Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/e6b238-5355-40f0-be87-497fd6506ae5/1/u9m6j-ZD7ajdkRjwwicfSAGt_kw.roa
File:                     u9m6j-ZD7ajdkRjwwicfSAGt_kw.roa (raw, json)
Hash identifier:          P/JaabKJKuw7uDLkkF2eEviAfz99XpFA5MtA+Tgdyo4=
Subject key identifier:   BB:D9:BA:8F:E6:43:ED:A8:DD:91:18:F0:C2:27:1F:48:01:AD:FE:4C
Certificate issuer:       /CN=4a13b7758676de2ef127cc7750ee76c5a8341d78
Certificate serial:       026877C8
Authority key identifier: 4A:13:B7:75:86:76:DE:2E:F1:27:CC:77:50:EE:76:C5:A8:34:1D:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ShO3dYZ23i7xJ8x3UO52xag0HXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/e6b238-5355-40f0-be87-497fd6506ae5/1/u9m6j-ZD7ajdkRjwwicfSAGt_kw.roa
Signing time:             Sat 01 Jan 2022 13:03:43 +0000
ROA not before:           Sat 01 Jan 2022 13:03:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1213
IP address blocks:        194.26.0.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40400840 (0x26877c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a13b7758676de2ef127cc7750ee76c5a8341d78
        Validity
            Not Before: Jan  1 13:03:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bbd9ba8fe643eda8dd9118f0c2271f4801adfe4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ac:2d:95:8e:b3:64:6d:9d:c7:25:5f:9d:ff:
                    57:d0:ab:1c:12:69:5b:5a:25:41:09:55:33:63:fd:
                    26:11:82:32:38:db:5e:dd:06:a7:8b:a1:d8:16:05:
                    ca:65:c9:c5:29:d2:98:f3:d8:fb:f2:9e:d7:d1:c0:
                    4d:a9:9d:d4:5b:f5:73:b7:dd:c8:47:99:bc:e4:62:
                    85:0e:b3:1d:21:b3:5c:24:8d:3e:ff:d5:a7:d3:88:
                    46:28:55:f5:e0:b1:ea:7d:a0:d5:45:17:12:71:ab:
                    25:bb:54:aa:36:b4:ca:b6:47:c2:92:93:2e:df:d3:
                    f5:32:e5:94:ac:82:c7:99:9f:e1:d7:78:23:45:e8:
                    1c:0e:f5:f9:d5:0a:ec:64:9b:2a:8a:66:37:94:c8:
                    6b:27:f6:9c:a7:c6:0b:dd:7a:83:d4:64:1d:53:ee:
                    78:e5:f8:e0:e7:93:87:73:2d:01:b0:ae:fe:3c:45:
                    56:68:a9:00:4e:1d:30:cb:ca:00:94:1e:37:22:c2:
                    ce:48:bf:b5:ce:16:c7:d7:c3:d2:34:4d:84:47:2d:
                    19:c7:26:fd:c4:8c:0b:4d:e5:47:12:89:be:1e:81:
                    84:8b:4c:7d:06:1f:24:ac:54:2e:89:be:56:6b:b8:
                    cb:7e:32:79:7c:3a:f7:3c:e5:0e:97:2c:da:a0:9a:
                    61:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:D9:BA:8F:E6:43:ED:A8:DD:91:18:F0:C2:27:1F:48:01:AD:FE:4C
            X509v3 Authority Key Identifier:
