Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/2b6a6c-c87e-4c6d-bb0a-bbc8027f0a3a/1/ugdqZ8vweowcEEmgElVsADnio-c.roa
File:                     ugdqZ8vweowcEEmgElVsADnio-c.roa (raw, json)
Hash identifier:          e/9efSvNyjD6R4f+Lh/OM/21vo0ipSWbKfxsrqZZ5Ic=
Subject key identifier:   BA:07:6A:67:CB:F0:7A:8C:1C:10:49:A0:12:55:6C:00:39:E2:A3:E7
Certificate issuer:       /CN=bc70474792f5083e625f24d6d57aab72d657229e
Certificate serial:       01631F7D
Authority key identifier: BC:70:47:47:92:F5:08:3E:62:5F:24:D6:D5:7A:AB:72:D6:57:22:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vHBHR5L1CD5iXyTW1XqrctZXIp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/2b6a6c-c87e-4c6d-bb0a-bbc8027f0a3a/1/ugdqZ8vweowcEEmgElVsADnio-c.roa
Signing time:             Sat 01 Jan 2022 15:58:16 +0000
ROA not before:           Sat 01 Jan 2022 15:58:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        194.56.182.0/24 maxlen: 24
                          2a11:3a00::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23273341 (0x1631f7d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc70474792f5083e625f24d6d57aab72d657229e
        Validity
            Not Before: Jan  1 15:58:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ba076a67cbf07a8c1c1049a012556c0039e2a3e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:e4:e7:8e:77:d7:1f:72:37:27:6f:aa:e7:d9:
                    bc:cd:a6:90:e2:a5:73:19:6b:4b:84:2a:21:4b:48:
                    b7:af:8c:16:af:29:bc:4b:db:ad:cb:7f:ef:55:ce:
                    93:97:d6:6c:0f:6d:a0:66:53:f5:aa:31:83:70:15:
                    89:cc:8b:86:06:0c:89:1f:aa:04:a9:0e:3c:14:87:
                    41:ea:2c:30:72:7d:2b:57:c7:25:c7:d6:46:ad:ed:
                    b2:5e:6f:02:5c:b6:09:c6:ff:6d:36:16:9f:83:a0:
                    80:16:c3:11:bf:3f:ca:9b:02:36:27:3c:f6:f8:ea:
                    fb:53:ff:47:0a:30:56:db:39:11:35:4e:80:0f:b2:
                    ee:64:ed:4f:51:1b:22:2c:03:04:6c:84:38:06:68:
                    39:bd:6d:ea:30:04:ca:1b:a7:05:90:64:68:36:c0:
                    16:31:bd:81:91:0b:35:ed:25:ff:1c:3e:90:ac:2f:
                    ca:a1:f4:37:36:6e:a6:bb:65:e2:93:c0:b3:5d:76:
                    a6:0a:5f:49:df:f7:25:3f:d6:f6:e8:f9:92:fe:00:
                    58:e3:24:c5:9f:57:59:3e:fe:a4:0f:80:02:09:eb:
                    fb:22:28:c2:13:80:0e:e7:b3:8c:78:ca:99:e7:1e:
                    fc:57:fc:29:b6:82:30:b2:62:e6:06:67:64:75:de:
                    da:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:07:6A:67:CB:F0:7A:8C:1C:10:49:A0:12:55:6C:00:39:E2:A3:E7
            X509v3 Authority Key Identifier:
                keyid:BC:70:47:47:92:F5:08:3E:62:5F:24:D6:D5:7A:AB:72:D6:57:22:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vHBHR5L1CD5iXyTW1XqrctZXIp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2b6a6c-c87e-4c6d-bb0a-bbc8027f0a3a/1/ugdqZ8vweowcEEmgElVsADnio-c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2b6a6c-c87e-4c6d-bb0a-bbc8027f0a3a/1/vHBHR5L1CD5iXyTW1XqrctZXIp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.56.182.0/24
