Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/1-kN0lqh3SffonLlr8t7dAfZfWeQ.roa
File:                     1-kN0lqh3SffonLlr8t7dAfZfWeQ.roa (raw, json)
Hash identifier:          oEdbA0LUgejJgK6PauoBDNkh6wNjZCUSqnwCdO8dnuI=
Subject key identifier:   FA:43:74:96:A8:77:49:F7:E8:9C:B9:6B:F2:DE:DD:01:F6:5F:59:E4
Certificate issuer:       /CN=43c16595966afb0bacf1d7937f245d6a052221a3
Certificate serial:       08E1F5C0
Authority key identifier: 43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/1-kN0lqh3SffonLlr8t7dAfZfWeQ.roa
Signing time:             Sat 01 Jan 2022 11:05:23 +0000
ROA not before:           Sat 01 Jan 2022 11:05:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60010
IP address blocks:        194.50.199.0/24 maxlen: 24
                          194.50.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 149026240 (0x8e1f5c0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43c16595966afb0bacf1d7937f245d6a052221a3
        Validity
            Not Before: Jan  1 11:05:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa437496a87749f7e89cb96bf2dedd01f65f59e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fb:4d:75:64:93:38:f4:b1:10:76:2b:7a:00:
                    92:07:3f:ec:0d:4f:8f:c3:6d:0f:13:45:a5:73:59:
                    ab:3f:f4:1e:f2:3f:a7:82:8a:7f:0c:cc:63:ea:5a:
                    a0:0d:1e:a5:03:ff:10:77:e1:49:68:2d:c1:46:d8:
                    ae:fe:26:35:0c:40:43:d6:f7:55:78:29:c9:b5:6f:
                    17:9c:7f:75:be:af:cc:69:96:58:0e:e3:9d:94:0d:
                    0d:83:24:eb:b0:c6:eb:8c:88:83:ea:fd:b6:8a:8a:
                    6c:75:ed:a6:49:5f:81:25:e8:14:ca:01:b2:56:09:
                    ad:47:cc:33:7f:14:25:a7:38:1c:22:fc:bd:06:e4:
                    c7:68:f1:2a:4b:73:51:ad:c3:8f:4a:47:a2:00:7e:
                    57:f3:7c:55:99:63:6f:df:4b:f5:9f:7f:d5:da:1b:
                    b5:00:aa:16:6e:05:48:d6:21:4d:3c:aa:cb:cd:6f:
                    68:01:70:0b:a6:a8:15:84:d7:9a:7c:42:83:4f:f8:
                    22:9e:f1:09:98:3c:4e:5c:29:5e:69:0f:e1:67:c5:
                    3b:eb:99:cc:2f:07:09:a4:46:59:59:1a:aa:e3:78:
                    42:35:2d:fd:a9:27:c7:28:85:77:b9:0a:d9:52:cb:
                    be:c8:b4:07:2b:ae:60:cd:aa:f5:c8:71:d5:bd:2e:
                    80:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:43:74:96:A8:77:49:F7:E8:9C:B9:6B:F2:DE:DD:01:F6:5F:59:E4
            X509v3 Authority Key Identifier:
                keyid:43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/1-kN0lqh3SffonLlr8t7dAfZfWeQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.196.0/24
