Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/705d00-25a1-4bab-9ba4-4353cd82d57b/1/0CPawZRcYpscm05hROuCZ8H3LZI.roa
File:                     0CPawZRcYpscm05hROuCZ8H3LZI.roa (raw, json)
Hash identifier:          vYQbFvIi9lwtu/5so4xGLybVimFNZnmOBeaNJnbCAMc=
Subject key identifier:   D0:23:DA:C1:94:5C:62:9B:1C:9B:4E:61:44:EB:82:67:C1:F7:2D:92
Certificate issuer:       /CN=ae9488913d73479783da7bf56b164e5c84d4fc6a
Certificate serial:       122FB852
Authority key identifier: AE:94:88:91:3D:73:47:97:83:DA:7B:F5:6B:16:4E:5C:84:D4:FC:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rpSIkT1zR5eD2nv1axZOXITU_Go.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/705d00-25a1-4bab-9ba4-4353cd82d57b/1/0CPawZRcYpscm05hROuCZ8H3LZI.roa
Signing time:             Sat 01 Jan 2022 14:58:36 +0000
ROA not before:           Sat 01 Jan 2022 14:58:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48387
IP address blocks:        195.88.60.0/23 maxlen: 24
                          2001:67c:10a8::/47 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 305117266 (0x122fb852)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae9488913d73479783da7bf56b164e5c84d4fc6a
        Validity
            Not Before: Jan  1 14:58:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d023dac1945c629b1c9b4e6144eb8267c1f72d92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e2:7e:bc:b9:63:33:2d:cf:23:8f:2e:cb:1b:
                    e6:59:fd:73:ee:82:77:01:83:b0:be:71:77:bf:4b:
                    26:f4:5e:a5:81:02:0c:dc:95:fc:3f:a9:77:15:2f:
                    63:a5:88:4e:af:30:e5:16:85:60:f2:4d:65:85:8d:
                    c3:81:2a:17:98:4a:8b:60:25:57:f3:1a:6d:9a:f7:
                    e7:f1:24:18:4c:6c:3a:e5:0b:da:74:20:de:c7:81:
                    66:96:9b:6e:c3:0b:be:db:8f:80:e7:42:4e:4a:d9:
                    8d:86:4d:e1:f0:28:c5:91:c5:9e:0f:e4:28:2c:9c:
                    b0:67:a8:b1:46:ac:7d:be:93:fb:86:41:79:62:39:
                    be:d1:9a:b3:ae:05:6c:e8:5f:58:e4:bb:c8:92:87:
                    8d:33:9e:d2:f6:96:4b:28:39:77:69:3b:74:cf:d5:
                    a7:9e:f2:2f:15:46:e8:28:a0:44:8f:96:75:b3:78:
                    51:1f:23:52:16:a6:1d:9a:f2:aa:e6:1d:b2:82:b5:
                    7d:ba:84:f6:f9:18:31:5a:54:fd:73:1d:2c:ad:fd:
                    65:18:f6:db:3f:a2:fd:d2:95:77:dc:6a:c6:bc:e8:
                    b4:94:96:44:88:b7:56:ff:8d:ec:d9:37:b4:af:46:
                    2a:86:0f:5e:e7:fb:86:83:93:f8:95:ab:bd:7d:b8:
                    a9:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:23:DA:C1:94:5C:62:9B:1C:9B:4E:61:44:EB:82:67:C1:F7:2D:92
            X509v3 Authority Key Identifier:
                keyid:AE:94:88:91:3D:73:47:97:83:DA:7B:F5:6B:16:4E:5C:84:D4:FC:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rpSIkT1zR5eD2nv1axZOXITU_Go.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/705d00-25a1-4bab-9ba4-4353cd82d57b/1/0CPawZRcYpscm05hROuCZ8H3LZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/705d00-25a1-4bab-9ba4-4353cd82d57b/1/rpSIkT1zR5eD2nv1axZOXITU_Go.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.88.60.0/23
