Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CSCD74RBzEWGsI6T1baRFzHWfC0.roa
File:                     CSCD74RBzEWGsI6T1baRFzHWfC0.roa (raw, json)
Hash identifier:          bcKwiWNmL59y2Sem/582qqMPLrwWTQhMlYuCi+s0Mxg=
Subject key identifier:   09:20:83:EF:84:41:CC:45:86:B0:8E:93:D5:B6:91:17:31:D6:7C:2D
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0184136DCB27A2C0A5B6430447C86C85CA7E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CSCD74RBzEWGsI6T1baRFzHWfC0.roa
Signing time:             Wed 26 Oct 2022 08:34:33 +0000
ROA not before:           Wed 26 Oct 2022 08:34:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210974
IP address blocks:        212.192.2.0/24 maxlen: 24
                          195.58.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:13:6d:cb:27:a2:c0:a5:b6:43:04:47:c8:6c:85:ca:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 26 08:34:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=092083ef8441cc4586b08e93d5b6911731d67c2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:e0:3e:53:0f:fa:4c:f0:88:f2:ce:bd:b3:fe:
                    10:b9:10:0a:a8:4b:e0:ff:6a:b9:97:e4:2b:bf:8c:
                    12:41:f5:0b:ab:e9:52:7f:52:19:ed:57:55:ac:46:
                    9e:99:54:a8:82:14:0b:ac:bb:c6:93:2f:46:a3:19:
                    1a:86:ae:7f:43:73:50:6c:33:7f:f9:16:8b:2a:d3:
                    5b:0c:b5:10:ca:34:90:eb:fd:ef:35:06:59:4d:7e:
                    1b:2d:6e:cd:68:6b:42:27:9b:b1:fb:39:d8:83:59:
                    f6:12:a9:ab:13:76:1f:34:db:25:54:cf:9a:ed:b9:
                    e9:c0:88:5f:ee:51:ed:7b:4a:a2:e3:c1:1f:7b:20:
                    ba:cf:46:5a:f9:d6:e9:e3:01:b9:92:c9:36:c3:d3:
                    b7:54:e1:bc:c9:a5:2a:5a:a1:6e:6f:0d:9e:ff:92:
                    00:b5:e1:b7:ad:60:4c:44:fa:00:17:5c:25:3b:c7:
                    38:46:9c:6d:02:aa:a1:86:da:d9:ce:8f:11:07:5f:
                    68:41:55:59:f0:5f:d9:99:57:a0:41:bc:77:bb:6a:
                    6f:a7:be:d0:d5:8f:83:68:2d:97:a2:fb:f0:f0:b2:
                    c6:5a:f9:60:4c:f0:97:e0:31:2a:3d:eb:6d:7a:09:
                    09:fd:c1:13:44:ee:b4:ef:fb:9e:dd:70:8a:81:30:
                    50:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:20:83:EF:84:41:CC:45:86:B0:8E:93:D5:B6:91:17:31:D6:7C:2D
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CSCD74RBzEWGsI6T1baRFzHWfC0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.58.60.0/24
                  212.192.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:22:54:ba:37:ef:a7:18:88:45:d6:17:43:56:23:d1:52:da:
         a2:93:2c:90:7b:df:47:12:2e:da:f6:8a:78:86:e2:30:3b:ef:
         a5:bf:98:88:12:70:c7:94:72:61:b9:0a:9f:68:f4:13:00:2c:
         ce:46:e0:39:71:b5:e2:be:97:65:d9:7b:1d:f0:ad:f2:ff:4f:
         69:c7:15:0a:07:a5:9c:9a:eb:33:72:1f:95:d1:2a:f5:bf:97:
         4e:b6:36:d6:c1:96:be:94:68:c7:bb:91:ba:43:a1:c2:c6:3d:
         b4:5b:88:61:a4:89:d0:55:00:f5:f1:b2:07:0a:13:38:60:0a:
         27:70:dc:6f:3a:f0:db:83:47:90:0b:aa:c2:eb:51:00:47:13:
         93:79:fe:b0:ef:23:f2:b9:fd:b7:75:de:0a:3a:1a:a0:bc:9d:
         65:24:b3:ec:38:f7:5a:22:1e:ab:71:01:cf:24:d0:4a:67:e6:
         ac:f2:20:f0:b1:5f:5d:5d:13:eb:ad:c9:c5:8b:ec:fb:b1:91:
         2f:67:16:7e:9a:b3:c6:43:58:c9:e0:8c:eb:63:0c:2e:b3:c3:
         c9:98:78:9a:f9:fb:94:eb:36:f6:03:ea:d2:d1:3d:55:69:56:
         b7:cf:16:92:9f:74:a4:c0:03:2b:d4:d8:4a:0f:7e:68:c0:a1:
         f0:bf:3e:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQTbcsnosCltkMER8hshcp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI2MDgzNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTIwODNlZjg0NDFjYzQ1ODZiMDhlOTNkNWI2OTExNzMxZDY3YzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuA+Uw/6TPCI8s69s/4QuRAKqEvg
/2q5l+Qrv4wSQfULq+lSf1IZ7VdVrEaemVSoghQLrLvGky9Goxkahq5/Q3NQbDN/
+RaLKtNbDLUQyjSQ6/3vNQZZTX4bLW7NaGtCJ5ux+znYg1n2EqmrE3YfNNslVM+a
7bnpwIhf7lHte0qi48EfeyC6z0Za+dbp4wG5ksk2w9O3VOG8yaUqWqFubw2e/5IA
teG3rWBMRPoAF1wlO8c4RpxtAqqhhtrZzo8RB19oQVVZ8F/ZmVegQbx3u2pvp77Q
1Y+DaC2Xovvw8LLGWvlgTPCX4DEqPettegkJ/cETRO607/ue3XCKgTBQMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAkgg++EQcxFhrCOk9W2kRcx1nwtMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ1NDRDc0UkJ6RVdHc0k2VDFiYVJGekhXZkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwzo8AwQA
1MACMA0GCSqGSIb3DQEBCwUAA4IBAQAnIlS6N++nGIhF1hdDViPRUtqikyyQe99H
Ei7a9op4huIwO++lv5iIEnDHlHJhuQqfaPQTACzORuA5cbXivpdl2Xsd8K3y/09p
xxUKB6Wcmuszch+V0Sr1v5dOtjbWwZa+lGjHu5G6Q6HCxj20W4hhpInQVQD18bIH
ChM4YAoncNxvOvDbg0eQC6rC61EARxOTef6w7yPyuf23dd4KOhqgvJ1lJLPsOPda
Ih6rcQHPJNBKZ+as8iDwsV9dXRPrrcnFi+z7sZEvZxZ+mrPGQ1jJ4IzrYwwus8PJ
mHia+fuU6zb2A+rS0T1VaVa3zxaSn3SkwAMr1NhKD35owKHwvz4w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:09 2024 by rpki-client on console-fra.rpki-client.org