Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/mmqPaCn0E1F3yZ6WxR7KCiQnFhc.roa
File:                     mmqPaCn0E1F3yZ6WxR7KCiQnFhc.roa (raw, json)
Hash identifier:          bPooYOB0UKnXsaRlYqQAbs22S0gkwh6qgicDeaiD6bY=
Subject key identifier:   9A:6A:8F:68:29:F4:13:51:77:C9:9E:96:C5:1E:CA:0A:24:27:16:17
Certificate issuer:       /CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
Certificate serial:       0A01442C
Authority key identifier: EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/mmqPaCn0E1F3yZ6WxR7KCiQnFhc.roa
Signing time:             Sat 01 Jan 2022 13:56:17 +0000
ROA not before:           Sat 01 Jan 2022 13:56:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42598
IP address blocks:        194.55.4.0/24 maxlen: 24
                          194.55.6.0/24 maxlen: 24
                          194.55.5.0/24 maxlen: 24
                          2a0c:ca40::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 167855148 (0xa01442c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
        Validity
            Not Before: Jan  1 13:56:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9a6a8f6829f4135177c99e96c51eca0a24271617
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:68:8e:17:b0:b7:b0:90:e9:cd:6e:01:52:50:
                    98:b8:4a:c8:ea:04:04:2b:e0:ed:a3:44:3b:ea:29:
                    d0:03:8d:9e:96:72:10:52:8a:4e:a3:c6:30:ee:a9:
                    c8:3a:cd:89:02:fc:6b:98:3f:85:a7:e7:dc:81:67:
                    e7:67:44:89:fb:72:49:50:28:46:af:6b:d3:4c:85:
                    e8:70:d4:c0:00:b0:56:98:b6:97:96:9d:f5:86:57:
                    69:bb:98:37:9e:e6:50:80:6c:d6:2c:96:0e:6d:67:
                    ca:4e:53:df:5e:7d:e0:4c:0f:81:f5:2d:53:63:22:
                    4d:68:24:26:2f:28:41:70:9f:c2:70:19:d9:7d:e4:
                    74:78:e5:4c:73:18:3b:3c:d6:01:8e:1e:64:94:e4:
                    9c:22:f9:a2:31:b7:87:60:63:33:81:44:ce:ac:c6:
                    16:39:11:f0:d4:10:1c:9a:6d:0d:af:94:dd:54:6d:
                    1d:03:75:18:26:ff:ed:62:75:2b:3f:20:9d:20:37:
                    e2:14:da:69:cb:19:8e:88:e8:a0:3a:81:ae:bb:b9:
                    48:5c:58:a4:d8:58:46:16:41:aa:e1:a1:4e:ac:8e:
                    0b:da:d8:93:6e:3d:11:2e:c8:cd:ab:73:2c:38:03:
                    19:0c:ac:77:2a:83:93:bf:f6:27:c9:aa:7d:ba:89:
                    2a:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:6A:8F:68:29:F4:13:51:77:C9:9E:96:C5:1E:CA:0A:24:27:16:17
            X509v3 Authority Key Identifier:
                keyid:EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/mmqPaCn0E1F3yZ6WxR7KCiQnFhc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/63yCLR6UUXyIUVzJs_wr3hKbRUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.55.4.0-194.55.6.255
