Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BI8hwItPgwCGNpJyg7v8ustOCRc.roa
File:                     BI8hwItPgwCGNpJyg7v8ustOCRc.roa (raw, json)
Hash identifier:          lRd9dBqe8kfDeKwtwPafl0LAQlur6ahczw+uxWCRxKs=
Subject key identifier:   04:8F:21:C0:8B:4F:83:00:86:36:92:72:83:BB:FC:BA:CB:4E:09:17
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01840A795D2056432765105BC469669C0B45
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BI8hwItPgwCGNpJyg7v8ustOCRc.roa
Signing time:             Mon 24 Oct 2022 14:50:36 +0000
ROA not before:           Mon 24 Oct 2022 14:50:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203639
IP address blocks:        195.58.38.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0a:79:5d:20:56:43:27:65:10:5b:c4:69:66:9c:0b:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 24 14:50:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=048f21c08b4f83008636927283bbfcbacb4e0917
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e1:03:02:14:e7:4e:45:6e:1b:0c:da:8b:64:
                    c9:e7:b2:00:80:3f:31:d9:e7:da:29:ca:38:2f:fc:
                    5a:6c:32:e9:85:db:9c:b0:60:66:fd:a5:91:f3:40:
                    9c:98:e6:2b:e3:30:c8:65:bf:04:96:4f:f6:d0:70:
                    c5:f0:5a:17:fb:fa:59:93:b3:0d:71:fd:ff:77:16:
                    66:ae:17:29:e1:66:22:af:6c:71:78:6a:07:50:54:
                    0e:3a:e2:f9:f3:55:08:c4:fb:44:15:ce:99:0c:87:
                    3d:cf:3a:b9:90:3a:fd:81:8f:49:e6:ad:41:fa:cb:
                    5a:c7:32:cd:64:bf:2f:8a:d6:a7:69:07:24:96:d4:
                    9a:ab:7c:b8:9f:99:1c:89:8e:15:1c:04:54:1e:5e:
                    b3:83:fa:35:0f:ad:3d:39:06:fb:bc:d5:e4:ac:6b:
                    37:04:f6:40:a7:36:27:20:22:ab:09:d4:80:d0:91:
                    54:18:79:92:3c:3c:fa:0c:29:1b:6e:60:ce:5a:62:
                    ef:21:3a:df:52:d6:62:ae:75:fd:16:f6:9a:64:7c:
                    ef:5b:a6:ab:67:2e:fe:4b:fa:92:0b:50:14:e0:99:
                    ae:d0:ac:6c:67:86:87:51:5b:dc:20:61:8e:5d:ad:
                    d0:f0:46:53:c4:89:0e:f1:3e:0d:53:bf:6b:bf:b2:
                    9e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:8F:21:C0:8B:4F:83:00:86:36:92:72:83:BB:FC:BA:CB:4E:09:17
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BI8hwItPgwCGNpJyg7v8ustOCRc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.58.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:d1:33:83:6e:5c:7c:4b:50:7e:ce:b6:33:7c:37:0b:7e:d1:
         b1:c9:06:00:2b:ba:32:48:20:e7:e4:4d:80:3b:81:4b:70:5b:
         8b:86:8d:0e:d8:6a:21:e3:e3:34:b2:79:30:57:d3:4d:4a:e8:
         83:1a:f7:01:c7:e2:e8:94:04:54:f6:66:b7:66:c6:cf:29:fc:
         48:9b:b3:8e:2b:ae:fb:9d:47:46:6c:4c:7f:12:24:86:3d:66:
         dc:4d:c9:27:15:25:8f:bb:a6:3c:79:21:21:08:35:51:36:96:
         be:9f:41:15:d7:3f:cb:b4:06:dc:eb:64:53:f1:a0:23:d0:d2:
         63:bc:1d:8a:b2:0d:87:42:a7:e6:b9:35:ce:f0:ad:c9:7f:62:
         35:bf:30:64:07:89:ca:7b:fa:3d:0d:28:cd:37:8e:38:fa:6f:
         99:11:c3:8a:98:8a:62:67:f0:a4:c7:c6:80:67:e3:f2:af:0a:
         30:6e:78:c7:74:46:a8:3b:0f:a7:28:b4:80:2d:4d:94:e9:b9:
         3d:53:42:21:7c:9c:7d:db:98:8c:61:af:dc:a2:59:f6:ed:2c:
         e7:2c:de:91:4f:77:6c:a5:24:b8:ee:d2:4a:b5:90:1a:22:b0:
         4f:2e:a5:81:f0:eb:ec:34:dc:90:70:ac:72:bf:1c:10:5a:5e:
         30:58:23:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQKeV0gVkMnZRBbxGlmnAtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI0MTQ1MDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDhmMjFjMDhiNGY4MzAwODYzNjkyNzI4M2JiZmNiYWNiNGUwOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruEDAhTnTkVuGwzai2TJ57IAgD8x
2efaKco4L/xabDLphducsGBm/aWR80CcmOYr4zDIZb8Elk/20HDF8FoX+/pZk7MN
cf3/dxZmrhcp4WYir2xxeGoHUFQOOuL581UIxPtEFc6ZDIc9zzq5kDr9gY9J5q1B
+staxzLNZL8vitanaQckltSaq3y4n5kciY4VHARUHl6zg/o1D609OQb7vNXkrGs3
BPZApzYnICKrCdSA0JFUGHmSPDz6DCkbbmDOWmLvITrfUtZirnX9FvaaZHzvW6ar
Zy7+S/qSC1AU4Jmu0KxsZ4aHUVvcIGGOXa3Q8EZTxIkO8T4NU79rv7KeBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASPIcCLT4MAhjaScoO7/LrLTgkXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQkk4aHdJdFBnd0NHTnBKeWc3djh1c3RPQ1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzomMA0G
CSqGSIb3DQEBCwUAA4IBAQA20TODblx8S1B+zrYzfDcLftGxyQYAK7oySCDn5E2A
O4FLcFuLho0O2Goh4+M0snkwV9NNSuiDGvcBx+LolARU9ma3ZsbPKfxIm7OOK677
nUdGbEx/EiSGPWbcTcknFSWPu6Y8eSEhCDVRNpa+n0EV1z/LtAbc62RT8aAj0NJj
vB2Ksg2HQqfmuTXO8K3Jf2I1vzBkB4nKe/o9DSjNN444+m+ZEcOKmIpiZ/Ckx8aA
Z+PyrwowbnjHdEaoOw+nKLSALU2U6bk9U0IhfJx925iMYa/coln27SznLN6RT3ds
pSS47tJKtZAaIrBPLqWB8OvsNNyQcKxyvxwQWl4wWCPB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org