Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nYPiU3SHirRB1u3cJaPsWxJJ1qE.roa
File:                     nYPiU3SHirRB1u3cJaPsWxJJ1qE.roa (raw, json)
Hash identifier:          bli/97mgQm6dNyD+Q1o5xxdi3QyVsgLQnYC06aQlCyo=
Subject key identifier:   9D:83:E2:53:74:87:8A:B4:41:D6:ED:DC:25:A3:EC:5B:12:49:D6:A1
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01849E6B807EEE4B15B8905C11DEB581F875
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nYPiU3SHirRB1u3cJaPsWxJJ1qE.roa
Signing time:             Tue 22 Nov 2022 08:19:16 +0000
ROA not before:           Tue 22 Nov 2022 08:19:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210546
IP address blocks:        212.192.31.0/24 maxlen: 24
                          194.87.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9e:6b:80:7e:ee:4b:15:b8:90:5c:11:de:b5:81:f8:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov 22 08:19:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9d83e25374878ab441d6eddc25a3ec5b1249d6a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:8c:4d:9b:77:5d:08:5f:e4:26:46:bd:6c:e2:
                    d1:46:6f:16:de:1e:0c:7a:7b:a4:7b:b8:bd:9e:84:
                    f0:2e:82:d6:ba:06:3d:32:44:02:fc:35:90:1d:f0:
                    41:66:67:b9:d5:5b:59:06:44:79:04:6c:a3:d1:9e:
                    c3:a6:fa:93:7b:3d:eb:00:7b:c9:ca:a5:b6:ac:92:
                    c4:81:02:3f:f0:59:5b:57:c0:c0:88:5e:38:c6:f2:
                    a6:97:83:c5:c9:32:57:a0:f0:26:59:c6:5f:a0:65:
                    10:c2:25:57:77:b0:dc:ba:8d:90:72:7d:30:83:09:
                    aa:34:e1:8b:46:ae:f8:c4:48:0a:68:94:d7:bd:8c:
                    cd:41:7e:66:20:00:23:cc:bf:fa:27:4f:c0:63:ce:
                    f5:f6:47:2e:ba:1c:0e:78:68:ca:64:35:03:59:40:
                    cf:25:2a:d0:e7:2f:b3:76:22:05:b7:3f:ed:4d:eb:
                    de:e8:7a:1b:3e:e3:96:1e:e0:e1:fd:4e:90:d8:2e:
                    e1:51:91:f3:57:ad:c8:43:07:8a:79:68:e6:66:a7:
                    be:ac:da:b2:4f:58:19:75:6b:71:19:59:63:80:44:
                    7f:b2:cb:c1:6e:b1:74:5b:fd:be:13:51:3a:e5:10:
                    9a:cd:7e:d1:59:63:05:31:7b:34:4c:a0:6f:40:ef:
                    53:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:83:E2:53:74:87:8A:B4:41:D6:ED:DC:25:A3:EC:5B:12:49:D6:A1
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nYPiU3SHirRB1u3cJaPsWxJJ1qE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.199.0/24
                  212.192.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:98:1c:a0:36:1a:b3:09:0c:5c:e1:8b:54:55:9f:da:87:cb:
         18:67:80:46:dc:81:d8:7d:b0:dd:74:fd:23:ec:b1:3c:86:b1:
         db:03:47:84:45:91:b6:0b:44:f4:34:25:a6:1c:b2:fd:4f:63:
         43:ce:e5:d0:8b:04:83:54:1d:32:16:09:85:20:91:ec:f3:5a:
         b2:2b:3a:af:ec:6c:a1:18:32:d5:f0:66:7d:6a:2d:e8:a2:c5:
         c6:d1:03:28:d7:33:9d:18:fd:e6:1d:67:08:23:a7:eb:3d:aa:
         85:87:db:1c:fe:42:be:6a:03:46:72:30:04:9a:25:7e:0a:39:
         8a:3b:e5:64:23:d1:5e:20:27:6c:d6:66:f4:01:9d:0d:51:48:
         af:ae:76:0c:99:0e:31:91:bd:07:4c:b4:dc:56:27:e8:db:fb:
         fc:e2:4a:e6:5e:94:30:ed:48:4e:2a:74:e9:84:04:14:02:57:
         3e:df:aa:1c:b7:55:2e:e6:d6:15:ba:2d:0b:aa:d0:91:aa:45:
         0c:cc:fd:2e:04:40:5d:11:b3:76:60:19:c8:e1:71:f2:3d:2b:
         c9:a5:13:ea:6b:01:8a:28:ee:5e:6a:b0:12:22:58:b6:88:98:
         84:9e:a1:fe:1d:dc:69:3b:8c:d3:f2:4b:31:36:6d:fe:04:46:
         91:d4:3c:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSea4B+7ksVuJBcEd61gfh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTIyMDgxOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDgzZTI1Mzc0ODc4YWI0NDFkNmVkZGMyNWEzZWM1YjEyNDlkNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIxNm3ddCF/kJka9bOLRRm8W3h4M
enuke7i9noTwLoLWugY9MkQC/DWQHfBBZme51VtZBkR5BGyj0Z7DpvqTez3rAHvJ
yqW2rJLEgQI/8FlbV8DAiF44xvKml4PFyTJXoPAmWcZfoGUQwiVXd7Dcuo2Qcn0w
gwmqNOGLRq74xEgKaJTXvYzNQX5mIAAjzL/6J0/AY8719kcuuhwOeGjKZDUDWUDP
JSrQ5y+zdiIFtz/tTeve6HobPuOWHuDh/U6Q2C7hUZHzV63IQweKeWjmZqe+rNqy
T1gZdWtxGVljgER/ssvBbrF0W/2+E1E65RCazX7RWWMFMXs0TKBvQO9TMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ2D4lN0h4q0Qdbt3CWj7FsSSdahMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbllQaVUzU0hpclJCMXUzY0phUHNXeEpKMXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlfHAwQA
1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQAlmBygNhqzCQxc4YtUVZ/ah8sYZ4BG3IHY
fbDddP0j7LE8hrHbA0eERZG2C0T0NCWmHLL9T2NDzuXQiwSDVB0yFgmFIJHs81qy
Kzqv7GyhGDLV8GZ9ai3oosXG0QMo1zOdGP3mHWcII6frPaqFh9sc/kK+agNGcjAE
miV+CjmKO+VkI9FeICds1mb0AZ0NUUivrnYMmQ4xkb0HTLTcVifo2/v84krmXpQw
7UhOKnTphAQUAlc+36oct1Uu5tYVui0LqtCRqkUMzP0uBEBdEbN2YBnI4XHyPSvJ
pRPqawGKKO5earASIli2iJiEnqH+HdxpO4zT8ksxNm3+BEaR1Dy0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org