Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/dPFgEwvqtt9XlUTZBKmsT6k8Psk.roa
File:                     dPFgEwvqtt9XlUTZBKmsT6k8Psk.roa (raw, json)
Hash identifier:          AkiEHXVh6A0UYXSbimR7uKttotw0cWDraLokmx1CJmg=
Subject key identifier:   74:F1:60:13:0B:EA:B6:DF:57:95:44:D9:04:A9:AC:4F:A9:3C:3E:C9
Certificate issuer:       /CN=dee623e2aff7b03afeb94260348c1633b54d9056
Certificate serial:       018480E584861B757FCB0490EB017F0A2EE4
Authority key identifier: DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/dPFgEwvqtt9XlUTZBKmsT6k8Psk.roa
Signing time:             Wed 16 Nov 2022 14:43:56 +0000
ROA not before:           Wed 16 Nov 2022 14:43:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203735
IP address blocks:        194.127.110.0/24 maxlen: 24
                          194.127.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:80:e5:84:86:1b:75:7f:cb:04:90:eb:01:7f:0a:2e:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dee623e2aff7b03afeb94260348c1633b54d9056
        Validity
            Not Before: Nov 16 14:43:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74f160130beab6df579544d904a9ac4fa93c3ec9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:4f:a1:a9:a8:f7:2c:64:fe:58:3a:69:ee:dc:
                    2d:db:3e:3a:3e:82:35:3c:08:1a:de:cc:23:50:34:
                    70:09:bd:cc:e8:6e:e7:65:4f:13:7f:7d:4d:c5:4a:
                    df:ee:36:87:57:3e:3e:bb:5c:1b:9a:19:d3:ed:f5:
                    cf:ef:e3:cb:f7:52:55:64:40:a2:d3:c7:90:3d:2a:
                    29:34:0b:9e:23:c9:dd:aa:d7:90:aa:35:0e:37:e5:
                    06:0a:5c:c2:87:b7:c4:63:90:b6:63:ed:e8:bf:f4:
                    99:e5:d6:15:fe:8d:9d:16:b2:16:e4:ce:76:b6:14:
                    1f:c5:a5:75:7f:ca:df:74:46:99:6a:fe:49:f8:ac:
                    49:c5:54:ba:cb:62:ec:5f:ca:e4:1f:13:a0:81:96:
                    33:c7:08:fe:bb:94:71:5e:da:83:b6:6b:fe:0d:a4:
                    2f:08:93:67:63:31:57:88:d0:f7:4b:8d:d1:73:53:
                    33:f1:c9:4c:61:d7:ec:1d:d4:da:d0:b2:7d:fa:6a:
                    a1:23:b0:bc:75:8c:56:97:7b:38:15:5e:05:65:c1:
                    6a:24:2f:37:d7:53:23:bc:02:c5:0a:10:1c:12:f5:
                    0c:85:13:6b:41:98:0d:62:eb:4d:d0:31:00:08:25:
                    c3:19:e1:0e:04:a3:be:a7:c1:94:f7:91:b0:35:7e:
                    e2:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:F1:60:13:0B:EA:B6:DF:57:95:44:D9:04:A9:AC:4F:A9:3C:3E:C9
            X509v3 Authority Key Identifier:
                keyid:DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/dPFgEwvqtt9XlUTZBKmsT6k8Psk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.127.108.0/24
                  194.127.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:db:b6:68:eb:64:ab:bd:a6:ac:e0:d5:20:d1:ce:b0:1a:3c:
         e9:a5:cd:df:3c:28:a6:83:ef:5a:cf:64:fa:31:7f:0a:4c:f4:
         4f:b5:59:49:1d:e0:88:95:9d:05:a6:69:75:42:5a:d0:32:90:
         61:ec:6c:7d:2b:79:2b:11:d9:45:b2:6f:c1:c9:99:1f:06:bd:
         f7:33:21:c7:fe:fe:33:6f:bf:fc:dd:29:05:3f:f8:df:81:e8:
         4b:37:86:d7:5d:d3:20:54:04:76:d9:08:9d:5e:36:1e:a4:75:
         34:a1:ca:71:e4:47:f8:3e:98:f8:31:54:ad:06:c1:3e:85:07:
         9d:90:4c:3c:27:83:aa:cf:c8:c2:26:d4:9f:37:1c:cd:44:b9:
         23:52:4b:fc:9b:b2:b3:65:e0:1f:8e:d4:8b:83:ed:23:b2:75:
         35:f5:44:a6:f3:70:d8:d5:3d:d7:39:bc:b6:82:fd:a4:43:d3:
         41:6e:9e:ef:f3:9a:32:8f:7f:b0:32:dd:57:b9:84:07:3a:45:
         73:58:95:3f:2c:c7:31:28:76:d9:ed:67:c0:48:bb:b7:5b:d8:
         ec:41:12:94:f0:63:39:cf:2c:82:55:e7:93:bb:69:75:2b:00:
         86:6e:50:74:d1:0d:af:0a:5c:0a:82:14:81:90:a4:e1:17:a1:
         fc:55:d6:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSA5YSGG3V/ywSQ6wF/Ci7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTYyM2UyYWZmN2IwM2FmZWI5NDI2MDM0OGMxNjMzYjU0
ZDkwNTYwHhcNMjIxMTE2MTQ0MzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGYxNjAxMzBiZWFiNmRmNTc5NTQ0ZDkwNGE5YWM0ZmE5M2MzZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0+hqaj3LGT+WDpp7twt2z46PoI1
PAga3swjUDRwCb3M6G7nZU8Tf31NxUrf7jaHVz4+u1wbmhnT7fXP7+PL91JVZECi
08eQPSopNAueI8ndqteQqjUON+UGClzCh7fEY5C2Y+3ov/SZ5dYV/o2dFrIW5M52
thQfxaV1f8rfdEaZav5J+KxJxVS6y2LsX8rkHxOggZYzxwj+u5RxXtqDtmv+DaQv
CJNnYzFXiND3S43Rc1Mz8clMYdfsHdTa0LJ9+mqhI7C8dYxWl3s4FV4FZcFqJC83
11MjvALFChAcEvUMhRNrQZgNYutN0DEACCXDGeEOBKO+p8GU95GwNX7ihQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHTxYBML6rbfV5VE2QSprE+pPD7JMB8GA1UdIwQY
MBaAFN7mI+Kv97A6/rlCYDSMFjO1TZBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQt
NmNjMWQzZWE4MzJlLzEvZFBGZ0V3dnF0dDlYbFVUWkJLbXNUNms4UHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQtNmNjMWQzZWE4MzJl
LzEvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwn9sAwQA
wn9uMA0GCSqGSIb3DQEBCwUAA4IBAQB127Zo62Srvaas4NUg0c6wGjzppc3fPCim
g+9az2T6MX8KTPRPtVlJHeCIlZ0Fpml1QlrQMpBh7Gx9K3krEdlFsm/ByZkfBr33
MyHH/v4zb7/83SkFP/jfgehLN4bXXdMgVAR22QidXjYepHU0ocpx5Ef4Ppj4MVSt
BsE+hQedkEw8J4Oqz8jCJtSfNxzNRLkjUkv8m7KzZeAfjtSLg+0jsnU19USm83DY
1T3XOby2gv2kQ9NBbp7v85oyj3+wMt1XuYQHOkVzWJU/LMcxKHbZ7WfASLu3W9js
QRKU8GM5zyyCVeeTu2l1KwCGblB00Q2vClwKghSBkKThF6H8Vdba
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org