Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/Pww0-NSckYR-WIeW7LpVt3-TRZo.roa
File:                     Pww0-NSckYR-WIeW7LpVt3-TRZo.roa (raw, json)
Hash identifier:          dtwVNvA7zE7P65VhNFZCgUMA+VXuKjiT24jDIRrVMyI=
Subject key identifier:   3F:0C:34:F8:D4:9C:91:84:7E:58:87:96:EC:BA:55:B7:7F:93:45:9A
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       01837EBB50E62F99AABABB469C294AD8E8CE
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/Pww0-NSckYR-WIeW7LpVt3-TRZo.roa
Signing time:             Tue 27 Sep 2022 11:35:48 +0000
ROA not before:           Tue 27 Sep 2022 11:35:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212238
IP address blocks:        194.76.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:7e:bb:50:e6:2f:99:aa:ba:bb:46:9c:29:4a:d8:e8:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: Sep 27 11:35:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3f0c34f8d49c91847e588796ecba55b77f93459a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:1e:bf:e5:2f:06:5d:a0:b0:9d:07:76:fd:83:
                    0c:7e:b4:d7:71:77:d2:a9:fb:02:ea:64:ab:33:5f:
                    4b:b9:1f:03:7d:3a:9a:2d:05:11:25:8b:3f:70:a3:
                    58:98:ff:73:15:96:19:fe:01:86:e6:ba:73:60:a6:
                    a9:6c:87:dd:50:9b:34:02:36:7e:05:f3:d7:8b:9e:
                    c6:e7:fb:ec:03:42:87:ca:14:cb:19:bb:8f:71:31:
                    3b:05:e6:8f:f7:a6:95:fd:4a:b8:9a:51:cd:35:24:
                    1d:2f:86:52:e9:cd:72:52:e1:6a:9f:38:9e:04:34:
                    46:07:af:89:49:5b:97:77:75:b6:a9:18:ff:8f:6c:
                    ae:bf:00:56:36:7c:e1:4b:96:a7:60:9d:72:1a:d9:
                    d4:1d:d6:f9:5a:c9:ea:28:a5:c7:bd:21:b0:f6:ce:
                    4e:aa:c9:b1:bb:83:01:17:35:e5:b9:bd:e6:e2:9c:
                    0f:72:e3:a3:8f:b1:db:e7:74:f5:0d:ce:a9:f3:f5:
                    1d:61:10:16:c7:c3:06:d6:b1:ba:f0:d8:e9:03:b4:
                    16:4d:cc:f6:7b:09:c6:0f:02:c1:63:ee:1c:14:e6:
                    79:b0:ad:39:4b:66:b3:d6:2b:ea:28:a9:4b:29:81:
                    b8:78:ab:3d:d8:3e:be:78:df:66:74:bd:28:e0:07:
                    db:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:0C:34:F8:D4:9C:91:84:7E:58:87:96:EC:BA:55:B7:7F:93:45:9A
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/Pww0-NSckYR-WIeW7LpVt3-TRZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.76.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:73:5f:56:32:d8:05:e2:04:8a:38:fc:c4:4c:a2:82:1a:3c:
         8f:e1:ce:07:83:fb:73:ce:ba:7b:7c:02:f9:19:7f:6c:83:27:
         20:b1:36:07:a0:f8:f0:e5:27:ac:43:1e:7f:4b:f8:f5:6d:fb:
         f6:41:e5:60:4f:c0:b2:3c:da:fc:b6:9b:a4:d6:17:c6:8e:e3:
         32:7b:52:37:3d:ce:64:86:77:74:fb:f4:b2:ad:69:6d:8b:2f:
         04:c3:d0:bf:de:4d:7b:c3:be:6b:fd:bb:e0:3d:be:ec:f6:20:
         8c:f1:ee:99:70:d6:df:fd:6a:ab:14:bf:05:64:d0:2c:97:bc:
         ff:42:64:7c:83:f4:6a:8e:8b:d8:8e:3d:90:5a:3d:ee:35:d9:
         65:96:a4:a8:46:9a:68:49:0e:70:74:c3:9b:96:7d:a9:85:be:
         bb:ff:41:6e:b6:f5:67:0f:23:0a:5b:e9:a5:02:4e:90:40:9e:
         06:5a:f0:f9:45:f1:50:77:53:40:ab:2f:8d:17:fa:e1:d7:a0:
         b1:91:5b:bc:37:fa:89:75:13:b9:27:24:6c:e9:6f:c1:b1:8b:
         e5:c7:a0:b7:03:5e:f6:0f:fb:b8:db:43:28:33:d9:bb:45:c4:
         72:f6:14:e8:87:c9:45:d3:c3:07:2d:d7:e6:0a:b0:0e:7c:36:
         8c:03:24:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN+u1DmL5mqurtGnClK2OjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZWY5Njk0YWE0OGQ4MTI3OWU4ZWRlNDMwNzk1ZjI3Njhk
MmRkNTIwHhcNMjIwOTI3MTEzNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBjMzRmOGQ0OWM5MTg0N2U1ODg3OTZlY2JhNTViNzdmOTM0NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh6/5S8GXaCwnQd2/YMMfrTXcXfS
qfsC6mSrM19LuR8DfTqaLQURJYs/cKNYmP9zFZYZ/gGG5rpzYKapbIfdUJs0AjZ+
BfPXi57G5/vsA0KHyhTLGbuPcTE7BeaP96aV/Uq4mlHNNSQdL4ZS6c1yUuFqnzie
BDRGB6+JSVuXd3W2qRj/j2yuvwBWNnzhS5anYJ1yGtnUHdb5WsnqKKXHvSGw9s5O
qsmxu4MBFzXlub3m4pwPcuOjj7Hb53T1Dc6p8/UdYRAWx8MG1rG68NjpA7QWTcz2
ewnGDwLBY+4cFOZ5sK05S2az1ivqKKlLKYG4eKs92D6+eN9mdL0o4AfbQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8MNPjUnJGEfliHluy6Vbd/k0WaMB8GA1UdIwQY
MBaAFOHvlpSqSNgSeejt5DB5Xydo0t1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMt
YWRlZDFjNDY5ZWFmLzEvUHd3MC1OU2NrWVItV0llVzdMcFZ0My1UUlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMtYWRlZDFjNDY5ZWFm
LzEvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkxxMA0G
CSqGSIb3DQEBCwUAA4IBAQBQc19WMtgF4gSKOPzETKKCGjyP4c4Hg/tzzrp7fAL5
GX9sgycgsTYHoPjw5SesQx5/S/j1bfv2QeVgT8CyPNr8tpuk1hfGjuMye1I3Pc5k
hnd0+/SyrWltiy8Ew9C/3k17w75r/bvgPb7s9iCM8e6ZcNbf/WqrFL8FZNAsl7z/
QmR8g/RqjovYjj2QWj3uNdlllqSoRppoSQ5wdMObln2phb67/0FutvVnDyMKW+ml
Ak6QQJ4GWvD5RfFQd1NAqy+NF/rh16CxkVu8N/qJdRO5JyRs6W/BsYvlx6C3A172
D/u420MoM9m7RcRy9hToh8lF08MHLdfmCrAOfDaMAyS4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:07 2024 by rpki-client on console-ams.rpki-client.org