Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/CWVsRjNOYrERKtqkFfnfcvjCEI4.roa
File:                     CWVsRjNOYrERKtqkFfnfcvjCEI4.roa (raw, json)
Hash identifier:          TCawZVrCRenrGvapl5Q/mlDwVCFv53zEGP62nI4mMfk=
Subject key identifier:   09:65:6C:46:33:4E:62:B1:11:2A:DA:A4:15:F9:DF:72:F8:C2:10:8E
Certificate issuer:       /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial:       035489E7
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/CWVsRjNOYrERKtqkFfnfcvjCEI4.roa
Signing time:             Sat 01 Jan 2022 02:02:06 +0000
ROA not before:           Sat 01 Jan 2022 02:02:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213122
IP address blocks:        89.35.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55871975 (0x35489e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
        Validity
            Not Before: Jan  1 02:02:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=09656c46334e62b1112adaa415f9df72f8c2108e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:bc:8c:a3:cc:e4:6e:62:36:6a:77:ea:01:17:
                    3a:10:2f:dc:54:6d:bf:cf:bd:10:3d:b7:db:be:f9:
                    c9:6c:11:a4:75:d7:b1:9b:26:80:d0:49:76:da:4f:
                    fc:c6:7a:13:20:07:5e:56:d0:59:4e:eb:0e:24:7d:
                    23:9b:ca:c3:12:0e:9d:4d:92:59:8a:1c:f3:d4:dc:
                    95:54:df:58:be:a3:3a:dc:18:91:3b:d9:16:e4:ad:
                    bd:a6:ae:ce:dc:ca:29:f7:d0:20:7f:ad:23:e0:8c:
                    1e:d1:e5:eb:46:3f:57:4e:e1:af:ac:35:2d:ea:35:
                    9c:0d:09:d0:f6:38:61:d1:8b:42:eb:44:de:b2:43:
                    b6:8b:65:31:db:06:10:26:5b:1f:e0:05:bf:04:84:
                    45:30:5c:30:1c:da:0e:e7:84:3d:74:a0:fa:a6:2a:
                    4d:b3:f2:6e:00:c0:87:2d:5f:1b:3e:de:b6:7e:c9:
                    a5:18:66:24:6a:da:43:ea:47:b6:6a:0c:2e:a1:13:
                    df:18:29:cc:52:fc:13:5a:f3:90:c9:29:aa:49:fc:
                    a8:f7:d2:ea:06:04:37:c6:b6:bf:62:ed:1f:f9:e4:
                    ec:12:92:b0:bc:1b:be:8f:57:ef:49:d7:35:03:32:
                    8e:1a:46:60:33:af:98:eb:81:61:f0:05:e8:83:61:
                    8a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:65:6C:46:33:4E:62:B1:11:2A:DA:A4:15:F9:DF:72:F8:C2:10:8E
            X509v3 Authority Key Identifier:
                keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/CWVsRjNOYrERKtqkFfnfcvjCEI4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.35.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:a6:44:8e:cf:1a:96:8e:09:1f:e3:ac:77:e6:87:12:83:8f:
         85:b0:07:f2:8d:c3:1d:8f:55:39:f5:c2:8c:61:6d:81:cb:0a:
         6b:e3:47:51:9f:78:b0:94:d8:f0:fe:e5:c7:a8:bf:d2:5e:09:
         68:d5:18:d4:35:66:6a:bd:85:5e:32:89:b1:64:9a:98:f7:ee:
         47:06:a1:97:64:05:6a:5e:f9:d5:bf:df:dd:b7:dc:f5:ac:89:
         4f:fe:66:79:76:5f:d9:ef:d7:9c:6a:59:7d:11:66:84:18:9e:
         aa:df:24:68:ae:31:da:00:c7:5f:bb:ba:a1:be:14:4b:66:f4:
         6f:20:55:2a:46:ef:c4:a6:52:3d:9e:cc:42:54:a8:47:f4:87:
         d3:ae:21:81:55:df:7b:8b:6e:6d:6a:50:90:42:db:8c:31:a3:
         92:24:20:97:6c:f0:d4:1e:92:aa:2c:fe:d5:9f:51:93:bf:31:
         ee:5d:d8:bc:5d:ea:e9:95:28:39:67:3a:20:7b:23:54:77:f8:
         bb:d0:d9:ed:95:63:44:43:8a:70:c3:dd:69:26:70:18:c3:4d:
         20:9c:d0:4e:ed:a7:7f:f0:1c:74:41:ae:8b:88:21:57:d3:43:
         51:1f:e8:9a:cc:cd:a2:52:8d:a8:c5:f6:e4:11:c4:48:b1:3e:
         13:e9:28:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1SJ5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2JlMDkzMDk3MDk3YzQ0NTdmZjVhYTNlNTg5M2M4YzE1NDMyNjEyMB4XDTIyMDEw
MTAyMDIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk2NTZjNDYzMzRl
NjJiMTExMmFkYWE0MTVmOWRmNzJmOGMyMTA4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALi8jKPM5G5iNmp36gEXOhAv3FRtv8+9ED232775yWwRpHXX
sZsmgNBJdtpP/MZ6EyAHXlbQWU7rDiR9I5vKwxIOnU2SWYoc89TclVTfWL6jOtwY
kTvZFuStvaauztzKKffQIH+tI+CMHtHl60Y/V07hr6w1Leo1nA0J0PY4YdGLQutE
3rJDtotlMdsGECZbH+AFvwSERTBcMBzaDueEPXSg+qYqTbPybgDAhy1fGz7etn7J
pRhmJGraQ+pHtmoMLqET3xgpzFL8E1rzkMkpqkn8qPfS6gYEN8a2v2LtH/nk7BKS
sLwbvo9X70nXNQMyjhpGYDOvmOuBYfAF6INhigUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJZWxGM05isREq2qQV+d9y+MIQjjAfBgNVHSMEGDAWgBSHvgkwlwl8RFf/
WqPliTyMFUMmEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g3NEpNSmNKZkVSWF8xcWo1WWs4akJWREpoSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvY2M4ZjRhLTRjMDItNDA0Yi04ZDkzLTJjZGU2NWYzMTEyYS8x
L0NXVnNSak5PWXJFUkt0cWtGZm5mY3ZqQ0VJNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
Y2M4ZjRhLTRjMDItNDA0Yi04ZDkzLTJjZGU2NWYzMTEyYS8xL2g3NEpNSmNKZkVS
WF8xcWo1WWs4akJWREpoSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkjMDANBgkqhkiG9w0BAQsFAAOC
AQEAKqZEjs8alo4JH+Osd+aHEoOPhbAH8o3DHY9VOfXCjGFtgcsKa+NHUZ94sJTY
8P7lx6i/0l4JaNUY1DVmar2FXjKJsWSamPfuRwahl2QFal751b/f3bfc9ayJT/5m
eXZf2e/XnGpZfRFmhBieqt8kaK4x2gDHX7u6ob4US2b0byBVKkbvxKZSPZ7MQlSo
R/SH064hgVXfe4tubWpQkELbjDGjkiQgl2zw1B6Sqiz+1Z9Rk78x7l3YvF3q6ZUo
OWc6IHsjVHf4u9DZ7ZVjREOKcMPdaSZwGMNNIJzQTu2nf/AcdEGui4ghV9NDUR/o
mszNolKNqMX25BHESLE+E+koAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:20 2024 by rpki-client on console-fra.rpki-client.org