Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/BgWPD6_XVs1-f2gq9ItYJc5kCwg.roa
File:                     BgWPD6_XVs1-f2gq9ItYJc5kCwg.roa (raw, json)
Hash identifier:          DXMyVdB3NiW6wTVTHTHRAM6TkJJBCYtWo0Ok7LiFpIk=
Subject key identifier:   06:05:8F:0F:AF:D7:56:CD:7E:7F:68:2A:F4:8B:58:25:CE:64:0B:08
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       08ED65FA
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/BgWPD6_XVs1-f2gq9ItYJc5kCwg.roa
Signing time:             Fri 14 Jan 2022 14:39:18 +0000
ROA not before:           Fri 14 Jan 2022 14:39:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     54252
IP address blocks:        194.76.115.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 149775866 (0x8ed65fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: Jan 14 14:39:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=06058f0fafd756cd7e7f682af48b5825ce640b08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:58:51:3e:25:c7:51:98:a7:92:6e:1e:75:98:
                    be:3e:47:f2:1d:71:b2:49:1f:3f:11:db:0a:31:22:
                    0e:89:da:d8:7c:8b:c3:e6:8a:0d:2e:98:0a:74:c5:
                    c4:e8:32:40:0e:57:b1:5a:21:45:48:f2:e7:d2:b1:
                    de:e1:90:3d:f7:a6:b9:8f:55:de:72:23:98:41:b3:
                    a3:b4:d0:20:06:de:00:55:d9:ee:e5:ba:5c:98:25:
                    e4:8c:6b:2d:48:c6:82:1e:cb:2a:21:28:56:7a:7a:
                    9d:e0:f1:05:cf:a7:24:05:c8:35:d5:90:dc:8e:65:
                    1f:89:d6:5a:bd:e9:00:93:52:37:cb:6d:63:94:aa:
                    b1:19:ed:a4:81:cc:24:77:20:99:03:e0:0c:4e:b5:
                    4d:46:35:e7:22:d0:0c:91:e6:7e:bc:13:e4:8d:1a:
                    cd:4b:62:6e:b5:61:7b:4e:64:74:3d:d3:8e:c8:94:
                    43:6e:09:c4:2b:12:83:de:1e:61:be:14:d7:e4:8b:
                    47:58:5d:47:c1:18:a8:7a:88:e8:c5:9e:41:c0:29:
                    37:7e:1e:d6:74:26:e7:20:b5:f6:f8:18:08:fa:3b:
                    bd:17:14:52:c8:59:af:02:80:ae:07:5d:47:90:8e:
                    c7:69:b6:84:92:f1:65:96:7a:68:23:dd:36:85:8e:
                    3d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:05:8F:0F:AF:D7:56:CD:7E:7F:68:2A:F4:8B:58:25:CE:64:0B:08
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/BgWPD6_XVs1-f2gq9ItYJc5kCwg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.76.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:0b:b8:a5:b4:9b:61:83:7e:24:24:05:54:ce:44:29:89:88:
         88:4a:8d:35:55:c0:4a:84:89:4a:da:bd:1d:64:b1:26:d8:c4:
         a5:32:1f:f3:40:31:43:02:66:a0:e1:fe:60:cb:95:2f:4f:21:
         42:84:90:e5:7e:7d:3a:46:4f:75:fc:5d:48:80:96:e1:79:fc:
         78:a6:7e:97:d9:34:5e:8d:89:cd:3d:f7:76:38:71:fc:f6:e7:
         a6:f2:59:31:55:2f:12:ff:4b:32:1f:25:dd:b2:60:3e:ed:ec:
         15:b1:21:f0:c8:02:b9:6f:c9:a5:66:30:ce:ba:b6:96:bd:96:
         41:d6:8e:18:8b:25:73:50:7f:fb:f9:b3:2a:7c:73:6d:90:dc:
         26:eb:84:ad:d1:22:77:14:ee:2d:94:a0:d9:40:ff:e9:08:e1:
         1e:4d:92:f8:03:9e:46:c1:08:5d:ab:7e:1a:34:55:2b:ac:5b:
         4a:0d:65:c3:cc:f7:cd:8c:aa:b0:2e:7b:f0:05:ef:ba:e1:3c:
         f7:4c:22:19:10:8c:74:f7:02:8e:c0:a7:45:d3:2c:3d:4b:50:
         e5:fc:3b:4f:5a:d0:c5:5e:25:54:ba:2e:98:6f:f6:47:b9:d5:
         e5:5c:02:b0:e0:33:6b:3f:43:8c:db:b7:e1:d9:4c:8a:5e:b6:
         4c:96:8b:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECO1l+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MWVmOTY5NGFhNDhkODEyNzllOGVkZTQzMDc5NWYyNzY4ZDJkZDUyMB4XDTIyMDEx
NDE0MzkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDYwNThmMGZhZmQ3
NTZjZDdlN2Y2ODJhZjQ4YjU4MjVjZTY0MGIwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRYUT4lx1GYp5JuHnWYvj5H8h1xskkfPxHbCjEiDona2HyL
w+aKDS6YCnTFxOgyQA5XsVohRUjy59Kx3uGQPfemuY9V3nIjmEGzo7TQIAbeAFXZ
7uW6XJgl5IxrLUjGgh7LKiEoVnp6neDxBc+nJAXINdWQ3I5lH4nWWr3pAJNSN8tt
Y5SqsRntpIHMJHcgmQPgDE61TUY15yLQDJHmfrwT5I0azUtibrVhe05kdD3TjsiU
Q24JxCsSg94eYb4U1+SLR1hdR8EYqHqI6MWeQcApN34e1nQm5yC19vgYCPo7vRcU
UshZrwKArgddR5COx2m2hJLxZZZ6aCPdNoWOPTkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQGBY8Pr9dWzX5/aCr0i1glzmQLCDAfBgNVHSMEGDAWgBTh75aUqkjYEnno
7eQweV8naNLdUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRlLVdsS3BJMkJKNTZPM2tNSGxmSjJqUzNWSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvYjA1NjY3LWU4NTAtNGM0NS1hZWUzLWFkZWQxYzQ2OWVhZi8x
L0JnV1BENl9YVnMxLWYyZ3E5SXRZSmM1a0N3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
YjA1NjY3LWU4NTAtNGM0NS1hZWUzLWFkZWQxYzQ2OWVhZi8xLzRlLVdsS3BJMkJK
NTZPM2tNSGxmSjJqUzNWSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJMczANBgkqhkiG9w0BAQsFAAOC
AQEAQwu4pbSbYYN+JCQFVM5EKYmIiEqNNVXASoSJStq9HWSxJtjEpTIf80AxQwJm
oOH+YMuVL08hQoSQ5X59OkZPdfxdSICW4Xn8eKZ+l9k0Xo2JzT33djhx/PbnpvJZ
MVUvEv9LMh8l3bJgPu3sFbEh8MgCuW/JpWYwzrq2lr2WQdaOGIslc1B/+/mzKnxz
bZDcJuuErdEidxTuLZSg2UD/6QjhHk2S+AOeRsEIXat+GjRVK6xbSg1lw8z3zYyq
sC578AXvuuE890wiGRCMdPcCjsCnRdMsPUtQ5fw7T1rQxV4lVLoumG/2R7nV5VwC
sOAzaz9DjNu34dlMil62TJaLMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:07 2024 by rpki-client on console-ams.rpki-client.org