Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/NVwdfbY9K2AjLPs0x7kljFl26MU.roa
File:                     NVwdfbY9K2AjLPs0x7kljFl26MU.roa (raw, json)
Hash identifier:          R3s4lO5irS7RQozGkm9RE9511n+Wh/djSLeB3XUHUd8=
Subject key identifier:   35:5C:1D:7D:B6:3D:2B:60:23:2C:FB:34:C7:B9:25:8C:59:76:E8:C5
Certificate issuer:       /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial:       18CB710E
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/NVwdfbY9K2AjLPs0x7kljFl26MU.roa
Signing time:             Sat 01 Jan 2022 02:59:09 +0000
ROA not before:           Sat 01 Jan 2022 02:59:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35106
IP address blocks:        194.69.104.0/23 maxlen: 24
                          2a01:110:9008::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 415985934 (0x18cb710e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
        Validity
            Not Before: Jan  1 02:59:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=355c1d7db63d2b60232cfb34c7b9258c5976e8c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:0e:a4:f9:a7:c7:1d:41:d6:1d:7b:d8:23:ae:
                    49:3e:4c:57:ec:2b:a4:f0:ec:c1:46:5d:91:00:2b:
                    bc:81:f5:0f:18:62:92:0d:f3:4c:54:3e:e3:2e:b7:
                    6d:2f:8f:b3:48:ae:61:dd:c4:22:c3:58:6a:2a:8f:
                    95:92:5c:5d:8b:bd:ef:8b:03:55:7a:2a:af:90:9d:
                    4b:3b:c1:27:3e:5c:a0:c8:fc:f4:09:00:43:7b:d5:
                    f9:50:ac:de:84:13:70:6f:f5:07:43:79:c1:cd:90:
                    cf:8b:dc:37:64:61:ac:6b:50:5a:00:27:48:2e:a2:
                    78:99:b7:6e:f7:37:da:d0:e5:bd:c8:8b:08:63:89:
                    b8:9e:ae:46:28:06:9a:93:ea:3e:ae:e5:e5:80:9a:
                    3e:41:69:53:bb:27:63:4b:78:ef:66:f8:be:5c:6e:
                    fb:33:70:9c:e0:c0:71:5a:02:20:1d:ec:b8:d1:31:
                    9c:da:5a:42:24:2b:98:26:4b:cf:8b:6e:67:4f:88:
                    5a:94:da:9e:e8:63:5a:93:6b:e0:82:a5:ba:54:17:
                    f4:f5:94:8b:84:4d:e0:17:65:25:57:7e:30:39:cd:
                    53:da:52:26:9d:29:c3:41:94:ee:33:35:12:26:b1:
                    bf:9f:ce:a1:57:98:cc:ef:bb:6b:b3:89:85:72:c4:
                    78:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:5C:1D:7D:B6:3D:2B:60:23:2C:FB:34:C7:B9:25:8C:59:76:E8:C5
            X509v3 Authority Key Identifier:
                keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/NVwdfbY9K2AjLPs0x7kljFl26MU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.69.104.0/23
                IPv6:
                  2a01:110:9008::/48

    Signature Algorithm: sha256WithRSAEncryption
         b1:9c:98:35:18:42:6d:ab:ad:6c:b9:28:f2:b6:33:0a:77:3f:
         9a:c4:40:32:47:f7:e1:dc:33:78:47:a7:bf:e3:f3:0e:fb:72:
         45:db:7e:ec:0c:65:fd:0b:8c:77:67:84:32:88:43:19:fc:02:
         b7:c7:4d:78:e8:ef:b4:ac:38:42:7b:ec:61:62:b2:81:3e:7f:
         f8:fa:d5:21:c0:15:80:ec:bb:00:5b:dd:22:2f:8a:92:8c:c6:
         af:52:ed:94:9f:26:ee:84:aa:b8:2b:27:2d:86:a2:3d:b8:dd:
         10:c2:72:a0:97:f3:51:b2:09:37:b6:81:37:69:38:0e:fb:d0:
         27:48:8d:5b:41:02:52:9a:13:b9:8e:ce:97:aa:f8:59:9b:91:
         8d:62:ae:74:2c:94:cf:9a:d6:ef:dd:1b:57:cc:df:8e:cc:58:
         6d:1d:09:44:3c:5a:4a:4a:86:99:d2:ed:35:01:33:ad:46:6c:
         18:d0:ae:0d:9b:34:9c:2d:d4:b3:43:81:4e:43:19:36:31:36:
         c1:72:46:84:97:72:70:42:eb:6f:67:7f:bd:ce:89:d4:32:e8:
         fe:7c:b0:62:1b:d9:08:8f:be:5d:23:c8:11:71:69:bc:fd:07:
         25:1e:1b:9f:63:eb:dc:3b:fc:dd:75:8f:8b:07:dc:16:3d:46:
         f0:41:ae:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEGMtxDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2U2OGRhZjVmMDg5NDU2YzBlMWQwMjI0NTM5MzUzMWFjNWI4ZmNiMB4XDTIyMDEw
MTAyNTkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU1YzFkN2RiNjNk
MmI2MDIzMmNmYjM0YzdiOTI1OGM1OTc2ZThjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAOpPmnxx1B1h172COuST5MV+wrpPDswUZdkQArvIH1Dxhi
kg3zTFQ+4y63bS+Ps0iuYd3EIsNYaiqPlZJcXYu974sDVXoqr5CdSzvBJz5coMj8
9AkAQ3vV+VCs3oQTcG/1B0N5wc2Qz4vcN2RhrGtQWgAnSC6ieJm3bvc32tDlvciL
CGOJuJ6uRigGmpPqPq7l5YCaPkFpU7snY0t472b4vlxu+zNwnODAcVoCIB3suNEx
nNpaQiQrmCZLz4tuZ0+IWpTanuhjWpNr4IKlulQX9PWUi4RN4BdlJVd+MDnNU9pS
Jp0pw0GU7jM1Eiaxv5/OoVeYzO+7a7OJhXLEeCsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ1XB19tj0rYCMs+zTHuSWMWXboxTAfBgNVHSMEGDAWgBR85o2vXwiUVsDh
0CJFOTUxrFuPyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZPYU5yMThJbEZiQTRkQWlSVGsxTWF4Ymo4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8x
L05Wd2RmYlk5SzJBakxQczB4N2tsakZsMjZNVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8xL2ZPYU5yMThJbEZi
QTRkQWlSVGsxTWF4Ymo4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAcJFaDAPBAIAAjAJAwcAKgEBEJAI
MA0GCSqGSIb3DQEBCwUAA4IBAQCxnJg1GEJtq61suSjytjMKdz+axEAyR/fh3DN4
R6e/4/MO+3JF237sDGX9C4x3Z4QyiEMZ/AK3x0146O+0rDhCe+xhYrKBPn/4+tUh
wBWA7LsAW90iL4qSjMavUu2UnybuhKq4KycthqI9uN0QwnKgl/NRsgk3toE3aTgO
+9AnSI1bQQJSmhO5js6XqvhZm5GNYq50LJTPmtbv3RtXzN+OzFhtHQlEPFpKSoaZ
0u01ATOtRmwY0K4NmzScLdSzQ4FOQxk2MTbBckaEl3JwQutvZ3+9zonUMuj+fLBi
G9kIj75dI8gRcWm8/QclHhufY+vcO/zddY+LB9wWPUbwQa7b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org