Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/PtOQJj3xyVfnBjV9RrNgrY57Hsc.roa
File:                     PtOQJj3xyVfnBjV9RrNgrY57Hsc.roa (raw, json)
Hash identifier:          M3njtT7ZZFfULJ2zD0dTWvyL+0dpx8d+ZrbBcUe85wc=
Subject key identifier:   3E:D3:90:26:3D:F1:C9:57:E7:06:35:7D:46:B3:60:AD:8E:7B:1E:C7
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       01852E0176EC3CEB4616FE90BCF5895ACDCC
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/PtOQJj3xyVfnBjV9RrNgrY57Hsc.roa
Signing time:             Tue 20 Dec 2022 05:28:45 +0000
ROA not before:           Tue 20 Dec 2022 05:28:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205196
IP address blocks:        104.247.181.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2e:01:76:ec:3c:eb:46:16:fe:90:bc:f5:89:5a:cd:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Dec 20 05:28:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ed390263df1c957e706357d46b360ad8e7b1ec7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ee:0e:41:79:06:82:9d:e0:4b:81:b0:b5:dc:
                    14:56:58:c5:3d:f0:84:33:06:f2:20:98:18:57:f9:
                    7e:65:8a:75:e0:6f:30:5d:68:5b:29:da:d9:44:1a:
                    1a:0d:a4:82:71:81:d9:72:8f:fc:68:45:03:4b:ac:
                    80:83:a6:88:76:73:69:b4:60:a2:19:a9:cc:db:40:
                    28:be:d6:93:1b:06:33:46:08:69:6a:70:62:e8:0b:
                    6c:0d:e1:18:d7:4a:6a:7f:93:ea:9b:29:02:8f:95:
                    05:2e:0d:df:7b:2b:a7:1a:49:f4:fb:ba:b1:2f:9e:
                    ba:78:fb:82:04:b6:66:a1:44:a2:fa:e0:c0:87:b8:
                    48:8d:30:34:53:ab:d9:9d:c0:d1:c0:23:a4:f1:f9:
                    14:24:54:1c:ed:5f:57:e7:86:6b:51:3f:43:29:52:
                    12:62:38:d3:58:1e:f8:0f:e4:5b:8a:70:fa:eb:89:
                    76:ef:dc:13:78:76:64:d2:e6:e5:b0:0d:c3:37:a2:
                    2f:8c:27:d8:2b:66:6c:be:f5:67:32:f4:93:cb:d4:
                    47:2b:7b:7c:2e:67:d8:88:fb:7d:b8:fc:c5:5e:36:
                    7d:2e:89:02:ab:53:6f:79:11:6c:dc:3b:72:6a:dc:
                    59:60:c1:77:47:0e:b4:e2:12:61:f6:22:99:ca:55:
                    35:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D3:90:26:3D:F1:C9:57:E7:06:35:7D:46:B3:60:AD:8E:7B:1E:C7
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/PtOQJj3xyVfnBjV9RrNgrY57Hsc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:c1:09:bf:28:f0:73:64:45:b0:39:13:df:73:25:0c:24:b9:
         98:fc:07:2a:40:4c:5f:3e:a8:e6:7c:82:74:c9:79:83:7e:b0:
         90:f6:77:cd:97:34:a2:89:3b:46:10:1b:fc:a5:a4:8b:13:60:
         12:90:31:4b:aa:05:7c:25:74:15:d6:df:a4:68:b8:79:43:f4:
         99:cc:81:b6:00:e7:2a:3b:77:39:9b:ba:f3:cc:6e:bc:53:78:
         b2:2c:57:d2:fd:19:71:65:36:be:b5:88:aa:df:7f:07:11:3d:
         a3:53:6f:56:e9:2c:4c:a9:67:df:be:12:0c:7e:b3:aa:c8:3c:
         e3:86:9c:47:ab:a8:6a:b2:b6:0d:18:38:02:a1:2c:b7:b6:25:
         ee:ee:2e:80:f5:69:72:e7:01:c0:03:e8:27:0b:fd:98:60:75:
         d5:1c:24:31:09:05:ad:b4:fd:e7:31:56:45:9a:e7:88:e2:44:
         1f:8d:16:6b:de:66:69:b1:b3:41:2d:76:12:40:80:7f:95:71:
         4f:88:f7:3f:c3:05:35:e1:a6:c1:c8:ac:42:9f:ad:31:0f:09:
         76:ec:db:5c:17:f0:14:94:54:19:57:0e:7b:bb:71:f7:fa:1c:
         d4:3f:8c:4f:b1:64:11:ec:07:b8:9d:9c:3c:c3:dd:15:cf:aa:
         d5:b2:78:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUuAXbsPOtGFv6QvPWJWs3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjIxMjIwMDUyODQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWQzOTAyNjNkZjFjOTU3ZTcwNjM1N2Q0NmIzNjBhZDhlN2IxZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe4OQXkGgp3gS4GwtdwUVljFPfCE
MwbyIJgYV/l+ZYp14G8wXWhbKdrZRBoaDaSCcYHZco/8aEUDS6yAg6aIdnNptGCi
GanM20AovtaTGwYzRghpanBi6AtsDeEY10pqf5PqmykCj5UFLg3feyunGkn0+7qx
L566ePuCBLZmoUSi+uDAh7hIjTA0U6vZncDRwCOk8fkUJFQc7V9X54ZrUT9DKVIS
YjjTWB74D+RbinD664l279wTeHZk0ublsA3DN6IvjCfYK2ZsvvVnMvSTy9RHK3t8
LmfYiPt9uPzFXjZ9LokCq1NveRFs3DtyatxZYMF3Rw604hJh9iKZylU1NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD7TkCY98clX5wY1fUazYK2Oex7HMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvUHRPUUpqM3h5VmZuQmpWOVJyTmdyWTU3SHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaPe1MA0G
CSqGSIb3DQEBCwUAA4IBAQBOwQm/KPBzZEWwORPfcyUMJLmY/AcqQExfPqjmfIJ0
yXmDfrCQ9nfNlzSiiTtGEBv8paSLE2ASkDFLqgV8JXQV1t+kaLh5Q/SZzIG2AOcq
O3c5m7rzzG68U3iyLFfS/RlxZTa+tYiq338HET2jU29W6SxMqWffvhIMfrOqyDzj
hpxHq6hqsrYNGDgCoSy3tiXu7i6A9Wly5wHAA+gnC/2YYHXVHCQxCQWttP3nMVZF
mueI4kQfjRZr3mZpsbNBLXYSQIB/lXFPiPc/wwU14abByKxCn60xDwl27NtcF/AU
lFQZVw57u3H3+hzUP4xPsWQR7Ae4nZw8w90Vz6rVsnjr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org