Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/ZUfF8xLE8cgT4apn2-ID3KErlCk.roa
File:                     ZUfF8xLE8cgT4apn2-ID3KErlCk.roa (raw, json)
Hash identifier:          5gvGnrl7AuB6ZnAoAj/nKaVXwfx+J9mEwIvXvjkRpWk=
Subject key identifier:   65:47:C5:F3:12:C4:F1:C8:13:E1:AA:67:DB:E2:03:DC:A1:2B:94:29
Certificate issuer:       /CN=9ff2f682053d43c9ad1c6539caee9f4621b0da16
Certificate serial:       0182D6794A372086CE39280859A2E171A5C7
Authority key identifier: 9F:F2:F6:82:05:3D:43:C9:AD:1C:65:39:CA:EE:9F:46:21:B0:DA:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/ZUfF8xLE8cgT4apn2-ID3KErlCk.roa
Signing time:             Thu 25 Aug 2022 19:27:29 +0000
ROA not before:           Thu 25 Aug 2022 19:27:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60522
IP address blocks:        194.76.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d6:79:4a:37:20:86:ce:39:28:08:59:a2:e1:71:a5:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ff2f682053d43c9ad1c6539caee9f4621b0da16
        Validity
            Not Before: Aug 25 19:27:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6547c5f312c4f1c813e1aa67dbe203dca12b9429
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:68:c7:fb:46:32:a4:22:a0:53:b2:21:15:14:
                    53:14:36:6c:77:29:11:ec:b0:6f:91:b1:64:0b:35:
                    38:12:c8:2b:f3:55:e6:40:df:9b:27:2b:e9:fe:f0:
                    11:b6:79:76:83:c1:b1:cf:3c:1d:8a:3c:12:e0:4c:
                    7b:12:49:38:00:7d:2d:c7:c2:15:85:ab:e0:76:2b:
                    f1:5e:2f:3f:98:98:70:f8:8d:4d:9a:ce:b7:f0:ad:
                    fb:a0:90:3b:0a:d1:2c:f9:32:8b:ca:fe:55:8b:d0:
                    05:c2:83:97:ef:0e:07:2e:9e:36:ec:72:dd:6f:6a:
                    63:da:69:10:63:8c:48:b2:91:35:69:62:19:6c:76:
                    2c:3e:05:b9:84:35:3e:ba:a9:9d:cd:f8:ce:f8:c3:
                    28:f7:b9:91:ad:ec:0b:ad:4f:ac:56:f7:31:4e:dd:
                    cf:55:2c:98:2d:f9:6e:58:f8:5d:2d:84:ab:c0:7d:
                    70:98:c9:e4:44:5e:57:db:2d:bf:1e:ec:c0:de:6b:
                    4d:41:a4:df:d6:e4:1c:65:d7:2f:e3:8c:96:b2:2a:
                    2b:45:fe:c1:d2:86:33:e3:7f:b7:18:fd:b3:72:0f:
                    26:ef:f4:59:5d:c1:cc:b5:f3:3b:a9:ca:57:7f:a3:
                    30:27:41:df:2d:b4:09:0e:f7:bf:b0:29:f2:c7:d8:
                    33:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:47:C5:F3:12:C4:F1:C8:13:E1:AA:67:DB:E2:03:DC:A1:2B:94:29
            X509v3 Authority Key Identifier:
                keyid:9F:F2:F6:82:05:3D:43:C9:AD:1C:65:39:CA:EE:9F:46:21:B0:DA:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/ZUfF8xLE8cgT4apn2-ID3KErlCk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.76.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:21:bf:cb:d6:9f:ce:c9:82:44:c4:44:b1:01:cc:b6:e7:9e:
