Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7XPEhwyppkFiohwBVv8uUOHXuZI.roa
File:                     7XPEhwyppkFiohwBVv8uUOHXuZI.roa (raw, json)
Hash identifier:          JEgOn8vs6CDk1/ArEBMdzfL1z8FEvpUn7Ijb/QDgGuA=
Subject key identifier:   ED:73:C4:87:0C:A9:A6:41:62:A2:1C:01:56:FF:2E:50:E1:D7:B9:92
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01843281FF4EB3F15B92EB9908C6C9474B63
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7XPEhwyppkFiohwBVv8uUOHXuZI.roa
Signing time:             Tue 01 Nov 2022 09:24:51 +0000
ROA not before:           Tue 01 Nov 2022 09:24:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212598
IP address blocks:        194.87.209.0/24 maxlen: 24
                          194.87.137.0/24 maxlen: 24
                          194.87.36.0/24 maxlen: 24
                          194.87.39.0/24 maxlen: 24
                          194.58.33.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:32:81:ff:4e:b3:f1:5b:92:eb:99:08:c6:c9:47:4b:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov  1 09:24:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ed73c4870ca9a64162a21c0156ff2e50e1d7b992
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:bd:17:75:c5:4a:49:66:09:5b:3a:f8:5b:3e:
                    0b:30:18:06:38:3d:5c:ee:d8:36:e3:2a:f7:03:1d:
                    4f:2c:f4:60:90:44:37:08:2c:70:9b:23:0c:4a:6c:
                    01:75:2e:36:26:96:7c:1e:dc:47:48:c8:7e:bd:be:
                    45:2b:bb:74:65:73:7a:69:18:f6:bd:8e:59:da:65:
                    93:77:cb:56:22:21:b7:ba:76:8a:fc:85:b1:56:15:
                    ef:ac:eb:f9:fa:47:aa:6a:25:30:11:57:0d:49:e0:
                    19:b6:68:9b:39:78:9e:a8:80:56:39:fe:13:90:ce:
                    5d:5b:f8:8a:92:78:06:f2:e4:8b:4e:fa:f5:22:61:
                    c7:c4:09:29:d2:43:e4:d5:70:78:56:ab:d8:c6:b7:
                    34:55:09:65:63:fd:c0:94:b6:b2:07:c5:61:ab:2b:
                    54:fc:d3:ce:65:5e:98:3a:a9:1b:51:ad:8c:38:d1:
                    65:8c:93:9d:27:42:01:bc:fb:79:1f:ac:b4:18:30:
                    d3:09:50:37:aa:4b:aa:e9:38:46:e5:f6:21:a0:94:
                    ca:ef:b5:68:5d:06:9f:80:bd:31:a7:6c:42:d8:e7:
                    eb:92:ab:24:46:51:2d:d4:be:ae:82:0b:e3:fb:c8:
                    4a:57:9c:61:25:de:18:28:22:92:0c:d7:74:da:8f:
                    0b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:73:C4:87:0C:A9:A6:41:62:A2:1C:01:56:FF:2E:50:E1:D7:B9:92
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7XPEhwyppkFiohwBVv8uUOHXuZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.58.33.0/24
                  194.87.36.0/24
                  194.87.39.0/24
                  194.87.137.0/24
                  194.87.182.0/24
                  194.87.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:62:a4:ae:ef:3a:0f:fa:b8:a2:01:5c:ec:9f:aa:cb:2f:bc:
         d0:a2:c7:7c:7a:86:8e:e6:00:91:e8:9b:b8:ad:67:5c:9a:49:
         d1:0e:2a:2e:c8:3c:66:74:a4:50:f5:4a:92:50:fd:8f:3a:71:
         84:ec:c7:3b:59:d8:1a:a2:6a:e9:a4:28:45:4c:98:9f:52:75:
         2f:6c:bb:16:b9:59:30:11:01:3b:f1:97:a0:9e:4e:d9:f7:41:
         b1:0d:9d:52:de:86:72:40:54:08:78:3e:61:47:2a:10:d3:50:
         18:28:f5:53:61:66:a8:52:5f:0e:c5:c4:be:7f:43:68:c3:a5:
         2f:9f:a0:59:53:09:ff:b3:5c:08:52:2c:9b:86:e6:d8:72:d0:
         f9:c2:b2:c1:51:af:c0:dd:a2:47:0c:c5:78:a4:72:eb:42:46:
         33:c2:ac:49:b7:d7:a8:4a:bd:4e:6d:97:1f:92:82:30:eb:fa:
         2e:e5:df:47:7e:7c:56:1b:66:4a:76:4a:45:4a:c8:8a:54:93:
         48:36:47:e5:51:76:60:97:e1:b5:55:88:21:46:92:00:10:3f:
         f3:57:3b:bc:3a:d8:e5:68:12:ef:0b:d6:19:96:a1:93:fa:26:
         a2:3c:d4:13:20:a3:62:b6:24:62:93:f2:c7:03:08:b6:47:3f:
         a1:fe:2a:29
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQygf9Os/FbkuuZCMbJR0tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTAxMDkyNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDczYzQ4NzBjYTlhNjQxNjJhMjFjMDE1NmZmMmU1MGUxZDdiOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl70XdcVKSWYJWzr4Wz4LMBgGOD1c
7tg24yr3Ax1PLPRgkEQ3CCxwmyMMSmwBdS42JpZ8HtxHSMh+vb5FK7t0ZXN6aRj2
vY5Z2mWTd8tWIiG3unaK/IWxVhXvrOv5+keqaiUwEVcNSeAZtmibOXieqIBWOf4T
kM5dW/iKkngG8uSLTvr1ImHHxAkp0kPk1XB4VqvYxrc0VQllY/3AlLayB8VhqytU
/NPOZV6YOqkbUa2MONFljJOdJ0IBvPt5H6y0GDDTCVA3qkuq6ThG5fYhoJTK77Vo
XQafgL0xp2xC2OfrkqskRlEt1L6uggvj+8hKV5xhJd4YKCKSDNd02o8LWwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO1zxIcMqaZBYqIcAVb/LlDh17mSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN1hQRWh3eXBwa0Zpb2h3QlZ2OHVVT0hYdVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwjohAwQA
wlckAwQAwlcnAwQAwleJAwQAwle2AwQAwlfRMA0GCSqGSIb3DQEBCwUAA4IBAQB4
YqSu7zoP+riiAVzsn6rLL7zQosd8eoaO5gCR6Ju4rWdcmknRDiouyDxmdKRQ9UqS
UP2POnGE7Mc7WdgaomrppChFTJifUnUvbLsWuVkwEQE78Zegnk7Z90GxDZ1S3oZy
QFQIeD5hRyoQ01AYKPVTYWaoUl8OxcS+f0Now6Uvn6BZUwn/s1wIUiybhubYctD5
wrLBUa/A3aJHDMV4pHLrQkYzwqxJt9eoSr1ObZcfkoIw6/ou5d9HfnxWG2ZKdkpF
SsiKVJNINkflUXZgl+G1VYghRpIAED/zVzu8OtjlaBLvC9YZlqGT+iaiPNQTIKNi
tiRik/LHAwi2Rz+h/iop
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org