Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/EsvPzUkfG1Id7UlfoVEwzdwkTBo.roa
File:                     EsvPzUkfG1Id7UlfoVEwzdwkTBo.roa (raw, json)
Hash identifier:          jM6XarqStwM31vid2H/i8Cu4a/yb4h5sdbr3nvTsmiE=
Subject key identifier:   12:CB:CF:CD:49:1F:1B:52:1D:ED:49:5F:A1:51:30:CD:DC:24:4C:1A
Certificate issuer:       /CN=b204eaf8db13ef433cf98229d232d330a5f5e256
Certificate serial:       10927D25
Authority key identifier: B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/EsvPzUkfG1Id7UlfoVEwzdwkTBo.roa
Signing time:             Sat 01 Jan 2022 08:57:30 +0000
ROA not before:           Sat 01 Jan 2022 08:57:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     680
IP address blocks:        192.26.192.0/23 maxlen: 23
                          131.234.0.0/16 maxlen: 16
                          192.26.176.0/20 maxlen: 20
                          192.26.174.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 278035749 (0x10927d25)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b204eaf8db13ef433cf98229d232d330a5f5e256
        Validity
            Not Before: Jan  1 08:57:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=12cbcfcd491f1b521ded495fa15130cddc244c1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:9b:e3:19:e6:4d:0e:d6:6a:c2:20:2b:a0:c2:
                    cc:5e:ed:f1:69:f6:9c:1c:04:32:ca:3e:b2:46:10:
                    3a:28:d5:5a:e4:e6:7a:bf:58:d0:b0:64:93:19:cd:
                    26:c7:86:7d:55:ca:15:a4:96:ba:ee:56:68:04:fa:
                    4b:1d:eb:e1:49:a3:78:a3:30:19:04:d8:ee:1b:b3:
                    cb:d1:26:90:87:e2:25:77:72:b6:41:09:7b:5c:67:
                    ac:47:36:78:77:c9:9e:1c:84:73:79:c8:d6:42:71:
                    97:1d:92:ce:98:41:a4:13:1f:51:c2:20:0f:95:29:
                    b2:92:e4:fc:42:d9:b4:0e:33:2b:55:eb:09:39:fa:
                    b5:9f:e6:11:03:a2:45:e3:8a:11:cc:c9:e4:1f:d6:
                    7d:91:85:6b:eb:f8:53:b2:00:1f:c3:d7:1d:f4:27:
                    2d:ca:2b:4b:04:cf:3b:72:d2:5a:8e:81:77:a1:86:
                    b2:87:54:9f:78:d3:d2:79:02:b9:b5:a0:42:fc:57:
                    10:db:cc:f8:ca:b5:1d:d9:5d:f0:dc:33:9a:4c:f9:
                    f4:41:e2:9c:d1:1a:b1:67:6e:e5:cc:4f:a4:ac:da:
                    f5:c1:76:58:bb:6c:27:1c:ed:a2:5d:c1:d3:ad:bb:
                    53:5b:05:a9:c6:6d:1c:cd:d8:80:f8:81:02:ef:f1:
                    a4:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:CB:CF:CD:49:1F:1B:52:1D:ED:49:5F:A1:51:30:CD:DC:24:4C:1A
            X509v3 Authority Key Identifier:
                keyid:B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/EsvPzUkfG1Id7UlfoVEwzdwkTBo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.234.0.0/16
                  192.26.174.0-192.26.193.255

