Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/ZYx8VLwJ0SibG6LyhnMtD_Dn3SM.roa
File:                     ZYx8VLwJ0SibG6LyhnMtD_Dn3SM.roa (raw, json)
Hash identifier:          amJVjmR+gtm+kAfEu1HCq320+SiCnQ0a2A0XqS58IxM=
Subject key identifier:   65:8C:7C:54:BC:09:D1:28:9B:1B:A2:F2:86:73:2D:0F:F0:E7:DD:23
Certificate issuer:       /CN=934e7d515dde9a03c2dc87389a2fca4e7d58c4ec
Certificate serial:       039A5B56
Authority key identifier: 93:4E:7D:51:5D:DE:9A:03:C2:DC:87:38:9A:2F:CA:4E:7D:58:C4:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k059UV3emgPC3Ic4mi_KTn1YxOw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/ZYx8VLwJ0SibG6LyhnMtD_Dn3SM.roa
Signing time:             Sat 01 Jan 2022 01:54:58 +0000
ROA not before:           Sat 01 Jan 2022 01:54:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202443
IP address blocks:        194.34.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60447574 (0x39a5b56)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=934e7d515dde9a03c2dc87389a2fca4e7d58c4ec
        Validity
            Not Before: Jan  1 01:54:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=658c7c54bc09d1289b1ba2f286732d0ff0e7dd23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:7e:44:bd:6d:6d:23:5f:be:33:e8:ba:bd:86:
                    b4:c1:42:b8:9e:e6:40:64:0b:3d:9c:6b:4f:8e:4c:
                    78:91:43:37:60:0c:ed:48:60:ff:28:74:2c:0a:0c:
                    15:1e:9e:5c:50:71:45:ca:8b:18:ac:5f:10:74:68:
                    50:ba:df:59:15:93:85:fd:db:5f:fc:dd:85:0e:df:
                    af:0e:5b:66:77:82:1c:f8:80:d3:ff:1b:51:5c:3f:
                    de:9b:ad:29:ab:80:8e:d2:43:e7:72:f7:30:18:c5:
                    67:0c:6f:20:df:34:5f:80:6a:e1:2b:e1:6b:a4:be:
                    40:b6:e9:7a:d6:91:88:86:e9:1b:3f:e5:1f:ab:55:
                    a6:62:57:b5:f7:a5:8c:b6:4e:61:0a:e3:89:eb:ea:
                    a3:14:c6:4d:e8:2f:1d:91:20:43:6c:aa:d8:2a:5b:
                    f6:cf:14:63:35:a1:48:50:0d:5d:db:f3:11:fb:e2:
                    18:c6:29:31:74:c5:75:34:82:c4:1c:e4:22:d7:5a:
                    ee:da:ad:12:b1:25:1c:84:23:b2:5e:ff:59:8b:25:
                    0f:04:bc:c2:b4:ef:b5:e5:08:43:8d:79:2f:d6:3c:
                    8a:e1:fc:6a:ac:72:ec:6a:dc:bf:fc:d4:47:40:d3:
                    a6:a8:dc:3d:a3:dd:21:11:4b:6e:d2:48:ba:a1:28:
                    26:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:8C:7C:54:BC:09:D1:28:9B:1B:A2:F2:86:73:2D:0F:F0:E7:DD:23
            X509v3 Authority Key Identifier:
                keyid:93:4E:7D:51:5D:DE:9A:03:C2:DC:87:38:9A:2F:CA:4E:7D:58:C4:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k059UV3emgPC3Ic4mi_KTn1YxOw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/ZYx8VLwJ0SibG6LyhnMtD_Dn3SM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/k059UV3emgPC3Ic4mi_KTn1YxOw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.34.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:b5:04:1c:20:61:81:0e:a6:00:16:e5:1a:24:39:98:5e:95:
