Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WiyRejwaDoav0T5PmdD2tIp-9NM.roa
File:                     WiyRejwaDoav0T5PmdD2tIp-9NM.roa (raw, json)
Hash identifier:          IvIWSfvdpQh7jBN+pryF6KrBCKvDxHYpPyrrq1h/5Lg=
Subject key identifier:   5A:2C:91:7A:3C:1A:0E:86:AF:D1:3E:4F:99:D0:F6:B4:8A:7E:F4:D3
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0183D6665FF701D8C5A7373ADDAB378ED8C2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WiyRejwaDoav0T5PmdD2tIp-9NM.roa
Signing time:             Fri 14 Oct 2022 12:09:36 +0000
ROA not before:           Fri 14 Oct 2022 12:09:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     17447
IP address blocks:        193.124.4.0/24 maxlen: 24
                          194.87.207.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          193.124.125.0/24 maxlen: 24
                          193.124.16.0/24 maxlen: 24
                          193.124.47.0/24 maxlen: 24
                          212.192.209.0/24 maxlen: 24
                          194.87.37.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.162.0/24 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          193.124.93.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:d6:66:5f:f7:01:d8:c5:a7:37:3a:dd:ab:37:8e:d8:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 14 12:09:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5a2c917a3c1a0e86afd13e4f99d0f6b48a7ef4d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:cf:e7:61:09:5a:33:5a:1a:d7:a0:74:e3:16:
                    7b:1e:d4:39:02:6d:f5:14:4d:a5:68:2e:1c:e0:f9:
                    1b:26:f1:d2:7c:3d:29:8c:6d:fc:21:9b:0c:23:95:
                    e6:b3:23:61:33:b5:60:56:2d:b3:e3:a6:0b:07:bf:
                    10:b1:fb:1a:6b:23:83:93:fb:38:b5:21:17:fa:f4:
                    5b:69:60:a4:4f:46:26:b9:d0:1a:ed:0b:4b:c9:ef:
                    53:b3:4f:5c:99:6e:6f:fe:c8:2b:4d:35:66:68:52:
                    f4:8e:1f:dd:25:cc:37:77:2e:cd:e8:5f:57:cf:6c:
                    26:73:3e:02:d0:47:60:58:1e:ca:c9:bb:f8:9b:b8:
                    c2:7a:a3:56:82:a3:67:a7:e2:8b:a4:20:43:96:2c:
                    c0:9c:4a:85:9d:1f:7b:90:98:f9:23:dc:f8:a3:42:
                    d8:e4:ca:8b:e2:b7:6f:fa:e2:55:83:a3:f5:1b:c9:
                    1c:d6:de:79:5f:a4:4d:12:86:58:a7:73:89:b3:81:
                    84:83:c2:15:6a:40:31:c4:0b:68:9f:53:c1:10:9b:
                    c6:f2:7a:fa:37:63:2d:fc:74:3a:60:53:46:70:9b:
                    66:4c:6c:f7:e5:6d:54:95:8a:b3:23:69:ee:bf:3c:
                    ef:63:4e:bb:df:74:1e:32:35:d2:5d:8a:fe:5f:82:
                    c9:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:2C:91:7A:3C:1A:0E:86:AF:D1:3E:4F:99:D0:F6:B4:8A:7E:F4:D3
