Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/OhGWLAu1ldRukbXGYxBZKsPxpiQ.roa
File:                     OhGWLAu1ldRukbXGYxBZKsPxpiQ.roa (raw, json)
Hash identifier:          7W355V+AqXPCUzCXD+BD4N/jdHf1H6I8XjvDCQWrIqg=
Subject key identifier:   3A:11:96:2C:0B:B5:95:D4:6E:91:B5:C6:63:10:59:2A:C3:F1:A6:24
Certificate issuer:       /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial:       02237BF2
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/OhGWLAu1ldRukbXGYxBZKsPxpiQ.roa
Signing time:             Sat 01 Jan 2022 10:04:07 +0000
ROA not before:           Sat 01 Jan 2022 10:04:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        195.62.33.0/24 maxlen: 24
                          87.237.52.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35879922 (0x2237bf2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
        Validity
            Not Before: Jan  1 10:04:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3a11962c0bb595d46e91b5c66310592ac3f1a624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:f0:73:5a:00:82:9b:de:19:c3:0a:af:82:e9:
                    5b:f5:88:95:18:b6:7b:1d:44:f2:ea:26:3d:7b:3a:
                    c5:b1:02:14:06:5e:22:df:3b:dc:5e:a7:42:99:e7:
                    11:24:ab:a0:8f:1c:1d:b6:91:85:4d:d2:92:ad:c8:
                    bf:d0:33:8f:8e:f2:9c:af:c6:45:4e:74:68:3f:d2:
                    69:03:87:2c:eb:af:e1:17:07:95:e5:71:73:84:01:
                    51:1d:45:3d:f1:b3:20:b6:86:da:d3:03:dc:fd:4b:
                    90:37:f7:93:f9:da:5a:3e:cf:09:04:a9:84:d8:e0:
                    1d:3b:f3:ca:24:29:65:e6:7c:62:4f:8e:a0:13:22:
                    01:0e:3f:c5:a0:ac:53:b2:f7:82:28:a8:98:4b:04:
                    91:ed:94:75:e9:5f:1a:66:b5:dc:bb:73:fe:77:c6:
                    64:07:a5:1c:30:a0:a3:df:a8:d7:a8:10:70:d9:79:
                    78:b3:de:f7:01:03:1e:d8:a9:a4:71:c8:92:4a:2e:
                    70:74:41:8f:da:27:bb:f8:d4:3b:23:a3:8f:27:fd:
                    59:48:b5:8a:d0:f7:c6:f9:d5:5b:3d:d1:af:fe:91:
                    fe:ad:e9:fa:0c:7c:71:85:8c:5c:8f:17:6e:33:5d:
                    5e:57:92:10:93:d1:66:6d:d2:78:1e:63:6b:c6:33:
                    92:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:11:96:2C:0B:B5:95:D4:6E:91:B5:C6:63:10:59:2A:C3:F1:A6:24
            X509v3 Authority Key Identifier:
                keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/OhGWLAu1ldRukbXGYxBZKsPxpiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.237.52.0/22
                  195.62.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:7c:07:8b:19:ac:6b:52:a3:fc:02:e5:2a:2f:4e:0b:3b:f3:
         9f:b3:5d:12:d1:cb:d4:b9:10:49:6d:68:79:e1:3e:08:3e:8e:
         7e:08:44:8d:60:0c:79:17:14:05:c0:b7:47:aa:2a:d9:92:5e:
         3b:40:80:c0:f1:1d:74:e0:1a:37:eb:8a:b5:25:21:7c:bd:54:
         6d:49:2a:11:fa:d4:c4:44:f1:60:e0:82:f8:bc:50:67:f0:43:
         93:f4:32:54:17:a7:98:38:92:e3:6c:f1:8a:9b:43:7f:63:08:
         8c:a8:dc:af:bd:c1:0d:dc:55:b9:b4:c6:be:ae:dd:87:be:6f:
         d4:10:ff:24:c5:12:5d:c5:4f:ad:10:ba:36:d7:97:08:9c:dc:
         30:15:be:6d:6a:6d:85:15:d4:51:3f:36:8c:2d:d7:0d:51:b2:
         8b:8c:f4:72:ff:b6:75:42:5b:fd:97:62:3d:b0:f7:43:3e:06:
         96:d5:37:2e:2a:43:0f:68:99:a0:4d:e7:42:41:3f:6e:02:62:
         b5:37:d4:e0:21:c5:e1:0a:a8:e0:92:3d:0a:65:2c:d6:3c:ca:
         79:cb:ed:83:aa:56:ef:c6:ef:f2:b2:2c:9e:c2:5d:d2:4d:98:
         fd:f8:87:7a:91:6b:56:26:43:04:ab:3c:00:e3:29:94:f2:04:
         ba:d5:7b:5c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAiN78jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MWQwYzc4YzMwOWEzZTk5ZGM5YWI3NGYyY2RjMDQ4NDg1OWU3NTMwMB4XDTIyMDEw
MTEwMDQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ExMTk2MmMwYmI1
OTVkNDZlOTFiNWM2NjMxMDU5MmFjM2YxYTYyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbwc1oAgpveGcMKr4LpW/WIlRi2ex1E8uomPXs6xbECFAZe
It873F6nQpnnESSroI8cHbaRhU3Skq3Iv9Azj47ynK/GRU50aD/SaQOHLOuv4RcH
leVxc4QBUR1FPfGzILaG2tMD3P1LkDf3k/naWj7PCQSphNjgHTvzyiQpZeZ8Yk+O
oBMiAQ4/xaCsU7L3giiomEsEke2UdelfGma13Ltz/nfGZAelHDCgo9+o16gQcNl5
eLPe9wEDHtippHHIkkoucHRBj9onu/jUOyOjjyf9WUi1itD3xvnVWz3Rr/6R/q3p
+gx8cYWMXI8XbjNdXleSEJPRZm3SeB5ja8YzkmcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ6EZYsC7WV1G6RtcZjEFkqw/GmJDAfBgNVHSMEGDAWgBSR0MeMMJo+mdya
t08s3ASEhZ51MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tkREhqRENhUHBuY21yZFBMTndFaElXZWRUQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvMjkzYTJmLTM5OTctNDk3Zi05ZWYxLTQ4NTJjOGZmOGFmMi8x
L09oR1dMQXUxbGRSdWtiWEdZeEJaS3NQeHBpUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
MjkzYTJmLTM5OTctNDk3Zi05ZWYxLTQ4NTJjOGZmOGFmMi8xL2tkREhqRENhUHBu
Y21yZFBMTndFaElXZWRUQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlftNAMEAMM+ITANBgkqhkiG9w0B
AQsFAAOCAQEAr3wHixmsa1Kj/ALlKi9OCzvzn7NdEtHL1LkQSW1oeeE+CD6OfghE
jWAMeRcUBcC3R6oq2ZJeO0CAwPEddOAaN+uKtSUhfL1UbUkqEfrUxETxYOCC+LxQ
Z/BDk/QyVBenmDiS42zxiptDf2MIjKjcr73BDdxVubTGvq7dh75v1BD/JMUSXcVP
rRC6NteXCJzcMBW+bWpthRXUUT82jC3XDVGyi4z0cv+2dUJb/ZdiPbD3Qz4GltU3
LipDD2iZoE3nQkE/bgJitTfU4CHF4Qqo4JI9CmUs1jzKecvtg6pW78bv8rIsnsJd
0k2Y/fiHepFrViZDBKs8AOMplPIEutV7XA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org