    Signature Algorithm: sha256WithRSAEncryption
         61:12:5e:df:87:47:bf:c7:0c:1b:2d:c8:04:2c:24:96:d5:db:
         64:71:cd:7d:38:a2:46:c9:ac:44:f3:fb:6d:8b:10:d5:21:89:
         ec:71:b2:aa:14:a5:91:2f:ec:86:99:2b:95:ad:80:c0:3d:81:
         a0:f2:78:b0:45:8f:62:48:b4:93:57:ba:77:fa:ee:1a:20:c3:
         08:b7:f2:35:0e:51:35:48:b0:88:10:ea:76:bd:d6:ec:18:6a:
         68:c8:ab:c2:05:7e:44:bb:f5:b9:86:28:d7:22:a1:d0:69:dd:
         70:61:cb:9b:58:b8:4a:1a:6f:6e:a6:4b:17:46:fd:d2:db:7b:
         0e:2e:7a:43:b5:46:d8:d0:63:77:21:8f:5f:a2:b4:82:63:7b:
         7f:08:d8:60:27:a4:f8:a0:77:49:86:29:a4:4e:29:ef:e0:b6:
         e8:ae:dd:44:17:46:e0:b1:1d:56:59:20:2e:8e:1c:b6:e4:ce:
         95:49:3b:72:99:3a:27:0a:be:19:1e:51:e7:51:92:8f:be:08:
         98:0f:b7:cf:80:73:f6:c0:e2:b3:75:38:71:65:31:6a:71:0e:
         1b:2a:c8:f0:15:64:56:43:b4:4a:82:5e:72:a8:1e:ac:5a:4b:
         02:1c:8d:26:5c:55:71:23:93:79:56:fe:7f:8c:2c:3a:28:9a:
         6a:e0:15:9c
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIEEJJ9JTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MjA0ZWFmOGRiMTNlZjQzM2NmOTgyMjlkMjMyZDMzMGE1ZjVlMjU2MB4XDTIyMDEw
MTA4NTczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTJjYmNmY2Q0OTFm
MWI1MjFkZWQ0OTVmYTE1MTMwY2RkYzI0NGMxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWb4xnmTQ7WasIgK6DCzF7t8Wn2nBwEMso+skYQOijVWuTm
er9Y0LBkkxnNJseGfVXKFaSWuu5WaAT6Sx3r4UmjeKMwGQTY7huzy9EmkIfiJXdy
tkEJe1xnrEc2eHfJnhyEc3nI1kJxlx2SzphBpBMfUcIgD5UpspLk/ELZtA4zK1Xr
CTn6tZ/mEQOiReOKEczJ5B/WfZGFa+v4U7IAH8PXHfQnLcorSwTPO3LSWo6Bd6GG
sodUn3jT0nkCubWgQvxXENvM+Mq1Hdld8Nwzmkz59EHinNEasWdu5cxPpKza9cF2
WLtsJxztol3B0627U1sFqcZtHM3YgPiBAu/xpAcCAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBQSy8/NSR8bUh3tSV+hUTDN3CRMGjAfBgNVHSMEGDAWgBSyBOr42xPvQzz5
ginSMtMwpfXiVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NnVHEtTnNUNzBNOC1ZSXAwakxUTUtYMTRsWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvNTk3NjM4LTcxM2MtNDRiNy05YjcwLTI1MDE3ZWM5NDA5NS8x
L0VzdlB6VWtmRzFJZDdVbGZvVkV3emR3a1RCby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
NTk3NjM4LTcxM2MtNDRiNy05YjcwLTI1MDE3ZWM5NDA5NS8xL3NnVHEtTnNUNzBN
OC1ZSXAwakxUTUtYMTRsWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAs
BggrBgEFBQcBBwEB/wQdMBswGQQCAAEwEwMDAIPqMAwDBAHAGq4DBAHAGsAwDQYJ
KoZIhvcNAQELBQADggEBAGESXt+HR7/HDBstyAQsJJbV22RxzX04okbJrETz+22L
ENUhiexxsqoUpZEv7IaZK5WtgMA9gaDyeLBFj2JItJNXunf67hogwwi38jUOUTVI
sIgQ6na91uwYamjIq8IFfkS79bmGKNciodBp3XBhy5tYuEoab26mSxdG/dLbew4u
ekO1RtjQY3chj1+itIJje38I2GAnpPigd0mGKaROKe/gtuiu3UQXRuCxHVZZIC6O
HLbkzpVJO3KZOicKvhkeUedRko++CJgPt8+Ac/bA4rN1OHFlMWpxDhsqyPAVZFZD
tEqCXnKoHqxaSwIcjSZcVXEjk3lW/n+MLDoommrgFZw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:43 2024 by rpki-client on console-ams.rpki-client.org