Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/9cgUh4Jp4J_vF7AIB6fqgmAUPhE.roa
File:                     9cgUh4Jp4J_vF7AIB6fqgmAUPhE.roa (raw, json)
Hash identifier:          zbXUyjdhL/xLx52bnku/gPG9lggkYcEhySgRDv12Lyw=
Subject key identifier:   F5:C8:14:87:82:69:E0:9F:EF:17:B0:08:07:A7:EA:82:60:14:3E:11
Certificate issuer:       /CN=9ff2f682053d43c9ad1c6539caee9f4621b0da16
Certificate serial:       1209E348
Authority key identifier: 9F:F2:F6:82:05:3D:43:C9:AD:1C:65:39:CA:EE:9F:46:21:B0:DA:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/9cgUh4Jp4J_vF7AIB6fqgmAUPhE.roa
Signing time:             Sat 01 Jan 2022 05:54:09 +0000
ROA not before:           Sat 01 Jan 2022 05:54:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13039
IP address blocks:        194.76.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 302637896 (0x1209e348)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ff2f682053d43c9ad1c6539caee9f4621b0da16
        Validity
            Not Before: Jan  1 05:54:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f5c814878269e09fef17b00807a7ea8260143e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:1b:fa:ad:fd:64:84:11:e5:65:65:27:13:ca:
                    4e:07:d8:4e:fa:8a:69:6b:63:ff:5f:a0:84:bc:0d:
                    21:dd:fe:e6:c8:11:26:cc:cc:4c:ed:f8:32:d6:c2:
                    9d:32:75:ec:87:6a:50:ef:7c:f1:0f:87:b4:f1:7e:
                    9a:c0:f6:b3:54:41:35:11:59:11:f9:cc:94:8d:1a:
                    5f:9a:85:1a:21:d0:b4:d1:88:30:97:3c:99:44:27:
                    45:fa:af:96:2d:61:e8:42:48:5e:2e:0c:fb:e7:34:
                    5a:51:af:fa:2a:ee:1d:60:60:ba:40:a1:f3:85:63:
                    4c:0c:85:28:46:77:f1:f5:ea:c0:34:83:46:e6:2f:
                    5c:3e:36:6a:d7:53:2e:b1:98:59:97:ba:2d:f3:05:
                    0c:df:60:62:02:1c:ce:4d:b2:73:10:c8:7f:b3:33:
                    6c:a1:43:1e:2e:3c:8b:51:6c:e0:41:b8:26:ce:f8:
                    36:ac:9a:ee:d0:9a:75:93:cd:87:81:ba:01:82:7a:
                    ba:44:7b:3c:ef:22:43:cb:78:d6:cd:6e:94:f7:1c:
                    f9:e7:c2:59:64:39:c9:f7:e5:59:1f:26:6b:89:64:
                    5e:01:70:4d:93:27:13:20:b4:4b:58:a4:17:b3:77:
                    12:ee:1a:43:9c:a9:89:ae:07:16:fa:9d:67:a2:5e:
                    16:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:C8:14:87:82:69:E0:9F:EF:17:B0:08:07:A7:EA:82:60:14:3E:11
            X509v3 Authority Key Identifier:
                keyid:9F:F2:F6:82:05:3D:43:C9:AD:1C:65:39:CA:EE:9F:46:21:B0:DA:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/9cgUh4Jp4J_vF7AIB6fqgmAUPhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.76.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:05:1d:2c:9a:73:fb:b9:db:89:42:0f:8f:0c:c8:c4:8a:90:
