Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/T2tUufLNDHNlW7QW72DnXW3NoaU.roa
File:                     T2tUufLNDHNlW7QW72DnXW3NoaU.roa (raw, json)
Hash identifier:          1Q6axv6XCd1cBcddJ6yPT66OBQ8Lrl8iy9CFpDYKoBc=
Subject key identifier:   4F:6B:54:B9:F2:CD:0C:73:65:5B:B4:16:EF:60:E7:5D:6D:CD:A1:A5
Certificate issuer:       /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial:       0F4A943B
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/T2tUufLNDHNlW7QW72DnXW3NoaU.roa
Signing time:             Sat 01 Jan 2022 12:58:27 +0000
ROA not before:           Sat 01 Jan 2022 12:58:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203918
IP address blocks:        185.117.83.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 256545851 (0xf4a943b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
        Validity
            Not Before: Jan  1 12:58:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f6b54b9f2cd0c73655bb416ef60e75d6dcda1a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d1:2c:b7:cc:a9:1f:cf:5c:ec:ac:cd:f0:98:
                    92:32:1b:ea:4c:b9:56:df:8d:fc:c4:88:16:f7:89:
                    60:87:3f:dd:3e:cc:ac:85:7e:fb:77:e7:15:7f:90:
                    c8:59:c6:b9:c5:1c:6a:52:37:c1:aa:3d:1d:2a:74:
                    d8:2e:a6:0f:76:85:1f:dc:5e:42:be:26:78:10:2e:
                    0d:50:6c:00:74:73:e6:87:aa:7b:c2:37:7b:21:ae:
                    8a:c7:a1:28:46:70:4b:cb:d1:29:f9:e6:f8:ee:42:
                    c0:ab:42:43:e3:60:fc:ca:7d:b2:07:ac:36:20:c6:
                    a6:ca:38:fc:bd:92:16:42:60:37:4d:a1:cd:61:b5:
                    87:1c:a1:99:61:59:70:fd:7c:15:77:c7:a5:9b:e9:
                    e1:86:b3:77:7d:9f:44:d8:8b:05:96:bf:27:d3:b4:
                    3f:95:8b:da:d7:eb:da:1d:31:78:de:c0:f1:0f:1b:
                    f7:8f:c0:53:47:05:04:3c:3d:de:1a:bf:37:71:00:
                    7d:9e:a9:10:1c:e6:d2:18:fc:9c:5e:95:4b:eb:60:
                    fb:fe:32:85:4c:d8:06:93:0a:fb:fc:92:b1:79:06:
                    79:5c:d8:3c:d3:bd:6c:f9:a2:1e:38:65:bf:86:05:
                    3a:e8:8b:4e:4a:5d:10:9e:ef:ef:39:85:9a:71:84:
                    2d:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:6B:54:B9:F2:CD:0C:73:65:5B:B4:16:EF:60:E7:5D:6D:CD:A1:A5
            X509v3 Authority Key Identifier:
                keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/T2tUufLNDHNlW7QW72DnXW3NoaU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:d0:00:66:c5:8d:f8:9c:7f:10:33:a4:c2:2a:6f:55:fb:c2:
         fe:b3:63:c7:10:8b:87:17:a7:30:c0:84:4c:06:57:36:29:9f:
         32:dc:e0:ba:e5:2d:1f:9c:ce:98:07:c7:8b:72:ec:91:f0:6b:
         55:e8:74:98:96:7b:8d:c7:74:c2:80:26:60:4b:4d:f5:94:d7:
         4a:71:c2:c9:51:cc:cc:7f:8f:af:dd:f5:57:99:32:60:3e:f8:
         f6:e7:9f:a4:98:b0:b0:14:0a:ac:f2:13:53:57:ee:34:9a:47:
         f3:c9:f7:c7:2a:c8:f4:25:cf:45:9a:7b:11:8e:d9:49:b7:22:
         19:22:23:6a:b7:14:6a:e3:c2:03:38:20:d4:60:93:2f:ac:eb:
         86:b4:2e:da:d3:1c:c4:ba:c3:99:e3:a5:29:7b:89:4b:a4:49:
         de:a0:3b:a0:3a:05:c8:0a:9e:22:56:34:b0:95:52:d6:d6:87:
         e4:d1:c5:74:0b:a7:1c:c0:ca:3b:c8:ec:ee:eb:f5:5c:68:5a:
         8d:85:ed:db:9b:aa:c2:cc:dc:84:d9:f9:ac:07:f0:65:3b:57:
         3a:15:f9:75:64:3f:e9:7b:a3:5c:e9:b3:6f:72:63:4a:31:20:
         c7:c8:e3:0f:25:9b:09:d8:23:c1:e8:64:36:31:8f:57:96:69:
         53:a0:c8:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED0qUOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZmM1MGQwZDQyMDY3Yjc2YWIxYTJlOGU1MzNmZjg0OWI2NWQ1NmY1MB4XDTIyMDEw
MTEyNTgyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY2YjU0YjlmMmNk
MGM3MzY1NWJiNDE2ZWY2MGU3NWQ2ZGNkYTFhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjRLLfMqR/PXOyszfCYkjIb6ky5Vt+N/MSIFveJYIc/3T7M
rIV++3fnFX+QyFnGucUcalI3wao9HSp02C6mD3aFH9xeQr4meBAuDVBsAHRz5oeq
e8I3eyGuisehKEZwS8vRKfnm+O5CwKtCQ+Ng/Mp9sgesNiDGpso4/L2SFkJgN02h
zWG1hxyhmWFZcP18FXfHpZvp4Yazd32fRNiLBZa/J9O0P5WL2tfr2h0xeN7A8Q8b
94/AU0cFBDw93hq/N3EAfZ6pEBzm0hj8nF6VS+tg+/4yhUzYBpMK+/ySsXkGeVzY
PNO9bPmiHjhlv4YFOuiLTkpdEJ7v7zmFmnGELW8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPa1S58s0Mc2VbtBbvYOddbc2hpTAfBgNVHSMEGDAWgBRvxQ0NQgZ7dqsa
Lo5TP/hJtl1W9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I4VU5EVUlHZTNhckdpNk9Vel80U2JaZFZ2VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvZjJiZDZjLTQ4NDMtNGVhZC1hYTA5LTNjMTZmZjg0MWFiMi8x
L1QydFV1ZkxOREhObFc3UVc3MkRuWFczTm9hVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
ZjJiZDZjLTQ4NDMtNGVhZC1hYTA5LTNjMTZmZjg0MWFiMi8xL2I4VU5EVUlHZTNh
ckdpNk9Vel80U2JaZFZ2VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALl1UzANBgkqhkiG9w0BAQsFAAOC
AQEAANAAZsWN+Jx/EDOkwipvVfvC/rNjxxCLhxenMMCETAZXNimfMtzguuUtH5zO
mAfHi3LskfBrVeh0mJZ7jcd0woAmYEtN9ZTXSnHCyVHMzH+Pr931V5kyYD749uef
pJiwsBQKrPITU1fuNJpH88n3xyrI9CXPRZp7EY7ZSbciGSIjarcUauPCAzgg1GCT
L6zrhrQu2tMcxLrDmeOlKXuJS6RJ3qA7oDoFyAqeIlY0sJVS1taH5NHFdAunHMDK
O8js7uv1XGhajYXt25uqwszchNn5rAfwZTtXOhX5dWQ/6XujXOmzb3JjSjEgx8jj
DyWbCdgjwehkNjGPV5ZpU6DI1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:37 2024 by rpki-client on console-fra.rpki-client.org