         46:6f:fe:fd:07:15:ef:9b:1c:e1:f4:d8:3e:ee:88:a3:82:e1:
         b4:1a:34:a1:7b:d9:5d:a9:3b:50:bb:c7:c0:20:0e:0e:18:52:
         61:58:ae:4a:9f:1b:92:bf:77:fc:21:02:b5:75:ea:be:a0:9f:
         b0:59:8c:da:5c:74:11:47:96:a0:bd:f4:ec:ca:1d:a4:dd:65:
         f7:f4:bd:73:3a:95:d5:1a:aa:de:16:4b:21:8b:f6:e9:5c:4d:
         38:3b:b4:2a:f3:b7:62:8c:cd:3e:47:f4:cc:f6:40:f9:5f:97:
         b5:42:22:2f:7f:7a:2d:5f:54:79:33:2f:31:01:59:e3:7c:3e:
         77:f0:cc:d4:a4:65:7c:60:4d:b3:95:1c:58:ca:b0:0f:18:98:
         34:47:20:d4:df:c9:a7:70:8c:f2:cc:0e:1f:c2:55:fc:c8:20:
         50:69:21:64:78:a6:8e:82:6b:5d:7b:14:89:76:8d:c6:b6:90:
         c0:4d:7d:7d:e4:9d:10:cd:a3:81:8a:73:cb:26:2e:92:d1:41:
         cc:ca:e4:7e:60:c3:74:97:70:a8:eb:08:98:9f:9a:77:5a:27:
         27:c5:13:2a:6a:d8:19:e0:10:fb:6a:25:66:c0:ef:f0:cd:df:
         fe:80:d2:d3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5pbVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzRlN2Q1MTVkZGU5YTAzYzJkYzg3Mzg5YTJmY2E0ZTdkNThjNGVjMB4XDTIyMDEw
MTAxNTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjU4YzdjNTRiYzA5
ZDEyODliMWJhMmYyODY3MzJkMGZmMGU3ZGQyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMp+RL1tbSNfvjPour2GtMFCuJ7mQGQLPZxrT45MeJFDN2AM
7Uhg/yh0LAoMFR6eXFBxRcqLGKxfEHRoULrfWRWThf3bX/zdhQ7frw5bZneCHPiA
0/8bUVw/3putKauAjtJD53L3MBjFZwxvIN80X4Bq4Svha6S+QLbpetaRiIbpGz/l
H6tVpmJXtfeljLZOYQrjievqoxTGTegvHZEgQ2yq2Cpb9s8UYzWhSFANXdvzEfvi
GMYpMXTFdTSCxBzkItda7tqtErElHIQjsl7/WYslDwS8wrTvteUIQ415L9Y8iuH8
aqxy7Grcv/zUR0DTpqjcPaPdIRFLbtJIuqEoJlcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRljHxUvAnRKJsbovKGcy0P8OfdIzAfBgNVHSMEGDAWgBSTTn1RXd6aA8Lc
hziaL8pOfVjE7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2swNTlVVjNlbWdQQzNJYzRtaV9LVG4xWXhPdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvNzU5MzI3LWNjOWYtNGQ2ZC1hYzc5LTljYjhkMDIzY2MwYi8x
L1pZeDhWTHdKMFNpYkc2THlobk10RF9EbjNTTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
NzU5MzI3LWNjOWYtNGQ2ZC1hYzc5LTljYjhkMDIzY2MwYi8xL2swNTlVVjNlbWdQ
QzNJYzRtaV9LVG4xWXhPdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIiqDANBgkqhkiG9w0BAQsFAAOC
AQEAbrUEHCBhgQ6mABblGiQ5mF6VRm/+/QcV75sc4fTYPu6Io4LhtBo0oXvZXak7
ULvHwCAODhhSYViuSp8bkr93/CECtXXqvqCfsFmM2lx0EUeWoL307ModpN1l9/S9
czqV1Rqq3hZLIYv26VxNODu0KvO3YozNPkf0zPZA+V+XtUIiL396LV9UeTMvMQFZ
43w+d/DM1KRlfGBNs5UcWMqwDxiYNEcg1N/Jp3CM8swOH8JV/MggUGkhZHimjoJr
XXsUiXaNxraQwE19feSdEM2jgYpzyyYuktFBzMrkfmDDdJdwqOsImJ+ad1onJ8UT
KmrYGeAQ+2olZsDv8M3f/oDS0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org