Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/rYDgvMFOLaDwZlGto51rztCIRKw.roa
File:                     rYDgvMFOLaDwZlGto51rztCIRKw.roa (raw, json)
Hash identifier:          lAyEK8aF1aYrlt2rw21iCAq7H+4dzwLMOPR93Hmnx64=
Subject key identifier:   AD:80:E0:BC:C1:4E:2D:A0:F0:66:51:AD:A3:9D:6B:CE:D0:88:44:AC
Certificate issuer:       /CN=626d24d6bf353963fe5afa25b0a59667152a86d0
Certificate serial:       2C10
Authority key identifier: 62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/rYDgvMFOLaDwZlGto51rztCIRKw.roa
Signing time:             Mon 28 Feb 2022 08:27:37 +0000
ROA not before:           Mon 28 Feb 2022 08:27:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     5518
IP address blocks:        195.10.216.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11280 (0x2c10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=626d24d6bf353963fe5afa25b0a59667152a86d0
        Validity
            Not Before: Feb 28 08:27:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ad80e0bcc14e2da0f06651ada39d6bced08844ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:de:28:c5:c2:86:24:6d:f9:f0:a5:ff:ca:e1:
                    f8:e4:cc:a7:5a:1c:b8:d7:a7:72:92:33:05:a5:d0:
                    43:03:2a:11:2b:9e:f9:d8:56:88:48:59:e1:ba:a5:
                    fc:41:00:0d:c9:62:1b:5b:6f:d8:71:b4:00:ea:cf:
                    98:72:87:28:e8:2e:5b:71:31:8f:5f:7b:22:98:e0:
                    c5:c4:3f:bf:76:aa:e4:26:d5:2a:23:30:30:1d:26:
                    97:d3:b2:36:f0:96:37:a0:0d:fb:7b:00:49:64:32:
                    f6:67:67:24:94:46:95:a4:a5:b1:62:17:0b:23:d2:
                    b8:c3:40:78:b2:88:89:7c:4e:83:e0:5c:1a:6e:63:
                    5a:fa:90:50:f2:82:33:f2:8b:67:47:c1:0f:77:cc:
                    6b:d9:e9:51:e0:8e:7e:e1:2a:ec:81:fc:3b:36:89:
                    8f:03:50:c3:93:2c:28:f3:b1:f6:f1:1f:58:d7:4b:
                    04:0a:95:06:b7:e8:38:4d:b3:9c:02:13:25:75:05:
                    db:76:d2:a2:3d:11:5c:5e:e1:6f:98:0c:3a:79:58:
                    5b:e7:66:e7:09:46:87:f2:0c:ab:51:42:e6:34:30:
                    18:f3:8f:83:29:06:ed:a4:3f:08:1c:84:23:2e:2f:
                    b2:08:13:f6:65:89:56:35:f9:4e:06:4b:e3:f5:4c:
                    9c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:80:E0:BC:C1:4E:2D:A0:F0:66:51:AD:A3:9D:6B:CE:D0:88:44:AC
            X509v3 Authority Key Identifier:
                keyid:62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/rYDgvMFOLaDwZlGto51rztCIRKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.10.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:e4:50:35:29:38:fa:1d:13:c1:3a:fc:f9:7d:ba:fa:a3:cb:
         37:48:3d:cf:bc:dc:a1:62:bf:85:a4:fc:d0:09:0a:a6:a2:38:
         c5:88:c0:e3:17:ba:f8:c7:05:d6:fc:5d:ae:b7:ac:9c:58:a5:
         76:e7:83:33:34:7b:09:44:a0:ea:2a:69:b6:77:ea:8b:b4:fe:
         1c:1a:8d:91:75:45:da:a2:88:d7:cc:d4:c3:57:42:5f:09:98:
         da:2a:36:7d:c2:31:ce:8d:aa:10:f8:62:d7:61:52:01:34:77:
         d3:dc:7e:20:c3:f8:1d:50:60:03:d3:df:d0:32:18:ff:92:39:
         7d:e9:70:74:d2:5b:60:26:50:88:a4:b1:15:05:46:e5:da:13:
         41:c7:a5:21:57:86:fc:17:4e:90:fd:15:28:1b:3d:c4:69:e1:
         86:fd:64:3b:78:34:2f:71:fb:4c:83:ce:bd:2d:67:71:d7:31:
         f5:6f:84:c3:73:64:b6:10:21:a3:2e:93:68:4f:1b:a8:b7:02:
         bb:39:59:18:09:84:99:78:e9:ef:4e:65:64:cd:f5:74:08:15:
         01:39:88:11:53:36:65:3b:1e:a7:8f:d5:30:80:1a:50:55:08:
         78:78:14:ca:20:3e:72:96:0d:62:b0:f1:6e:f0:25:96:c2:93:
         d4:c9:13:a3
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICLBAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjI2
ZDI0ZDZiZjM1Mzk2M2ZlNWFmYTI1YjBhNTk2NjcxNTJhODZkMDAeFw0yMjAyMjgw
ODI3MzdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGFkODBlMGJjYzE0ZTJk
YTBmMDY2NTFhZGEzOWQ2YmNlZDA4ODQ0YWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy3ijFwoYkbfnwpf/K4fjkzKdaHLjXp3KSMwWl0EMDKhErnvnY
VohIWeG6pfxBAA3JYhtbb9hxtADqz5hyhyjoLltxMY9feyKY4MXEP792quQm1Soj
MDAdJpfTsjbwljegDft7AElkMvZnZySURpWkpbFiFwsj0rjDQHiyiIl8ToPgXBpu
Y1r6kFDygjPyi2dHwQ93zGvZ6VHgjn7hKuyB/Ds2iY8DUMOTLCjzsfbxH1jXSwQK
lQa36DhNs5wCEyV1Bdt20qI9EVxe4W+YDDp5WFvnZucJRofyDKtRQuY0MBjzj4Mp
Bu2kPwgchCMuL7IIE/ZliVY1+U4GS+P1TJz/AgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUrYDgvMFOLaDwZlGto51rztCIRKwwHwYDVR0jBBgwFoAUYm0k1r81OWP+Wvol
sKWWZxUqhtAwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9Z
bTBrMXI4MU9XUC1Xdm9sc0tXV1p4VXFodEEuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2VkLzYzNDMyYS1lNWQ5LTQ2ZTItOWMwMS1hYzgwOWJiYWU3MzcvMS9y
WURndk1GT0xhRHdabEd0bzUxcnp0Q0lSS3cucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VkLzYz
NDMyYS1lNWQ5LTQ2ZTItOWMwMS1hYzgwOWJiYWU3MzcvMS9ZbTBrMXI4MU9XUC1X
dm9sc0tXV1p4VXFodEEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDCtgwDQYJKoZIhvcNAQELBQADggEB
ACPkUDUpOPodE8E6/Pl9uvqjyzdIPc+83KFiv4Wk/NAJCqaiOMWIwOMXuvjHBdb8
Xa63rJxYpXbngzM0ewlEoOoqabZ36ou0/hwajZF1RdqiiNfM1MNXQl8JmNoqNn3C
Mc6NqhD4YtdhUgE0d9PcfiDD+B1QYAPT39AyGP+SOX3pcHTSW2AmUIiksRUFRuXa
E0HHpSFXhvwXTpD9FSgbPcRp4Yb9ZDt4NC9x+0yDzr0tZ3HXMfVvhMNzZLYQIaMu
k2hPG6i3Ars5WRgJhJl46e9OZWTN9XQIFQE5iBFTNmU7HqeP1TCAGlBVCHh4FMog
PnKWDWKw8W7wJZbCk9TJE6M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org