEVc815QXkMDiAk0AaVGMB8GA1UdIwQY
MBaAFN7mI+Kv97A6/rlCYDSMFjO1TZBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQt
NmNjMWQzZWE4MzJlLzEvMThTd1hGeWtSVnp6WGxCZVF3T0lDVFFCcFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQtNmNjMWQzZWE4MzJl
LzEvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn9vMA0G
CSqGSIb3DQEBCwUAA4IBAQA7z13X/UUbpTFyWhhl71M0ouYh8Ku8S9DxCukwIPaN
Cwh7WYyLcWNE4MGQ+txVsRi8ZL/1DxMYLQVjHojq/+Dn+IPRo7WAVSHBL9egGkWi
Y2+g8OFhzuC50eSK7b2PkpTG3BxR5IsfbagbWdrJxSbV2U5o/2KBe3Vaaj0yaW09
Ld0kkp8+XtxP9Wk9M4dwVsGoKbAxk+XOlk02ROUhGyzlCnF4zjrOQ+Ha9Qc8se/L
iArC+BfB6nViCqy9tSFNBBoZ9VTTGZo+oWRwyhY58G/uYAc9vrRrKd2GAfuDHjmJ
O6WiYxjT0pSMkreKDuk4QcUakuuIONj1tgghyuatNTVZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org