                  194.50.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:33:fe:c0:f7:fc:2d:44:e7:a2:32:ff:f8:ed:cb:a0:f3:87:
         1c:77:a6:0a:bb:9a:51:04:9d:17:e7:45:ba:57:a5:68:9b:1a:
         c5:16:71:1a:e8:ba:2f:dc:25:1e:86:0d:d0:99:55:4d:89:fa:
         b0:d3:ed:a4:ab:c6:45:f8:e0:a6:ea:e4:72:28:fb:79:58:17:
         ab:09:b2:1d:8a:e5:b9:47:c0:62:58:0d:97:81:bb:c3:b2:7b:
         12:2e:e4:be:44:05:e2:bb:8e:1d:e6:b3:38:89:ee:a6:08:7d:
         88:6d:04:75:d6:fb:24:a3:7c:9f:1e:8d:c8:e7:50:94:82:f7:
         bf:5f:20:51:f0:47:97:03:1e:db:f4:eb:82:69:c0:bd:4b:e7:
         72:2b:13:14:86:72:65:b8:6f:2d:10:54:aa:bc:32:0c:0b:46:
         35:e2:51:b8:aa:3c:de:5d:4c:e5:b9:46:b5:86:9a:cc:d4:31:
         2d:38:5f:02:60:54:4f:c5:b1:ea:7a:58:89:ea:61:75:64:3f:
         92:67:d5:22:2f:cd:80:e2:ab:e9:9e:d4:fd:47:ae:81:3b:40:
         34:72:bb:f6:9e:0c:8d:65:65:8c:4d:b3:21:7c:e7:49:fc:13:
         bb:fc:d3:e8:14:36:63:56:c7:2c:8c:1b:35:e8:c9:cf:99:4a:
         00:a4:c9:b0
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIECOH1wDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2MxNjU5NTk2NmFmYjBiYWNmMWQ3OTM3ZjI0NWQ2YTA1MjIyMWEzMB4XDTIyMDEw
MTExMDUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE0Mzc0OTZhODc3
NDlmN2U4OWNiOTZiZjJkZWRkMDFmNjVmNTllNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL37TXVkkzj0sRB2K3oAkgc/7A1Pj8NtDxNFpXNZqz/0HvI/
p4KKfwzMY+paoA0epQP/EHfhSWgtwUbYrv4mNQxAQ9b3VXgpybVvF5x/db6vzGmW
WA7jnZQNDYMk67DG64yIg+r9toqKbHXtpklfgSXoFMoBslYJrUfMM38UJac4HCL8
vQbkx2jxKktzUa3Dj0pHogB+V/N8VZljb99L9Z9/1dobtQCqFm4FSNYhTTyqy81v
aAFwC6aoFYTXmnxCg0/4Ip7xCZg8TlwpXmkP4WfFO+uZzC8HCaRGWVkaquN4QjUt
/aknxyiFd7kK2VLLvsi0ByuuYM2q9chx1b0ugBUCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT6Q3SWqHdJ9+icuWvy3t0B9l9Z5DAfBgNVHSMEGDAWgBRDwWWVlmr7C6zx
15N/JF1qBSIhozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E4RmxsWlpxLXd1czhkZVRmeVJkYWdVaUlhTS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvZDkyOTE5LTk2MmItNDQ4ZC05OGRiLTU5OTBlYTU4ZTAzMC8x
LzEta04wbHFoM1NmZm9uTGxyOHQ3ZEFmWmZXZVEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Ux
L2Q5MjkxOS05NjJiLTQ0OGQtOThkYi01OTkwZWE1OGUwMzAvMS9ROEZsbFpacS13
dXM4ZGVUZnlSZGFnVWlJYU0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBADCMsQDBADCMscwDQYJKoZIhvcN
AQELBQADggEBAC8z/sD3/C1E56Iy//jty6Dzhxx3pgq7mlEEnRfnRbpXpWibGsUW
cRroui/cJR6GDdCZVU2J+rDT7aSrxkX44Kbq5HIo+3lYF6sJsh2K5blHwGJYDZeB
u8OyexIu5L5EBeK7jh3msziJ7qYIfYhtBHXW+ySjfJ8ejcjnUJSC979fIFHwR5cD
Htv064JpwL1L53IrExSGcmW4by0QVKq8MgwLRjXiUbiqPN5dTOW5RrWGmszUMS04
XwJgVE/Fsep6WInqYXVkP5Jn1SIvzYDiq+me1P1HroE7QDRyu/aeDI1lZYxNsyF8
50n8E7v80+gUNmNWxyyMGzXoyc+ZSgCkybA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:02 2024 by rpki-client on console-fra.rpki-client.org