Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/PeWDT_83eUNMB0pLFOzTFYFYX5U.roa
File:                     PeWDT_83eUNMB0pLFOzTFYFYX5U.roa (raw, json)
Hash identifier:          Xo1u2XyWe2mv2yPdImC/F/OilLofE131qCEAcyRpx/4=
Subject key identifier:   3D:E5:83:4F:FF:37:79:43:4C:07:4A:4B:14:EC:D3:15:81:58:5F:95
Certificate issuer:       /CN=2becef943d34c80e0a0fd81426e6136b31508fee
Certificate serial:       03EB699F
Authority key identifier: 2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/PeWDT_83eUNMB0pLFOzTFYFYX5U.roa
Signing time:             Tue 22 Feb 2022 18:57:12 +0000
ROA not before:           Tue 22 Feb 2022 18:57:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15704
IP address blocks:        185.195.179.0/24 maxlen: 24
                          185.195.178.0/24 maxlen: 24
                          185.195.177.0/24 maxlen: 24
                          185.195.176.0/24 maxlen: 24
                          185.195.176.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65759647 (0x3eb699f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2becef943d34c80e0a0fd81426e6136b31508fee
        Validity
            Not Before: Feb 22 18:57:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3de5834fff3779434c074a4b14ecd31581585f95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cf:d7:ce:e8:62:41:a6:68:91:71:ee:62:10:
                    67:f3:e4:60:9f:21:db:7e:ef:7b:95:53:87:94:e1:
                    7d:7d:44:43:a7:97:a2:66:ab:fc:d1:8e:84:11:60:
                    17:ae:b9:db:89:16:64:8b:e1:df:0b:35:de:ec:29:
                    06:a2:bd:1b:f1:42:fb:47:1d:f4:2d:50:2f:76:c7:
                    d9:21:ca:30:b3:34:ba:61:d1:da:53:d1:eb:86:34:
                    a8:c9:f2:57:7d:18:d5:3d:5c:ab:90:42:ee:33:a0:
                    24:b7:05:00:75:0c:7d:1f:66:41:dc:2f:3e:a9:6f:
                    7c:17:54:d8:c4:a4:2b:9d:6d:9f:cd:e3:44:ca:2d:
                    a9:56:a3:c0:32:35:ba:88:9f:7e:30:9e:9a:2c:b4:
                    96:07:5c:1c:15:0b:17:29:91:56:4d:32:f7:98:d0:
                    a3:11:72:e0:6a:26:cb:fe:ac:c4:cd:66:68:14:0a:
                    0b:5a:41:57:c8:9d:21:ab:3d:fd:66:19:bb:26:f9:
                    a2:68:81:45:ab:e3:f8:10:23:da:e4:8b:16:70:9f:
                    99:86:b4:0e:a1:11:11:cd:b7:6c:c0:8a:f6:ae:a1:
                    5c:3a:1e:c7:18:b6:c7:2a:41:45:86:82:7c:d5:c6:
                    26:0f:49:d7:5f:72:56:62:17:cb:78:fa:9f:06:c7:
                    7c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:E5:83:4F:FF:37:79:43:4C:07:4A:4B:14:EC:D3:15:81:58:5F:95
            X509v3 Authority Key Identifier:
