Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DqMzcGoV-7dmV6Fc5YsvmZGMdnI.roa
File:                     DqMzcGoV-7dmV6Fc5YsvmZGMdnI.roa (raw, json)
Hash identifier:          uitsRqXNNKShUJDZFJtAeNECZFBdgUwxmvCYKBKl22g=
Subject key identifier:   0E:A3:33:70:6A:15:FB:B7:66:57:A1:5C:E5:8B:2F:99:91:8C:76:72
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01826E3D462134DE604D918C517148B3AB3C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DqMzcGoV-7dmV6Fc5YsvmZGMdnI.roa
Signing time:             Fri 05 Aug 2022 13:41:25 +0000
ROA not before:           Fri 05 Aug 2022 13:41:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210388
IP address blocks:        62.76.235.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:6e:3d:46:21:34:de:60:4d:91:8c:51:71:48:b3:ab:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug  5 13:41:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0ea333706a15fbb76657a15ce58b2f99918c7672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:0f:ac:98:ec:d0:6f:41:24:57:22:83:71:8b:
                    9d:3b:2c:47:ee:34:a1:c9:b3:0f:61:73:a3:77:ea:
                    a8:65:bd:85:2c:81:69:84:ad:65:c7:a1:36:92:30:
                    38:44:e4:02:af:31:f1:85:87:e9:6b:ab:a7:64:15:
                    0a:1e:3f:3e:17:32:2f:ff:eb:f0:57:e8:43:c4:9e:
                    99:dd:f1:2d:51:3a:30:6c:57:8b:68:fb:96:6e:ff:
                    1b:cf:ea:fd:12:f0:90:64:68:d8:97:16:67:72:69:
                    e5:3b:c6:f4:7f:80:0a:1a:67:6e:63:e5:67:9f:25:
                    a7:64:9f:e6:9d:8e:d5:35:66:69:44:95:28:6a:b1:
                    74:6e:17:30:45:fb:5c:2c:4b:28:3c:51:27:65:c4:
                    19:df:58:0e:ab:3d:eb:9e:e8:8b:6d:3d:8c:69:d9:
                    9e:e0:5a:9d:b3:84:a3:1d:7f:51:fe:0f:66:ab:c5:
                    c0:27:c8:83:71:26:a2:54:cd:2e:01:f7:95:53:33:
                    8b:47:82:da:9a:11:aa:c3:7d:56:3e:a8:08:5d:e8:
                    90:62:4f:fa:56:ba:95:ab:01:12:6d:04:4e:b3:4d:
                    f6:d6:18:52:6f:52:c6:65:2e:d1:9a:09:22:25:48:
                    0f:82:df:78:e2:64:f9:49:34:1c:36:0e:6d:76:86:
                    14:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:A3:33:70:6A:15:FB:B7:66:57:A1:5C:E5:8B:2F:99:91:8C:76:72
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DqMzcGoV-7dmV6Fc5YsvmZGMdnI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:a5:35:9a:74:f0:8d:f4:ee:7b:cd:fa:38:eb:5c:02:31:33:
         0e:7e:92:08:18:9a:fe:08:33:b0:0e:ac:03:86:ea:a0:a6:57:
         47:30:1f:02:65:04:0e:2b:db:1f:a8:72:87:aa:ee:87:77:1a:
         fe:85:cb:48:f9:16:d1:c8:e7:b7:ba:cd:6b:75:eb:0a:54:09:
         4d:cb:db:40:49:73:86:de:0a:07:72:8b:69:1a:5e:87:9c:25:
         3e:d7:07:1f:61:66:4f:95:b2:f1:1c:c2:bd:1f:99:69:bb:d0:
         ad:8c:4b:c8:f6:8d:36:d5:ff:2d:fe:a4:de:93:79:76:22:e8:
         dd:2e:f2:2b:52:c5:e2:5c:3e:f3:33:ed:96:e6:23:62:d1:cc:
         0d:f3:e7:6f:e5:04:36:94:91:b1:2d:74:84:ed:21:c8:3a:63:
         83:80:48:03:58:7b:9c:43:31:59:c9:e8:89:2a:c7:97:78:9d:
         f0:eb:40:f5:48:bb:14:6d:c2:85:a2:dc:97:6e:b0:30:b3:b8:
         f7:68:ef:8e:65:f5:2c:c7:8e:8c:ee:05:c4:fa:46:42:18:97:
         aa:4a:51:8e:0e:53:1b:01:3e:cd:ea:34:49:37:e1:8e:45:43:
         e4:5c:46:55:7a:79:57:e5:dc:b8:10:01:21:66:7c:47:04:f8:
         1a:31:ce:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJuPUYhNN5gTZGMUXFIs6s8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODA1MTM0MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWEzMzM3MDZhMTVmYmI3NjY1N2ExNWNlNThiMmY5OTkxOGM3NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA+smOzQb0EkVyKDcYudOyxH7jSh
ybMPYXOjd+qoZb2FLIFphK1lx6E2kjA4ROQCrzHxhYfpa6unZBUKHj8+FzIv/+vw
V+hDxJ6Z3fEtUTowbFeLaPuWbv8bz+r9EvCQZGjYlxZncmnlO8b0f4AKGmduY+Vn
nyWnZJ/mnY7VNWZpRJUoarF0bhcwRftcLEsoPFEnZcQZ31gOqz3rnuiLbT2Madme
4Fqds4SjHX9R/g9mq8XAJ8iDcSaiVM0uAfeVUzOLR4LamhGqw31WPqgIXeiQYk/6
VrqVqwESbQROs0321hhSb1LGZS7RmgkiJUgPgt944mT5STQcNg5tdoYU6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6jM3BqFfu3ZlehXOWLL5mRjHZyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRHFNemNHb1YtN2RtVjZGYzVZc3ZtWkdNZG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkzrMA0G
CSqGSIb3DQEBCwUAA4IBAQAnpTWadPCN9O57zfo461wCMTMOfpIIGJr+CDOwDqwD
huqgpldHMB8CZQQOK9sfqHKHqu6Hdxr+hctI+RbRyOe3us1rdesKVAlNy9tASXOG
3goHcotpGl6HnCU+1wcfYWZPlbLxHMK9H5lpu9CtjEvI9o021f8t/qTek3l2Iujd
LvIrUsXiXD7zM+2W5iNi0cwN8+dv5QQ2lJGxLXSE7SHIOmODgEgDWHucQzFZyeiJ
KseXeJ3w60D1SLsUbcKFotyXbrAws7j3aO+OZfUsx46M7gXE+kZCGJeqSlGODlMb
AT7N6jRJN+GORUPkXEZVenlX5dy4EAEhZnxHBPgaMc6P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org