                IPv6:
                  2a11:3a00::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:30:54:b6:33:95:ef:a1:85:2e:2a:4b:ec:e2:73:dc:5c:2e:
         a4:12:79:8d:1e:80:40:e6:a0:fe:01:1c:92:a7:5e:2b:97:b4:
         fe:ca:15:a7:b3:45:85:22:c4:f9:3a:68:4b:ff:cc:91:52:e0:
         bf:e1:6b:32:5c:87:c7:fe:09:5f:ec:5c:d9:2f:40:28:63:26:
         12:97:16:bf:a8:90:7e:2c:ab:56:01:1c:a2:c6:41:eb:d1:89:
         d6:85:b0:f8:7d:f8:1b:2d:76:b5:d3:13:b1:a2:76:d4:5b:a5:
         06:09:4c:9c:32:61:a0:57:e0:47:64:cd:c5:2c:08:22:db:3e:
         4b:65:d9:8d:69:39:38:7f:e8:62:1e:57:79:db:fb:8e:82:cc:
         fe:1c:cb:2c:20:40:92:40:8a:79:f7:b6:31:45:e9:f0:9e:1e:
         6b:ad:b8:0c:e5:aa:3f:fd:6d:ab:9b:80:3c:31:80:e6:37:76:
         47:cb:a6:2c:da:29:e0:7a:d4:8d:86:89:78:5d:67:b9:90:cb:
         40:38:1b:3d:f8:b5:00:ab:94:9b:06:bc:de:09:bf:bd:53:a3:
         b0:28:62:81:15:0c:8f:da:f2:3f:62:5a:9f:fd:50:83:c8:cd:
         2e:d4:ee:10:32:b2:6f:9a:51:0f:98:dd:78:d6:5e:c1:09:cb:
         93:d1:cc:4c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAWMffTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzcwNDc0NzkyZjUwODNlNjI1ZjI0ZDZkNTdhYWI3MmQ2NTcyMjllMB4XDTIyMDEw
MTE1NTgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmEwNzZhNjdjYmYw
N2E4YzFjMTA0OWEwMTI1NTZjMDAzOWUyYTNlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPDk54531x9yNydvqufZvM2mkOKlcxlrS4QqIUtIt6+MFq8p
vEvbrct/71XOk5fWbA9toGZT9aoxg3AVicyLhgYMiR+qBKkOPBSHQeosMHJ9K1fH
JcfWRq3tsl5vAly2Ccb/bTYWn4OggBbDEb8/ypsCNic89vjq+1P/RwowVts5ETVO
gA+y7mTtT1EbIiwDBGyEOAZoOb1t6jAEyhunBZBkaDbAFjG9gZELNe0l/xw+kKwv
yqH0NzZuprtl4pPAs112pgpfSd/3JT/W9uj5kv4AWOMkxZ9XWT7+pA+AAgnr+yIo
whOADuezjHjKmece/Ff8KbaCMLJi5gZnZHXe2hcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS6B2pny/B6jBwQSaASVWwAOeKj5zAfBgNVHSMEGDAWgBS8cEdHkvUIPmJf
JNbVeqty1lcinjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZIQkhSNUwxQ0Q1aVh5VFcxWHFyY3RaWElwNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvMmI2YTZjLWM4N2UtNGM2ZC1iYjBhLWJiYzgwMjdmMGEzYS8x
L3VnZHFaOHZ3ZW93Y0VFbWdFbFZzQURuaW8tYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
MmI2YTZjLWM4N2UtNGM2ZC1iYjBhLWJiYzgwMjdmMGEzYS8xL3ZIQkhSNUwxQ0Q1
aVh5VFcxWHFyY3RaWElwNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMI4tjAPBAIAAjAJAwcAKhE6AAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQANMFS2M5XvoYUuKkvs4nPcXC6kEnmNHoBA5qD+
ARySp14rl7T+yhWns0WFIsT5OmhL/8yRUuC/4WsyXIfH/glf7FzZL0AoYyYSlxa/
qJB+LKtWARyixkHr0YnWhbD4ffgbLXa10xOxonbUW6UGCUycMmGgV+BHZM3FLAgi
2z5LZdmNaTk4f+hiHld52/uOgsz+HMssIECSQIp597YxRenwnh5rrbgM5ao//W2r
m4A8MYDmN3ZHy6Ys2ingetSNhol4XWe5kMtAOBs9+LUAq5SbBrzeCb+9U6OwKGKB
FQyP2vI/Ylqf/VCDyM0u1O4QMrJvmlEPmN141l7BCcuT0cxM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:57 2024 by rpki-client on console-fra.rpki-client.org