Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PGswZoPnt6CqG-MNCYx1TDrwSVE.roa
File:                     PGswZoPnt6CqG-MNCYx1TDrwSVE.roa (raw, json)
Hash identifier:          +rYoSVWqEcJfRFTsyA83bE2Be0MoC61rYiZF3mqc5Zs=
Subject key identifier:   3C:6B:30:66:83:E7:B7:A0:AA:1B:E3:0D:09:8C:75:4C:3A:F0:49:51
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       0184A0938F809A56C0E4E0AD6156F23B2054
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PGswZoPnt6CqG-MNCYx1TDrwSVE.roa
Signing time:             Tue 22 Nov 2022 18:22:15 +0000
ROA not before:           Tue 22 Nov 2022 18:22:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205655
IP address blocks:        31.135.0.0/24 maxlen: 24
                          31.135.6.0/24 maxlen: 24
                          91.245.90.0/24 maxlen: 24
                          176.103.120.0/24 maxlen: 24
                          64.43.65.0/24 maxlen: 24
                          64.43.74.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a0:93:8f:80:9a:56:c0:e4:e0:ad:61:56:f2:3b:20:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Nov 22 18:22:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c6b306683e7b7a0aa1be30d098c754c3af04951
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:20:44:1e:04:9f:3f:68:c4:4a:76:b6:f2:66:
                    72:1d:7b:2c:28:6d:41:49:f2:fe:88:44:0d:8b:97:
                    ec:96:93:b4:c6:9d:6d:25:05:28:06:60:b9:e2:15:
                    16:1d:41:f3:5b:d1:ac:8c:e5:b5:1d:97:2f:b9:4e:
                    8c:0c:56:e6:9a:f9:f8:46:7a:97:51:bc:e0:48:5b:
                    cd:2d:bd:e8:82:97:72:c5:ca:df:7a:d3:01:c8:49:
                    a4:dc:ce:4c:75:d0:42:1c:02:e5:d4:27:6d:99:00:
                    f1:a4:69:76:a8:5f:fc:27:40:79:ee:e9:89:c1:bc:
                    e3:81:9d:39:64:18:c2:85:6c:30:f6:da:05:85:e5:
                    8d:79:81:fb:c8:5e:90:3b:8f:40:18:3f:fc:5a:08:
                    5e:74:7e:20:dd:28:ba:88:4d:5e:b0:a7:3a:2f:9d:
                    15:2f:9b:52:d1:3c:e1:57:f3:de:56:b7:2c:cc:d5:
                    c2:e6:75:f0:26:d8:86:22:4c:cb:3a:c7:f4:33:53:
                    b2:e1:fa:7c:fc:60:40:b8:2b:27:26:f0:49:96:c7:
                    ee:a3:42:1f:6d:6e:2a:45:1a:0f:55:7b:17:c7:04:
                    35:bf:4f:36:67:e8:f7:ed:2d:c2:79:8d:1d:12:c1:
                    30:ec:e3:63:93:16:eb:24:42:f5:5b:bf:ce:8e:80:
                    b1:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:6B:30:66:83:E7:B7:A0:AA:1B:E3:0D:09:8C:75:4C:3A:F0:49:51
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PGswZoPnt6CqG-MNCYx1TDrwSVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.135.0.0/24
                  31.135.6.0/24
                  64.43.65.0/24
                  64.43.74.0/23
                  91.245.90.0/24
                  176.103.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:05:54:69:d1:b6:d7:86:83:df:ff:b2:25:dc:d4:dc:58:29:
         d6:0d:e5:73:22:43:3c:05:71:17:dc:7d:e4:b6:2b:1f:d5:6e:
         c2:b6:04:36:bb:5c:5b:31:34:a3:cc:f3:97:af:e6:0e:65:86:
         d1:ac:3d:7f:80:4f:93:dd:73:85:4a:27:94:7c:a6:8c:1c:94:
         81:d1:55:90:2f:88:8c:6b:a3:b8:8d:10:a6:0a:0d:3c:17:1d:
         f1:2e:f1:44:e3:fe:46:a4:1c:88:e9:fe:71:df:6a:38:a1:d2:
         99:d7:fd:c1:3c:70:84:16:4a:8c:c2:fc:79:21:fb:48:68:0b:
         07:d0:d1:ca:e8:35:cd:c7:19:6c:e3:d9:d3:f8:cc:19:b1:64:
         56:37:54:3a:67:69:89:ff:99:b6:32:0a:ee:bc:12:fc:e8:07:
         c5:be:72:7d:f6:f3:25:0c:fc:8e:1d:23:ba:d4:8f:a3:b7:ae:
         31:45:9f:cd:5a:b3:45:b4:19:26:9d:84:5b:f9:01:f1:58:94:
         7d:09:fd:8c:da:d4:94:bb:9f:bc:7f:11:73:ad:dd:63:9d:06:
         98:8d:c1:b4:ab:8a:3b:a1:2f:80:48:f3:4f:3a:5f:13:6f:dc:
         5c:b8:57:4b:18:22:2c:56:68:e6:09:d6:fb:af:6c:d6:56:13:
         32:5a:e2:e1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSgk4+AmlbA5OCtYVbyOyBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMTIyMTgyMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzZiMzA2NjgzZTdiN2EwYWExYmUzMGQwOThjNzU0YzNhZjA0OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSBEHgSfP2jESna28mZyHXssKG1B
SfL+iEQNi5fslpO0xp1tJQUoBmC54hUWHUHzW9GsjOW1HZcvuU6MDFbmmvn4RnqX
UbzgSFvNLb3ogpdyxcrfetMByEmk3M5MddBCHALl1CdtmQDxpGl2qF/8J0B57umJ
wbzjgZ05ZBjChWww9toFheWNeYH7yF6QO49AGD/8WghedH4g3Si6iE1esKc6L50V
L5tS0TzhV/PeVrcszNXC5nXwJtiGIkzLOsf0M1Oy4fp8/GBAuCsnJvBJlsfuo0If
bW4qRRoPVXsXxwQ1v082Z+j37S3CeY0dEsEw7ONjkxbrJEL1W7/OjoCx0QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDxrMGaD57egqhvjDQmMdUw68ElRMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUEdzd1pvUG50NkNxRy1NTkNZeDFURHJ3U1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAH4cAAwQA
H4cGAwQAQCtBAwQBQCtKAwQAW/VaAwQAsGd4MA0GCSqGSIb3DQEBCwUAA4IBAQAF
BVRp0bbXhoPf/7Il3NTcWCnWDeVzIkM8BXEX3H3ktisf1W7CtgQ2u1xbMTSjzPOX
r+YOZYbRrD1/gE+T3XOFSieUfKaMHJSB0VWQL4iMa6O4jRCmCg08Fx3xLvFE4/5G
pByI6f5x32o4odKZ1/3BPHCEFkqMwvx5IftIaAsH0NHK6DXNxxls49nT+MwZsWRW
N1Q6Z2mJ/5m2MgruvBL86AfFvnJ99vMlDPyOHSO61I+jt64xRZ/NWrNFtBkmnYRb
+QHxWJR9Cf2M2tSUu5+8fxFzrd1jnQaYjcG0q4o7oS+ASPNPOl8Tb9xcuFdLGCIs
VmjmCdb7r2zWVhMyWuLh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org