Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7AprMAcXzffX6gmaoMRBzBb4Vpg.roa
File:                     7AprMAcXzffX6gmaoMRBzBb4Vpg.roa (raw, json)
Hash identifier:          Jb7jj9uQcwKnPjzL1d9tVZ2PnA0zvJ2/H/Pe2S3OmK8=
Subject key identifier:   EC:0A:6B:30:07:17:CD:F7:D7:EA:09:9A:A0:C4:41:CC:16:F8:56:98
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01845B48BC23723127981D228E4FBB7529E3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7AprMAcXzffX6gmaoMRBzBb4Vpg.roa
Signing time:             Wed 09 Nov 2022 07:26:44 +0000
ROA not before:           Wed 09 Nov 2022 07:26:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        193.124.46.0/24 maxlen: 24
                          212.192.210.0/24 maxlen: 24
                          194.58.43.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          194.87.191.0/24 maxlen: 24
                          212.193.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:5b:48:bc:23:72:31:27:98:1d:22:8e:4f:bb:75:29:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov  9 07:26:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec0a6b300717cdf7d7ea099aa0c441cc16f85698
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6d:1e:ad:52:53:01:c0:1e:6d:d7:3c:2e:49:
                    77:96:dd:24:53:e9:d3:98:e4:8c:df:79:5d:2a:11:
                    9c:49:34:17:63:c2:b4:f4:33:a6:f2:12:91:fd:e3:
                    8b:5b:9c:2c:08:2d:7c:f7:f3:cb:72:b3:b5:12:3e:
                    79:07:31:86:06:f5:3c:78:16:56:f0:77:db:3b:42:
                    0f:be:61:b8:df:1d:1d:a7:8d:96:a1:17:f1:3d:db:
                    92:90:33:71:8e:0c:d2:fa:6a:87:37:77:6b:fc:20:
                    90:7b:f6:7c:64:c6:58:98:5e:b0:c8:59:72:c7:b4:
                    c6:96:d4:5e:e2:39:e4:e5:05:bb:11:69:98:24:70:
                    d0:af:39:91:8d:af:a9:1d:65:f0:ac:7e:8a:be:7d:
                    b3:4d:e8:3e:fc:60:64:85:e4:6c:b8:c7:23:46:75:
                    70:f1:d6:c2:9c:e2:55:23:43:9c:df:52:06:d1:d2:
                    22:eb:76:4d:69:1d:df:48:77:b9:3f:65:a4:fb:70:
                    3b:6d:86:66:fd:4d:ba:09:23:3d:a1:cf:2f:b4:c4:
                    a0:2a:fb:fb:c0:3e:96:96:1d:07:d1:9b:9f:f6:98:
                    fa:21:1c:c4:bf:89:e1:c3:63:47:93:5d:18:01:87:
                    1b:6a:cc:cf:9c:dd:95:f1:11:ce:2a:3f:d1:f2:6f:
                    4b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:0A:6B:30:07:17:CD:F7:D7:EA:09:9A:A0:C4:41:CC:16:F8:56:98
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7AprMAcXzffX6gmaoMRBzBb4Vpg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.46.0/24
                  194.58.43.0/24
                  194.87.176.0/24
                  194.87.191.0/24
                  212.192.210.0/24
                  212.193.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:20:1e:d7:7f:3c:5c:f9:3a:02:5e:45:9a:ac:fb:45:41:09:
         70:7d:a3:b1:a3:17:bd:69:c7:34:9d:2c:3c:e4:8d:21:de:9f:
         8b:c4:0f:db:eb:26:5d:0c:ba:76:b7:ce:2c:11:af:2d:14:6b:
         f4:86:3d:ff:d5:b5:87:ec:85:87:f9:fb:a8:e4:57:fc:16:4f:
         87:85:4e:7e:61:c1:e7:ac:f7:07:ca:a1:6c:bf:f5:7b:dd:47:
         aa:d1:80:bf:55:b2:0b:b3:0f:ff:14:ac:fc:74:01:1a:04:b5:
         bd:ba:af:0c:44:55:da:0d:d6:a5:6c:03:88:40:a6:b5:5c:70:
         aa:e0:06:5b:42:85:5f:90:9f:74:de:23:41:5a:87:43:1c:1e:
         dc:88:09:34:ae:ea:f4:e0:1c:3b:2f:c7:60:f5:05:5a:9f:af:
         b6:28:74:b7:ca:a1:5d:7c:6c:e4:e8:e0:5e:a6:62:0d:4f:0b:
         65:e3:a1:46:8e:4b:5e:71:b0:91:cd:a1:7a:e8:45:2c:4e:f3:
         65:86:53:0b:da:b7:5a:23:0b:d4:90:02:ed:ca:ae:ac:55:bb:
         19:24:84:0e:f2:dc:61:06:44:c7:37:ac:e6:d6:68:f8:50:5c:
         0c:00:68:89:b3:f2:27:5d:bf:51:ec:a3:39:84:77:87:42:fc:
         23:86:c3:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYRbSLwjcjEnmB0ijk+7dSnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA5MDcyNjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzBhNmIzMDA3MTdjZGY3ZDdlYTA5OWFhMGM0NDFjYzE2Zjg1Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW0erVJTAcAebdc8Lkl3lt0kU+nT
mOSM33ldKhGcSTQXY8K09DOm8hKR/eOLW5wsCC189/PLcrO1Ej55BzGGBvU8eBZW
8HfbO0IPvmG43x0dp42WoRfxPduSkDNxjgzS+mqHN3dr/CCQe/Z8ZMZYmF6wyFly
x7TGltRe4jnk5QW7EWmYJHDQrzmRja+pHWXwrH6Kvn2zTeg+/GBkheRsuMcjRnVw
8dbCnOJVI0Oc31IG0dIi63ZNaR3fSHe5P2Wk+3A7bYZm/U26CSM9oc8vtMSgKvv7
wD6Wlh0H0Zuf9pj6IRzEv4nhw2NHk10YAYcbaszPnN2V8RHOKj/R8m9LGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOwKazAHF8331+oJmqDEQcwW+FaYMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN0Fwck1BY1h6ZmZYNmdtYW9NUkJ6QmI0VnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwuAwQA
wjorAwQAwlewAwQAwle/AwQA1MDSAwQA1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQAG
IB7Xfzxc+ToCXkWarPtFQQlwfaOxoxe9acc0nSw85I0h3p+LxA/b6yZdDLp2t84s
Ea8tFGv0hj3/1bWH7IWH+fuo5Ff8Fk+HhU5+YcHnrPcHyqFsv/V73Ueq0YC/VbIL
sw//FKz8dAEaBLW9uq8MRFXaDdalbAOIQKa1XHCq4AZbQoVfkJ903iNBWodDHB7c
iAk0rur04Bw7L8dg9QVan6+2KHS3yqFdfGzk6OBepmINTwtl46FGjktecbCRzaF6
6EUsTvNlhlML2rdaIwvUkALtyq6sVbsZJIQO8txhBkTHN6zm1mj4UFwMAGiJs/In
Xb9R7KM5hHeHQvwjhsOa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org