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WiyRejwaDoav0T5PmdD2tIp-9NM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.4.0/24
                  193.124.16.0/24
                  193.124.47.0/24
                  193.124.93.0/24
                  193.124.125.0/24
                  194.58.45.0/24
                  194.87.37.0/24
                  194.87.56.0/24
                  194.87.162.0/24
                  194.87.207.0/24
                  195.133.73.0/24
                  212.192.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:bf:b9:63:bf:8c:28:ae:55:28:0f:f3:ec:f9:13:b2:a4:eb:
         b7:7c:d2:66:bb:0c:c6:44:a1:c6:a9:36:da:31:19:d5:81:c5:
         71:f4:1b:98:c6:e8:6c:f0:66:54:3a:33:8c:b2:88:d7:c0:de:
         13:4d:70:42:59:22:42:a2:57:d6:fc:fb:09:e1:12:f7:89:34:
         85:b4:1d:77:e2:95:d6:d3:00:a3:9f:d4:fc:e5:e3:72:98:77:
         d7:1c:69:c9:3f:d8:2c:b6:f4:cf:60:d5:45:fe:f0:0d:b0:3f:
         a6:90:dd:bd:3f:82:b7:92:6e:47:3d:35:37:cf:60:ff:79:c1:
         53:98:3c:1d:c5:28:6b:cf:f7:bc:c7:34:bc:14:f0:4a:bc:a5:
         5d:44:ba:68:bf:8b:3e:4e:54:35:6d:1a:87:28:f5:be:a2:19:
         5d:60:5b:14:1b:67:63:3e:38:f3:b1:a5:7c:7c:55:db:0a:fa:
         ee:9b:b3:e1:40:de:88:19:84:c2:af:aa:df:52:fc:36:99:62:
         c3:4b:63:94:b3:cb:ea:39:14:39:85:a9:69:b0:a6:93:5a:b8:
         98:23:0b:02:60:ff:a6:1d:4f:c4:e6:4e:03:96:91:6b:50:a4:
         2e:6c:28:d9:57:8b:e8:17:e0:ab:e5:33:f3:40:b5:97:f7:50:
         ed:3f:c6:d6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYPWZl/3AdjFpzc63as3jtjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE0MTIwOTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTJjOTE3YTNjMWEwZTg2YWZkMTNlNGY5OWQwZjZiNDhhN2VmNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs/nYQlaM1oa16B04xZ7HtQ5Am31
FE2laC4c4PkbJvHSfD0pjG38IZsMI5XmsyNhM7VgVi2z46YLB78QsfsaayODk/s4
tSEX+vRbaWCkT0YmudAa7QtLye9Ts09cmW5v/sgrTTVmaFL0jh/dJcw3dy7N6F9X
z2wmcz4C0EdgWB7Kybv4m7jCeqNWgqNnp+KLpCBDlizAnEqFnR97kJj5I9z4o0LY
5MqL4rdv+uJVg6P1G8kc1t55X6RNEoZYp3OJs4GEg8IVakAxxAton1PBEJvG8nr6
N2Mt/HQ6YFNGcJtmTGz35W1UlYqzI2nuvzzvY06733QeMjXSXYr+X4LJiwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFoskXo8Gg6Gr9E+T5nQ9rSKfvTTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV2l5UmVqd2FEb2F2MFQ1UG1kRDJ0SXAtOU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwXwEAwQA
wXwQAwQAwXwvAwQAwXxdAwQAwXx9AwQAwjotAwQAwlclAwQAwlc4AwQAwleiAwQA
wlfPAwQAw4VJAwQA1MDRMA0GCSqGSIb3DQEBCwUAA4IBAQAFv7ljv4worlUoD/Ps
+ROypOu3fNJmuwzGRKHGqTbaMRnVgcVx9BuYxuhs8GZUOjOMsojXwN4TTXBCWSJC
olfW/PsJ4RL3iTSFtB134pXW0wCjn9T85eNymHfXHGnJP9gstvTPYNVF/vANsD+m
kN29P4K3km5HPTU3z2D/ecFTmDwdxShrz/e8xzS8FPBKvKVdRLpov4s+TlQ1bRqH
KPW+ohldYFsUG2djPjjzsaV8fFXbCvrum7PhQN6IGYTCr6rfUvw2mWLDS2OUs8vq
ORQ5halpsKaTWriYIwsCYP+mHU/E5k4DlpFrUKQubCjZV4voF+Cr5TPzQLWX91Dt
P8bW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org