Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/e6b238-5355-40f0-be87-497fd6506ae5/1/vN44cfakoa4uxokLaNGpYv1m7hU.roa
File:                     vN44cfakoa4uxokLaNGpYv1m7hU.roa (raw, json)
Hash identifier:          T2fLuSLndtnPUs+Ph7yXeUoO88Eo5E12p/7YwiU4bNE=
Subject key identifier:   BC:DE:38:71:F6:A4:A1:AE:2E:C6:89:0B:68:D1:A9:62:FD:66:EE:15
Certificate issuer:       /CN=4a13b7758676de2ef127cc7750ee76c5a8341d78
Certificate serial:       02674B73
Authority key identifier: 4A:13:B7:75:86:76:DE:2E:F1:27:CC:77:50:EE:76:C5:A8:34:1D:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ShO3dYZ23i7xJ8x3UO52xag0HXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/e6b238-5355-40f0-be87-497fd6506ae5/1/vN44cfakoa4uxokLaNGpYv1m7hU.roa
Signing time:             Sat 01 Jan 2022 13:03:43 +0000
ROA not before:           Sat 01 Jan 2022 13:03:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     786
IP address blocks:        194.26.0.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40323955 (0x2674b73)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a13b7758676de2ef127cc7750ee76c5a8341d78
        Validity
            Not Before: Jan  1 13:03:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bcde3871f6a4a1ae2ec6890b68d1a962fd66ee15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:cd:cc:d3:93:20:b0:ef:23:00:7a:e0:39:dd:
                    d7:0d:d7:9f:12:50:fb:a9:9f:62:51:a9:41:0c:22:
                    a1:58:16:5c:29:ea:6e:22:d1:a7:d4:c8:14:a4:7a:
                    d1:1d:89:32:5e:33:a6:33:75:f8:a6:7c:cd:20:b7:
                    0e:13:3a:ff:51:f5:4b:51:c2:2b:af:c7:cb:fc:59:
                    e1:f0:bf:51:e8:75:a3:dd:cd:1c:df:3f:53:96:10:
                    e0:8b:1a:8c:88:ab:1d:27:b4:c9:da:cb:5a:f1:5f:
                    00:b6:2a:91:f2:89:f6:4a:d2:68:01:89:a3:04:b7:
                    42:1e:9c:43:50:d9:e4:88:ad:74:ba:3a:1d:b1:46:
                    86:93:c4:1d:4e:6e:2c:ed:db:ee:5f:3b:6c:3c:1b:
                    0b:a8:42:9d:15:27:2e:05:45:5f:f4:cf:a5:11:3e:
                    c3:8b:fd:ff:55:af:7b:ab:01:b4:7d:41:b1:1e:ae:
                    05:0b:08:52:fe:6c:20:3c:00:cb:6e:45:70:af:8b:
                    c0:a1:d9:39:05:58:49:60:4c:1b:ef:d3:cd:f5:55:
                    3b:55:a1:5b:09:53:67:8a:e5:65:62:d5:7e:fe:e0:
                    e8:9b:40:58:0c:f8:d8:a9:26:61:ed:8e:1a:40:ff:
                    48:02:b7:ac:96:9d:f3:f4:9a:ae:79:33:5b:59:ac:
                    95:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:DE:38:71:F6:A4:A1:AE:2E:C6:89:0B:68:D1:A9:62:FD:66:EE:15
            X509v3 Authority Key Identifier:
