Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/70337f-65ee-4242-bb29-22f4b9cf8f9f/1/KbZyJ3wGwnuH0d_QA5kZ_GbnScQ.roa
File:                     KbZyJ3wGwnuH0d_QA5kZ_GbnScQ.roa (raw, json)
Hash identifier:          o6w92G+nmilvwgtw3tRaUkOBxD0eTqhNiy54c0c5RhY=
Subject key identifier:   29:B6:72:27:7C:06:C2:7B:87:D1:DF:D0:03:99:19:FC:66:E7:49:C4
Certificate issuer:       /CN=3037a5f7679747839a9c5d740e10a94119175772
Certificate serial:       0144023C
Authority key identifier: 30:37:A5:F7:67:97:47:83:9A:9C:5D:74:0E:10:A9:41:19:17:57:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MDel92eXR4OanF10DhCpQRkXV3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/70337f-65ee-4242-bb29-22f4b9cf8f9f/1/KbZyJ3wGwnuH0d_QA5kZ_GbnScQ.roa
Signing time:             Sat 01 Jan 2022 04:58:47 +0000
ROA not before:           Sat 01 Jan 2022 04:58:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        194.150.76.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21234236 (0x144023c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3037a5f7679747839a9c5d740e10a94119175772
        Validity
            Not Before: Jan  1 04:58:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=29b672277c06c27b87d1dfd0039919fc66e749c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:10:90:52:e8:e8:36:64:79:98:d0:ec:ba:21:
                    94:50:85:cd:f8:6e:66:e3:30:1e:af:e6:0c:70:ec:
                    a2:7a:df:56:7b:4d:cc:4e:64:58:1f:c7:3b:c6:f8:
                    f2:79:34:7c:21:d1:9f:b1:d5:99:1b:f4:5a:82:76:
                    81:af:f4:23:71:57:81:b4:3d:8b:fc:3b:4d:81:d7:
                    17:ad:e0:28:f2:21:c8:1c:dc:ea:b2:b7:d3:e8:2e:
                    f2:68:de:ae:a6:a3:41:1a:52:d7:10:2e:29:2a:71:
                    ee:5d:a8:8a:e8:b5:87:c6:e9:c1:00:1c:fc:c8:ae:
                    cf:9a:41:28:23:87:e0:0d:58:cf:3b:a4:fe:14:b8:
                    30:54:b2:cb:e8:66:02:57:ca:cb:05:72:05:e1:5e:
                    14:62:f8:33:98:64:75:8b:cb:61:ae:a1:9b:9e:a4:
                    21:c9:95:00:c7:49:b4:84:39:75:e3:56:45:c4:b5:
                    33:75:71:bf:59:48:48:f2:3b:5c:84:b8:78:69:53:
                    c1:12:02:4f:db:50:20:7b:08:e1:e4:0e:85:4d:ed:
                    a0:0d:bd:20:e7:ff:57:14:fc:04:f4:56:32:1b:47:
                    de:92:8e:86:40:1c:b5:18:b2:fd:02:59:3b:9d:fd:
                    fe:73:9f:56:81:bf:ca:eb:20:4c:24:a6:a0:9c:e8:
                    a1:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:B6:72:27:7C:06:C2:7B:87:D1:DF:D0:03:99:19:FC:66:E7:49:C4
            X509v3 Authority Key Identifier:
                keyid:30:37:A5:F7:67:97:47:83:9A:9C:5D:74:0E:10:A9:41:19:17:57:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDel92eXR4OanF10DhCpQRkXV3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/70337f-65ee-4242-bb29-22f4b9cf8f9f/1/KbZyJ3wGwnuH0d_QA5kZ_GbnScQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/70337f-65ee-4242-bb29-22f4b9cf8f9f/1/MDel92eXR4OanF10DhCpQRkXV3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.150.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:c6:e0:a2:56:b7:cb:e8:b7:db:5e:87:ed:07:a3:42:3f:39:
