Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eIguYQM96G4H-rbVfAPG1sA7QHo.roa
File:                     eIguYQM96G4H-rbVfAPG1sA7QHo.roa (raw, json)
Hash identifier:          LJ8nqtHto1uvIGGsPeGH9Ah0T2WibYYNYCWUuZVrpXI=
Subject key identifier:   78:88:2E:61:03:3D:E8:6E:07:FA:B6:D5:7C:03:C6:D6:C0:3B:40:7A
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01834167F7DF67049C52BE7E35285EC1A6D7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eIguYQM96G4H-rbVfAPG1sA7QHo.roa
Signing time:             Thu 15 Sep 2022 13:47:56 +0000
ROA not before:           Thu 15 Sep 2022 13:47:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2118
IP address blocks:        212.193.12.0/24 maxlen: 24
                          193.124.3.0/24 maxlen: 24
                          212.193.15.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          193.124.45.0/24 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          194.87.64.0/24 maxlen: 24
                          193.124.90.0/24 maxlen: 24
                          194.87.208.0/23 maxlen: 24
                          194.87.219.0/24 maxlen: 24
                          195.133.80.0/24 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          195.133.12.0/22 maxlen: 24
                          192.124.173.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          192.124.180.0/24 maxlen: 24
                          192.124.188.0/22 maxlen: 22
                          194.87.179.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          195.133.55.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          192.124.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:41:67:f7:df:67:04:9c:52:be:7e:35:28:5e:c1:a6:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep 15 13:47:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=78882e61033de86e07fab6d57c03c6d6c03b407a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:06:c9:27:1a:9a:00:0a:77:b7:c0:53:81:44:
                    2a:fd:f6:b9:1a:a5:b7:8d:71:5d:62:08:09:af:37:
                    d1:e2:f0:f3:a5:c6:ff:c8:e9:e8:64:8b:71:d2:4b:
                    54:11:8c:72:99:aa:81:f9:b2:23:7b:7d:93:c9:df:
                    18:16:b5:0e:80:56:f9:69:d9:2f:bc:e3:24:27:33:
                    95:20:d8:1c:71:34:19:bc:92:bf:38:29:7d:45:4e:
                    7f:5c:1f:51:f7:8b:66:44:3a:fa:70:fc:76:21:d3:
                    b6:62:7a:63:03:9d:d4:75:3e:83:7b:0b:56:37:91:
                    ec:45:06:b6:b5:72:63:61:0e:0f:fa:8d:5a:98:0f:
                    ef:bb:16:83:8b:f1:46:ce:a8:a3:4b:a3:4c:22:99:
                    e4:ed:cd:48:f2:49:e2:d9:ca:5e:68:d1:ea:e5:00:
                    22:ed:38:99:a1:9c:fb:6f:62:0e:35:7d:e5:b1:c4:
                    f0:98:32:c5:24:73:4c:28:54:cb:02:1c:b6:f1:b1:
                    9f:7f:81:8f:4d:b0:74:5a:55:c6:ff:39:6c:ea:7c:
                    67:09:86:2f:06:0a:9e:c6:98:4b:0b:5f:fa:33:8a:
                    da:65:7e:73:b2:ad:8d:70:e3:7e:e3:1c:47:27:70:
                    26:a5:7f:3f:af:ff:01:f0:49:c0:e5:db:2e:f6:fc:
                    29:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:88:2E:61:03:3D:E8:6E:07:FA:B6:D5:7C:03:C6:D6:C0:3B:40:7A