         e5:0e:14:79:66:3b:11:30:8b:95:f4:da:c7:18:0c:91:21:9f:
         32:74:0f:14:9e:df:87:80:a6:6a:f7:5d:9a:8c:0c:e5:86:d5:
         4a:8e:8e:0b:9c:72:f8:e9:ca:30:99:01:9e:c1:80:3d:3b:00:
         b7:2e:06:9e:b3:f9:cf:a2:be:36:cd:e4:16:c8:12:85:54:96:
         4a:0e:9b:e1:c8:f8:85:ef:ca:02:ae:2c:84:76:0e:7e:e6:d1:
         8c:11:b3:a5:d3:6a:5a:72:36:b5:86:a4:54:30:06:51:1b:49:
         24:67:22:80:c3:cf:8f:e6:61:00:f6:b9:6b:ab:0c:e0:d2:9e:
         ed:9f:53:1b:de:74:06:44:77:9b:99:f9:0a:1b:52:cc:f2:67:
         ab:12:74:36:01:17:be:5e:56:0f:ac:9c:ae:a0:3b:cc:25:7f:
         3b:2b:2a:5b:98:34:4f:17:f0:ed:fd:fc:b1:62:d4:87:83:37:
         f6:ce:8d:8b:bf:04:a0:89:c8:e5:fc:f8:4f:d5:c4:b2:3b:59:
         21:85:6b:41:ef:ba:dd:34:d0:41:58:92:26:b7:ec:f5:36:c5:
         0e:ed:af:60:0f:a7:56:19:a8:9c:fd:13:2c:6b:cd:e6:a8:86:
         9e:85:58:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEgnjSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZmYyZjY4MjA1M2Q0M2M5YWQxYzY1MzljYWVlOWY0NjIxYjBkYTE2MB4XDTIyMDEw
MTA1NTQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjVjODE0ODc4MjY5
ZTA5ZmVmMTdiMDA4MDdhN2VhODI2MDE0M2UxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0b+q39ZIQR5WVlJxPKTgfYTvqKaWtj/1+ghLwNId3+5sgR
JszMTO34MtbCnTJ17IdqUO988Q+HtPF+msD2s1RBNRFZEfnMlI0aX5qFGiHQtNGI
MJc8mUQnRfqvli1h6EJIXi4M++c0WlGv+iruHWBgukCh84VjTAyFKEZ38fXqwDSD
RuYvXD42atdTLrGYWZe6LfMFDN9gYgIczk2ycxDIf7MzbKFDHi48i1Fs4EG4Js74
Nqya7tCadZPNh4G6AYJ6ukR7PO8iQ8t41s1ulPcc+efCWWQ5yfflWR8ma4lkXgFw
TZMnEyC0S1ikF7N3Eu4aQ5ypia4HFvqdZ6JeFjcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT1yBSHgmngn+8XsAgHp+qCYBQ+ETAfBgNVHSMEGDAWgBSf8vaCBT1Dya0c
ZTnK7p9GIbDaFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25fTDJnZ1U5UThtdEhHVTV5dTZmUmlHdzJoWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvMmZhNjI0LTViNWQtNDY0Ni1iMTNkLTE2NTExYTZlZDljNi8x
LzljZ1VoNEpwNEpfdkY3QUlCNmZxZ21BVVBoRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
MmZhNjI0LTViNWQtNDY0Ni1iMTNkLTE2NTExYTZlZDljNi8xL25fTDJnZ1U5UTht
dEhHVTV5dTZmUmlHdzJoWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJMDjANBgkqhkiG9w0BAQsFAAOC
AQEAjgUdLJpz+7nbiUIPjwzIxIqQ5Q4UeWY7ETCLlfTaxxgMkSGfMnQPFJ7fh4Cm
avddmowM5YbVSo6OC5xy+OnKMJkBnsGAPTsAty4GnrP5z6K+Ns3kFsgShVSWSg6b
4cj4he/KAq4shHYOfubRjBGzpdNqWnI2tYakVDAGURtJJGcigMPPj+ZhAPa5a6sM
4NKe7Z9TG950BkR3m5n5ChtSzPJnqxJ0NgEXvl5WD6ycrqA7zCV/OysqW5g0Txfw
7f38sWLUh4M39s6Ni78EoInI5fz4T9XEsjtZIYVrQe+63TTQQViSJrfs9TbFDu2v
YA+nVhmonP0TLGvN5qiGnoVYaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:53 2024 by rpki-client on console-fra.rpki-client.org