Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Qf2dZ-DvKxIWfpbJki9OF6A8ekw.roa
File:                     Qf2dZ-DvKxIWfpbJki9OF6A8ekw.roa (raw, json)
Hash identifier:          AIENeEYkYZtMCc/MWJjEwYMiYmNjyw3bvWojAlsKLHw=
Subject key identifier:   41:FD:9D:67:E0:EF:2B:12:16:7E:96:C9:92:2F:4E:17:A0:3C:7A:4C
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0184C4974D119D1CF5D74C2B933182349E90
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Qf2dZ-DvKxIWfpbJki9OF6A8ekw.roa
Signing time:             Tue 29 Nov 2022 18:12:40 +0000
ROA not before:           Tue 29 Nov 2022 18:12:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     4666
IP address blocks:        194.31.141.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c4:97:4d:11:9d:1c:f5:d7:4c:2b:93:31:82:34:9e:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Nov 29 18:12:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=41fd9d67e0ef2b12167e96c9922f4e17a03c7a4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:db:c8:02:cf:93:e3:17:4e:1d:c3:d0:eb:6c:
                    fb:dd:5d:71:0f:25:47:de:8c:c4:33:75:83:50:61:
                    62:6e:e2:bf:73:0c:e4:d7:20:b5:76:7e:57:8b:62:
                    53:5a:7a:5c:53:47:ab:9e:29:95:0c:94:51:1a:36:
                    5f:30:85:f3:e4:e7:49:52:0c:f0:77:63:6e:6e:fc:
                    ec:af:79:92:6c:e8:f0:37:8b:8a:63:5a:c2:c3:54:
                    fa:25:30:68:62:cf:25:4f:e6:b3:d5:0b:93:ab:d4:
                    83:ac:44:e7:ff:68:75:98:a9:7f:9c:e0:64:cd:16:
                    dc:c5:05:b0:08:e8:67:ee:01:d7:5b:9e:77:b7:21:
                    db:9f:bc:3c:67:80:35:76:84:d2:78:43:1e:5a:a6:
                    b6:56:4f:4a:f2:68:6a:ba:76:c5:f2:6c:49:9b:bb:
                    db:0f:19:a0:38:16:6e:77:27:c8:9e:e0:16:b1:c8:
                    73:22:cf:6a:91:06:bb:25:71:47:78:1f:09:df:26:
                    db:28:e3:6c:03:b0:9b:08:9a:8b:f5:a3:ad:ba:a9:
                    c4:5f:90:e0:c5:fc:27:85:83:a5:7a:29:c0:c0:12:
                    16:ca:d4:eb:b5:c2:7c:87:11:95:89:12:82:45:b3:
                    d1:84:14:28:56:f6:31:39:00:66:8b:b4:4e:a0:84:
                    64:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:FD:9D:67:E0:EF:2B:12:16:7E:96:C9:92:2F:4E:17:A0:3C:7A:4C
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Qf2dZ-DvKxIWfpbJki9OF6A8ekw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.31.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cf:5c:12:ce:2e:f5:19:40:b0:7b:0f:ee:91:33:85:6e:f1:ee:
         7b:e4:bf:95:96:6a:27:0e:d3:ad:a3:7c:15:4f:b7:1f:74:d7:
         76:0a:6e:f1:b7:d1:01:4b:d2:71:0c:49:d0:65:46:7d:fa:a4:
         06:7c:ad:5e:cf:8a:e6:47:30:18:00:f8:af:55:ff:a6:b7:86:
         1d:29:13:b9:96:28:c4:2b:c6:5a:19:82:fe:74:cf:d8:46:61:
         35:b0:88:af:48:cd:c6:0e:03:b5:48:79:1d:69:1a:d2:05:39:
         35:a8:16:2d:58:d5:45:7f:fd:a8:15:7b:91:25:d9:f6:77:9d:
         5b:5c:b4:a9:ef:64:4a:fc:65:29:48:5b:e9:fb:df:e8:d5:b5:
         cb:c7:6e:45:94:a4:0c:5b:66:8c:5d:28:b4:e5:e8:c7:fc:bb:
         fb:6f:e7:b5:46:00:db:52:51:ea:86:d4:4e:83:99:fe:40:98:
         fd:33:95:fc:92:3b:f4:00:6c:66:7b:51:43:96:a9:bf:26:43:
         12:8b:81:4b:fb:09:58:b0:0a:64:7b:05:72:d9:da:c3:39:97:
         4b:c9:69:6d:78:cd:f1:ab:70:e0:ae:c7:ce:7f:cf:0b:5f:3f:
         a4:5c:b4:b6:63:81:c4:07:41:0d:2b:29:d3:1b:1f:64:59:9e:
         8e:91:62:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTEl00RnRz110wrkzGCNJ6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMTI5MTgxMjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZkOWQ2N2UwZWYyYjEyMTY3ZTk2Yzk5MjJmNGUxN2EwM2M3YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtvIAs+T4xdOHcPQ62z73V1xDyVH
3ozEM3WDUGFibuK/cwzk1yC1dn5Xi2JTWnpcU0ernimVDJRRGjZfMIXz5OdJUgzw
d2Nubvzsr3mSbOjwN4uKY1rCw1T6JTBoYs8lT+az1QuTq9SDrETn/2h1mKl/nOBk
zRbcxQWwCOhn7gHXW553tyHbn7w8Z4A1doTSeEMeWqa2Vk9K8mhqunbF8mxJm7vb
DxmgOBZudyfInuAWschzIs9qkQa7JXFHeB8J3ybbKONsA7CbCJqL9aOtuqnEX5Dg
xfwnhYOleinAwBIWytTrtcJ8hxGViRKCRbPRhBQoVvYxOQBmi7ROoIRkqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEH9nWfg7ysSFn6WyZIvThegPHpMMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUWYyZFotRHZLeElXZnBiSmtpOU9GNkE4ZWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+NMA0G
CSqGSIb3DQEBCwUAA4IBAQDPXBLOLvUZQLB7D+6RM4Vu8e575L+VlmonDtOto3wV
T7cfdNd2Cm7xt9EBS9JxDEnQZUZ9+qQGfK1ez4rmRzAYAPivVf+mt4YdKRO5lijE
K8ZaGYL+dM/YRmE1sIivSM3GDgO1SHkdaRrSBTk1qBYtWNVFf/2oFXuRJdn2d51b
XLSp72RK/GUpSFvp+9/o1bXLx25FlKQMW2aMXSi05ejH/Lv7b+e1RgDbUlHqhtRO
g5n+QJj9M5X8kjv0AGxme1FDlqm/JkMSi4FL+wlYsApkewVy2drDOZdLyWlteM3x
q3DgrsfOf88LXz+kXLS2Y4HEB0ENKynTGx9kWZ6OkWKG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org