                keyid:4A:13:B7:75:86:76:DE:2E:F1:27:CC:77:50:EE:76:C5:A8:34:1D:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ShO3dYZ23i7xJ8x3UO52xag0HXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e6b238-5355-40f0-be87-497fd6506ae5/1/u9m6j-ZD7ajdkRjwwicfSAGt_kw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e6b238-5355-40f0-be87-497fd6506ae5/1/ShO3dYZ23i7xJ8x3UO52xag0HXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:cf:a1:a5:cf:74:53:ce:5b:86:91:4f:7d:c9:f0:d5:5d:31:
         1f:ba:0f:13:7b:10:09:52:9f:65:09:e4:c7:f0:b1:85:f8:78:
         8c:ee:7f:5f:51:1d:3b:5e:0b:c6:34:89:f2:81:2b:a0:7b:89:
         50:92:7f:6c:99:96:a5:cd:d3:04:36:42:42:11:a8:8c:99:76:
         bb:4a:99:5c:e8:a2:8d:86:d6:b0:4d:24:a5:66:26:06:23:3e:
         9a:a0:3f:ac:95:45:b4:cf:b4:3c:34:7d:a2:48:69:81:ad:8b:
         47:fa:37:2f:61:89:ad:01:c2:2e:e7:01:1a:e5:5e:34:1b:cc:
         11:65:86:a7:53:61:33:1c:35:89:c6:16:84:5b:23:f6:72:f0:
         c5:2f:c9:cf:ce:af:10:d5:38:ed:48:9c:01:50:48:d5:6b:f3:
         02:90:38:34:96:79:93:f0:05:84:1c:24:4a:c3:21:a3:5a:69:
         80:ff:a8:c5:c0:32:0e:f2:56:2b:94:a0:36:77:0d:8a:2c:13:
         21:73:c9:2f:c2:fd:02:d0:a9:20:29:83:b7:d4:db:a9:17:1f:
         5e:c9:a1:a1:55:49:99:a7:d7:96:ff:1b:71:77:40:01:b4:2c:
         7f:3e:16:81:9f:0b:f5:aa:20:b5:da:b0:84:8a:57:8b:df:6b:
         ee:57:4f:91
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmh3yDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTEzYjc3NTg2NzZkZTJlZjEyN2NjNzc1MGVlNzZjNWE4MzQxZDc4MB4XDTIyMDEw
MTEzMDM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJkOWJhOGZlNjQz
ZWRhOGRkOTExOGYwYzIyNzFmNDgwMWFkZmU0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMisLZWOs2RtncclX53/V9CrHBJpW1olQQlVM2P9JhGCMjjb
Xt0Gp4uh2BYFymXJxSnSmPPY+/Ke19HATamd1Fv1c7fdyEeZvORihQ6zHSGzXCSN
Pv/Vp9OIRihV9eCx6n2g1UUXEnGrJbtUqja0yrZHwpKTLt/T9TLllKyCx5mf4dd4
I0XoHA71+dUK7GSbKopmN5TIayf2nKfGC916g9RkHVPueOX44OeTh3MtAbCu/jxF
VmipAE4dMMvKAJQeNyLCzki/tc4Wx9fD0jRNhEctGccm/cSMC03lRxKJvh6BhItM
fQYfJKxULom+Vmu4y34yeXw69zzlDpcs2qCaYXECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS72bqP5kPtqN2RGPDCJx9IAa3+TDAfBgNVHSMEGDAWgBRKE7d1hnbeLvEn
zHdQ7nbFqDQdeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NoTzNkWVoyM2k3eEo4eDNVTzUyeGFnMEhYZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvZTZiMjM4LTUzNTUtNDBmMC1iZTg3LTQ5N2ZkNjUwNmFlNS8x
L3U5bTZqLVpEN2FqZGtSand3aWNmU0FHdF9rdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
ZTZiMjM4LTUzNTUtNDBmMC1iZTg3LTQ5N2ZkNjUwNmFlNS8xL1NoTzNkWVoyM2k3
eEo4eDNVTzUyeGFnMEhYZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIaADANBgkqhkiG9w0BAQsFAAOC
AQEAX8+hpc90U85bhpFPfcnw1V0xH7oPE3sQCVKfZQnkx/Cxhfh4jO5/X1EdO14L
xjSJ8oEroHuJUJJ/bJmWpc3TBDZCQhGojJl2u0qZXOiijYbWsE0kpWYmBiM+mqA/
rJVFtM+0PDR9okhpga2LR/o3L2GJrQHCLucBGuVeNBvMEWWGp1NhMxw1icYWhFsj
9nLwxS/Jz86vENU47UicAVBI1WvzApA4NJZ5k/AFhBwkSsMho1ppgP+oxcAyDvJW
K5SgNncNiiwTIXPJL8L9AtCpICmDt9TbqRcfXsmhoVVJmafXlv8bcXdAAbQsfz4W
gZ8L9aogtdqwhIpXi99r7ldPkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:16 2024 by rpki-client on console-fra.rpki-client.org