Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AOEHEAz5P6jeOeHqO6rFnE8MXr8.roa
File:                     AOEHEAz5P6jeOeHqO6rFnE8MXr8.roa (raw, json)
Hash identifier:          x/j1yLHlzVpWQU8oysKWInqU6ZKcikWN3P+Ut2mlrOA=
Subject key identifier:   00:E1:07:10:0C:F9:3F:A8:DE:39:E1:EA:3B:AA:C5:9C:4F:0C:5E:BF
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018495ADF4AD26C199C973FF513D869FD2B2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AOEHEAz5P6jeOeHqO6rFnE8MXr8.roa
Signing time:             Sun 20 Nov 2022 15:35:16 +0000
ROA not before:           Sun 20 Nov 2022 15:35:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212598
IP address blocks:        194.87.209.0/24 maxlen: 24
                          194.87.39.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:95:ad:f4:ad:26:c1:99:c9:73:ff:51:3d:86:9f:d2:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov 20 15:35:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=00e107100cf93fa8de39e1ea3baac59c4f0c5ebf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e3:e4:1d:89:06:26:d3:80:48:e6:d3:bb:e7:
                    58:cc:3c:ce:a1:ab:f3:60:6d:b5:36:97:db:41:ee:
                    50:01:6c:81:30:37:df:51:77:fc:9f:3e:44:28:6a:
                    5a:3c:f8:fd:96:6f:71:64:11:03:7a:6d:c4:93:77:
                    41:77:4e:89:98:19:13:c0:7c:68:a2:23:e0:da:95:
                    55:69:77:07:74:d4:48:eb:60:18:2b:25:a9:2b:02:
                    1c:19:8c:fa:23:a7:5e:3f:6f:33:77:f9:31:1e:b5:
                    ae:80:6c:f5:3d:35:6f:75:29:58:50:7c:07:7f:06:
                    06:c1:2c:21:71:65:44:e2:96:76:f6:dd:1d:52:d0:
                    61:70:9b:1a:a8:66:ce:88:ea:10:d8:d9:b6:f8:5f:
                    7e:c9:62:7b:a8:f1:ff:25:63:c8:3c:eb:0a:b9:8b:
                    e1:17:50:81:d0:91:ce:40:eb:a6:1e:bf:8e:f4:a9:
                    eb:b4:c0:53:f1:65:c0:95:a5:15:af:3a:ce:29:f4:
                    bc:98:36:49:75:37:e0:5e:6a:ed:e5:f2:0a:77:67:
                    24:22:55:78:8f:b4:a3:79:d4:22:74:20:a7:b7:e3:
                    e8:94:08:90:7b:ce:e6:8e:72:c5:cf:09:d9:a8:1c:
                    10:b4:dc:b7:db:24:9d:4d:83:70:c8:d9:e8:27:ee:
                    07:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:E1:07:10:0C:F9:3F:A8:DE:39:E1:EA:3B:AA:C5:9C:4F:0C:5E:BF
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AOEHEAz5P6jeOeHqO6rFnE8MXr8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.39.0/24
                  194.87.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:1b:61:4b:3f:6b:3f:cd:6c:32:3a:54:dd:5d:34:b4:2b:b3:
         01:6c:6d:13:2a:60:69:65:60:9c:2d:07:c5:37:6f:3c:36:6d:
         ea:b2:d2:be:d5:bb:78:7b:d2:57:1c:56:0b:98:a6:ba:4c:42:
         ed:28:4c:b2:03:ef:b8:df:48:cf:cb:fc:97:dd:d1:17:78:63:
         9d:da:39:75:6a:9d:87:cf:83:70:47:36:5c:59:02:02:43:47:
         cc:8e:6a:c4:cc:02:3d:42:16:ca:d0:e4:05:c5:e8:b1:6e:38:
         ab:e9:ba:a9:2a:4c:0a:b4:3c:40:fa:27:92:00:c4:c3:05:c6:
         ea:44:48:ff:55:55:7c:6c:a5:39:6b:38:93:c0:af:90:7d:20:
         e5:48:96:c6:98:80:9a:1d:ca:f4:1e:dc:f6:67:35:11:1e:3b:
         a1:fa:aa:84:a3:98:06:0d:0b:9d:5c:db:c3:8b:c4:f4:f2:b3:
         54:77:4b:0f:f1:9a:45:e5:d8:13:ad:6f:a9:29:90:fd:1e:dd:
         16:d3:70:de:2e:59:48:78:6c:e0:2b:59:b2:e7:39:70:fc:6d:
         c5:fb:f5:72:59:50:05:e1:d5:fa:b5:63:72:68:89:56:e3:c9:
         a2:e6:3f:44:80:31:c0:60:2f:27:56:78:96:b2:e1:ac:bf:d0:
         d6:08:d9:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSVrfStJsGZyXP/UT2Gn9KyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTIwMTUzNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGUxMDcxMDBjZjkzZmE4ZGUzOWUxZWEzYmFhYzU5YzRmMGM1ZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+PkHYkGJtOASObTu+dYzDzOoavz
YG21NpfbQe5QAWyBMDffUXf8nz5EKGpaPPj9lm9xZBEDem3Ek3dBd06JmBkTwHxo
oiPg2pVVaXcHdNRI62AYKyWpKwIcGYz6I6deP28zd/kxHrWugGz1PTVvdSlYUHwH
fwYGwSwhcWVE4pZ29t0dUtBhcJsaqGbOiOoQ2Nm2+F9+yWJ7qPH/JWPIPOsKuYvh
F1CB0JHOQOumHr+O9KnrtMBT8WXAlaUVrzrOKfS8mDZJdTfgXmrt5fIKd2ckIlV4
j7SjedQidCCnt+PolAiQe87mjnLFzwnZqBwQtNy32ySdTYNwyNnoJ+4HUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFADhBxAM+T+o3jnh6juqxZxPDF6/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQU9FSEVBejVQNmplT2VIcU82ckZuRThNWHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlcnAwQA
wlfRMA0GCSqGSIb3DQEBCwUAA4IBAQBjG2FLP2s/zWwyOlTdXTS0K7MBbG0TKmBp
ZWCcLQfFN288Nm3qstK+1bt4e9JXHFYLmKa6TELtKEyyA++430jPy/yX3dEXeGOd
2jl1ap2Hz4NwRzZcWQICQ0fMjmrEzAI9QhbK0OQFxeixbjir6bqpKkwKtDxA+ieS
AMTDBcbqREj/VVV8bKU5aziTwK+QfSDlSJbGmICaHcr0Htz2ZzURHjuh+qqEo5gG
DQudXNvDi8T08rNUd0sP8ZpF5dgTrW+pKZD9Ht0W03DeLllIeGzgK1my5zlw/G3F
+/VyWVAF4dX6tWNyaIlW48mi5j9EgDHAYC8nVniWsuGsv9DWCNmS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org