                IPv6:
                  2a0c:ca40::/29

    Signature Algorithm: sha256WithRSAEncryption
         11:f7:a3:0d:00:be:c4:96:35:20:64:63:15:2b:e6:d6:52:34:
         47:e9:1e:37:a0:67:df:09:a2:12:4f:67:50:45:bb:a1:04:48:
         cd:03:ac:b8:b5:7d:37:e7:0f:26:2b:50:ff:90:6d:d1:6f:3b:
         ab:e0:29:13:6b:78:dd:b0:37:70:9d:a6:04:e8:db:97:7f:9d:
         0c:9c:0d:7e:d1:d9:3e:bb:2f:e0:9a:78:28:df:f0:94:9c:06:
         b8:12:70:1c:91:15:f3:27:21:bb:fe:11:9a:3c:cb:67:63:82:
         db:95:93:f4:71:d8:c1:38:b7:a1:51:01:b9:3b:23:87:1c:c7:
         b6:51:58:ff:6f:78:18:e1:b7:e4:65:1b:73:a7:cf:dd:61:f4:
         b7:33:14:08:7a:f6:15:67:c0:a7:94:96:e9:0d:04:12:9d:f8:
         95:a2:ea:4c:6f:b2:1c:dd:51:9d:2f:7c:d0:82:b1:13:f1:5d:
         ac:46:33:9b:a2:63:72:68:4f:ae:39:93:4e:5b:23:f1:02:d9:
         1b:28:5c:ef:fe:45:5f:92:d7:a7:5f:1a:ca:df:91:31:79:79:
         43:b2:b0:d8:ea:ca:f6:df:e9:a9:a8:39:10:7e:fa:fd:54:ef:
         8b:76:27:f3:5e:40:11:43:c2:e7:d1:e5:55:49:ec:88:fc:13:
         71:95:8b:7a
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIECgFELDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjdjODIyZDFlOTQ1MTdjODg1MTVjYzliM2ZjMmJkZTEyOWI0NTRjMB4XDTIyMDEw
MTEzNTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE2YThmNjgyOWY0
MTM1MTc3Yzk5ZTk2YzUxZWNhMGEyNDI3MTYxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtojhewt7CQ6c1uAVJQmLhKyOoEBCvg7aNEO+op0AONnpZy
EFKKTqPGMO6pyDrNiQL8a5g/hafn3IFn52dEiftySVAoRq9r00yF6HDUwACwVpi2
l5ad9YZXabuYN57mUIBs1iyWDm1nyk5T31594EwPgfUtU2MiTWgkJi8oQXCfwnAZ
2X3kdHjlTHMYOzzWAY4eZJTknCL5ojG3h2BjM4FEzqzGFjkR8NQQHJptDa+U3VRt
HQN1GCb/7WJ1Kz8gnSA34hTaacsZjojooDqBrru5SFxYpNhYRhZBquGhTqyOC9rY
k249ES7IzatzLDgDGQysdyqDk7/2J8mqfbqJKsMCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSaao9oKfQTUXfJnpbFHsoKJCcWFzAfBgNVHSMEGDAWgBTrfIItHpRRfIhR
XMmz/CveEptFTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYzeUNMUjZVVVh5SVVWekpzX3dyM2hLYlJVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvMTE5MzNiLWZjMGItNDEwZi05YzM0LTEwNjQ1MDRlMmI5Ny8x
L21tcVBhQ24wRTFGM3laNld4UjdLQ2lRbkZoYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
MTE5MzNiLWZjMGItNDEwZi05YzM0LTEwNjQ1MDRlMmI5Ny8xLzYzeUNMUjZVVVh5
SVVWekpzX3dyM2hLYlJVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQCwjcEAwQAwjcGMA0EAgACMAcD
BQMqDMpAMA0GCSqGSIb3DQEBCwUAA4IBAQAR96MNAL7EljUgZGMVK+bWUjRH6R43
oGffCaIST2dQRbuhBEjNA6y4tX035w8mK1D/kG3Rbzur4CkTa3jdsDdwnaYE6NuX
f50MnA1+0dk+uy/gmngo3/CUnAa4EnAckRXzJyG7/hGaPMtnY4LblZP0cdjBOLeh
UQG5OyOHHMe2UVj/b3gY4bfkZRtzp8/dYfS3MxQIevYVZ8CnlJbpDQQSnfiVoupM
b7Ic3VGdL3zQgrET8V2sRjObomNyaE+uOZNOWyPxAtkbKFzv/kVfktenXxrK35Ex
eXlDsrDY6sr23+mpqDkQfvr9VO+LdifzXkARQ8Ln0eVVSeyI/BNxlYt6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org