Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/PEWTYuKqzUF1LPQhouVpuaJ8PQY.roa
File:                     PEWTYuKqzUF1LPQhouVpuaJ8PQY.roa (raw, json)
Hash identifier:          Ijq1Oc8UCVL08gon8qR/lG7+d+QB84kOREO5zl+oFks=
Subject key identifier:   3C:45:93:62:E2:AA:CD:41:75:2C:F4:21:A2:E5:69:B9:A2:7C:3D:06
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       01852A79D9FF8072A31F8804EA2223EBB336
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/PEWTYuKqzUF1LPQhouVpuaJ8PQY.roa
Signing time:             Mon 19 Dec 2022 13:01:46 +0000
ROA not before:           Mon 19 Dec 2022 13:01:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42846
IP address blocks:        104.247.162.0/24 maxlen: 24
                          104.247.161.0/24 maxlen: 24
                          104.247.160.0/24 maxlen: 24
                          104.247.165.0/24 maxlen: 24
                          104.247.164.0/24 maxlen: 24
                          104.247.163.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2a:79:d9:ff:80:72:a3:1f:88:04:ea:22:23:eb:b3:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Dec 19 13:01:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c459362e2aacd41752cf421a2e569b9a27c3d06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:1f:24:a2:3a:c1:fc:db:87:bc:d1:14:21:f5:
                    d2:88:75:0a:cb:11:be:bc:4a:f6:c3:1b:c7:9c:d5:
                    da:8a:33:f6:e2:5b:bd:77:3d:4f:40:45:d4:be:d5:
                    6d:42:34:57:7e:13:db:f8:56:cf:8a:85:c9:3c:f0:
                    1f:f5:46:e6:b5:a7:15:b1:5c:23:39:0c:b6:10:9c:
                    11:7c:d7:4a:bd:42:c8:5f:d2:16:7b:0d:e3:e4:0f:
                    8b:38:41:c6:82:04:6c:fc:67:ed:a5:95:d3:64:4f:
                    f4:f9:ab:0a:51:a9:cd:65:75:d0:c6:53:8a:84:b1:
                    db:2d:bd:2c:52:28:61:87:18:25:a1:6d:a4:8d:4a:
                    b5:c9:50:2f:69:a1:da:e7:6a:af:2b:de:b6:68:2d:
                    9c:0f:02:c7:4c:81:f4:eb:53:87:a6:3b:d8:36:96:
                    6f:5f:38:7b:50:02:f7:0e:5c:d5:cb:83:2b:d2:dd:
                    5d:87:10:cc:ec:40:5c:54:c8:37:dd:ba:68:46:4a:
                    fa:35:3c:51:e1:3a:32:c2:e8:c6:ca:e4:a5:bf:31:
                    21:e2:7b:68:5d:d4:41:5e:99:78:d7:a7:4c:35:7d:
                    62:6e:be:23:20:8c:4c:9e:e5:3c:25:be:a2:b2:6b:
                    3a:ce:98:db:99:9d:28:40:aa:7e:4a:80:a9:21:f6:
                    28:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:45:93:62:E2:AA:CD:41:75:2C:F4:21:A2:E5:69:B9:A2:7C:3D:06
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/PEWTYuKqzUF1LPQhouVpuaJ8PQY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.160.0-104.247.165.255

    Signature Algorithm: sha256WithRSAEncryption
         a4:48:97:35:dc:c0:6c:66:f6:e6:b9:20:8d:ad:34:fd:d3:0e:
         be:bc:d3:8a:82:84:a4:32:9b:4b:96:ea:c8:20:58:51:0b:45:
         85:25:7b:69:86:88:30:fd:48:e9:bf:92:1d:d7:56:db:2d:6d:
         a5:d9:a0:72:f6:b3:c9:3c:88:33:96:96:44:6b:df:97:9f:bf:
         64:ef:0e:c9:f8:94:af:13:0f:fa:6a:25:f0:5c:88:a3:66:0d:
         a2:fe:a2:f1:3f:8a:a1:64:1a:0d:90:a2:b9:af:35:a7:a2:13:
         6b:19:e0:13:e6:7f:f3:77:5d:1c:44:e6:ff:1d:8e:1e:98:e5:
         ff:bc:97:60:36:6f:fe:9f:8c:6c:ff:b9:7e:51:c3:36:92:dd:
         e5:50:5f:9b:16:b1:b2:38:e2:de:0e:f9:af:cd:8d:af:d9:26:
         69:0a:e0:42:c5:1d:7f:1c:eb:d7:ee:84:36:bd:a9:7a:0d:62:
         da:ed:c2:5f:8e:6c:17:13:cd:ce:39:8b:ca:05:76:88:9b:d6:
         ec:2f:0a:da:25:6e:c0:9b:a4:2a:8e:24:aa:24:de:78:aa:c5:
         47:64:fb:80:b3:d3:33:8b:16:73:ea:c7:28:46:21:03:e0:9a:
         9f:c2:b5:16:4f:2e:1c:cc:e0:61:98:82:c9:83:3e:ee:9e:cc:
         18:e5:e1:d1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYUqedn/gHKjH4gE6iIj67M2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjIxMjE5MTMwMTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzQ1OTM2MmUyYWFjZDQxNzUyY2Y0MjFhMmU1NjliOWEyN2MzZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB8kojrB/NuHvNEUIfXSiHUKyxG+
vEr2wxvHnNXaijP24lu9dz1PQEXUvtVtQjRXfhPb+FbPioXJPPAf9UbmtacVsVwj
OQy2EJwRfNdKvULIX9IWew3j5A+LOEHGggRs/GftpZXTZE/0+asKUanNZXXQxlOK
hLHbLb0sUihhhxgloW2kjUq1yVAvaaHa52qvK962aC2cDwLHTIH061OHpjvYNpZv
Xzh7UAL3DlzVy4Mr0t1dhxDM7EBcVMg33bpoRkr6NTxR4ToywujGyuSlvzEh4nto
XdRBXpl416dMNX1ibr4jIIxMnuU8Jb6isms6zpjbmZ0oQKp+SoCpIfYoUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDxFk2Liqs1BdSz0IaLlabmifD0GMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvUEVXVFl1S3F6VUYxTFBRaG91VnB1YUo4UFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVo96AD
BAFo96QwDQYJKoZIhvcNAQELBQADggEBAKRIlzXcwGxm9ua5II2tNP3TDr6804qC
hKQym0uW6sggWFELRYUle2mGiDD9SOm/kh3XVtstbaXZoHL2s8k8iDOWlkRr35ef
v2TvDsn4lK8TD/pqJfBciKNmDaL+ovE/iqFkGg2QormvNaeiE2sZ4BPmf/N3XRxE
5v8djh6Y5f+8l2A2b/6fjGz/uX5RwzaS3eVQX5sWsbI44t4O+a/Nja/ZJmkK4ELF
HX8c69fuhDa9qXoNYtrtwl+ObBcTzc45i8oFdoib1uwvCtolbsCbpCqOJKok3niq
xUdk+4Cz0zOLFnPqxyhGIQPgmp/CtRZPLhzM4GGYgsmDPu6ezBjl4dE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:55 2024 by rpki-client on console-ams.rpki-client.org