                IPv6:
                  2001:67c:10a8::/47

    Signature Algorithm: sha256WithRSAEncryption
         93:b8:b4:cf:b1:8a:2f:c4:94:ff:b1:25:23:aa:2a:9d:f1:b3:
         f2:b6:c1:bd:ad:5e:d7:bb:13:de:95:9d:f7:98:9a:36:9c:1f:
         ad:56:b2:44:8a:1e:41:c6:be:1a:72:7d:4f:47:0e:0e:cc:df:
         68:6e:d4:51:55:79:fd:41:35:35:8a:df:6b:be:83:cd:0a:f6:
         3b:87:2c:de:ae:fc:41:95:7d:db:f4:91:73:30:d1:e4:6e:a8:
         7e:9c:ec:90:a1:18:ac:22:54:41:16:aa:5a:fd:86:a4:7f:19:
         c3:a4:87:2f:42:02:a3:c5:89:04:ad:2a:8d:da:56:ca:d7:f8:
         84:1a:99:29:20:54:c9:d6:e4:bc:9f:e2:76:a4:73:e6:55:a2:
         f5:76:14:64:b8:9e:09:8b:3b:a3:6b:e9:b7:ae:e1:e3:3a:df:
         84:2d:c6:e9:44:9e:8f:2a:07:df:0c:ba:6c:a9:86:a2:bc:0d:
         fc:fa:5d:bc:7d:ba:45:02:fd:90:f8:f2:8c:29:f2:ae:06:fb:
         5d:a4:aa:66:0b:6e:3b:b7:3b:d0:ba:8a:09:41:01:2a:4f:ed:
         6f:d5:ba:f1:8b:5b:41:34:95:62:cd:f9:e8:f2:0a:28:22:0c:
         57:5d:79:67:76:4e:bf:fc:79:0c:7b:12:5e:17:e0:d6:96:c7:
         fc:47:0d:6d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEEi+4UjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTk0ODg5MTNkNzM0Nzk3ODNkYTdiZjU2YjE2NGU1Yzg0ZDRmYzZhMB4XDTIyMDEw
MTE0NTgzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDAyM2RhYzE5NDVj
NjI5YjFjOWI0ZTYxNDRlYjgyNjdjMWY3MmQ5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvifry5YzMtzyOPLssb5ln9c+6CdwGDsL5xd79LJvRepYEC
DNyV/D+pdxUvY6WITq8w5RaFYPJNZYWNw4EqF5hKi2AlV/MabZr35/EkGExsOuUL
2nQg3seBZpabbsMLvtuPgOdCTkrZjYZN4fAoxZHFng/kKCycsGeosUasfb6T+4ZB
eWI5vtGas64FbOhfWOS7yJKHjTOe0vaWSyg5d2k7dM/Vp57yLxVG6CigRI+WdbN4
UR8jUhamHZryquYdsoK1fbqE9vkYMVpU/XMdLK39ZRj22z+i/dKVd9xqxrzotJSW
RIi3Vv+N7Nk3tK9GKoYPXuf7hoOT+JWrvX24qYcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTQI9rBlFximxybTmFE64JnwfctkjAfBgNVHSMEGDAWgBSulIiRPXNHl4Pa
e/VrFk5chNT8ajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JwU0lrVDF6UjVlRDJudjFheFpPWElUVV9Hby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvNzA1ZDAwLTI1YTEtNGJhYi05YmE0LTQzNTNjZDgyZDU3Yi8x
LzBDUGF3WlJjWXBzY20wNWhST3VDWjhIM0xaSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
NzA1ZDAwLTI1YTEtNGJhYi05YmE0LTQzNTNjZDgyZDU3Yi8xL3JwU0lrVDF6UjVl
RDJudjFheFpPWElUVV9Hby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAcNYPDAPBAIAAjAJAwcBIAEGfBCo
MA0GCSqGSIb3DQEBCwUAA4IBAQCTuLTPsYovxJT/sSUjqiqd8bPytsG9rV7XuxPe
lZ33mJo2nB+tVrJEih5Bxr4acn1PRw4OzN9obtRRVXn9QTU1it9rvoPNCvY7hyze
rvxBlX3b9JFzMNHkbqh+nOyQoRisIlRBFqpa/YakfxnDpIcvQgKjxYkErSqN2lbK
1/iEGpkpIFTJ1uS8n+J2pHPmVaL1dhRkuJ4Jizuja+m3ruHjOt+ELcbpRJ6PKgff
DLpsqYaivA38+l28fbpFAv2Q+PKMKfKuBvtdpKpmC247tzvQuooJQQEqT+1v1brx
i1tBNJVizfno8gooIgxXXXlndk6//HkMexJeF+DWlsf8Rw1t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org