Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SGLvuFTSqzspnYhqN3RQjjgEGLc.roa
File:                     SGLvuFTSqzspnYhqN3RQjjgEGLc.roa (raw, json)
Hash identifier:          IZyMHyKv0W0ZxgHru5uhsNGBcpaR3cVXf6ZGO8STSp8=
Subject key identifier:   48:62:EF:B8:54:D2:AB:3B:29:9D:88:6A:37:74:50:8E:38:04:18:B7
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0184F1E7561BD142BF3640C0305F72DE1B83
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SGLvuFTSqzspnYhqN3RQjjgEGLc.roa
Signing time:             Thu 08 Dec 2022 13:23:00 +0000
ROA not before:           Thu 08 Dec 2022 13:23:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15731
IP address blocks:        193.124.3.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          194.135.18.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          194.87.38.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          194.87.178.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          212.192.31.0/24 maxlen: 24
                          194.87.187.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f1:e7:56:1b:d1:42:bf:36:40:c0:30:5f:72:de:1b:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec  8 13:23:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4862efb854d2ab3b299d886a3774508e380418b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:7d:25:48:88:13:6f:5f:ed:4a:26:a2:97:af:
                    bd:1f:56:a6:c6:0f:2d:e4:e3:bc:d9:85:b6:28:83:
                    b9:12:18:0f:63:60:de:0d:4f:04:3f:3b:09:37:72:
                    6d:f5:5c:17:ff:28:1f:04:88:eb:e4:ab:be:ed:3e:
                    85:21:2e:d8:c0:67:1a:29:ca:5d:ad:d6:9c:f0:b2:
                    98:66:f8:a5:6a:3d:b6:04:3e:39:cb:af:73:9e:bf:
                    2a:ca:1c:f2:ee:73:86:f5:ae:a2:34:ca:8f:2d:67:
                    bc:51:6e:42:39:d6:50:df:48:7d:1e:fa:39:d2:15:
                    a8:91:64:e5:d3:ae:f8:a4:c9:62:f0:05:5c:fd:c7:
                    43:2d:81:3a:dd:c1:5a:61:0c:05:eb:8d:6d:18:6b:
                    c1:81:9e:5b:ed:42:bb:21:90:69:d4:4e:90:73:34:
                    e0:89:6d:df:3b:64:14:69:b7:b8:2f:b8:75:19:1d:
                    f6:fd:3d:aa:47:43:9d:2e:fb:4c:22:80:8a:3a:6d:
                    06:5a:c0:eb:48:93:0e:69:34:2b:8b:5e:56:f1:8d:
                    f7:11:62:44:38:91:8f:96:86:db:47:15:67:b0:64:
                    9c:76:dd:5f:f5:82:36:51:b0:9e:5b:71:62:07:4d:
                    a3:91:25:10:ee:b1:59:77:14:15:d1:21:a8:73:0f:
                    d0:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:62:EF:B8:54:D2:AB:3B:29:9D:88:6A:37:74:50:8E:38:04:18:B7
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SGLvuFTSqzspnYhqN3RQjjgEGLc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.3.0/24
                  194.87.1.0/24
                  194.87.38.0/24
                  194.87.73.0/24
                  194.87.130.0/23
                  194.87.166.0/24
                  194.87.168.0/24
                  194.87.178.0/23
                  194.87.187.0/24
                  194.135.18.0/24
                  194.135.23.0/24
                  195.58.35.0/24
                  195.133.0.0/24
                  195.133.35.0/24
                  212.192.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:4a:81:27:42:53:13:5e:a1:d2:14:98:4c:d0:a1:94:e8:54:
         d2:67:a9:ee:8d:e0:7c:53:e0:59:60:82:9a:b2:7c:ab:39:dd:
         cf:11:36:91:40:56:ff:6e:10:64:a2:d6:c1:0a:c3:1c:ca:9f:
         52:4c:1b:10:e3:33:bc:eb:b8:07:71:fa:50:4a:9b:e9:b0:c5:
         41:6a:46:66:e3:ca:7f:21:4f:b0:93:61:4a:68:84:0d:45:eb:
         d4:c4:af:cc:69:0b:c9:fe:ed:f0:3a:34:9b:5f:fb:f5:7f:d7:
         bf:5d:cb:a7:74:87:be:e8:d7:9b:3a:ed:60:16:c9:53:04:bd:
         1d:cd:6f:b7:a5:d7:9b:fc:2a:5d:6c:29:11:13:bd:ea:6b:e7:
         e9:d7:0f:34:55:67:a8:0c:f1:44:78:3f:e3:e6:0d:ab:3b:05:
         6c:af:da:c7:aa:57:62:08:88:5f:cc:5a:59:39:83:91:12:b9:
         6e:23:a6:a7:0a:f5:6c:05:90:88:85:90:03:22:00:f5:69:07:
         a9:8d:eb:54:eb:a8:c0:4e:17:b4:b2:ab:3a:2e:7a:e3:f5:b6:
         ba:c3:19:0f:e4:47:01:91:30:07:b3:04:62:30:7d:f1:a0:66:
         30:bb:46:a2:66:09:c0:a6:70:8b:0d:32:17:51:9c:05:41:d3:
         91:a0:19:f2
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYTx51Yb0UK/NkDAMF9y3huDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA4MTMyMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYyZWZiODU0ZDJhYjNiMjk5ZDg4NmEzNzc0NTA4ZTM4MDQxOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH0lSIgTb1/tSiail6+9H1amxg8t
5OO82YW2KIO5EhgPY2DeDU8EPzsJN3Jt9VwX/ygfBIjr5Ku+7T6FIS7YwGcaKcpd
rdac8LKYZvilaj22BD45y69znr8qyhzy7nOG9a6iNMqPLWe8UW5COdZQ30h9Hvo5
0hWokWTl0674pMli8AVc/cdDLYE63cFaYQwF641tGGvBgZ5b7UK7IZBp1E6QczTg
iW3fO2QUabe4L7h1GR32/T2qR0OdLvtMIoCKOm0GWsDrSJMOaTQri15W8Y33EWJE
OJGPlobbRxVnsGScdt1f9YI2UbCeW3FiB02jkSUQ7rFZdxQV0SGocw/QSwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEhi77hU0qs7KZ2Iajd0UI44BBi3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU0dMdnVGVFNxenNwbllocU4zUlFqamdFR0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAwXwDAwQA
wlcBAwQAwlcmAwQAwldJAwQBwleCAwQAwlemAwQAwleoAwQBwleyAwQAwle7AwQA
wocSAwQAwocXAwQAwzojAwQAw4UAAwQAw4UjAwQA1MAfMA0GCSqGSIb3DQEBCwUA
A4IBAQAaSoEnQlMTXqHSFJhM0KGU6FTSZ6nujeB8U+BZYIKasnyrOd3PETaRQFb/
bhBkotbBCsMcyp9STBsQ4zO867gHcfpQSpvpsMVBakZm48p/IU+wk2FKaIQNRevU
xK/MaQvJ/u3wOjSbX/v1f9e/XcundIe+6NebOu1gFslTBL0dzW+3pdeb/CpdbCkR
E73qa+fp1w80VWeoDPFEeD/j5g2rOwVsr9rHqldiCIhfzFpZOYORErluI6anCvVs
BZCIhZADIgD1aQepjetU66jAThe0sqs6Lnrj9ba6wxkP5EcBkTAHswRiMH3xoGYw
u0aiZgnApnCLDTIXUZwFQdORoBny
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org