                keyid:2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/PeWDT_83eUNMB0pLFOzTFYFYX5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/K-zvlD00yA4KD9gUJuYTazFQj-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.195.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:18:1d:a9:ba:7a:48:a5:00:4a:a7:8e:0f:3a:8d:9d:31:1e:
         06:ce:f1:2a:8f:ed:bf:67:7f:2d:66:3b:26:e8:9e:32:59:43:
         06:2c:a5:c9:1a:21:87:0b:cb:69:ab:b6:1a:92:3f:16:7b:68:
         62:5c:0c:62:cf:a9:c1:60:84:f1:3f:97:92:61:4f:27:76:53:
         f2:c3:de:89:d0:4a:8c:4a:74:48:79:22:83:c0:87:8d:15:1d:
         e7:2a:26:8c:a6:47:9b:f3:03:2a:37:b3:17:1e:6b:87:20:ba:
         78:fd:71:e7:1b:2d:2d:bc:df:97:1a:96:0f:77:14:30:5c:53:
         a3:81:5f:67:64:4b:9c:d9:8f:e0:67:99:eb:81:52:7c:5b:8e:
         8e:c7:3b:39:af:af:41:0a:6b:79:fd:2a:2f:f1:c3:35:cc:3a:
         e7:4c:2d:85:f4:24:cb:2b:d2:a4:b6:91:f5:6c:8a:33:8b:89:
         67:48:a1:23:16:da:a2:db:cc:7d:a9:5b:58:2f:f3:66:d8:9f:
         24:de:a4:3d:72:97:00:a4:1d:f6:c1:12:d2:1d:d1:98:56:ab:
         e5:70:c0:e7:1f:98:bf:69:cc:75:99:38:26:ec:6c:10:f6:b5:
         cc:4e:9e:15:0b:b0:b4:8c:2b:2a:c3:6a:c2:da:62:db:1e:65:
         dc:65:63:87
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+tpnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YmVjZWY5NDNkMzRjODBlMGEwZmQ4MTQyNmU2MTM2YjMxNTA4ZmVlMB4XDTIyMDIy
MjE4NTcxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2RlNTgzNGZmZjM3
Nzk0MzRjMDc0YTRiMTRlY2QzMTU4MTU4NWY5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrP187oYkGmaJFx7mIQZ/PkYJ8h237ve5VTh5ThfX1EQ6eX
omar/NGOhBFgF66524kWZIvh3ws13uwpBqK9G/FC+0cd9C1QL3bH2SHKMLM0umHR
2lPR64Y0qMnyV30Y1T1cq5BC7jOgJLcFAHUMfR9mQdwvPqlvfBdU2MSkK51tn83j
RMotqVajwDI1uoiffjCemiy0lgdcHBULFymRVk0y95jQoxFy4Gomy/6sxM1maBQK
C1pBV8idIas9/WYZuyb5omiBRavj+BAj2uSLFnCfmYa0DqEREc23bMCK9q6hXDoe
xxi2xypBRYaCfNXGJg9J119yVmIXy3j6nwbHfIcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ95YNP/zd5Q0wHSksU7NMVgVhflTAfBgNVHSMEGDAWgBQr7O+UPTTIDgoP
2BQm5hNrMVCP7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0stenZsRDAweUE0S0Q5Z1VKdVlUYXpGUWotNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZWZiYTkzLTI5NzMtNDIxMy1iNmYxLTQ0OTEyNGFjZTAyNi8x
L1BlV0RUXzgzZVVOTUIwcExGT3pURllGWVg1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZWZiYTkzLTI5NzMtNDIxMy1iNmYxLTQ0OTEyNGFjZTAyNi8xL0stenZsRDAweUE0
S0Q5Z1VKdVlUYXpGUWotNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnDsDANBgkqhkiG9w0BAQsFAAOC
AQEAkRgdqbp6SKUASqeODzqNnTEeBs7xKo/tv2d/LWY7JuieMllDBiylyRohhwvL
aau2GpI/FntoYlwMYs+pwWCE8T+XkmFPJ3ZT8sPeidBKjEp0SHkig8CHjRUd5yom
jKZHm/MDKjezFx5rhyC6eP1x5xstLbzflxqWD3cUMFxTo4FfZ2RLnNmP4GeZ64FS
fFuOjsc7Oa+vQQpref0qL/HDNcw650wthfQkyyvSpLaR9WyKM4uJZ0ihIxbaotvM
falbWC/zZtifJN6kPXKXAKQd9sES0h3RmFar5XDA5x+Yv2nMdZk4JuxsEPa1zE6e
FQuwtIwrKsNqwtpi2x5l3GVjhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:02 2024 by rpki-client on console-fra.rpki-client.org