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eIguYQM96G4H-rbVfAPG1sA7QHo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.173.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  192.124.188.0/22
                  192.124.209.0/24
                  193.124.3.0/24
                  193.124.45.0/24
                  193.124.90.0/24
                  193.124.203.0/24
                  194.58.45.0/24
                  194.87.1.0/24
                  194.87.24.0/22
                  194.87.64.0/24
                  194.87.179.0/24
                  194.87.198.0/24
                  194.87.208.0/23
                  194.87.219.0/24
                  194.87.222.0/23
                  194.135.23.0/24
                  195.133.12.0/22
                  195.133.55.0/24
                  195.133.80.0/24
                  212.193.12.0/24
                  212.193.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:ba:08:5a:c8:51:c7:57:0a:94:f9:8a:5a:e6:10:a5:45:15:
         99:3a:7b:1c:27:e2:d9:bf:77:ce:8b:39:e1:65:db:25:e4:10:
         63:a9:c3:90:3b:78:c3:f9:c9:3d:e2:12:99:bb:df:bb:a1:a6:
         1c:2b:3a:f3:6a:f5:63:71:6d:8b:44:c3:25:ad:9e:84:2f:d2:
         4f:e7:73:20:26:b5:ed:8e:42:97:43:9f:34:43:2c:8b:6b:26:
         33:5b:7f:4a:39:c8:ee:62:e5:a8:b3:aa:74:ff:bb:79:39:b1:
         67:85:43:d9:93:6f:f2:d2:51:c7:2c:25:76:7c:25:3f:00:db:
         51:54:99:07:dd:a0:66:41:5c:1a:24:8f:90:87:83:e2:83:7a:
         ec:6f:7b:c5:5f:e5:f5:2c:c8:bb:6a:2f:2a:17:39:33:0a:c8:
         48:e5:76:21:3c:1d:67:f3:eb:8a:60:f4:55:2d:c9:a3:2b:a2:
         6d:41:c2:28:4e:8e:85:6a:7f:97:fa:74:bc:f0:65:43:1b:49:
         b1:94:da:f8:49:5a:51:e4:5a:40:fe:89:ed:c0:cb:d2:2b:de:
         54:6f:11:71:ff:4b:90:7f:0b:02:67:54:f2:5e:4e:7f:14:be:
         1a:57:99:6d:6b:55:cc:e7:bf:36:0e:ba:3d:5c:61:c8:d3:de:
         23:7a:88:6c
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYNBZ/ffZwScUr5+NShewabXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwOTE1MTM0NzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODg4MmU2MTAzM2RlODZlMDdmYWI2ZDU3YzAzYzZkNmMwM2I0MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgbJJxqaAAp3t8BTgUQq/fa5GqW3
jXFdYggJrzfR4vDzpcb/yOnoZItx0ktUEYxymaqB+bIje32Tyd8YFrUOgFb5adkv
vOMkJzOVINgccTQZvJK/OCl9RU5/XB9R94tmRDr6cPx2IdO2YnpjA53UdT6DewtW
N5HsRQa2tXJjYQ4P+o1amA/vuxaDi/FGzqijS6NMIpnk7c1I8kni2cpeaNHq5QAi
7TiZoZz7b2IONX3lscTwmDLFJHNMKFTLAhy28bGff4GPTbB0WlXG/zls6nxnCYYv
BgqexphLC1/6M4raZX5zsq2NcON+4xxHJ3AmpX8/r/8B8EnA5dsu9vwpXwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFHiILmEDPehuB/q21XwDxtbAO0B6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZUlndVlRTTk2RzRILXJiVmZBUEcxc0E3UUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBADA
fK0DBADAfLIDBALAfLQDBALAfLwDBADAfNEDBADBfAMDBADBfC0DBADBfFoDBADB
fMsDBADCOi0DBADCVwEDBALCVxgDBADCV0ADBADCV7MDBADCV8YDBAHCV9ADBADC
V9sDBAHCV94DBADChxcDBALDhQwDBADDhTcDBADDhVADBADUwQwDBADUwQ8wDQYJ
KoZIhvcNAQELBQADggEBAFK6CFrIUcdXCpT5ilrmEKVFFZk6exwn4tm/d86LOeFl
2yXkEGOpw5A7eMP5yT3iEpm737uhphwrOvNq9WNxbYtEwyWtnoQv0k/ncyAmte2O
QpdDnzRDLItrJjNbf0o5yO5i5aizqnT/u3k5sWeFQ9mTb/LSUccsJXZ8JT8A21FU
mQfdoGZBXBokj5CHg+KDeuxve8Vf5fUsyLtqLyoXOTMKyEjldiE8HWfz64pg9FUt
yaMrom1BwihOjoVqf5f6dLzwZUMbSbGU2vhJWlHkWkD+ie3Ay9Ir3lRvEXH/S5B/
CwJnVPJeTn8UvhpXmW1rVcznvzYOuj1cYcjT3iN6iGw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org