Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/76C-Dce7ve9B8Z9rQYbJwoxkzxk.roa
File:                     76C-Dce7ve9B8Z9rQYbJwoxkzxk.roa (raw, json)
Hash identifier:          lXH66dLHguAbHUtNf0Xee7BYw8g6p8SMB2oFJuC4ld8=
Subject key identifier:   EF:A0:BE:0D:C7:BB:BD:EF:41:F1:9F:6B:41:86:C9:C2:8C:64:CF:19
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0E144A1D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/76C-Dce7ve9B8Z9rQYbJwoxkzxk.roa
Signing time:             Sat 01 Jan 2022 01:58:13 +0000
ROA not before:           Sat 01 Jan 2022 01:58:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34549
IP address blocks:        194.87.176.0/23 maxlen: 23
                          194.87.180.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 236210717 (0xe144a1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 01:58:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=efa0be0dc7bbbdef41f19f6b4186c9c28c64cf19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:85:23:06:50:8a:c0:2e:cf:30:f2:2b:89:49:
                    6b:ea:ee:e4:2a:d2:b9:63:7d:6b:dc:31:a7:b7:17:
                    bc:b7:cc:23:86:88:eb:59:2d:cb:c1:9a:76:4d:b1:
                    ae:fb:be:3c:fd:16:cb:15:98:77:98:d4:e6:d3:4c:
                    a3:9c:60:07:c0:8a:06:81:e4:53:e1:57:27:33:e4:
                    e8:36:e0:5b:06:c7:cf:5b:3e:54:0d:4b:c5:eb:4a:
                    5f:9a:89:50:26:ae:4e:f3:42:b8:96:30:55:36:2d:
                    56:6a:ee:f9:52:91:e7:83:16:e4:25:a8:c4:3e:fe:
                    4d:1b:a8:12:2b:85:df:0a:04:84:6e:b3:05:9e:c6:
                    03:07:4d:d7:f9:c6:16:77:8a:25:9e:8b:aa:08:c7:
                    ef:eb:f0:85:f9:e8:3e:71:7a:e0:e6:0b:a6:ec:e2:
                    8a:34:05:84:de:1e:0f:0c:b8:af:b1:5b:48:82:c4:
                    9c:33:55:c8:4d:87:e2:01:84:b6:8b:6e:1b:83:28:
                    ce:a7:65:5c:f7:ea:fc:41:5c:7c:2e:be:93:60:7f:
                    f7:62:29:12:30:6b:58:b1:6b:83:8d:15:e8:85:cb:
                    14:13:70:27:36:93:0a:a0:ff:17:27:3c:18:da:47:
                    04:6e:c2:78:5f:d4:6d:1d:51:76:3a:a9:9a:46:55:
                    d9:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:A0:BE:0D:C7:BB:BD:EF:41:F1:9F:6B:41:86:C9:C2:8C:64:CF:19
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/76C-Dce7ve9B8Z9rQYbJwoxkzxk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.176.0/23
                  194.87.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         11:7f:4e:d8:17:58:08:cf:7c:f1:5b:0e:f6:9d:8f:68:f7:e8:
         79:b2:7b:97:f1:34:6e:da:ee:ba:26:62:3f:52:6f:dd:d6:41:
         dc:12:7e:63:7b:03:cb:e3:c7:18:25:a2:a5:b0:13:01:60:5a:
         a0:91:d6:5e:65:5e:aa:68:1d:9d:5a:c1:a2:7d:bb:e4:f7:b1:
         50:cc:b4:72:b5:74:b5:2b:85:46:35:7b:af:91:83:6c:86:c1:
         bc:f9:75:ff:57:70:b0:9e:7e:4f:3b:5d:bf:81:ea:e7:08:70:
         d0:79:e0:cb:e3:f2:b4:4e:9a:b1:6a:0a:61:13:d7:a0:42:1b:
         f6:4f:a8:28:04:69:a0:35:d6:18:c9:bf:cb:ef:e7:07:4f:9a:
         80:d9:df:4a:84:ee:61:d3:54:7d:44:ec:f0:2c:e8:ba:e1:35:
         8a:f6:46:cf:03:15:04:ba:79:48:8c:f6:23:16:cd:56:6c:a2:
         c8:24:c1:45:77:9b:1e:a3:d1:f7:cc:90:a9:0c:18:22:84:51:
         5f:64:68:d1:f4:c3:29:ff:bb:32:42:a9:e9:67:f9:0f:e6:07:
         34:5f:b8:02:d8:83:12:6b:f6:1c:75:7f:65:6e:32:7f:a9:2d:
         94:4f:38:c3:e0:0b:f9:99:e2:1a:dc:e8:a7:2d:e5:46:03:29:
         3b:72:d5:0d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDhRKHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWZhMGJlMGRjN2Ji
YmRlZjQxZjE5ZjZiNDE4NmM5YzI4YzY0Y2YxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALaFIwZQisAuzzDyK4lJa+ru5CrSuWN9a9wxp7cXvLfMI4aI
61kty8Gadk2xrvu+PP0WyxWYd5jU5tNMo5xgB8CKBoHkU+FXJzPk6DbgWwbHz1s+
VA1LxetKX5qJUCauTvNCuJYwVTYtVmru+VKR54MW5CWoxD7+TRuoEiuF3woEhG6z
BZ7GAwdN1/nGFneKJZ6LqgjH7+vwhfnoPnF64OYLpuziijQFhN4eDwy4r7FbSILE
nDNVyE2H4gGEtotuG4MozqdlXPfq/EFcfC6+k2B/92IpEjBrWLFrg40V6IXLFBNw
JzaTCqD/Fyc8GNpHBG7CeF/UbR1RdjqpmkZV2dMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTvoL4Nx7u970Hxn2tBhsnCjGTPGTAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
Lzc2Qy1EY2U3dmU5QjhaOXJRWWJKd294a3p4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcJXsAMEAcJXtDANBgkqhkiG9w0B
AQsFAAOCAQEAEX9O2BdYCM988VsO9p2PaPfoebJ7l/E0btruuiZiP1Jv3dZB3BJ+
Y3sDy+PHGCWipbATAWBaoJHWXmVeqmgdnVrBon275PexUMy0crV0tSuFRjV7r5GD
bIbBvPl1/1dwsJ5+Tztdv4Hq5whw0Hngy+PytE6asWoKYRPXoEIb9k+oKARpoDXW
GMm/y+/nB0+agNnfSoTuYdNUfUTs8CzouuE1ivZGzwMVBLp5SIz2IxbNVmyiyCTB
RXebHqPR98yQqQwYIoRRX2Ro0fTDKf+7MkKp6Wf5D+YHNF+4AtiDEmv2HHV/ZW4y
f6ktlE84w+AL+ZniGtzopy3lRgMpO3LVDQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org