Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/MJTtfHpeb3uLDitmh2TdDGOHyGI.roa
File:                     MJTtfHpeb3uLDitmh2TdDGOHyGI.roa (raw, json)
Hash identifier:          N1nyv15hheN+TRt0lmZatCFoTV57PF0iUSaq6PHPQ0c=
Subject key identifier:   30:94:ED:7C:7A:5E:6F:7B:8B:0E:2B:66:87:64:DD:0C:63:87:C8:62
Certificate issuer:       /CN=016e5e31fa8716aaa54e18fcdcfed3fc94db90b5
Certificate serial:       117213AE
Authority key identifier: 01:6E:5E:31:FA:87:16:AA:A5:4E:18:FC:DC:FE:D3:FC:94:DB:90:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/MJTtfHpeb3uLDitmh2TdDGOHyGI.roa
Signing time:             Sat 01 Jan 2022 08:59:48 +0000
ROA not before:           Sat 01 Jan 2022 08:59:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206805
IP address blocks:        212.8.237.0/24 maxlen: 24
                          212.8.237.4/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 292688814 (0x117213ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=016e5e31fa8716aaa54e18fcdcfed3fc94db90b5
        Validity
            Not Before: Jan  1 08:59:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3094ed7c7a5e6f7b8b0e2b668764dd0c6387c862
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:28:aa:28:f1:4e:63:4c:43:db:da:a3:1a:54:
                    1b:00:51:e6:34:b3:de:98:43:35:5d:37:28:ff:d4:
                    13:df:91:20:75:36:a2:9e:e0:b4:02:1e:5f:5b:2e:
                    44:99:cc:f1:60:07:d7:a1:38:69:7d:4c:bd:6e:2a:
                    8b:b6:10:53:87:a2:59:40:80:77:9a:2c:77:ab:5f:
                    9c:2b:60:46:c6:fc:c0:77:ea:93:45:62:7e:9e:07:
                    ff:74:e5:ef:de:06:c4:00:6e:63:c6:3d:aa:94:3d:
                    32:3a:7e:82:f9:92:da:4e:ba:93:70:c7:51:8c:c0:
                    3b:ed:da:89:0c:c9:0b:13:32:6c:2c:3a:4b:e7:de:
                    05:c8:d3:16:e9:10:96:47:cf:f3:c4:64:c9:8e:1f:
                    39:00:7d:6a:cc:4a:fc:8e:a7:7f:69:23:6f:11:01:
                    11:59:b1:0b:5f:86:07:8f:22:17:28:7c:f0:f5:c9:
                    29:21:8f:aa:28:ea:61:c9:21:82:df:0d:61:07:d8:
                    2b:f6:aa:d7:b2:e4:13:70:16:1c:2e:a2:06:97:4e:
                    6b:76:5a:e3:c6:cc:ec:a2:1b:80:59:06:43:c3:41:
                    f2:0e:a9:20:29:38:76:08:4e:f1:b4:bd:c2:3c:dc:
                    7a:bc:bd:67:cf:98:90:8b:c2:a8:ea:91:90:08:9d:
                    90:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:94:ED:7C:7A:5E:6F:7B:8B:0E:2B:66:87:64:DD:0C:63:87:C8:62
            X509v3 Authority Key Identifier:
                keyid:01:6E:5E:31:FA:87:16:AA:A5:4E:18:FC:DC:FE:D3:FC:94:DB:90:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/MJTtfHpeb3uLDitmh2TdDGOHyGI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/AW5eMfqHFqqlThj83P7T_JTbkLU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.8.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:bb:56:4f:1c:7f:c0:f1:e5:af:af:40:8b:5e:d0:29:75:e8:
