Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cNn0XUjxJ4evPCkD6I3GQt9_TQ0.roa
File:                     cNn0XUjxJ4evPCkD6I3GQt9_TQ0.roa (raw, json)
Hash identifier:          YF0rcyAAfor/4rBxH1sWN7DmBVY8kKG2Uq4sNULXl5I=
Subject key identifier:   70:D9:F4:5D:48:F1:27:87:AF:3C:29:03:E8:8D:C6:42:DF:7F:4D:0D
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0183564254065EFBBEBFCCD62910E0AEE20A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cNn0XUjxJ4evPCkD6I3GQt9_TQ0.roa
Signing time:             Mon 19 Sep 2022 14:58:50 +0000
ROA not before:           Mon 19 Sep 2022 14:58:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3356
IP address blocks:        193.124.8.0/24 maxlen: 24
                          195.133.193.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:56:42:54:06:5e:fb:be:bf:cc:d6:29:10:e0:ae:e2:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep 19 14:58:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=70d9f45d48f12787af3c2903e88dc642df7f4d0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:c9:25:a4:41:05:d0:5c:64:8d:08:72:fe:e8:
                    68:aa:a7:4a:82:cc:c4:4f:a6:a9:7e:9b:24:46:2c:
                    ed:74:81:af:03:2e:93:b0:47:fd:82:32:5e:08:68:
                    3c:46:75:49:70:17:b2:75:17:e5:17:d4:65:70:9d:
                    55:48:34:a5:2a:ed:aa:81:27:2a:f1:8d:17:07:7b:
                    bc:20:e7:ff:78:d8:09:8d:38:8f:37:f6:01:3c:61:
                    7b:6b:2d:fa:ce:61:f7:d7:dc:a7:ad:64:92:f1:fe:
                    6f:b3:c4:99:01:f9:09:3e:f2:2d:0a:c5:90:7c:3c:
                    20:d0:9e:c7:a8:b6:3e:4d:5a:ee:8e:3e:3f:2a:75:
                    02:45:11:28:98:5d:2e:30:51:4d:5c:ae:e5:a4:ec:
                    55:ab:d9:fe:34:b1:9c:8c:24:51:eb:35:ce:3f:5e:
                    29:d9:4d:de:ae:36:03:79:57:dd:9f:35:5d:65:86:
                    ca:09:92:89:78:dd:b1:3c:20:14:35:50:94:f1:9e:
                    4a:d1:fc:8c:8f:70:16:ef:e1:d3:b3:05:1d:04:d8:
                    eb:da:fb:f6:21:58:8c:9b:03:d8:31:c7:d3:92:e9:
                    54:5d:81:c0:2a:05:f3:db:2a:72:b6:7d:82:a8:8e:
                    32:a0:70:7b:85:52:d1:de:62:56:bf:d5:ac:a0:18:
                    6a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:D9:F4:5D:48:F1:27:87:AF:3C:29:03:E8:8D:C6:42:DF:7F:4D:0D
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cNn0XUjxJ4evPCkD6I3GQt9_TQ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.8.0/24
                  194.87.182.0/24
                  195.133.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:49:03:d7:2b:5c:52:9d:a0:fc:8e:4d:da:94:7e:bc:71:da:
         d2:db:93:d7:0e:7a:fd:ce:35:87:38:0a:c2:a0:38:11:40:dc:
         00:48:ac:e5:7b:b4:14:93:77:eb:af:d8:19:0b:2a:73:03:82:
         74:47:47:98:f7:f6:4f:39:21:fe:1b:48:10:2b:1b:45:6a:1c:
         5f:44:4e:63:b8:0c:16:b4:df:3a:b7:7f:55:df:3c:0d:c8:13:
         db:b4:af:fb:fc:3a:8c:11:fb:5a:c8:b2:06:9b:46:53:db:c4:
         ed:1c:0e:15:6d:b4:42:57:8d:6e:26:1d:63:fd:af:e1:94:c8:
         22:d2:0a:25:f4:09:ad:57:f2:e9:a8:8b:47:a8:96:36:9f:86:
         1c:00:5e:a0:37:33:ad:97:e7:e3:49:9a:29:70:da:90:2f:f7:
         b5:17:7f:78:0c:10:09:c6:4a:22:49:32:88:27:1c:21:3b:98:
         47:1f:ce:a3:21:1c:6b:78:fb:2d:69:4e:61:3c:b5:58:61:e7:
         9f:b3:6b:68:fa:8f:22:34:64:22:50:f9:f9:ed:26:e8:16:93:
         48:b5:ae:0b:e2:6f:2a:fc:4e:e8:89:59:8d:d2:b4:45:e0:16:
         e8:2b:f7:53:59:04:f0:55:c0:d2:e0:5c:6b:8e:e4:21:10:c6:
         0d:a3:8b:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYNWQlQGXvu+v8zWKRDgruIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwOTE5MTQ1ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQ5ZjQ1ZDQ4ZjEyNzg3YWYzYzI5MDNlODhkYzY0MmRmN2Y0ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsklpEEF0FxkjQhy/uhoqqdKgszE
T6apfpskRiztdIGvAy6TsEf9gjJeCGg8RnVJcBeydRflF9RlcJ1VSDSlKu2qgScq
8Y0XB3u8IOf/eNgJjTiPN/YBPGF7ay36zmH319ynrWSS8f5vs8SZAfkJPvItCsWQ
fDwg0J7HqLY+TVrujj4/KnUCRREomF0uMFFNXK7lpOxVq9n+NLGcjCRR6zXOP14p
2U3erjYDeVfdnzVdZYbKCZKJeN2xPCAUNVCU8Z5K0fyMj3AW7+HTswUdBNjr2vv2
IViMmwPYMcfTkulUXYHAKgXz2ypytn2CqI4yoHB7hVLR3mJWv9WsoBhqeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHDZ9F1I8SeHrzwpA+iNxkLff00NMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY05uMFhVanhKNGV2UENrRDZJM0dRdDlfVFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwIAwQA
wle2AwQAw4XBMA0GCSqGSIb3DQEBCwUAA4IBAQCJSQPXK1xSnaD8jk3alH68cdrS
25PXDnr9zjWHOArCoDgRQNwASKzle7QUk3frr9gZCypzA4J0R0eY9/ZPOSH+G0gQ
KxtFahxfRE5juAwWtN86t39V3zwNyBPbtK/7/DqMEftayLIGm0ZT28TtHA4VbbRC
V41uJh1j/a/hlMgi0gol9AmtV/LpqItHqJY2n4YcAF6gNzOtl+fjSZopcNqQL/e1
F394DBAJxkoiSTKIJxwhO5hHH86jIRxrePstaU5hPLVYYeefs2to+o8iNGQiUPn5
7SboFpNIta4L4m8q/E7oiVmN0rRF4BboK/dTWQTwVcDS4FxrjuQhEMYNo4tP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org