Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/6sWxK9M2L3G3msYjjw0h09WXh7Q.roa
File:                     6sWxK9M2L3G3msYjjw0h09WXh7Q.roa (raw, json)
Hash identifier:          w/PAOXGSCxtahPhommVn2S7YrIoN9OgcY5d4oyQPDAQ=
Subject key identifier:   EA:C5:B1:2B:D3:36:2F:71:B7:9A:C6:23:8F:0D:21:D3:D5:97:87:B4
Certificate issuer:       /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial:       085C2C76
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/6sWxK9M2L3G3msYjjw0h09WXh7Q.roa
Signing time:             Sat 01 Jan 2022 10:54:25 +0000
ROA not before:           Sat 01 Jan 2022 10:54:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31400
IP address blocks:        194.126.196.0/24 maxlen: 24
                          2a03:2902::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 140258422 (0x85c2c76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
        Validity
            Not Before: Jan  1 10:54:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eac5b12bd3362f71b79ac6238f0d21d3d59787b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:8d:2e:d2:41:2d:4b:ec:34:04:7e:e3:38:04:
                    68:6b:35:d9:d7:85:fc:d7:ea:5c:ed:9d:f4:98:7c:
                    42:6b:d7:fc:bb:06:cb:cd:84:f1:d2:61:90:b6:1c:
                    8d:98:00:4e:ca:5a:05:4c:e4:7e:5e:7e:ff:7a:63:
                    bf:a3:c2:f0:96:80:0b:29:e4:c2:de:c1:b2:7c:13:
                    b3:f1:b0:1e:04:b0:b9:25:b8:89:d8:13:1c:74:2a:
                    79:4c:ef:eb:65:27:a7:ec:ff:91:cf:b2:23:c5:b4:
                    d7:48:21:5c:51:99:1a:9a:f8:f6:a6:ad:41:84:8d:
                    4c:49:aa:1c:48:5c:2b:90:31:2a:50:16:e6:42:0f:
                    4f:52:c0:f8:17:c2:58:87:77:ba:4b:55:85:93:e7:
                    69:e7:98:71:f6:89:ed:89:3c:2b:1d:9a:9c:16:d5:
                    92:fe:fb:4b:f9:e1:07:b2:e8:95:f2:99:b5:ff:07:
                    0b:d9:4e:23:0a:51:2c:c2:d8:33:35:29:cb:9d:f8:
                    32:d5:de:ca:21:02:47:7b:7e:b3:d4:c8:b7:aa:ba:
                    81:83:7b:19:87:91:d8:65:93:e5:7e:c4:62:f5:a5:
                    29:60:f4:61:5e:84:be:f0:5b:81:02:fa:b3:1b:97:
                    9b:2a:ec:4b:b3:f8:19:bc:19:bb:4a:25:08:49:cb:
                    ba:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:C5:B1:2B:D3:36:2F:71:B7:9A:C6:23:8F:0D:21:D3:D5:97:87:B4
            X509v3 Authority Key Identifier:
                keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/6sWxK9M2L3G3msYjjw0h09WXh7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.126.196.0/24
                IPv6:
                  2a03:2902::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:f1:f2:cd:ce:87:ee:ae:9d:94:46:6e:95:c6:6f:de:9b:9b:
         93:a9:eb:74:a0:57:bf:5e:25:8d:87:cd:db:61:06:ed:f7:a1:
         7d:46:56:cb:6f:36:b4:c0:28:b9:c2:c0:bd:bd:91:10:f1:5d:
         93:90:95:f9:18:05:2b:7d:fc:70:c6:76:86:c6:bf:72:42:03:
         7e:71:d1:d5:9c:02:c5:80:35:5f:25:3f:3e:ea:45:ab:3e:53:
         88:06:82:13:2b:a7:30:e1:89:e2:74:53:69:2e:2b:a2:f5:d5:
         65:16:36:e8:db:a6:97:46:33:30:07:88:62:61:5c:fc:5c:f3:
         03:89:55:f7:3d:ad:47:18:68:55:e5:ac:39:12:4c:0c:1a:8f:
         a3:50:18:4e:98:29:61:69:23:b1:31:ef:c3:e2:be:ba:e2:7c:
         33:c2:74:10:74:f2:07:cd:bb:f7:31:8b:67:17:a3:d3:ad:19:
         14:a1:b4:f0:d0:24:5d:85:04:7b:41:0a:7d:89:b6:b8:54:50:
         59:d2:74:43:6a:5b:81:2e:46:38:18:d7:51:e9:bd:84:1b:67:
         75:68:d8:db:27:15:b6:06:5d:f2:32:00:b1:fc:47:fd:3f:8c:
         5b:a2:6b:a0:3f:d9:80:67:25:64:3e:62:ef:62:b1:84:a3:b1:
         24:7e:23:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECFwsdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDVmZjljYzg5YzY2YThhM2E1ZDczNGEwZDY1YzYxZmRjODUxOGJlMB4XDTIyMDEw
MTEwNTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFjNWIxMmJkMzM2
MmY3MWI3OWFjNjIzOGYwZDIxZDNkNTk3ODdiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeNLtJBLUvsNAR+4zgEaGs12deF/NfqXO2d9Jh8QmvX/LsG
y82E8dJhkLYcjZgATspaBUzkfl5+/3pjv6PC8JaACynkwt7BsnwTs/GwHgSwuSW4
idgTHHQqeUzv62Unp+z/kc+yI8W010ghXFGZGpr49qatQYSNTEmqHEhcK5AxKlAW
5kIPT1LA+BfCWId3uktVhZPnaeeYcfaJ7Yk8Kx2anBbVkv77S/nhB7LolfKZtf8H
C9lOIwpRLMLYMzUpy534MtXeyiECR3t+s9TIt6q6gYN7GYeR2GWT5X7EYvWlKWD0
YV6EvvBbgQL6sxuXmyrsS7P4GbwZu0olCEnLup0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTqxbEr0zYvcbeaxiOPDSHT1ZeHtDAfBgNVHSMEGDAWgBQAX/nMicZqijpd
c0oNZcYf3IUYvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FGXzV6SW5HYW9vNlhYTktEV1hHSDl5RkdMNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvZDUzYzc4LTBkNWItNDIzNy05OTk5LTBlMmQ2OTdiMjdlMy8x
LzZzV3hLOU0yTDNHM21zWWpqdzBoMDlXWGg3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
ZDUzYzc4LTBkNWItNDIzNy05OTk5LTBlMmQ2OTdiMjdlMy8xL0FGXzV6SW5HYW9v
NlhYTktEV1hHSDl5RkdMNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMJ+xDANBAIAAjAHAwUAKgMpAjAN
BgkqhkiG9w0BAQsFAAOCAQEAm/Hyzc6H7q6dlEZulcZv3pubk6nrdKBXv14ljYfN
22EG7fehfUZWy282tMAoucLAvb2REPFdk5CV+RgFK338cMZ2hsa/ckIDfnHR1ZwC
xYA1XyU/PupFqz5TiAaCEyunMOGJ4nRTaS4rovXVZRY26Numl0YzMAeIYmFc/Fzz
A4lV9z2tRxhoVeWsORJMDBqPo1AYTpgpYWkjsTHvw+K+uuJ8M8J0EHTyB8279zGL
Zxej060ZFKG08NAkXYUEe0EKfYm2uFRQWdJ0Q2pbgS5GOBjXUem9hBtndWjY2ycV
tgZd8jIAsfxH/T+MW6JroD/ZgGclZD5i72KxhKOxJH4jiQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:41 2023 by rpki-client on console-fra.rpki-client.org