         f9:71:3c:98:0f:2a:63:f9:7e:9e:2e:3a:0b:f3:86:7a:0b:65:
         30:e8:4e:b1:cb:6d:b7:ee:49:af:7b:97:73:66:ce:e3:f2:83:
         b9:06:d2:5e:52:fd:9f:1a:54:ee:2a:ca:09:14:14:c9:bb:e7:
         46:f3:ef:15:3e:02:b0:d4:cb:97:05:b3:85:60:87:68:39:bd:
         fa:e0:63:c4:13:f8:68:10:0f:e4:80:23:5d:96:31:1e:4a:19:
         4c:ef:95:a3:44:f6:08:16:8c:50:11:3c:db:69:fa:a4:84:18:
         18:6e:6c:3f:b4:95:30:b4:4d:30:c6:73:a8:a8:dc:e5:08:29:
         84:c0:bd:fb:ea:ec:62:1f:1d:1e:da:15:a4:a5:00:66:a4:99:
         52:6c:ca:04:2f:b1:bb:d0:20:01:33:26:74:fe:9e:ec:71:a9:
         56:73:26:6e:20:cd:ec:86:d1:fa:11:4f:02:68:5b:9b:98:53:
         8b:6f:85:11:f2:0f:52:72:4b:4d:7c:b1:c4:87:96:56:71:43:
         67:74:94:c7:8c:e7:43:e3:b0:ae:34:96:b8:5c:f4:44:f0:60:
         78:10:47:70:d1:34:af:d7:d5:bd:ef:01:c5:e0:a6:e8:8d:ed:
         16:c3:3a:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEXITrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTZlNWUzMWZhODcxNmFhYTU0ZTE4ZmNkY2ZlZDNmYzk0ZGI5MGI1MB4XDTIyMDEw
MTA4NTk0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA5NGVkN2M3YTVl
NmY3YjhiMGUyYjY2ODc2NGRkMGM2Mzg3Yzg2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgoqijxTmNMQ9vaoxpUGwBR5jSz3phDNV03KP/UE9+RIHU2
op7gtAIeX1suRJnM8WAH16E4aX1MvW4qi7YQU4eiWUCAd5osd6tfnCtgRsb8wHfq
k0Vifp4H/3Tl794GxABuY8Y9qpQ9Mjp+gvmS2k66k3DHUYzAO+3aiQzJCxMybCw6
S+feBcjTFukQlkfP88RkyY4fOQB9asxK/I6nf2kjbxEBEVmxC1+GB48iFyh88PXJ
KSGPqijqYckhgt8NYQfYK/aq17LkE3AWHC6iBpdOa3Za48bM7KIbgFkGQ8NB8g6p
ICk4dghO8bS9wjzcery9Z8+YkIvCqOqRkAidkN0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwlO18el5ve4sOK2aHZN0MY4fIYjAfBgNVHSMEGDAWgBQBbl4x+ocWqqVO
GPzc/tP8lNuQtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FXNWVNZnFIRnFxbFRoajgzUDdUX0pUYmtMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvYWY0ZWY4LWVkMDctNGFjZC1hNDJmLWM5NmMyY2U4NTllNS8x
L01KVHRmSHBlYjN1TERpdG1oMlRkREdPSHlHSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
YWY0ZWY4LWVkMDctNGFjZC1hNDJmLWM5NmMyY2U4NTllNS8xL0FXNWVNZnFIRnFx
bFRoajgzUDdUX0pUYmtMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQI7TANBgkqhkiG9w0BAQsFAAOC
AQEAWbtWTxx/wPHlr69Ai17QKXXo+XE8mA8qY/l+ni46C/OGegtlMOhOscttt+5J
r3uXc2bO4/KDuQbSXlL9nxpU7irKCRQUybvnRvPvFT4CsNTLlwWzhWCHaDm9+uBj
xBP4aBAP5IAjXZYxHkoZTO+Vo0T2CBaMUBE822n6pIQYGG5sP7SVMLRNMMZzqKjc
5QgphMC9++rsYh8dHtoVpKUAZqSZUmzKBC+xu9AgATMmdP6e7HGpVnMmbiDN7IbR
+hFPAmhbm5hTi2+FEfIPUnJLTXyxxIeWVnFDZ3SUx4znQ+OwrjSWuFz0RPBgeBBH
cNE0r9fVve8BxeCm6I3tFsM6lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:40 2024 by rpki-client on console-fra.rpki-client.org