Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gXJdRTJ9yidE03wbzXZhG1Nrbus.roa
File:                     gXJdRTJ9yidE03wbzXZhG1Nrbus.roa (raw, json)
Hash identifier:          ACUJesKMw6vhZfaDHCF/rFNLJj711lp10Os3tpOyY9A=
Subject key identifier:   81:72:5D:45:32:7D:CA:27:44:D3:7C:1B:CD:76:61:1B:53:6B:6E:EB
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0E18D73D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gXJdRTJ9yidE03wbzXZhG1Nrbus.roa
Signing time:             Sat 01 Jan 2022 01:58:15 +0000
ROA not before:           Sat 01 Jan 2022 01:58:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48899
IP address blocks:        194.135.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 236508989 (0xe18d73d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 01:58:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=81725d45327dca2744d37c1bcd76611b536b6eeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:8a:7e:09:df:0b:b3:8c:91:1d:33:4b:a3:6c:
                    9d:31:51:a1:30:b4:cb:64:9d:f7:95:36:4a:5e:9b:
                    da:2c:d5:2c:12:a4:af:44:10:a5:dd:90:6c:cc:9f:
                    14:c1:32:f5:8f:2a:61:59:60:a9:72:98:d7:6f:0e:
                    3f:d5:19:d5:88:ed:9f:81:e9:63:e5:40:4b:fe:b3:
                    7e:0a:e1:e1:35:d1:1a:32:dc:fa:be:33:7a:c4:82:
                    a0:2f:19:d1:33:71:e1:a9:e9:b5:2d:0c:35:42:90:
                    bc:18:c1:b0:ad:76:f6:73:25:8f:d5:87:29:73:80:
                    25:6a:db:ff:5f:dc:3e:b5:b9:a2:d4:68:2c:d1:e5:
                    19:12:82:90:58:15:ee:4a:aa:2e:ae:64:c8:11:08:
                    ba:c6:82:b5:5a:8f:90:57:af:13:88:1d:a6:14:01:
                    23:d5:ac:9a:5c:55:de:5c:e2:0f:12:a2:77:74:ab:
                    9e:8a:81:ab:7f:aa:0c:c9:29:c8:5a:8b:be:06:14:
                    e2:08:dd:d7:85:11:bd:36:1e:21:e5:9e:da:ae:af:
                    87:8b:aa:db:22:3c:bd:10:13:1c:08:73:d0:e6:13:
                    0e:34:df:47:83:6e:67:95:ca:d6:76:e1:30:4c:54:
                    64:52:42:70:70:87:e0:82:e6:3a:55:2f:d9:2a:17:
                    de:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:72:5D:45:32:7D:CA:27:44:D3:7C:1B:CD:76:61:1B:53:6B:6E:EB
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gXJdRTJ9yidE03wbzXZhG1Nrbus.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.135.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:e1:fb:b3:54:6c:34:fa:65:7f:aa:03:e4:b4:cb:59:3e:48:
         9f:a3:bc:45:71:b2:f0:ef:94:89:83:f8:f3:ac:49:1d:cb:12:
         11:c1:30:7a:aa:47:59:a8:e5:d0:cc:3a:47:05:b9:a0:a5:33:
         15:9b:da:35:35:05:13:9b:ef:8d:04:8a:c0:40:28:2a:c8:a1:
         70:11:91:82:87:4c:ca:ea:50:de:6f:f6:01:cf:33:25:c7:c4:
         b6:99:bf:58:1a:d8:eb:93:dd:e6:59:08:04:9e:1a:ae:31:f4:
         61:ac:cc:c1:5d:39:7d:d2:5a:ba:be:59:1b:eb:d8:d7:ee:34:
         0e:be:ae:9e:ca:5f:9f:3f:12:6e:48:82:2a:db:6a:62:a0:ef:
         d5:c7:ab:cb:50:19:0d:13:27:88:6d:a9:84:53:97:12:b6:49:
         0a:7d:0f:8b:0f:75:a8:1c:f0:cf:f9:4e:e3:ad:aa:76:b7:10:
         80:c8:bb:82:ce:a3:9c:b0:21:a1:52:75:fd:6a:f8:59:f3:97:
         1c:35:ab:4f:d1:c8:5d:c6:52:8b:8b:ea:77:45:95:0a:df:01:
         6c:ad:04:34:08:7e:36:b6:62:68:e2:36:41:42:60:05:7e:2b:
         77:30:41:96:83:de:f1:7e:58:fb:01:73:90:08:84:90:4f:b9:
         49:1d:10:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDhjXPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE3MjVkNDUzMjdk
Y2EyNzQ0ZDM3YzFiY2Q3NjYxMWI1MzZiNmVlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKKfgnfC7OMkR0zS6NsnTFRoTC0y2Sd95U2Sl6b2izVLBKk
r0QQpd2QbMyfFMEy9Y8qYVlgqXKY128OP9UZ1Yjtn4HpY+VAS/6zfgrh4TXRGjLc
+r4zesSCoC8Z0TNx4anptS0MNUKQvBjBsK129nMlj9WHKXOAJWrb/1/cPrW5otRo
LNHlGRKCkFgV7kqqLq5kyBEIusaCtVqPkFevE4gdphQBI9WsmlxV3lziDxKid3Sr
noqBq3+qDMkpyFqLvgYU4gjd14URvTYeIeWe2q6vh4uq2yI8vRATHAhz0OYTDjTf
R4NuZ5XK1nbhMExUZFJCcHCH4ILmOlUv2SoX3pcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSBcl1FMn3KJ0TTfBvNdmEbU2tu6zAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L2dYSmRSVEo5eWlkRTAzd2J6WFpoRzFOcmJ1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKHfDANBgkqhkiG9w0BAQsFAAOC
AQEAYeH7s1RsNPplf6oD5LTLWT5In6O8RXGy8O+UiYP486xJHcsSEcEweqpHWajl
0Mw6RwW5oKUzFZvaNTUFE5vvjQSKwEAoKsihcBGRgodMyupQ3m/2Ac8zJcfEtpm/
WBrY65Pd5lkIBJ4arjH0YazMwV05fdJaur5ZG+vY1+40Dr6unspfnz8SbkiCKttq
YqDv1cery1AZDRMniG2phFOXErZJCn0Piw91qBzwz/lO462qdrcQgMi7gs6jnLAh
oVJ1/Wr4WfOXHDWrT9HIXcZSi4vqd0WVCt8BbK0ENAh+NrZiaOI2QUJgBX4rdzBB
loPe8X5Y+wFzkAiEkE+5SR0QNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org