Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gZPoOIA6-pXojP4rf8cF9H0fKt0.roa
File:                     gZPoOIA6-pXojP4rf8cF9H0fKt0.roa (raw, json)
Hash identifier:          Ruz5a8n5lQyPD21tT/6acBPjn3+LVkYdftQPy3oufAc=
Subject key identifier:   81:93:E8:38:80:3A:FA:95:E8:8C:FE:2B:7F:C7:05:F4:7D:1F:2A:DD
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01852504943B692B636413393BADEAA1BF99
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gZPoOIA6-pXojP4rf8cF9H0fKt0.roa
Signing time:             Sun 18 Dec 2022 11:35:35 +0000
ROA not before:           Sun 18 Dec 2022 11:35:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60548
IP address blocks:        212.192.7.0/24 maxlen: 24
                          194.87.64.0/24 maxlen: 24
                          193.124.205.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:25:04:94:3b:69:2b:63:64:13:39:3b:ad:ea:a1:bf:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec 18 11:35:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8193e838803afa95e88cfe2b7fc705f47d1f2add
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:3e:a9:00:bc:a9:f3:d2:2b:d8:93:8d:f6:9b:
                    5a:c2:bb:48:3e:a8:7d:61:2f:20:15:08:67:9a:9e:
                    bd:a4:6a:6d:1b:1d:fc:55:91:eb:d8:c8:e5:32:ca:
                    43:80:4b:da:70:67:2c:7d:41:68:79:a8:32:2b:2c:
                    3d:d4:84:51:35:d0:42:c0:e5:c1:d4:09:24:db:5d:
                    9a:14:5c:e4:3c:7f:8f:a6:7e:c1:0f:10:b4:5a:4f:
                    7f:1b:9d:14:9d:4f:36:70:b7:92:11:b2:98:0f:64:
                    5a:80:2f:22:fd:a1:e1:56:d3:77:45:15:0b:28:1d:
                    2b:9e:37:67:c6:e7:76:f4:b4:73:c1:6c:3c:fa:44:
                    48:8c:99:96:92:24:9d:e5:1f:ef:78:19:66:3a:eb:
                    58:00:1f:f8:c5:43:d6:70:5c:56:2f:f0:29:c6:6a:
                    e8:0e:2a:d4:a5:a6:bb:bf:d6:60:22:10:6e:5b:28:
                    b8:d3:af:ff:25:cb:1a:26:4a:d9:51:34:54:9e:53:
                    18:9d:d7:e4:ca:49:c4:0f:12:66:f5:3d:39:93:27:
                    6c:50:fd:7f:bb:ce:ec:b3:4a:47:b9:f1:e0:40:09:
                    c8:ef:e2:5e:cb:fd:ce:ba:70:42:6b:e5:65:c2:d1:
                    20:41:fb:1d:8d:b6:ab:e1:ce:b7:b4:e7:95:96:6c:
                    cd:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:93:E8:38:80:3A:FA:95:E8:8C:FE:2B:7F:C7:05:F4:7D:1F:2A:DD
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gZPoOIA6-pXojP4rf8cF9H0fKt0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.205.0/24
                  194.87.64.0/24
                  212.192.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:13:2c:8c:fa:d5:e7:6b:22:01:f7:e0:9d:07:35:39:e2:10:
         00:ff:a4:69:14:d0:ac:a7:d4:fc:a9:eb:26:51:db:ae:32:6d:
         9b:c8:cb:94:f3:68:fb:27:c8:34:97:09:3b:42:21:57:f8:86:
         e5:2e:5f:bf:e9:0d:7f:ee:65:7b:9a:56:3f:6d:25:b9:3d:54:
         04:78:a0:23:4b:f1:11:80:66:09:f1:01:39:09:07:53:86:1d:
         e2:2b:74:c4:42:53:6c:27:4c:0f:1a:d1:fe:01:a7:3b:c9:30:
         85:eb:0a:1d:48:b3:5e:c9:ac:78:0f:42:01:61:bb:b1:12:f8:
         a4:ac:91:df:9c:6e:72:0e:d6:ae:31:fb:87:52:9f:4f:3d:74:
         18:a9:9e:ff:6c:4f:17:cd:b4:c1:39:cf:eb:4b:d4:35:a2:94:
         97:e4:14:ce:2f:f1:42:18:83:cd:80:92:ce:ab:11:0e:bd:c7:
         f7:9a:6b:19:40:46:20:ca:72:5f:0c:62:59:a0:f7:dd:cd:a0:
         ff:31:09:8b:3e:06:e9:5a:7f:9f:85:2e:1c:46:c0:83:c5:7b:
         f2:da:9c:37:62:4c:78:1f:a3:d3:42:0d:73:76:a7:50:d8:e8:
         b6:ee:47:e0:56:0f:d9:1c:77:d4:2f:8d:15:0d:7d:94:94:46:
         47:b3:b7:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUlBJQ7aStjZBM5O63qob+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjE4MTEzNTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTkzZTgzODgwM2FmYTk1ZTg4Y2ZlMmI3ZmM3MDVmNDdkMWYyYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz6pALyp89Ir2JON9ptawrtIPqh9
YS8gFQhnmp69pGptGx38VZHr2MjlMspDgEvacGcsfUFoeagyKyw91IRRNdBCwOXB
1Akk212aFFzkPH+Ppn7BDxC0Wk9/G50UnU82cLeSEbKYD2RagC8i/aHhVtN3RRUL
KB0rnjdnxud29LRzwWw8+kRIjJmWkiSd5R/veBlmOutYAB/4xUPWcFxWL/Apxmro
DirUpaa7v9ZgIhBuWyi406//JcsaJkrZUTRUnlMYndfkyknEDxJm9T05kydsUP1/
u87ss0pHufHgQAnI7+Jey/3OunBCa+VlwtEgQfsdjbar4c63tOeVlmzNWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIGT6DiAOvqV6Iz+K3/HBfR9HyrdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ1pQb09JQTYtcFhvalA0cmY4Y0Y5SDBmS3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXzNAwQA
wldAAwQA1MAHMA0GCSqGSIb3DQEBCwUAA4IBAQBYEyyM+tXnayIB9+CdBzU54hAA
/6RpFNCsp9T8qesmUduuMm2byMuU82j7J8g0lwk7QiFX+IblLl+/6Q1/7mV7mlY/
bSW5PVQEeKAjS/ERgGYJ8QE5CQdThh3iK3TEQlNsJ0wPGtH+Aac7yTCF6wodSLNe
yax4D0IBYbuxEvikrJHfnG5yDtauMfuHUp9PPXQYqZ7/bE8XzbTBOc/rS9Q1opSX
5BTOL/FCGIPNgJLOqxEOvcf3mmsZQEYgynJfDGJZoPfdzaD/MQmLPgbpWn+fhS4c
RsCDxXvy2pw3Ykx4H6PTQg1zdqdQ2Oi27kfgVg/ZHHfUL40VDX2UlEZHs7ca
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org