Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/oPHFX3Yqy2-9ivmlkakYujVmLEk.roa
File:                     oPHFX3Yqy2-9ivmlkakYujVmLEk.roa (raw, json)
Hash identifier:          OfDKWwDbNg2Zfq4xxfAuxxj52t+w2P7WMkSj8h6i5xg=
Subject key identifier:   A0:F1:C5:5F:76:2A:CB:6F:BD:8A:F9:A5:91:A9:18:BA:35:66:2C:49
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       01840E42D972AF7103DB8EC20C0623A65E74
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/oPHFX3Yqy2-9ivmlkakYujVmLEk.roa
Signing time:             Tue 25 Oct 2022 08:29:32 +0000
ROA not before:           Tue 25 Oct 2022 08:29:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21700
IP address blocks:        91.228.14.0/24 maxlen: 24
                          91.228.15.0/24 maxlen: 24
                          94.154.36.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0e:42:d9:72:af:71:03:db:8e:c2:0c:06:23:a6:5e:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Oct 25 08:29:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a0f1c55f762acb6fbd8af9a591a918ba35662c49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d6:b8:e2:b6:c6:39:3b:36:6c:7a:b9:ac:99:
                    0e:78:42:b0:b3:4d:07:5e:26:7f:65:11:1f:54:b0:
                    8f:c1:87:52:a3:13:bb:34:f6:68:a3:e3:10:03:85:
                    a6:14:1f:19:d5:8c:30:6e:4d:94:02:f4:33:1d:9c:
                    da:17:27:c0:11:e9:6c:db:42:e6:5b:59:f1:30:01:
                    bb:82:05:8a:a7:4a:00:e7:ad:78:23:3d:7a:85:81:
                    61:48:95:4d:af:08:f6:39:6e:40:3e:b9:68:cd:8b:
                    7b:87:68:60:4f:75:99:02:29:c9:f0:a4:94:86:e2:
                    09:75:de:fc:3c:23:0f:7f:64:5c:fc:b5:b0:bb:ed:
                    5b:95:2b:2f:2d:ef:7a:11:58:78:0f:f7:4d:ba:66:
                    24:4f:bb:d3:6f:15:98:59:28:1b:07:2b:a2:0d:06:
                    a8:70:42:0c:88:38:6d:94:3e:18:f4:2a:bd:ef:7a:
                    b5:e6:d1:e8:83:54:f8:58:e9:1c:0d:8b:6a:52:5b:
                    bf:3c:78:a4:7b:8c:06:0c:28:67:a0:17:7d:29:a6:
                    02:bb:02:9d:7e:09:d2:c7:f3:c7:eb:3d:dd:87:32:
                    ef:40:d0:c8:4a:cd:f2:5a:29:68:82:4e:4a:5e:79:
                    6f:ad:5f:54:30:56:0c:00:32:7c:bb:7e:36:87:f5:
                    43:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:F1:C5:5F:76:2A:CB:6F:BD:8A:F9:A5:91:A9:18:BA:35:66:2C:49
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/oPHFX3Yqy2-9ivmlkakYujVmLEk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.14.0/23
                  94.154.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:0c:27:eb:9b:c5:3e:26:83:bc:53:15:96:a7:cf:0f:d3:7e:
         68:20:1d:c3:f8:90:ab:c4:87:33:c2:f8:55:7c:a5:20:4e:45:
         5a:ec:1c:15:f9:29:7e:08:92:2f:48:58:98:21:6e:8a:7e:d5:
         48:38:f1:ca:dd:57:32:59:ba:20:b2:37:db:34:12:1c:93:5c:
         26:5d:70:e3:75:21:ce:53:93:b7:b5:12:04:90:73:23:c6:6e:
         86:ec:ca:53:19:03:ce:4b:61:a8:e8:17:e9:84:fb:f2:8f:a8:
         bb:96:e5:91:45:c9:04:02:d3:5f:74:d5:3c:0e:35:d5:6d:b1:
         92:56:c8:73:03:15:98:78:39:d3:03:bf:15:25:b4:36:f4:80:
         a1:aa:2b:e2:dd:4c:fe:0d:12:fd:14:2e:e7:75:e2:5f:38:7d:
         c9:54:16:bf:fc:f7:d4:33:6d:10:c5:11:31:28:a7:7b:77:02:
         68:17:87:72:39:f0:33:79:3d:55:3a:26:b1:2e:11:3f:1e:3e:
         1a:65:7d:b0:89:a8:8b:72:b6:18:55:7c:64:a2:7e:05:e6:db:
         f3:37:62:9d:69:9c:0e:58:2e:91:78:1f:7c:8c:d0:dc:cc:8a:
         ec:5a:06:a5:31:06:0b:e6:64:90:ee:33:c3:df:83:e5:aa:9b:
         dd:c1:31:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQOQtlyr3ED247CDAYjpl50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjIxMDI1MDgyOTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGYxYzU1Zjc2MmFjYjZmYmQ4YWY5YTU5MWE5MThiYTM1NjYyYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNa44rbGOTs2bHq5rJkOeEKws00H
XiZ/ZREfVLCPwYdSoxO7NPZoo+MQA4WmFB8Z1Ywwbk2UAvQzHZzaFyfAEels20Lm
W1nxMAG7ggWKp0oA5614Iz16hYFhSJVNrwj2OW5APrlozYt7h2hgT3WZAinJ8KSU
huIJdd78PCMPf2Rc/LWwu+1blSsvLe96EVh4D/dNumYkT7vTbxWYWSgbByuiDQao
cEIMiDhtlD4Y9Cq973q15tHog1T4WOkcDYtqUlu/PHike4wGDChnoBd9KaYCuwKd
fgnSx/PH6z3dhzLvQNDISs3yWilogk5KXnlvrV9UMFYMADJ8u342h/VDNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKDxxV92KstvvYr5pZGpGLo1ZixJMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvb1BIRlgzWXF5Mi05aXZtbGtha1l1alZtTEVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+QOAwQA
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQByDCfrm8U+JoO8UxWWp88P035oIB3D+JCr
xIczwvhVfKUgTkVa7BwV+Sl+CJIvSFiYIW6KftVIOPHK3VcyWbogsjfbNBIck1wm
XXDjdSHOU5O3tRIEkHMjxm6G7MpTGQPOS2Go6BfphPvyj6i7luWRRckEAtNfdNU8
DjXVbbGSVshzAxWYeDnTA78VJbQ29IChqivi3Uz+DRL9FC7ndeJfOH3JVBa//PfU
M20QxRExKKd7dwJoF4dyOfAzeT1VOiaxLhE/Hj4aZX2wiaiLcrYYVXxkon4F5tvz
N2KdaZwOWC6ReB98jNDczIrsWgalMQYL5mSQ7jPD34PlqpvdwTEo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org