Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/OaNUgZKYQtXL30mnRU0fq370iwM.roa
File:                     OaNUgZKYQtXL30mnRU0fq370iwM.roa (raw, json)
Hash identifier:          HjAfsDAu+7IXh5P0awwZt741fCfM2gN6miCc0KkkwRU=
Subject key identifier:   39:A3:54:81:92:98:42:D5:CB:DF:49:A7:45:4D:1F:AB:7E:F4:8B:03
Certificate issuer:       /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial:       1567B35F
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/OaNUgZKYQtXL30mnRU0fq370iwM.roa
Signing time:             Sat 01 Jan 2022 08:04:54 +0000
ROA not before:           Sat 01 Jan 2022 08:04:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     262287
IP address blocks:        185.89.250.0/24 maxlen: 24
                          62.100.208.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 359117663 (0x1567b35f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
        Validity
            Not Before: Jan  1 08:04:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=39a35481929842d5cbdf49a7454d1fab7ef48b03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b9:d4:41:e7:15:f1:76:2f:d6:00:14:8e:11:
                    c6:ee:5e:b2:4f:9b:d0:ee:a6:3a:ef:b2:a1:81:5f:
                    5a:e2:a8:ae:c0:9f:27:80:1f:09:a4:82:34:31:f5:
                    d8:92:91:a1:67:b4:1f:1a:65:68:3f:3a:8b:32:93:
                    95:59:19:eb:90:54:91:eb:96:96:23:08:39:c9:b8:
                    29:80:e5:42:d3:a8:a0:7e:a1:62:e5:b7:61:30:2f:
                    45:aa:a5:e6:73:1e:cc:fb:00:e7:ad:74:0f:11:24:
                    6d:45:09:4e:16:54:77:62:9b:75:16:35:79:1f:01:
                    6a:74:02:e1:4d:12:b5:0d:62:84:0a:c9:ff:4c:6d:
                    bf:69:4e:d7:67:69:b4:90:56:79:1a:ac:da:1c:37:
                    1e:20:5c:c1:08:7a:30:bb:41:d7:34:3a:f0:3f:b6:
                    d4:50:18:e4:c6:2e:0e:0c:cb:ac:eb:ea:b1:2b:b5:
                    03:c8:c7:ca:0b:d5:8f:81:07:8b:6c:e0:8e:73:1b:
                    81:36:0b:af:e8:eb:2d:de:25:ec:3f:d6:07:68:87:
                    89:fa:17:5f:b2:be:12:9a:20:b6:92:9e:3f:59:5a:
                    44:1d:ea:cf:7e:91:c1:7b:59:cb:35:2f:82:36:ed:
                    c4:ee:7f:af:fc:ae:75:f1:30:cc:59:d6:0b:2b:b1:
                    68:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:A3:54:81:92:98:42:D5:CB:DF:49:A7:45:4D:1F:AB:7E:F4:8B:03
            X509v3 Authority Key Identifier:
                keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/OaNUgZKYQtXL30mnRU0fq370iwM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.100.208.0/24
                  185.89.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:33:dc:1d:0d:3f:fb:12:75:df:5f:eb:09:3f:47:c4:3d:f1:
         0a:00:ed:e3:19:48:65:78:7f:47:8a:c1:ad:21:3d:83:a6:b6:
         a7:52:c4:d1:ff:a5:a5:85:8e:84:0e:b0:ff:20:0e:97:9a:ba:
         92:c9:b8:10:7e:b4:2d:6f:c9:5a:ba:66:0e:10:3d:2a:ef:fb:
         5e:56:81:f4:c1:7a:b8:b6:ae:5c:ec:55:be:d4:a7:dc:63:6d:
         4b:6b:2b:1c:6d:df:a6:0f:54:2b:ee:7c:cc:cd:30:6a:0c:8c:
         31:83:02:8b:99:8c:81:9e:87:fc:3c:e3:ea:f8:0c:8d:e6:d5:
         eb:2d:99:14:41:f0:f7:ed:cb:be:e2:ed:fd:69:2b:15:8d:c0:
         cf:39:37:80:af:2f:17:36:42:3f:88:e5:ca:dd:6a:c4:58:74:
         43:9e:d1:84:ef:62:99:a5:0b:4e:aa:11:0e:8a:88:5f:17:eb:
         d8:70:f7:98:ca:59:3a:e8:96:fd:55:73:94:5e:43:4e:63:17:
         35:14:49:07:96:32:4f:57:bc:37:98:2a:19:2f:ff:57:be:f6:
         d4:d6:8b:07:05:f6:21:c1:e6:40:2d:2e:4a:a9:9f:ea:1c:21:
         6f:97:8a:b0:84:9b:e5:a5:8b:cd:a6:89:2e:43:60:53:5d:02:
         74:62:4f:b9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFWezXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjA3NDM0OTZjN2ZmM2VmZmI4NzA2MDExMzljYWQ5ZDJmMjcxZTEwMB4XDTIyMDEw
MTA4MDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzlhMzU0ODE5Mjk4
NDJkNWNiZGY0OWE3NDU0ZDFmYWI3ZWY0OGIwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMS51EHnFfF2L9YAFI4Rxu5esk+b0O6mOu+yoYFfWuKorsCf
J4AfCaSCNDH12JKRoWe0HxplaD86izKTlVkZ65BUkeuWliMIOcm4KYDlQtOooH6h
YuW3YTAvRaql5nMezPsA5610DxEkbUUJThZUd2KbdRY1eR8BanQC4U0StQ1ihArJ
/0xtv2lO12dptJBWeRqs2hw3HiBcwQh6MLtB1zQ68D+21FAY5MYuDgzLrOvqsSu1
A8jHygvVj4EHi2zgjnMbgTYLr+jrLd4l7D/WB2iHifoXX7K+EpogtpKeP1laRB3q
z36RwXtZyzUvgjbtxO5/r/yudfEwzFnWCyuxaCECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ5o1SBkphC1cvfSadFTR+rfvSLAzAfBgNVHSMEGDAWgBSfB0NJbH/z7/uH
BgETnK2dLyceEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L253ZERTV3hfOC1fN2h3WUJFNXl0blM4bkhoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvMjJiN2FiLWZjMTEtNDA3YS1iZDNjLTYzNDExMzY3ZDkwYS8x
L09hTlVnWktZUXRYTDMwbW5SVTBmcTM3MGl3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
MjJiN2FiLWZjMTEtNDA3YS1iZDNjLTYzNDExMzY3ZDkwYS8xL253ZERTV3hfOC1f
N2h3WUJFNXl0blM4bkhoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAD5k0AMEALlZ+jANBgkqhkiG9w0B
AQsFAAOCAQEAZDPcHQ0/+xJ131/rCT9HxD3xCgDt4xlIZXh/R4rBrSE9g6a2p1LE
0f+lpYWOhA6w/yAOl5q6ksm4EH60LW/JWrpmDhA9Ku/7XlaB9MF6uLauXOxVvtSn
3GNtS2srHG3fpg9UK+58zM0wagyMMYMCi5mMgZ6H/Dzj6vgMjebV6y2ZFEHw9+3L
vuLt/WkrFY3Azzk3gK8vFzZCP4jlyt1qxFh0Q57RhO9imaULTqoRDoqIXxfr2HD3
mMpZOuiW/VVzlF5DTmMXNRRJB5YyT1e8N5gqGS//V7721NaLBwX2IcHmQC0uSqmf
6hwhb5eKsISb5aWLzaaJLkNgU10CdGJPuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:00 2024 by rpki-client on console-ams.rpki-client.org