Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mEI91tvfY0yPsNpFXlHIVbIDVQ4.roa
File:                     mEI91tvfY0yPsNpFXlHIVbIDVQ4.roa (raw, json)
Hash identifier:          yDOVMTt5Me1fYQay8OPo9anBsW7ur+FmcsdsuTqmjKI=
Subject key identifier:   98:42:3D:D6:DB:DF:63:4C:8F:B0:DA:45:5E:51:C8:55:B2:03:55:0E
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185347AF4A247652993015984F7704DF71E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mEI91tvfY0yPsNpFXlHIVbIDVQ4.roa
Signing time:             Wed 21 Dec 2022 11:39:11 +0000
ROA not before:           Wed 21 Dec 2022 11:39:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58212
IP address blocks:        194.87.207.0/24 maxlen: 24
                          212.192.7.0/24 maxlen: 24
                          194.58.43.0/24 maxlen: 24
                          194.58.46.0/24 maxlen: 24
                          194.87.64.0/24 maxlen: 24
                          193.124.205.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:34:7a:f4:a2:47:65:29:93:01:59:84:f7:70:4d:f7:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec 21 11:39:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=98423dd6dbdf634c8fb0da455e51c855b203550e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b0:b0:b8:41:04:ed:c0:72:66:31:ea:4d:82:
                    03:96:0f:28:70:0f:e1:bd:6e:5e:34:90:bf:92:35:
                    55:9a:f7:84:bc:63:6a:a7:96:ba:8e:3c:90:10:0f:
                    05:30:ad:10:08:de:74:c2:1f:c9:53:77:d6:ca:4b:
                    2a:da:41:6e:42:76:b4:3e:fa:5c:f6:be:75:76:0b:
                    eb:9b:f9:88:3b:12:b3:dc:8d:f8:9d:8e:e1:7a:8a:
                    42:16:0b:84:ca:4b:2a:02:28:67:8d:0a:06:17:92:
                    f7:2f:bc:7f:2f:99:f6:76:07:a6:65:c9:fd:a1:27:
                    ea:55:5d:17:d7:8c:fc:48:5c:dd:db:61:96:04:30:
                    39:1d:55:26:2d:79:3a:c7:b5:0e:82:c4:c8:7b:55:
                    f2:08:44:98:97:78:5d:e8:d9:b9:50:f6:10:7f:48:
                    7e:24:00:cc:ad:7f:85:8d:fb:f7:f7:96:1f:61:9c:
                    88:93:94:44:5b:bd:e1:9c:34:8b:c8:50:46:11:68:
                    56:f2:65:fd:1b:46:7f:ad:ff:12:26:07:10:6a:99:
                    6e:b9:e4:60:1f:c0:da:ee:0a:fa:12:fc:0a:ae:e9:
                    66:41:2f:6b:f5:bf:75:ab:e5:91:df:13:10:ca:f8:
                    8b:10:96:8d:a0:91:0e:65:70:2c:c1:c4:8a:a4:8a:
                    db:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:42:3D:D6:DB:DF:63:4C:8F:B0:DA:45:5E:51:C8:55:B2:03:55:0E
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mEI91tvfY0yPsNpFXlHIVbIDVQ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.205.0/24
                  194.58.43.0/24
                  194.58.46.0/24
                  194.87.64.0/24
                  194.87.207.0/24
                  212.192.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:6d:7b:99:7f:9e:51:b1:cb:b7:be:f8:50:39:ff:89:c2:45:
         82:7c:9c:4f:63:6f:99:7e:65:24:80:36:84:3c:c0:af:17:87:
         e2:03:8f:ed:33:29:7a:d1:9f:3a:7c:b3:38:6f:5a:ee:27:9c:
         f3:40:c2:e1:b7:28:c7:2c:32:96:99:53:ab:df:c4:6c:b4:7d:
         68:19:74:26:4d:4e:40:11:d0:b3:af:c2:ca:42:c9:b6:6e:57:
         ec:39:64:c5:1b:c1:54:6a:b2:5e:70:9d:90:ab:fe:cc:2a:9b:
         97:f3:ab:e2:2b:49:ea:76:ec:76:9f:bd:fa:f1:31:33:d5:7f:
         9e:ca:85:ec:d6:4f:3f:37:58:fc:8c:55:22:72:59:37:d1:9b:
         74:8d:89:d5:e5:f1:91:26:1c:84:ce:3a:10:b3:c0:2d:b6:93:
         ac:b5:37:0f:b6:64:af:86:0e:91:e1:b2:0f:d6:fa:af:ef:84:
         ff:2b:49:fc:82:96:54:46:3a:d2:d9:53:0a:9d:8b:36:f9:8e:
         04:80:4c:68:4a:42:f9:5c:2b:2b:51:f3:bd:77:fc:52:10:0a:
         ab:d5:94:3d:2e:78:a4:be:76:ae:9a:a7:99:8f:f5:3b:3f:1d:
         02:54:bd:79:48:31:34:ac:5b:d4:c2:5b:d1:4f:dd:15:03:1f:
         b0:4a:0f:0f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYU0evSiR2UpkwFZhPdwTfceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIxMTEzOTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQyM2RkNmRiZGY2MzRjOGZiMGRhNDU1ZTUxYzg1NWIyMDM1NTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbCwuEEE7cByZjHqTYIDlg8ocA/h
vW5eNJC/kjVVmveEvGNqp5a6jjyQEA8FMK0QCN50wh/JU3fWyksq2kFuQna0Pvpc
9r51dgvrm/mIOxKz3I34nY7heopCFguEyksqAihnjQoGF5L3L7x/L5n2dgemZcn9
oSfqVV0X14z8SFzd22GWBDA5HVUmLXk6x7UOgsTIe1XyCESYl3hd6Nm5UPYQf0h+
JADMrX+Fjfv395YfYZyIk5REW73hnDSLyFBGEWhW8mX9G0Z/rf8SJgcQapluueRg
H8Da7gr6EvwKrulmQS9r9b91q+WR3xMQyviLEJaNoJEOZXAswcSKpIrbAwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJhCPdbb32NMj7DaRV5RyFWyA1UOMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbUVJOTF0dmZZMHlQc05wRlhsSElWYklEVlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXzNAwQA
wjorAwQAwjouAwQAwldAAwQAwlfPAwQA1MAHMA0GCSqGSIb3DQEBCwUAA4IBAQBL
bXuZf55Rscu3vvhQOf+JwkWCfJxPY2+ZfmUkgDaEPMCvF4fiA4/tMyl60Z86fLM4
b1ruJ5zzQMLhtyjHLDKWmVOr38RstH1oGXQmTU5AEdCzr8LKQsm2blfsOWTFG8FU
arJecJ2Qq/7MKpuX86viK0nqdux2n7368TEz1X+eyoXs1k8/N1j8jFUiclk30Zt0
jYnV5fGRJhyEzjoQs8AttpOstTcPtmSvhg6R4bIP1vqv74T/K0n8gpZURjrS2VMK
nYs2+Y4EgExoSkL5XCsrUfO9d/xSEAqr1ZQ9LnikvnaumqeZj/U7Px0CVL15SDE0
rFvUwlvRT90VAx+wSg8P
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org