Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/RtP53ztC1LjgvVo_sA7-TG-t0aI.roa
File:                     RtP53ztC1LjgvVo_sA7-TG-t0aI.roa (raw, json)
Hash identifier:          02MP818qQiOSVtQl/iK5Zm8vNUT0X/Id2gcSSD3tIt0=
Subject key identifier:   46:D3:F9:DF:3B:42:D4:B8:E0:BD:5A:3F:B0:0E:FE:4C:6F:AD:D1:A2
Certificate issuer:       /CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
Certificate serial:       054D273B
Authority key identifier: A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/RtP53ztC1LjgvVo_sA7-TG-t0aI.roa
Signing time:             Sat 01 Jan 2022 11:53:41 +0000
ROA not before:           Sat 01 Jan 2022 11:53:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209181
IP address blocks:        176.119.222.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 88942395 (0x54d273b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a056b42383ad862ce6a374ad2ca6d36c254dc7b1
        Validity
            Not Before: Jan  1 11:53:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=46d3f9df3b42d4b8e0bd5a3fb00efe4c6fadd1a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:dd:77:fc:33:c3:b4:b6:0b:81:45:d7:15:52:
                    bf:f6:fe:7d:8f:ea:bf:54:64:1d:9c:08:ae:37:c2:
                    97:68:b9:e2:1c:a9:9f:91:11:87:06:5d:25:59:a3:
                    fb:1d:42:1f:10:5e:97:a3:87:43:b3:61:27:49:d7:
                    7e:2e:ff:4c:c0:f9:48:bf:4b:4a:a1:38:92:2e:18:
                    21:94:bb:77:03:02:a7:83:f7:aa:bc:7b:5b:9c:f0:
                    f4:99:e7:1f:8a:6a:7c:9e:c3:27:ba:72:a0:4e:b9:
                    4e:42:98:20:6f:cf:7d:fe:75:14:41:42:bc:87:58:
                    96:42:3c:85:b1:e0:80:81:b7:a9:08:2a:df:8d:ae:
                    89:14:05:d6:da:62:b3:47:29:1e:f4:ef:3d:a0:be:
                    e7:e0:75:d3:92:f0:1b:d0:3f:45:a4:33:15:ad:c6:
                    be:20:ae:5e:d2:87:62:4a:eb:fd:e1:d7:92:c6:9b:
                    75:ae:13:b6:f8:b0:f3:ee:3c:ca:07:7d:b8:44:92:
                    91:4e:18:d3:d2:7c:8f:4d:7c:08:79:c4:bc:1e:11:
                    2a:fc:b6:9c:a7:2c:d3:26:d4:61:37:93:f7:02:e1:
                    3c:34:a9:95:01:82:93:24:f7:4c:4e:34:3f:a3:e2:
                    c0:47:09:1b:e8:4e:4e:84:9b:49:b7:0a:8d:55:11:
                    b4:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:D3:F9:DF:3B:42:D4:B8:E0:BD:5A:3F:B0:0E:FE:4C:6F:AD:D1:A2
            X509v3 Authority Key Identifier:
                keyid:A0:56:B4:23:83:AD:86:2C:E6:A3:74:AD:2C:A6:D3:6C:25:4D:C7:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFa0I4Othizmo3StLKbTbCVNx7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/RtP53ztC1LjgvVo_sA7-TG-t0aI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/3e8dcc-a764-44be-b507-9b3dd417c308/1/oFa0I4Othizmo3StLKbTbCVNx7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.119.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:b4:c6:23:1d:77:e0:1e:72:a7:04:f0:4b:4e:ea:39:d6:b1:
