Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/53375d-0c9b-453e-9ff1-bb7bb5bf00b1/1/dddpquW8ECjVfrCpxr_oXod3Ezg.roa
File:                     dddpquW8ECjVfrCpxr_oXod3Ezg.roa (raw, json)
Hash identifier:          2f2fjdOV8tFzUGtRtEC3YF1kiQ2+NyPYmhKbgS/wx98=
Subject key identifier:   75:D7:69:AA:E5:BC:10:28:D5:7E:B0:A9:C6:BF:E8:5E:87:77:13:38
Certificate issuer:       /CN=26cca62a35881cae8d2c5812ac58ca07108d70ae
Certificate serial:       0108FF
Authority key identifier: 26:CC:A6:2A:35:88:1C:AE:8D:2C:58:12:AC:58:CA:07:10:8D:70:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JsymKjWIHK6NLFgSrFjKBxCNcK4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/53375d-0c9b-453e-9ff1-bb7bb5bf00b1/1/dddpquW8ECjVfrCpxr_oXod3Ezg.roa
Signing time:             Thu 21 Apr 2022 09:05:30 +0000
ROA not before:           Thu 21 Apr 2022 09:05:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15882
IP address blocks:        195.190.159.0/24 maxlen: 24
                          194.102.200.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67839 (0x108ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26cca62a35881cae8d2c5812ac58ca07108d70ae
        Validity
            Not Before: Apr 21 09:05:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75d769aae5bc1028d57eb0a9c6bfe85e87771338
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:2b:3a:b0:7f:e9:7d:a5:f2:9a:67:03:c9:2a:
                    4f:43:bc:be:dd:53:09:17:34:a8:94:68:4f:02:14:
                    8d:60:9f:de:e7:51:12:cc:2c:49:31:c6:6d:a1:d5:
                    28:a1:2d:84:52:cc:22:7f:fc:e2:4b:ea:f4:5c:43:
                    42:ff:57:30:e6:08:6e:d8:61:8b:a7:47:47:ab:18:
                    1e:ac:f8:1c:b2:2c:84:ec:51:ae:d4:b9:d2:68:0e:
                    0d:0b:65:ce:3b:a6:b4:7b:b1:c6:bf:dd:bd:4a:56:
                    74:97:35:c8:be:07:9f:40:2a:09:1b:06:2c:dd:e1:
                    d2:f1:93:4b:b7:2c:c8:db:3d:27:49:cd:06:2a:07:
                    eb:f8:09:1a:3d:7a:14:6a:1c:1c:01:fe:ad:37:43:
                    53:4f:06:ef:f7:6f:53:54:82:bf:b5:67:34:98:0b:
                    7a:87:e0:7f:20:8e:1a:e7:6d:e8:de:75:91:7c:93:
                    82:38:4e:26:54:97:5f:04:0e:bb:1a:37:de:2e:80:
                    4b:73:b0:b5:d8:db:b2:dd:80:7f:fa:7d:74:8a:e9:
                    a6:df:47:b9:37:00:86:9f:f2:01:05:62:9e:8e:a8:
                    f9:a4:af:9f:68:c2:f9:b2:e3:d8:50:fe:77:fd:25:
                    89:56:79:d4:f0:90:e5:18:d5:9c:03:ef:9a:7b:07:
                    cb:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:D7:69:AA:E5:BC:10:28:D5:7E:B0:A9:C6:BF:E8:5E:87:77:13:38
            X509v3 Authority Key Identifier:
                keyid:26:CC:A6:2A:35:88:1C:AE:8D:2C:58:12:AC:58:CA:07:10:8D:70:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JsymKjWIHK6NLFgSrFjKBxCNcK4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/53375d-0c9b-453e-9ff1-bb7bb5bf00b1/1/dddpquW8ECjVfrCpxr_oXod3Ezg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/53375d-0c9b-453e-9ff1-bb7bb5bf00b1/1/JsymKjWIHK6NLFgSrFjKBxCNcK4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.102.200.0/24
