Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/zQGZ8w4ULFTn99tYKw10ATO2HVM.roa
File:                     zQGZ8w4ULFTn99tYKw10ATO2HVM.roa (raw, json)
Hash identifier:          Zb/9lq17ANcjbfP0HqkkZ5+n2GHNEKr7HMIFXMd0Z/o=
Subject key identifier:   CD:01:99:F3:0E:14:2C:54:E7:F7:DB:58:2B:0D:74:01:33:B6:1D:53
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       09004300
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/zQGZ8w4ULFTn99tYKw10ATO2HVM.roa
Signing time:             Sat 01 Jan 2022 16:00:23 +0000
ROA not before:           Sat 01 Jan 2022 16:00:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     36352
IP address blocks:        194.31.143.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 151012096 (0x9004300)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  1 16:00:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cd0199f30e142c54e7f7db582b0d740133b61d53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:79:f5:24:00:29:ab:8f:48:66:05:dc:79:7c:
                    cd:a7:30:52:d3:fa:3e:6a:83:d6:b7:0b:ee:0a:a5:
                    2e:f7:3c:49:70:27:fc:5c:d8:c2:3e:fe:1b:79:18:
                    3c:d3:0c:0d:2a:dd:ca:f5:66:6c:27:32:2c:22:1b:
                    d8:3c:d2:54:c3:1a:e4:9f:cf:00:49:16:86:40:ea:
                    36:89:50:a4:31:a1:b8:85:17:07:a7:1f:8a:2b:23:
                    38:be:f8:84:33:2f:c0:c6:51:3f:fb:ee:58:98:2e:
                    a0:ae:ff:39:f3:c5:de:71:5b:8c:0f:9a:12:34:3f:
                    30:fe:9e:b4:e7:e6:b9:ba:66:1b:ce:9b:e8:24:f5:
                    b7:1a:8c:8a:ff:2d:a6:b4:4b:05:ed:7b:06:02:f2:
                    87:90:09:61:49:a1:92:2f:09:4f:0f:92:ad:63:e0:
                    05:f3:e7:fb:a6:cd:3c:c7:24:81:2c:6b:37:b8:01:
                    58:93:5a:a6:73:b0:9e:81:8d:15:eb:5d:2d:c6:4a:
                    d6:9f:16:a7:73:2e:11:18:fd:b3:6f:f5:d3:31:51:
                    6a:62:d4:23:48:b5:d4:2a:ba:45:fe:17:00:67:07:
                    6d:b1:e3:84:32:03:35:82:8d:c8:40:fc:c3:70:cf:
                    9a:af:7f:eb:0a:ac:ad:1a:57:b8:df:b5:7a:7b:0b:
                    47:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:01:99:F3:0E:14:2C:54:E7:F7:DB:58:2B:0D:74:01:33:B6:1D:53
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/zQGZ8w4ULFTn99tYKw10ATO2HVM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.31.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:30:e1:94:62:fb:71:7e:49:01:21:ae:6d:08:ad:de:6e:e2:
         b0:12:8a:c7:44:ef:1c:80:f6:ec:af:83:5a:b6:2e:18:9e:a7:
         84:63:cc:fc:c8:6c:5b:af:c4:37:53:8b:73:cc:b3:24:e9:24:
         58:b4:f4:70:38:d2:2f:71:2d:9f:9b:70:93:44:ac:f8:5d:68:
         9e:38:ca:25:b7:a5:7b:df:c0:ee:38:e3:84:7d:5a:ba:db:ab:
         b3:75:8c:12:17:f8:6d:85:06:46:5c:42:87:f6:bf:93:ab:ec:
         08:24:35:c3:be:0f:53:07:32:c5:87:bf:45:17:f4:6e:d0:cd:
         bd:65:84:8e:82:05:2f:3b:27:e4:fe:29:f2:a2:31:d1:4a:9b:
         99:19:28:90:d3:a9:44:fa:3d:83:3b:55:a8:29:47:4a:d1:3a:
         7c:8b:12:77:67:bb:a5:ca:f9:d6:1b:3e:29:fc:27:75:a1:9a:
         07:76:d7:44:53:94:3e:95:f3:8d:c4:14:d4:95:62:08:d9:64:
         b0:43:ef:9b:29:23:79:d3:d9:38:ff:8d:e1:5e:22:63:a5:01:
         51:7f:3a:8f:54:7b:dd:f0:d6:a8:e1:87:c4:a9:3c:de:6e:69:
         9f:15:5d:bd:67:3c:2b:2f:65:aa:f9:db:b8:80:7a:cb:92:b6:
         da:18:ff:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECQBDADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QwMTk5ZjMwZTE0
MmM1NGU3ZjdkYjU4MmIwZDc0MDEzM2I2MWQ1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANV59SQAKauPSGYF3Hl8zacwUtP6PmqD1rcL7gqlLvc8SXAn
/FzYwj7+G3kYPNMMDSrdyvVmbCcyLCIb2DzSVMMa5J/PAEkWhkDqNolQpDGhuIUX
B6cfiisjOL74hDMvwMZRP/vuWJguoK7/OfPF3nFbjA+aEjQ/MP6etOfmubpmG86b
6CT1txqMiv8tprRLBe17BgLyh5AJYUmhki8JTw+SrWPgBfPn+6bNPMckgSxrN7gB
WJNapnOwnoGNFetdLcZK1p8Wp3MuERj9s2/10zFRamLUI0i11Cq6Rf4XAGcHbbHj
hDIDNYKNyED8w3DPmq9/6wqsrRpXuN+1ensLR30CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTNAZnzDhQsVOf321grDXQBM7YdUzAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L3pRR1o4dzRVTEZUbjk5dFlLdzEwQVRPMkhWTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIfjzANBgkqhkiG9w0BAQsFAAOC
AQEAdTDhlGL7cX5JASGubQit3m7isBKKx0TvHID27K+DWrYuGJ6nhGPM/MhsW6/E
N1OLc8yzJOkkWLT0cDjSL3Etn5twk0Ss+F1onjjKJbele9/A7jjjhH1auturs3WM
Ehf4bYUGRlxCh/a/k6vsCCQ1w74PUwcyxYe/RRf0btDNvWWEjoIFLzsn5P4p8qIx
0UqbmRkokNOpRPo9gztVqClHStE6fIsSd2e7pcr51hs+KfwndaGaB3bXRFOUPpXz
jcQU1JViCNlksEPvmykjedPZOP+N4V4iY6UBUX86j1R73fDWqOGHxKk83m5pnxVd
vWc8Ky9lqvnbuIB6y5K22hj/NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org