         7f:a3:e7:f8:0b:7f:98:c4:88:b6:40:e2:dc:2d:34:cc:22:96:
         32:c8:2e:f4:08:87:01:f8:e1:b4:ae:c5:06:73:c8:bc:51:f5:
         40:a1:a9:07:70:4d:6e:a8:26:09:03:37:7f:23:d6:8e:a6:9d:
         9b:2c:7a:5f:76:83:12:01:ca:91:42:40:b8:c8:7e:44:0f:ba:
         ac:e7:07:21:71:f3:d0:b9:ee:7a:88:3e:69:38:bf:2c:25:8a:
         d6:da:2d:19:ec:da:75:f6:01:19:e5:04:7e:9a:bc:01:fe:d0:
         d3:04:d2:cc:33:9a:08:e3:94:4e:bf:5c:95:4b:c3:03:5f:20:
         0b:7f:98:e8:4f:44:70:07:3e:92:cf:54:91:51:d5:16:87:1d:
         c4:7c:51:40:40:cf:60:e2:55:c9:fe:e1:bb:45:df:72:31:a7:
         b1:a8:aa:a8:23:7e:a0:88:cd:5b:bb:46:10:e4:37:b9:bd:df:
         8e:75:14:4c:48:3c:5e:52:b1:6f:a6:c5:15:57:8c:8a:e0:70:
         60:6c:2a:30:eb:77:44:75:cc:b0:56:c0:4f:6c:22:ab:f3:54:
         20:a6:95:40:9c:a2:14:80:6f:6e:47:4b:1e:62:be:a8:e2:d9:
         7e:a2:76:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUQCPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDM3YTVmNzY3OTc0NzgzOWE5YzVkNzQwZTEwYTk0MTE5MTc1NzcyMB4XDTIyMDEw
MTA0NTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjliNjcyMjc3YzA2
YzI3Yjg3ZDFkZmQwMDM5OTE5ZmM2NmU3NDljNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwQkFLo6DZkeZjQ7LohlFCFzfhuZuMwHq/mDHDsonrfVntN
zE5kWB/HO8b48nk0fCHRn7HVmRv0WoJ2ga/0I3FXgbQ9i/w7TYHXF63gKPIhyBzc
6rK30+gu8mjerqajQRpS1xAuKSpx7l2oiui1h8bpwQAc/Miuz5pBKCOH4A1Yzzuk
/hS4MFSyy+hmAlfKywVyBeFeFGL4M5hkdYvLYa6hm56kIcmVAMdJtIQ5deNWRcS1
M3Vxv1lISPI7XIS4eGlTwRICT9tQIHsI4eQOhU3toA29IOf/VxT8BPRWMhtH3pKO
hkActRiy/QJZO539/nOfVoG/yusgTCSmoJzooWkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQptnInfAbCe4fR39ADmRn8ZudJxDAfBgNVHSMEGDAWgBQwN6X3Z5dHg5qc
XXQOEKlBGRdXcjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01EZWw5MmVYUjRPYW5GMTBEaENwUVJrWFYzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvNzAzMzdmLTY1ZWUtNDI0Mi1iYjI5LTIyZjRiOWNmOGY5Zi8x
L0tiWnlKM3dHd251SDBkX1FBNWtaX0diblNjUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
NzAzMzdmLTY1ZWUtNDI0Mi1iYjI5LTIyZjRiOWNmOGY5Zi8xL01EZWw5MmVYUjRP
YW5GMTBEaENwUVJrWFYzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKWTDANBgkqhkiG9w0BAQsFAAOC
AQEAdcbgola3y+i3216H7QejQj85f6Pn+At/mMSItkDi3C00zCKWMsgu9AiHAfjh
tK7FBnPIvFH1QKGpB3BNbqgmCQM3fyPWjqadmyx6X3aDEgHKkUJAuMh+RA+6rOcH
IXHz0Lnueog+aTi/LCWK1totGezadfYBGeUEfpq8Af7Q0wTSzDOaCOOUTr9clUvD
A18gC3+Y6E9EcAc+ks9UkVHVFocdxHxRQEDPYOJVyf7hu0XfcjGnsaiqqCN+oIjN
W7tGEOQ3ub3fjnUUTEg8XlKxb6bFFVeMiuBwYGwqMOt3RHXMsFbAT2wiq/NUIKaV
QJyiFIBvbkdLHmK+qOLZfqJ2KQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:51 2023 by rpki-client on console-fra.rpki-client.org