         ef:5b:de:19:97:ac:92:56:c1:92:f1:60:41:4f:4b:d2:f5:2f:
         a6:12:35:cc:07:ae:9a:51:3c:24:25:0e:a2:b9:d7:36:13:ea:
         08:26:76:d2:38:cf:30:96:c8:c6:7d:13:e8:4f:7e:fe:a1:b5:
         85:96:07:4f:bf:97:ec:18:8d:ca:c1:65:0a:f5:ed:60:fb:f8:
         c8:0d:85:e6:61:23:52:9d:99:ad:ca:14:5a:39:a0:ea:41:a8:
         06:d6:0c:7b:6b:35:a4:94:20:a9:98:6b:86:38:74:10:4f:ea:
         3d:f6:69:75:ce:9e:2a:74:c5:af:d6:28:ee:19:19:b5:a2:7f:
         8e:fc:8b:8f:f4:5b:13:90:68:89:85:d3:a5:49:22:d3:c5:b5:
         30:bf:f3:82:1c:f8:b4:0a:17:44:c0:a5:aa:9f:4f:72:b7:ab:
         58:83:e4:f5:6a:30:75:d2:71:77:fb:6c:4c:eb:39:bf:2c:3c:
         7a:6a:ea:b8:68:1f:63:0e:4a:ca:5e:2f:50:2d:1e:d8:28:66:
         34:60:07:51:33:59:b5:78:f7:1d:19:a4:c7:ff:c2:e2:ce:18:
         b1:6a:2a:70:e7:64:9c:37:0b:30:6a:5a:39:99:62:17:ea:e6:
         e0:fd:29:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLWeUo3IIbOOSgIWaLhcaXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjJmNjgyMDUzZDQzYzlhZDFjNjUzOWNhZWU5ZjQ2MjFi
MGRhMTYwHhcNMjIwODI1MTkyNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ3YzVmMzEyYzRmMWM4MTNlMWFhNjdkYmUyMDNkY2ExMmI5NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmjH+0YypCKgU7IhFRRTFDZsdykR
7LBvkbFkCzU4Esgr81XmQN+bJyvp/vARtnl2g8GxzzwdijwS4Ex7Ekk4AH0tx8IV
havgdivxXi8/mJhw+I1Nms638K37oJA7CtEs+TKLyv5Vi9AFwoOX7w4HLp427HLd
b2pj2mkQY4xIspE1aWIZbHYsPgW5hDU+uqmdzfjO+MMo97mRrewLrU+sVvcxTt3P
VSyYLfluWPhdLYSrwH1wmMnkRF5X2y2/HuzA3mtNQaTf1uQcZdcv44yWsiorRf7B
0oYz43+3GP2zcg8m7/RZXcHMtfM7qcpXf6MwJ0HfLbQJDve/sCnyx9gzkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVHxfMSxPHIE+GqZ9viA9yhK5QpMB8GA1UdIwQY
MBaAFJ/y9oIFPUPJrRxlOcrun0YhsNoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9MMmdnVTlROG10SEdVNXl1NmZSaUd3MmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8yZmE2MjQtNWI1ZC00NjQ2LWIxM2Qt
MTY1MTFhNmVkOWM2LzEvWlVmRjh4TEU4Y2dUNGFwbjItSUQzS0VybENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8yZmE2MjQtNWI1ZC00NjQ2LWIxM2QtMTY1MTFhNmVkOWM2
LzEvbl9MMmdnVTlROG10SEdVNXl1NmZSaUd3MmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwOMA0G
CSqGSIb3DQEBCwUAA4IBAQCKIb/L1p/OyYJExESxAcy2557vW94Zl6ySVsGS8WBB
T0vS9S+mEjXMB66aUTwkJQ6iudc2E+oIJnbSOM8wlsjGfRPoT37+obWFlgdPv5fs
GI3KwWUK9e1g+/jIDYXmYSNSnZmtyhRaOaDqQagG1gx7azWklCCpmGuGOHQQT+o9
9ml1zp4qdMWv1ijuGRm1on+O/IuP9FsTkGiJhdOlSSLTxbUwv/OCHPi0ChdEwKWq
n09yt6tYg+T1ajB10nF3+2xM6zm/LDx6auq4aB9jDkrKXi9QLR7YKGY0YAdRM1m1
ePcdGaTH/8Lizhixaipw52ScNwswalo5mWIX6ubg/SnT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:53 2024 by rpki-client on console-fra.rpki-client.org