Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/8LrA6S3Psj6bocV4UG1RLSKJS9U.roa
File:                     8LrA6S3Psj6bocV4UG1RLSKJS9U.roa (raw, json)
Hash identifier:          6QvooS6qtyssdmqfXCXqh4KMPauxb3bUtiXLchiPHs8=
Subject key identifier:   F0:BA:C0:E9:2D:CF:B2:3E:9B:A1:C5:78:50:6D:51:2D:22:89:4B:D5
Certificate issuer:       /CN=dee623e2aff7b03afeb94260348c1633b54d9056
Certificate serial:       0183C205B3E18CB26CE3FD9A1B92DF141EF9
Authority key identifier: DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/8LrA6S3Psj6bocV4UG1RLSKJS9U.roa
Signing time:             Mon 10 Oct 2022 13:11:37 +0000
ROA not before:           Mon 10 Oct 2022 13:11:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210021
IP address blocks:        194.127.111.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c2:05:b3:e1:8c:b2:6c:e3:fd:9a:1b:92:df:14:1e:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dee623e2aff7b03afeb94260348c1633b54d9056
        Validity
            Not Before: Oct 10 13:11:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f0bac0e92dcfb23e9ba1c578506d512d22894bd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:1a:4d:67:12:31:0a:33:ec:55:5c:eb:10:bc:
                    5f:38:84:95:6a:52:61:c0:82:30:ff:97:d4:21:5d:
                    37:54:1c:ed:10:75:8a:60:90:eb:e3:ae:3a:b4:a0:
                    c7:ad:da:ec:dd:b4:6a:ff:d8:65:70:d5:37:6c:af:
                    db:96:ab:9d:73:35:80:f7:0e:7b:57:0a:bd:15:4c:
                    04:7d:e4:c4:37:b4:0e:d4:c8:5b:39:44:2a:0a:f1:
                    95:6d:8e:6a:97:80:d3:57:85:b7:e7:1d:06:ab:01:
                    a8:04:bd:72:a4:6b:d2:5d:53:8f:9a:d0:59:76:51:
                    d9:42:e2:26:6c:25:b5:3b:12:e3:29:a8:3a:49:74:
                    31:f9:37:e9:c0:a4:39:ab:22:5c:86:d1:0f:8b:0b:
                    b3:3d:8d:53:62:cf:88:fe:3b:ed:c6:ef:91:14:ab:
                    a9:2c:44:df:7b:7a:2b:a8:16:15:32:30:6f:dc:7e:
                    99:a2:64:fc:9c:c8:d2:e9:8e:76:05:e7:27:5d:d2:
                    1a:43:bf:86:6d:d3:7e:c7:1b:62:00:da:fc:de:ef:
                    7a:54:03:d9:43:4b:2a:2f:92:df:69:f1:c4:1e:90:
                    0f:df:d6:3c:b4:c6:9b:29:5f:c0:1c:a5:4e:13:aa:
                    2b:6b:15:a8:39:97:a0:2d:2b:7f:64:87:59:95:5c:
                    68:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:BA:C0:E9:2D:CF:B2:3E:9B:A1:C5:78:50:6D:51:2D:22:89:4B:D5
            X509v3 Authority Key Identifier:
                keyid:DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/8LrA6S3Psj6bocV4UG1RLSKJS9U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.127.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:16:f0:93:f7:34:29:2e:ab:a6:f9:5a:03:6f:72:b2:60:c8:
         ef:da:ee:15:7b:e4:16:37:3a:d0:86:4c:5d:63:61:85:96:16:
         74:3c:a2:19:b3:86:bf:05:bd:4c:09:c3:cb:35:93:94:58:d8:
         83:91:e5:51:d2:01:ad:13:6d:91:15:bb:59:2e:86:46:d5:73:
         61:61:21:1b:2a:3d:a9:c6:6d:14:6e:82:e7:52:2a:95:7e:26:
         db:f8:82:77:82:57:00:2a:cf:5c:a3:56:12:f3:9b:d8:4a:87:
         8d:a5:e4:ee:ac:72:de:7f:95:22:68:6d:d3:59:00:04:39:ca:
         3b:e1:5d:55:9f:8a:29:ab:f3:56:72:a8:dc:b2:b3:8f:08:04:
         59:a6:d4:df:92:9f:e0:10:f4:c8:4e:5a:cd:f3:c2:34:be:e0:
         15:ff:29:fd:79:a1:37:cd:06:5a:e2:88:7a:5c:4b:d4:cd:2a:
         a6:3d:c5:f0:37:c7:b2:08:de:d0:23:11:af:27:74:b0:bb:d1:
         25:89:b7:54:e4:0c:ce:be:f0:63:24:a8:b5:70:75:d6:0b:2c:
         98:54:25:db:49:ea:f3:97:81:32:68:a8:0a:23:89:0c:8c:61:
         c6:cb:d4:83:f6:49:f6:1d:14:0f:3d:91:28:c9:83:44:ae:42:
         ae:12:15:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPCBbPhjLJs4/2aG5LfFB75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTYyM2UyYWZmN2IwM2FmZWI5NDI2MDM0OGMxNjMzYjU0
ZDkwNTYwHhcNMjIxMDEwMTMxMTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGJhYzBlOTJkY2ZiMjNlOWJhMWM1Nzg1MDZkNTEyZDIyODk0YmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRpNZxIxCjPsVVzrELxfOISValJh
wIIw/5fUIV03VBztEHWKYJDr4646tKDHrdrs3bRq/9hlcNU3bK/blqudczWA9w57
Vwq9FUwEfeTEN7QO1MhbOUQqCvGVbY5ql4DTV4W35x0GqwGoBL1ypGvSXVOPmtBZ
dlHZQuImbCW1OxLjKag6SXQx+TfpwKQ5qyJchtEPiwuzPY1TYs+I/jvtxu+RFKup
LETfe3orqBYVMjBv3H6ZomT8nMjS6Y52BecnXdIaQ7+GbdN+xxtiANr83u96VAPZ
Q0sqL5LfafHEHpAP39Y8tMabKV/AHKVOE6oraxWoOZegLSt/ZIdZlVxoNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPC6wOktz7I+m6HFeFBtUS0iiUvVMB8GA1UdIwQY
MBaAFN7mI+Kv97A6/rlCYDSMFjO1TZBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQt
NmNjMWQzZWE4MzJlLzEvOExyQTZTM1BzajZib2NWNFVHMVJMU0tKUzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQtNmNjMWQzZWE4MzJl
LzEvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn9vMA0G
CSqGSIb3DQEBCwUAA4IBAQCTFvCT9zQpLqum+VoDb3KyYMjv2u4Ve+QWNzrQhkxd
Y2GFlhZ0PKIZs4a/Bb1MCcPLNZOUWNiDkeVR0gGtE22RFbtZLoZG1XNhYSEbKj2p
xm0UboLnUiqVfibb+IJ3glcAKs9co1YS85vYSoeNpeTurHLef5UiaG3TWQAEOco7
4V1Vn4opq/NWcqjcsrOPCARZptTfkp/gEPTITlrN88I0vuAV/yn9eaE3zQZa4oh6
XEvUzSqmPcXwN8eyCN7QIxGvJ3Swu9ElibdU5AzOvvBjJKi1cHXWCyyYVCXbSerz
l4EyaKgKI4kMjGHGy9SD9kn2HRQPPZEoyYNErkKuEhUA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org