                  195.190.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:a0:45:2f:5b:d1:b2:8b:d3:50:25:79:00:48:9f:46:4b:22:
         3e:f5:8c:b1:e6:10:ca:1b:46:52:13:cc:c3:af:98:a6:2b:db:
         c4:3a:f3:c1:2b:13:e3:81:ee:75:4b:7b:87:0d:fe:21:14:42:
         6b:66:43:dd:03:14:30:97:82:e1:64:a4:fe:94:b6:01:0a:a1:
         65:53:02:a1:9d:de:c2:a3:64:a8:58:3f:31:e0:c4:fb:42:71:
         8e:25:4f:66:ee:35:4f:8f:dc:a6:55:ec:c0:4c:a9:00:94:23:
         e4:f8:18:4e:78:15:8f:ba:6b:ff:e8:ab:47:8b:b3:7b:8c:c4:
         bb:b7:d6:3b:91:b4:94:b8:fe:74:34:13:5c:4c:5d:94:f5:88:
         80:6a:08:7f:74:21:97:79:85:7a:d9:9f:78:f0:b3:fc:67:67:
         95:6c:0d:7a:e6:11:a4:79:e6:f4:cc:2e:dc:e3:c7:f7:7a:48:
         5f:0a:c6:7a:23:cd:bc:40:67:38:90:19:fc:fe:25:e9:f6:c9:
         4e:93:3f:39:cd:ac:fa:68:96:4c:fa:ce:26:97:71:e6:77:e0:
         5d:65:75:e5:a5:0f:ae:62:e8:51:c6:06:99:b5:7c:42:d2:08:
         f8:fe:7f:f7:a6:42:0a:3e:fe:8d:12:0e:63:ae:5c:ac:85:f0:
         e4:b4:50:1c
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAQj/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI2
Y2NhNjJhMzU4ODFjYWU4ZDJjNTgxMmFjNThjYTA3MTA4ZDcwYWUwHhcNMjIwNDIx
MDkwNTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3NWQ3NjlhYWU1YmMx
MDI4ZDU3ZWIwYTljNmJmZTg1ZTg3NzcxMzM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqys6sH/pfaXymmcDySpPQ7y+3VMJFzSolGhPAhSNYJ/e51ES
zCxJMcZtodUooS2EUswif/ziS+r0XENC/1cw5ghu2GGLp0dHqxgerPgcsiyE7FGu
1LnSaA4NC2XOO6a0e7HGv929SlZ0lzXIvgefQCoJGwYs3eHS8ZNLtyzI2z0nSc0G
Kgfr+AkaPXoUahwcAf6tN0NTTwbv929TVIK/tWc0mAt6h+B/II4a523o3nWRfJOC
OE4mVJdfBA67GjfeLoBLc7C12Nuy3YB/+n10iumm30e5NwCGn/IBBWKejqj5pK+f
aML5suPYUP53/SWJVnnU8JDlGNWcA++aewfLIwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFHXXaarlvBAo1X6wqca/6F6HdxM4MB8GA1UdIwQYMBaAFCbMpio1iByujSxY
EqxYygcQjXCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SnN5bUtqV0lISzZOTEZnU3JGaktCeENOY0s0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mNy81MzM3NWQtMGM5Yi00NTNlLTlmZjEtYmI3YmI1YmYwMGIxLzEv
ZGRkcHF1VzhFQ2pWZnJDcHhyX29Yb2QzRXpnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy81
MzM3NWQtMGM5Yi00NTNlLTlmZjEtYmI3YmI1YmYwMGIxLzEvSnN5bUtqV0lISzZO
TEZnU3JGaktCeENOY0s0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmbIAwQAw76fMA0GCSqGSIb3DQEB
CwUAA4IBAQAPoEUvW9Gyi9NQJXkASJ9GSyI+9Yyx5hDKG0ZSE8zDr5imK9vEOvPB
KxPjge51S3uHDf4hFEJrZkPdAxQwl4LhZKT+lLYBCqFlUwKhnd7Co2SoWD8x4MT7
QnGOJU9m7jVPj9ymVezATKkAlCPk+BhOeBWPumv/6KtHi7N7jMS7t9Y7kbSUuP50
NBNcTF2U9YiAagh/dCGXeYV62Z948LP8Z2eVbA165hGkeeb0zC7c48f3ekhfCsZ6
I828QGc4kBn8/iXp9slOkz85zaz6aJZM+s4ml3Hmd+BdZXXlpQ+uYuhRxgaZtXxC
0gj4/n/3pkIKPv6NEg5jrlyshfDktFAc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:10 2024 by rpki-client on console-ams.rpki-client.org