         32:6c:c3:23:7a:dd:4c:d8:1c:89:fb:76:d9:08:13:16:1b:02:
         27:d3:19:d0:64:c7:2e:1b:e9:03:46:d3:c7:2f:cd:73:82:05:
         91:ee:17:70:8f:c8:0d:ff:19:7e:29:5a:24:1f:8a:71:69:a5:
         5c:24:5c:fe:16:ae:1a:2f:ff:d0:ef:d8:cc:54:cd:70:94:f6:
         34:31:3d:7f:6a:65:e7:27:50:17:1d:de:67:79:57:4c:a0:c2:
         5b:be:de:a2:b1:9d:6d:53:c4:cf:50:24:92:61:f2:64:dc:19:
         4d:0d:95:dc:f3:25:a0:57:3e:e7:09:37:4b:7c:cf:9f:8a:78:
         b3:3e:64:3e:61:8e:37:ac:aa:3c:35:14:f7:b7:16:c1:7b:f1:
         96:67:84:e1:47:e3:fd:a0:80:82:69:9e:b9:7e:ff:3e:31:01:
         a3:cb:81:f2:a9:2a:ce:d5:8c:1c:d2:c0:25:0a:41:e8:5b:2d:
         c8:62:2e:de:ef:47:90:74:7d:10:be:64:69:09:38:5a:4c:14:
         a8:46:88:0a:9b:7a:9d:85:bb:9e:47:ea:6a:72:0e:19:65:66:
         f7:24:72:0b:24:18:ae:f4:98:f8:24:a7:90:bd:46:e8:e6:94:
         68:74:a8:40
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBU0nOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDU2YjQyMzgzYWQ4NjJjZTZhMzc0YWQyY2E2ZDM2YzI1NGRjN2IxMB4XDTIyMDEw
MTExNTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDZkM2Y5ZGYzYjQy
ZDRiOGUwYmQ1YTNmYjAwZWZlNGM2ZmFkZDFhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3dd/wzw7S2C4FF1xVSv/b+fY/qv1RkHZwIrjfCl2i54hyp
n5ERhwZdJVmj+x1CHxBel6OHQ7NhJ0nXfi7/TMD5SL9LSqE4ki4YIZS7dwMCp4P3
qrx7W5zw9JnnH4pqfJ7DJ7pyoE65TkKYIG/Pff51FEFCvIdYlkI8hbHggIG3qQgq
342uiRQF1tpis0cpHvTvPaC+5+B105LwG9A/RaQzFa3GviCuXtKHYkrr/eHXksab
da4Ttviw8+48ygd9uESSkU4Y09J8j018CHnEvB4RKvy2nKcs0ybUYTeT9wLhPDSp
lQGCkyT3TE40P6PiwEcJG+hOToSbSbcKjVURtEUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRG0/nfO0LUuOC9Wj+wDv5Mb63RojAfBgNVHSMEGDAWgBSgVrQjg62GLOaj
dK0sptNsJU3HsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29GYTBJNE90aGl6bW8zU3RMS2JUYkNWTng3RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvM2U4ZGNjLWE3NjQtNDRiZS1iNTA3LTliM2RkNDE3YzMwOC8x
L1J0UDUzenRDMUxqZ3ZWb19zQTctVEctdDBhSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
M2U4ZGNjLWE3NjQtNDRiZS1iNTA3LTliM2RkNDE3YzMwOC8xL29GYTBJNE90aGl6
bW8zU3RMS2JUYkNWTng3RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB33jANBgkqhkiG9w0BAQsFAAOC
AQEAb7TGIx134B5ypwTwS07qOdaxMmzDI3rdTNgcift22QgTFhsCJ9MZ0GTHLhvp
A0bTxy/Nc4IFke4XcI/IDf8ZfilaJB+KcWmlXCRc/hauGi//0O/YzFTNcJT2NDE9
f2pl5ydQFx3eZ3lXTKDCW77eorGdbVPEz1AkkmHyZNwZTQ2V3PMloFc+5wk3S3zP
n4p4sz5kPmGON6yqPDUU97cWwXvxlmeE4Ufj/aCAgmmeuX7/PjEBo8uB8qkqztWM
HNLAJQpB6FstyGIu3u9HkHR9EL5kaQk4WkwUqEaICpt6nYW7nkfqanIOGWVm9yRy
CyQYrvSY+CSnkL1G6OaUaHSoQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:12 2024 by rpki-client on console-fra.rpki-client.org