Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/99VDn0UIXgB4ZW9NOHLj1spAYrQ.roa
File:                     99VDn0UIXgB4ZW9NOHLj1spAYrQ.roa (raw, json)
Hash identifier:          k4GZWWbzkSw/9KTCddx/gcwMD1kqrdSpdOvVfppZLKg=
Subject key identifier:   F7:D5:43:9F:45:08:5E:00:78:65:6F:4D:38:72:E3:D6:CA:40:62:B4
Certificate issuer:       /CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
Certificate serial:       0183F05B81056780E0EC3EC8654E14BB6EA1
Authority key identifier: 65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/99VDn0UIXgB4ZW9NOHLj1spAYrQ.roa
Signing time:             Wed 19 Oct 2022 13:07:52 +0000
ROA not before:           Wed 19 Oct 2022 13:07:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209525
IP address blocks:        194.147.248.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f0:5b:81:05:67:80:e0:ec:3e:c8:65:4e:14:bb:6e:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
        Validity
            Not Before: Oct 19 13:07:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f7d5439f45085e0078656f4d3872e3d6ca4062b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:c1:73:55:7a:ed:56:cd:8e:91:4c:35:a2:56:
                    4d:96:22:95:e4:17:11:f0:8a:e4:e3:5a:4b:0b:d2:
                    ea:2f:b4:f2:a0:bb:47:1d:82:8c:a6:37:d4:b9:1d:
                    d3:b1:b1:d2:aa:52:75:96:40:49:98:54:8d:76:4c:
                    a5:75:9f:61:d0:a1:f2:5e:ce:ad:9a:d5:84:25:d2:
                    e1:03:c9:eb:b5:18:b9:0f:9f:e5:82:82:2a:3c:f8:
                    a4:a6:2a:b5:ea:7d:9e:20:e0:48:d4:28:c4:31:b1:
                    79:10:eb:8b:72:4e:6c:e6:de:e1:b8:7d:27:d0:53:
                    66:50:dd:2d:93:84:6b:c5:4f:7b:f7:72:fc:25:99:
                    07:94:f2:08:d2:80:c4:d8:5f:37:6d:c7:cf:26:3d:
                    17:39:ed:af:9b:4d:bc:b7:e8:0c:e2:c1:bf:16:e0:
                    ba:2c:fa:0b:5e:3f:58:51:83:f3:ad:63:65:dd:07:
                    c6:d9:bc:f8:ab:d6:4f:57:c8:cb:a9:48:24:fe:41:
                    ef:7f:26:02:74:fe:39:38:24:ae:90:19:b0:b0:05:
                    ae:9a:4f:ca:c5:f9:aa:07:97:e9:3d:59:62:7b:c3:
                    00:e2:a9:4f:e9:0a:f4:4f:cf:b3:b8:64:ed:ca:7d:
                    ae:73:24:bf:0b:a7:97:ef:2b:06:5b:2f:42:15:fb:
                    ef:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:D5:43:9F:45:08:5E:00:78:65:6F:4D:38:72:E3:D6:CA:40:62:B4
            X509v3 Authority Key Identifier:
                keyid:65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/99VDn0UIXgB4ZW9NOHLj1spAYrQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/ZYwMSZqOadl5X0vQtb8WgrHwD5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.147.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:38:0c:ca:2f:83:de:6a:2a:47:d8:ef:31:34:ff:67:a9:db:
         35:3a:08:47:27:15:62:96:16:dd:11:41:94:14:0c:00:61:8b:
         67:77:25:11:f6:f3:e0:71:24:f7:88:13:4a:fa:ce:81:57:23:
         df:fc:8b:5b:84:ef:e4:0d:21:6b:7b:c9:dc:9d:77:57:d6:16:
         52:51:55:ab:30:e4:be:3e:35:d0:67:27:3b:1b:f4:21:89:ed:
         6d:2d:9d:20:51:63:ae:60:62:5f:89:df:a4:14:44:5c:85:ca:
         c9:3e:5e:2c:9c:f0:d8:76:08:3f:6b:23:33:be:2d:5d:81:7b:
         25:f8:de:d3:7e:d6:aa:47:3b:ab:9a:6f:3a:0d:5c:be:dc:9c:
         c8:18:1b:20:18:8b:56:51:4f:62:4a:85:4b:72:6a:74:25:05:
         f6:95:bd:b9:75:07:8d:e5:eb:04:f8:a1:75:2f:3d:f1:48:6f:
         6c:41:95:88:f3:51:ac:8d:5c:f4:dd:16:42:9d:33:70:f6:49:
         75:62:8b:8e:81:25:ff:55:3b:20:5b:76:32:95:57:f8:fd:fe:
         2a:b9:45:e1:6a:99:26:c3:92:2e:5a:c1:42:9b:ee:32:e3:a9:
         fb:36:f5:d9:16:36:50:4e:61:20:68:b9:57:1d:75:74:de:c8:
         e8:bb:a3:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPwW4EFZ4Dg7D7IZU4Uu26hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGMwYzQ5OWE4ZTY5ZDk3OTVmNGJkMGI1YmYxNjgyYjFm
MDBmOWEwHhcNMjIxMDE5MTMwNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Q1NDM5ZjQ1MDg1ZTAwNzg2NTZmNGQzODcyZTNkNmNhNDA2MmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMFzVXrtVs2OkUw1olZNliKV5BcR
8Irk41pLC9LqL7TyoLtHHYKMpjfUuR3TsbHSqlJ1lkBJmFSNdkyldZ9h0KHyXs6t
mtWEJdLhA8nrtRi5D5/lgoIqPPikpiq16n2eIOBI1CjEMbF5EOuLck5s5t7huH0n
0FNmUN0tk4RrxU9793L8JZkHlPII0oDE2F83bcfPJj0XOe2vm028t+gM4sG/FuC6
LPoLXj9YUYPzrWNl3QfG2bz4q9ZPV8jLqUgk/kHvfyYCdP45OCSukBmwsAWumk/K
xfmqB5fpPVlie8MA4qlP6Qr0T8+zuGTtyn2ucyS/C6eX7ysGWy9CFfvv4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPfVQ59FCF4AeGVvTThy49bKQGK0MB8GA1UdIwQY
MBaAFGWMDEmajmnZeV9L0LW/FoKx8A+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAt
MzJjMWIyY2VlNTkzLzEvOTlWRG4wVUlYZ0I0Wlc5Tk9ITGoxc3BBWXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAtMzJjMWIyY2VlNTkz
LzEvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpP4MA0G
CSqGSIb3DQEBCwUAA4IBAQAkOAzKL4PeaipH2O8xNP9nqds1OghHJxVilhbdEUGU
FAwAYYtndyUR9vPgcST3iBNK+s6BVyPf/ItbhO/kDSFre8ncnXdX1hZSUVWrMOS+
PjXQZyc7G/Qhie1tLZ0gUWOuYGJfid+kFERchcrJPl4snPDYdgg/ayMzvi1dgXsl
+N7TftaqRzurmm86DVy+3JzIGBsgGItWUU9iSoVLcmp0JQX2lb25dQeN5esE+KF1
Lz3xSG9sQZWI81GsjVz03RZCnTNw9kl1YouOgSX/VTsgW3YylVf4/f4quUXhapkm
w5IuWsFCm+4y46n7NvXZFjZQTmEgaLlXHXV03sjou6MI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:50 2024 by rpki-client on console-fra.rpki-client.org