Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/bNYdO5zgwBhZO41jK4-i3En2T_0.roa
File:                     bNYdO5zgwBhZO41jK4-i3En2T_0.roa (raw, json)
Hash identifier:          hqDa0g4eQUKPVBv2jB1WeNRmvZAf9tWY4scMaMdClTU=
Subject key identifier:   6C:D6:1D:3B:9C:E0:C0:18:59:3B:8D:63:2B:8F:A2:DC:49:F6:4F:FD
Certificate issuer:       /CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Certificate serial:       05A70590
Authority key identifier: CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/bNYdO5zgwBhZO41jK4-i3En2T_0.roa
Signing time:             Sat 07 May 2022 22:49:28 +0000
ROA not before:           Sat 07 May 2022 22:49:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        212.104.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94832016 (0x5a70590)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
        Validity
            Not Before: May  7 22:49:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6cd61d3b9ce0c018593b8d632b8fa2dc49f64ffd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:a5:32:4a:22:2e:2d:86:a7:30:d9:9c:7c:90:
                    ae:52:0e:b9:74:61:5b:03:81:1f:34:14:45:b4:d7:
                    a1:78:6e:71:0c:7d:85:0e:66:24:c3:ad:b8:12:47:
                    bf:f5:3a:e1:76:8e:ad:b3:11:5d:30:03:4f:e1:f8:
                    49:5a:6e:f3:be:65:2e:3e:2d:2f:a2:fc:a4:84:f7:
                    23:1e:24:1d:3c:39:c3:ec:e2:75:e6:a2:61:b3:b5:
                    30:52:03:21:97:34:58:23:45:fb:6c:24:f3:f9:81:
                    a5:b8:cd:7c:46:e6:1b:14:77:29:36:4a:82:b9:83:
                    b4:e5:7e:6f:34:aa:ce:3c:e0:c8:9b:2b:fb:eb:1e:
                    d6:db:27:24:32:2e:07:f1:b9:89:cb:b7:81:24:60:
                    51:2a:d3:27:e1:90:48:77:f3:bc:8e:f1:45:2e:f9:
                    d6:55:9b:82:f3:83:75:72:82:84:75:9d:9c:de:52:
                    dc:f4:49:a4:d5:15:41:47:f5:ab:37:e2:8f:ad:cb:
                    63:3d:68:c6:e6:66:f3:1d:99:e6:0c:c9:12:76:7d:
                    5b:d0:cb:4f:0a:11:a9:e4:c7:d3:45:db:17:49:33:
                    28:58:6c:b7:99:70:02:4c:d7:39:df:07:32:ee:db:
                    d7:bb:b4:68:5b:03:cb:2d:fb:78:d1:8d:8b:46:b7:
                    8e:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:D6:1D:3B:9C:E0:C0:18:59:3B:8D:63:2B:8F:A2:DC:49:F6:4F:FD
            X509v3 Authority Key Identifier:
                keyid:CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/bNYdO5zgwBhZO41jK4-i3En2T_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.104.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:56:80:67:da:9e:3a:2f:8a:20:b9:cf:a1:19:f1:c7:57:80:
         a0:34:02:29:c2:55:1c:05:0c:5a:8e:f9:3a:65:a7:14:ee:d7:
         2b:77:8e:5a:8b:58:be:19:49:77:62:48:9e:42:25:5b:72:f6:
         f0:aa:78:b6:ba:32:59:e1:0d:59:e4:ea:13:69:38:7c:c5:4e:
         e3:78:3b:44:df:8a:6d:32:77:a3:12:47:15:6d:35:f4:22:a2:
         6d:40:28:bd:c0:54:19:4a:8c:19:74:44:1e:18:a6:a6:d4:cb:
         d3:4c:05:4f:ba:48:53:de:6f:55:09:57:0e:94:1e:cc:4c:ae:
         31:07:34:53:67:2a:33:4c:10:29:e6:59:84:70:cc:02:35:b8:
         13:4b:fb:db:38:c9:94:fa:26:da:19:9f:0d:3a:66:33:0d:f4:
         88:30:00:70:a9:23:db:f8:49:8b:83:72:7b:97:08:5e:09:54:
         fa:5d:7d:a9:e3:1e:63:b3:d1:40:a8:1f:50:52:cd:d9:87:0a:
         b2:f8:0b:57:5c:57:3c:21:49:d2:8a:92:1b:7f:63:eb:38:37:
         0f:38:90:6f:02:ab:86:4f:bb:38:d0:3b:0a:26:8e:d3:c1:ae:
         d9:d8:10:44:41:90:a3:91:ad:8a:c7:79:01:b9:28:12:c2:0a:
         60:05:4b:2d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBacFkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZmRlODViYmQ0NzhmNWU4NDJmNGM0ZjhkODUyMjVkMTAwZTBmNGRmMB4XDTIyMDUw
NzIyNDkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNkNjFkM2I5Y2Uw
YzAxODU5M2I4ZDYzMmI4ZmEyZGM0OWY2NGZmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+lMkoiLi2GpzDZnHyQrlIOuXRhWwOBHzQURbTXoXhucQx9
hQ5mJMOtuBJHv/U64XaOrbMRXTADT+H4SVpu875lLj4tL6L8pIT3Ix4kHTw5w+zi
deaiYbO1MFIDIZc0WCNF+2wk8/mBpbjNfEbmGxR3KTZKgrmDtOV+bzSqzjzgyJsr
++se1tsnJDIuB/G5icu3gSRgUSrTJ+GQSHfzvI7xRS751lWbgvODdXKChHWdnN5S
3PRJpNUVQUf1qzfij63LYz1oxuZm8x2Z5gzJEnZ9W9DLTwoRqeTH00XbF0kzKFhs
t5lwAkzXOd8HMu7b17u0aFsDyy37eNGNi0a3jjsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRs1h07nODAGFk7jWMrj6LcSfZP/TAfBgNVHSMEGDAWgBTP3oW71Hj16EL0
xPjYUiXRAOD03zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3o5NkZ1OVI0OWVoQzlNVDQyRklsMFFEZzlOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNWUyNjE5LWQ3MmItNDEwYi1iOWU4LWY5M2QxZjgxNWI3ZC8x
L2JOWWRPNXpnd0JoWk80MWpLNC1pM0VuMlRfMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NWUyNjE5LWQ3MmItNDEwYi1iOWU4LWY5M2QxZjgxNWI3ZC8xL3o5NkZ1OVI0OWVo
QzlNVDQyRklsMFFEZzlOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRo0TANBgkqhkiG9w0BAQsFAAOC
AQEAklaAZ9qeOi+KILnPoRnxx1eAoDQCKcJVHAUMWo75OmWnFO7XK3eOWotYvhlJ
d2JInkIlW3L28Kp4troyWeENWeTqE2k4fMVO43g7RN+KbTJ3oxJHFW019CKibUAo
vcBUGUqMGXREHhimptTL00wFT7pIU95vVQlXDpQezEyuMQc0U2cqM0wQKeZZhHDM
AjW4E0v72zjJlPom2hmfDTpmMw30iDAAcKkj2/hJi4Nye5cIXglU+l19qeMeY7PR
QKgfUFLN2YcKsvgLV1xXPCFJ0oqSG39j6zg3DziQbwKrhk+7ONA7CiaO08Gu2dgQ
REGQo5Gtisd5AbkoEsIKYAVLLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:36 2024 by rpki-client on console-fra.rpki-client.org