Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XOajx5uSStly9sH0j2EDhlgCyCM.roa
File:                     XOajx5uSStly9sH0j2EDhlgCyCM.roa (raw, json)
Hash identifier:          uhv5Tpq1czvC+e6+93NezjZszFhK9uQKdJWN6NLlb/8=
Subject key identifier:   5C:E6:A3:C7:9B:92:4A:D9:72:F6:C1:F4:8F:61:03:86:58:02:C8:23
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       1017467F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XOajx5uSStly9sH0j2EDhlgCyCM.roa
Signing time:             Thu 26 May 2022 10:22:13 +0000
ROA not before:           Thu 26 May 2022 10:22:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212496
IP address blocks:        195.58.36.0/24 maxlen: 24
                          193.124.92.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 269960831 (0x1017467f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May 26 10:22:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5ce6a3c79b924ad972f6c1f48f6103865802c823
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:8d:0e:6f:6e:4d:dd:c3:cc:c1:65:0a:17:37:
                    01:6d:75:e0:f9:6c:e2:d5:71:79:8f:21:71:51:f2:
                    59:b0:b1:81:9a:35:5b:77:64:fa:a1:e0:f9:26:94:
                    fa:97:7c:3e:bb:c2:6d:c4:e8:64:cd:dc:e3:c7:eb:
                    af:87:68:6b:f4:26:50:4c:0b:e0:cb:0f:04:50:03:
                    d7:61:3d:ce:9d:84:87:f3:2a:1a:43:60:42:d3:f1:
                    2b:d1:62:57:55:f9:a5:e7:11:40:07:a9:65:2c:e1:
                    74:76:93:37:be:0e:b8:44:6d:55:e6:15:c2:93:83:
                    a2:2d:b3:69:86:c3:d7:e4:6a:03:84:73:f6:ee:fe:
                    e3:f8:a5:22:8a:09:c2:05:26:39:79:60:ad:2a:3d:
                    44:af:68:38:02:66:0e:16:88:fc:2a:74:81:ab:8a:
                    82:c8:20:7b:f6:80:c1:37:2b:d5:07:55:f7:53:46:
                    33:e9:6a:9b:e9:68:ca:15:91:c0:a6:ae:ba:15:d0:
                    01:3f:97:e0:97:81:06:ae:70:f4:5e:2f:3a:b5:86:
                    15:a9:03:fe:8c:e0:aa:2f:09:8a:4f:68:29:dd:d8:
                    ce:cd:0c:9f:b0:1c:04:35:e4:5c:56:e3:91:b6:ae:
                    f8:54:88:d1:65:b7:af:68:04:d7:59:5b:c1:76:37:
                    f7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:E6:A3:C7:9B:92:4A:D9:72:F6:C1:F4:8F:61:03:86:58:02:C8:23
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XOajx5uSStly9sH0j2EDhlgCyCM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.92.0/24
                  195.58.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:42:4d:a2:a9:1d:b9:e7:97:3b:fe:64:30:d1:d0:e8:bb:ec:
         3c:c0:ac:ab:37:4f:d0:20:e2:06:92:f3:fe:8c:dc:22:41:61:
         01:06:f7:3a:7f:3b:bc:19:43:c2:24:4f:be:56:b2:d7:23:ce:
         f4:a4:03:e7:54:1b:da:14:ae:2e:61:28:4e:45:cb:b1:dc:27:
         9a:f6:ee:ba:7e:85:d4:66:1d:2a:56:81:b5:43:8f:1d:aa:1b:
         f4:a9:22:fb:73:1e:54:b7:38:2a:df:5f:51:16:a9:86:a3:f8:
         93:40:e0:a8:93:ee:f5:a6:3e:51:f0:ec:59:6f:99:a6:3e:4c:
         b2:96:f4:f6:cd:ea:e7:a3:51:cf:3e:61:5c:9d:7e:4a:1e:48:
         5b:ed:92:b2:40:91:57:f2:93:09:4e:b3:b5:08:ea:f2:db:a3:
         18:48:b0:eb:ab:47:12:08:bd:b4:84:43:70:41:65:f2:de:b0:
         1b:b5:f2:56:fa:0d:00:e1:62:3b:d5:4c:02:7c:57:f5:85:e5:
         03:c2:20:e2:96:d5:2f:fa:01:05:01:ca:25:c4:b6:2e:c4:91:
         04:e0:e4:e8:a1:c3:e4:39:19:12:d0:04:97:b9:60:9e:54:af:
         6f:3c:54:d7:56:2c:1b:a5:6e:3d:75:44:09:17:37:71:88:62:
         8f:ef:ae:26
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEBdGfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDUy
NjEwMjIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNlNmEzYzc5Yjky
NGFkOTcyZjZjMWY0OGY2MTAzODY1ODAyYzgyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeNDm9uTd3DzMFlChc3AW114Pls4tVxeY8hcVHyWbCxgZo1
W3dk+qHg+SaU+pd8PrvCbcToZM3c48frr4doa/QmUEwL4MsPBFAD12E9zp2Eh/Mq
GkNgQtPxK9FiV1X5pecRQAepZSzhdHaTN74OuERtVeYVwpODoi2zaYbD1+RqA4Rz
9u7+4/ilIooJwgUmOXlgrSo9RK9oOAJmDhaI/Cp0gauKgsgge/aAwTcr1QdV91NG
M+lqm+loyhWRwKauuhXQAT+X4JeBBq5w9F4vOrWGFakD/ozgqi8Jik9oKd3Yzs0M
n7AcBDXkXFbjkbau+FSI0WW3r2gE11lbwXY397ECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRc5qPHm5JK2XL2wfSPYQOGWALIIzAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L1hPYWp4NXVTU3RseTlzSDBqMkVEaGxnQ3lDTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMF8XAMEAMM6JDANBgkqhkiG9w0B
AQsFAAOCAQEABUJNoqkdueeXO/5kMNHQ6LvsPMCsqzdP0CDiBpLz/ozcIkFhAQb3
On87vBlDwiRPvlay1yPO9KQD51Qb2hSuLmEoTkXLsdwnmvbuun6F1GYdKlaBtUOP
Haob9Kki+3MeVLc4Kt9fURaphqP4k0DgqJPu9aY+UfDsWW+Zpj5Mspb09s3q56NR
zz5hXJ1+Sh5IW+2SskCRV/KTCU6ztQjq8tujGEiw66tHEgi9tIRDcEFl8t6wG7Xy
VvoNAOFiO9VMAnxX9YXlA8Ig4pbVL/oBBQHKJcS2LsSRBODk6KHD5DkZEtAEl7lg
nlSvbzxU11YsG6VuPXVECRc3cYhij++uJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:19 2024 by rpki-client on console-fra.rpki-client.org