Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Sm3yTlkxhFd9oeEIk-J1W72Si8c.roa
File:                     Sm3yTlkxhFd9oeEIk-J1W72Si8c.roa (raw, json)
Hash identifier:          /oDUABaDW8m1E6U3Zf7at5Kk2EuDWLNzlsNp7hoo1Lw=
Subject key identifier:   4A:6D:F2:4E:59:31:84:57:7D:A1:E1:08:93:E2:75:5B:BD:92:8B:C7
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01825EF447B74704F2E5B70AA7D3570154E7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Sm3yTlkxhFd9oeEIk-J1W72Si8c.roa
Signing time:             Tue 02 Aug 2022 14:27:23 +0000
ROA not before:           Tue 02 Aug 2022 14:27:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57844
IP address blocks:        194.87.25.0/24 maxlen: 24
                          194.87.26.0/24 maxlen: 24
                          194.87.27.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:5e:f4:47:b7:47:04:f2:e5:b7:0a:a7:d3:57:01:54:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug  2 14:27:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4a6df24e593184577da1e10893e2755bbd928bc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:3b:96:04:55:fb:7a:7c:92:f1:42:13:33:24:
                    38:5c:9e:12:a9:82:59:ad:8f:d9:01:d8:cd:fe:c8:
                    53:ff:7f:d0:f9:f2:c7:01:60:1a:e2:0f:ab:84:d5:
                    ff:17:3e:64:de:80:55:63:ef:46:5c:8b:40:7a:68:
                    e9:b5:9e:6c:cc:3a:a8:28:dc:b1:1b:c2:23:83:cf:
                    ec:62:23:e0:c9:ba:76:5c:c2:27:c8:a4:bd:5f:26:
                    3d:8b:47:95:79:d8:76:6a:3c:25:18:2e:02:43:e4:
                    b3:b6:4c:dc:c7:79:da:3c:ea:ce:be:73:49:7f:d2:
                    bc:77:46:20:81:41:41:51:d5:26:80:a8:ca:68:04:
                    30:d8:e1:71:54:90:9c:89:a3:f4:ca:d5:74:a4:6e:
                    3c:2a:f8:63:79:15:77:5a:4b:aa:69:bd:8c:9e:38:
                    ae:79:4b:4c:15:c8:a8:ab:2e:a6:98:5c:9b:b5:60:
                    d2:ad:fd:9d:08:c8:30:38:ae:e2:a8:a7:d7:2a:b0:
                    ed:bf:74:43:a3:44:d1:cc:3f:42:74:d4:0e:e0:e9:
                    37:fe:e6:7b:bd:94:74:05:58:41:f8:9c:29:32:88:
                    c7:d7:dd:dd:de:e1:f4:30:d3:a2:7a:2c:57:45:b1:
                    1b:c1:e3:21:75:5c:fd:49:01:92:fe:33:ec:cc:18:
                    19:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:6D:F2:4E:59:31:84:57:7D:A1:E1:08:93:E2:75:5B:BD:92:8B:C7
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Sm3yTlkxhFd9oeEIk-J1W72Si8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.25.0-194.87.27.255

    Signature Algorithm: sha256WithRSAEncryption
         93:eb:38:6a:33:cc:a2:61:7d:f7:8f:a9:e4:dc:1a:13:2c:a6:
         cd:f2:1e:4c:4d:7f:aa:14:4f:00:5d:52:0b:2c:25:b7:18:01:
         b0:35:76:ec:ce:4e:89:4d:19:be:ea:31:af:fa:95:fa:0a:5a:
         03:39:46:6e:b3:4c:d4:1c:09:32:e2:20:e0:76:0d:d8:18:29:
         fe:f3:81:1c:e2:e7:8e:58:e5:aa:c8:41:80:3e:30:05:89:d5:
         cd:ac:ce:96:ee:0a:46:54:20:38:33:8e:0b:b8:82:0f:0c:6f:
         5f:01:05:22:30:23:ef:9e:73:ec:d4:91:68:94:34:41:cd:14:
         ba:00:9b:6d:49:0c:1a:01:76:ee:27:9d:2b:55:38:fd:29:35:
         72:0f:dd:73:82:78:ae:cb:9d:4c:e1:a7:4e:89:68:85:ed:35:
         16:25:45:ca:d8:96:8e:12:b7:19:5e:6f:d1:d1:a8:b0:75:50:
         89:0c:e4:3c:34:59:f2:81:de:93:42:d1:19:9b:2c:70:59:96:
         26:01:7e:00:d4:0a:09:cf:d3:0b:4f:ba:84:4c:76:89:05:a8:
         c8:cc:40:ac:5b:2a:e8:e6:d2:0d:19:6c:17:47:81:81:d9:04:
         74:49:06:af:fd:11:61:51:f2:e8:3d:7f:3e:94:82:5b:c5:c6:
         ac:1d:84:c0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYJe9Ee3RwTy5bcKp9NXAVTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODAyMTQyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZkZjI0ZTU5MzE4NDU3N2RhMWUxMDg5M2UyNzU1YmJkOTI4YmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDuWBFX7enyS8UITMyQ4XJ4SqYJZ
rY/ZAdjN/shT/3/Q+fLHAWAa4g+rhNX/Fz5k3oBVY+9GXItAemjptZ5szDqoKNyx
G8Ijg8/sYiPgybp2XMInyKS9XyY9i0eVedh2ajwlGC4CQ+Sztkzcx3naPOrOvnNJ
f9K8d0YggUFBUdUmgKjKaAQw2OFxVJCciaP0ytV0pG48KvhjeRV3Wkuqab2Mnjiu
eUtMFcioqy6mmFybtWDSrf2dCMgwOK7iqKfXKrDtv3RDo0TRzD9CdNQO4Ok3/uZ7
vZR0BVhB+JwpMojH193d3uH0MNOieixXRbEbweMhdVz9SQGS/jPszBgZ3QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEpt8k5ZMYRXfaHhCJPidVu9kovHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU20zeVRsa3hoRmQ5b2VFSWstSjFXNzJTaThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCVxkD
BALCVxgwDQYJKoZIhvcNAQELBQADggEBAJPrOGozzKJhffePqeTcGhMsps3yHkxN
f6oUTwBdUgssJbcYAbA1duzOTolNGb7qMa/6lfoKWgM5Rm6zTNQcCTLiIOB2DdgY
Kf7zgRzi545Y5arIQYA+MAWJ1c2szpbuCkZUIDgzjgu4gg8Mb18BBSIwI++ec+zU
kWiUNEHNFLoAm21JDBoBdu4nnStVOP0pNXIP3XOCeK7LnUzhp06JaIXtNRYlRcrY
lo4Stxleb9HRqLB1UIkM5Dw0WfKB3pNC0RmbLHBZliYBfgDUCgnP0wtPuoRMdokF
qMjMQKxbKujm0g0ZbBdHgYHZBHRJBq/9EWFR8ug9fz6UglvFxqwdhMA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org