                keyid:4A:13:B7:75:86:76:DE:2E:F1:27:CC:77:50:EE:76:C5:A8:34:1D:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ShO3dYZ23i7xJ8x3UO52xag0HXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e6b238-5355-40f0-be87-497fd6506ae5/1/vN44cfakoa4uxokLaNGpYv1m7hU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e6b238-5355-40f0-be87-497fd6506ae5/1/ShO3dYZ23i7xJ8x3UO52xag0HXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:5b:ff:0c:ee:eb:9c:7a:54:ff:e9:1a:00:30:d4:4b:8a:5a:
         f6:45:0d:f6:8f:8f:5e:32:b2:c5:e0:31:95:12:c6:4a:1a:6f:
         2d:44:9d:c9:89:e7:d5:74:5c:4c:7f:b6:d6:d3:e3:bf:9d:40:
         11:b6:bd:9f:a7:cf:41:e6:89:43:c5:35:ca:f0:4d:d6:99:26:
         cd:1b:99:3b:db:99:39:1a:f5:bc:1d:24:fb:a5:66:5d:0f:cb:
         86:ff:a7:2a:5b:28:35:ea:bc:9c:57:46:90:9e:c0:40:00:25:
         c4:a8:e5:ca:53:25:41:83:cb:65:e1:78:c8:ab:98:17:15:70:
         ec:f1:1d:ab:3c:15:29:50:19:a1:f1:d8:56:f9:1b:0b:9b:4d:
         af:3e:bd:ca:36:2d:db:8d:12:f0:14:16:3a:ab:88:ea:c2:d2:
         1f:01:a3:ef:3f:62:0f:fe:70:10:cb:ec:8d:6a:1c:35:99:0d:
         5e:30:18:97:c7:96:83:de:18:11:72:28:08:93:24:7a:7d:0b:
         e7:59:0e:d1:f5:3b:bc:fc:70:da:28:fe:7e:d9:46:8c:c4:2c:
         57:f5:59:cd:de:88:27:23:77:c8:52:52:63:04:63:9a:d3:48:
         44:32:45:78:57:1f:e6:f6:4b:63:c8:5d:a8:41:0b:7f:df:6d:
         b0:d6:54:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmdLczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTEzYjc3NTg2NzZkZTJlZjEyN2NjNzc1MGVlNzZjNWE4MzQxZDc4MB4XDTIyMDEw
MTEzMDM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmNkZTM4NzFmNmE0
YTFhZTJlYzY4OTBiNjhkMWE5NjJmZDY2ZWUxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDNzNOTILDvIwB64Dnd1w3XnxJQ+6mfYlGpQQwioVgWXCnq
biLRp9TIFKR60R2JMl4zpjN1+KZ8zSC3DhM6/1H1S1HCK6/Hy/xZ4fC/Ueh1o93N
HN8/U5YQ4IsajIirHSe0ydrLWvFfALYqkfKJ9krSaAGJowS3Qh6cQ1DZ5IitdLo6
HbFGhpPEHU5uLO3b7l87bDwbC6hCnRUnLgVFX/TPpRE+w4v9/1Wve6sBtH1BsR6u
BQsIUv5sIDwAy25FcK+LwKHZOQVYSWBMG+/TzfVVO1WhWwlTZ4rlZWLVfv7g6JtA
WAz42KkmYe2OGkD/SAK3rJad8/SarnkzW1mslSECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS83jhx9qShri7GiQto0ali/WbuFTAfBgNVHSMEGDAWgBRKE7d1hnbeLvEn
zHdQ7nbFqDQdeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NoTzNkWVoyM2k3eEo4eDNVTzUyeGFnMEhYZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvZTZiMjM4LTUzNTUtNDBmMC1iZTg3LTQ5N2ZkNjUwNmFlNS8x
L3ZONDRjZmFrb2E0dXhva0xhTkdwWXYxbTdoVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
ZTZiMjM4LTUzNTUtNDBmMC1iZTg3LTQ5N2ZkNjUwNmFlNS8xL1NoTzNkWVoyM2k3
eEo4eDNVTzUyeGFnMEhYZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIaADANBgkqhkiG9w0BAQsFAAOC
AQEAB1v/DO7rnHpU/+kaADDUS4pa9kUN9o+PXjKyxeAxlRLGShpvLUSdyYnn1XRc
TH+21tPjv51AEba9n6fPQeaJQ8U1yvBN1pkmzRuZO9uZORr1vB0k+6VmXQ/Lhv+n
KlsoNeq8nFdGkJ7AQAAlxKjlylMlQYPLZeF4yKuYFxVw7PEdqzwVKVAZofHYVvkb
C5tNrz69yjYt240S8BQWOquI6sLSHwGj7z9iD/5wEMvsjWocNZkNXjAYl8eWg94Y
EXIoCJMken0L51kO0fU7vPxw2ij+ftlGjMQsV/VZzd6IJyN3yFJSYwRjmtNIRDJF
eFcf5vZLY8hdqEELf99tsNZUzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:16 2024 by rpki-client on console-fra.rpki-client.org