Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OUdfccYQnSrbZ8yykQQg6PByJfc.roa
File:                     OUdfccYQnSrbZ8yykQQg6PByJfc.roa (raw, json)
Hash identifier:          ZiDLVvDiUzArkD2u7nitll3xJ94l2wOywDh2ef7x2Zw=
Subject key identifier:   39:47:5F:71:C6:10:9D:2A:DB:67:CC:B2:91:04:20:E8:F0:72:25:F7
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       107F32F9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OUdfccYQnSrbZ8yykQQg6PByJfc.roa
Signing time:             Wed 22 Jun 2022 12:33:32 +0000
ROA not before:           Wed 22 Jun 2022 12:33:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207633
IP address blocks:        194.87.17.0/24 maxlen: 24
                          194.87.188.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 276771577 (0x107f32f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jun 22 12:33:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=39475f71c6109d2adb67ccb2910420e8f07225f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:96:9f:9a:77:9f:e6:5e:d0:9b:67:18:19:fb:
                    9c:ff:ca:cf:a4:ca:c4:f6:a2:5e:ca:a1:8b:ce:54:
                    9d:c5:f2:ff:f3:99:16:49:14:08:e7:23:9f:72:af:
                    9e:89:3c:2f:25:c1:27:92:9e:c5:a6:bc:e7:47:c3:
                    1a:9d:9f:27:12:36:5f:a2:19:c4:19:64:2d:41:6f:
                    93:15:0a:c6:a8:4a:bd:d0:a4:03:7b:93:c6:cd:d8:
                    aa:6d:a9:33:4d:b4:8d:e5:af:12:60:82:14:c4:a3:
                    40:ab:a6:25:c0:3c:b8:7a:71:32:12:fc:c0:f9:7e:
                    1f:cb:ea:58:ae:e7:d5:9a:81:17:2a:6b:6c:8c:8e:
                    a8:b6:62:4a:34:1a:e6:c0:60:de:ba:87:82:22:80:
                    02:18:21:48:d4:6d:d1:ec:1c:7e:81:ee:e8:41:02:
                    f8:5b:c9:79:c0:ef:27:5c:50:5f:4a:4f:b2:f4:67:
                    58:b2:8f:33:bc:82:66:04:17:7a:be:8c:57:92:51:
                    78:3f:8e:b9:0d:0b:72:70:b1:00:94:29:0b:c3:0a:
                    c5:b9:bc:6d:25:56:96:9a:76:cf:f6:48:75:8e:88:
                    56:d2:af:ff:9d:2c:f0:7b:aa:02:40:ad:e8:0e:fa:
                    45:c1:8c:cf:c6:97:01:14:75:5d:2d:bb:d0:2e:b7:
                    73:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:47:5F:71:C6:10:9D:2A:DB:67:CC:B2:91:04:20:E8:F0:72:25:F7
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OUdfccYQnSrbZ8yykQQg6PByJfc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.17.0/24
                  194.87.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:8c:ea:e2:52:08:41:f9:b6:e1:1e:57:f2:cc:bc:89:e9:3d:
         ee:b2:62:77:48:da:64:3a:3d:c3:9c:12:95:63:70:8e:e9:e2:
         75:43:57:2f:28:f5:0a:c5:9d:97:24:a6:11:b5:1b:c9:c7:19:
         18:15:92:d4:c8:91:3f:2a:96:08:01:ce:3e:e9:70:10:7d:e4:
         15:47:0a:30:47:d1:38:21:4c:49:20:73:37:50:7a:fd:0b:e9:
         4c:ce:47:d4:e9:10:c0:ee:de:25:06:0d:ea:45:c3:57:82:2b:
         cd:92:c7:e1:38:35:3c:e1:48:be:ae:16:bb:c8:6b:81:8e:ad:
         e5:4a:82:3e:1a:e9:62:50:16:1d:ea:2d:be:f8:59:f4:92:cc:
         44:f6:5a:72:47:7e:2c:18:2a:56:92:9f:03:4e:e4:b3:ba:75:
         b1:69:13:5e:be:6e:ed:e3:c2:99:30:9e:0a:ac:09:ee:f0:2e:
         a5:94:d4:95:c4:e2:f3:18:a9:bb:80:88:58:fb:59:dd:51:d2:
         4a:a7:b3:67:7b:23:42:0e:53:2f:b3:61:ef:be:22:c0:d2:e2:
         db:8a:6c:b9:72:c2:34:e0:e6:ed:59:fe:85:1b:7b:f7:5a:02:
         d3:e4:f8:4d:02:29:7a:ce:36:d4:b8:cb:b4:2c:4f:47:a4:96:
         17:f2:71:78
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEH8y+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDYy
MjEyMzMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk0NzVmNzFjNjEw
OWQyYWRiNjdjY2IyOTEwNDIwZThmMDcyMjVmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANOWn5p3n+Ze0JtnGBn7nP/Kz6TKxPaiXsqhi85UncXy//OZ
FkkUCOcjn3Kvnok8LyXBJ5Kexaa850fDGp2fJxI2X6IZxBlkLUFvkxUKxqhKvdCk
A3uTxs3Yqm2pM020jeWvEmCCFMSjQKumJcA8uHpxMhL8wPl+H8vqWK7n1ZqBFypr
bIyOqLZiSjQa5sBg3rqHgiKAAhghSNRt0ewcfoHu6EEC+FvJecDvJ1xQX0pPsvRn
WLKPM7yCZgQXer6MV5JReD+OuQ0LcnCxAJQpC8MKxbm8bSVWlpp2z/ZIdY6IVtKv
/50s8HuqAkCt6A76RcGMz8aXARR1XS270C63c3UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ5R19xxhCdKttnzLKRBCDo8HIl9zAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L09VZGZjY1lRblNyYlo4eXlrUVFnNlBCeUpmYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMJXEQMEAMJXvDANBgkqhkiG9w0B
AQsFAAOCAQEAMozq4lIIQfm24R5X8sy8iek97rJid0jaZDo9w5wSlWNwjunidUNX
Lyj1CsWdlySmEbUbyccZGBWS1MiRPyqWCAHOPulwEH3kFUcKMEfROCFMSSBzN1B6
/QvpTM5H1OkQwO7eJQYN6kXDV4IrzZLH4Tg1POFIvq4Wu8hrgY6t5UqCPhrpYlAW
HeotvvhZ9JLMRPZackd+LBgqVpKfA07ks7p1sWkTXr5u7ePCmTCeCqwJ7vAupZTU
lcTi8xipu4CIWPtZ3VHSSqezZ3sjQg5TL7Nh774iwNLi24psuXLCNODm7Vn+hRt7
91oC0+T4TQIpes421LjLtCxPR6SWF/JxeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org