Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/MiJK9DKlPRpEnlJOsCnGqmjuNSw.roa
File:                     MiJK9DKlPRpEnlJOsCnGqmjuNSw.roa (raw, json)
Hash identifier:          UHGUGzn7zNA9sYka3RzPzdE9M0REJL0WBBtv7qFeXmk=
Subject key identifier:   32:22:4A:F4:32:A5:3D:1A:44:9E:52:4E:B0:29:C6:AA:68:EE:35:2C
Certificate issuer:       /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial:       1F9907EC
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/MiJK9DKlPRpEnlJOsCnGqmjuNSw.roa
Signing time:             Sat 01 Jan 2022 14:06:41 +0000
ROA not before:           Sat 01 Jan 2022 14:06:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62294
IP address blocks:        176.100.34.0/24 maxlen: 24
                          37.114.57.0/24 maxlen: 24
                          2a00:ccc5::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 530122732 (0x1f9907ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
        Validity
            Not Before: Jan  1 14:06:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32224af432a53d1a449e524eb029c6aa68ee352c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:62:36:5c:4c:74:36:c8:68:da:71:45:0a:1f:
                    d7:f2:d6:87:c2:a3:58:ab:6e:34:0d:e2:91:0c:a9:
                    7d:c1:59:7b:bd:8e:2e:95:ee:9c:a5:a6:10:df:b1:
                    b6:fb:f3:7f:03:a9:35:63:0a:0c:12:15:8c:b7:86:
                    51:8e:1a:7f:52:11:23:40:e6:30:e9:47:3e:7e:82:
                    33:c0:29:bb:a3:27:69:b5:c1:17:6b:62:c6:20:c1:
                    d2:6f:1b:45:d0:62:38:a3:85:9f:23:47:7f:5b:61:
                    6d:36:bf:61:ea:8b:f0:9a:ee:0f:1d:55:45:96:de:
                    c4:68:48:a2:dc:8b:f6:78:ae:c8:0c:9b:6f:61:f2:
                    05:80:42:14:3f:97:a4:d5:a2:b3:bb:34:83:72:3d:
                    8d:01:5c:e9:5a:a3:d9:3e:e9:ae:a6:e7:57:bc:c1:
                    8b:6c:1a:30:13:fe:bb:37:2c:a4:ed:cb:a2:27:18:
                    77:c1:c2:82:3d:7a:eb:3f:60:80:b4:45:15:55:d6:
                    bf:e5:94:4c:52:b6:ba:a3:ec:03:4c:a5:21:82:2e:
                    e5:0d:6a:f0:d9:e1:c9:c7:2c:74:e2:62:50:d6:8b:
                    70:b6:cc:7f:6f:31:8c:65:e1:ac:7c:f6:91:78:40:
                    a0:50:0e:b0:d7:d4:8b:f3:ae:61:a1:c7:b0:08:06:
                    a4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:22:4A:F4:32:A5:3D:1A:44:9E:52:4E:B0:29:C6:AA:68:EE:35:2C
            X509v3 Authority Key Identifier:
                keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/MiJK9DKlPRpEnlJOsCnGqmjuNSw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.114.57.0/24
                  176.100.34.0/24
                IPv6:
                  2a00:ccc5::/32

    Signature Algorithm: sha256WithRSAEncryption
         81:90:4b:f1:be:89:f0:50:32:14:09:1d:12:de:5f:55:e5:b7:
         22:b0:17:9f:0d:fa:bf:88:bd:39:bd:ac:5b:ad:c5:ad:c4:1e:
         73:24:4b:61:f3:52:7d:f4:72:4f:2e:b1:17:35:eb:8d:75:21:
         56:d6:68:0c:e3:4b:66:9b:e8:98:89:b8:c3:60:5c:35:2b:c3:
         6d:f4:cc:39:dc:9c:58:c9:7a:f9:e3:83:aa:b2:60:bc:86:d7:
         fa:59:46:6e:8f:9e:57:54:4e:30:e6:b7:90:e5:66:df:65:d2:
         53:49:51:72:1f:57:f2:86:a3:ed:5c:3f:a4:b0:d6:70:2c:d9:
         1c:65:37:b8:f2:4a:70:73:08:6a:e3:45:c8:32:7c:32:08:5a:
         1e:17:1b:f7:ae:ae:3b:bd:4a:08:4d:23:ce:89:a4:ed:b9:6b:
         2c:37:25:82:80:4c:01:61:39:c0:35:f2:cd:6a:24:71:89:87:
         88:00:88:bb:e2:7e:5a:e8:c4:96:52:a8:a4:58:e5:d8:c3:0d:
         af:f9:83:03:fb:08:07:25:01:07:91:ea:22:15:69:3a:b4:54:
         64:60:cc:e8:90:29:d2:fc:f3:c1:f2:63:ec:f1:d3:2d:65:21:
         67:52:d6:1b:04:02:60:06:5e:b2:72:71:f6:f7:59:0c:87:d9:
         3b:c0:e9:a7
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEH5kH7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDEw
MTE0MDY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIyMjRhZjQzMmE1
M2QxYTQ0OWU1MjRlYjAyOWM2YWE2OGVlMzUyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOtiNlxMdDbIaNpxRQof1/LWh8KjWKtuNA3ikQypfcFZe72O
LpXunKWmEN+xtvvzfwOpNWMKDBIVjLeGUY4af1IRI0DmMOlHPn6CM8Apu6MnabXB
F2tixiDB0m8bRdBiOKOFnyNHf1thbTa/YeqL8JruDx1VRZbexGhIotyL9niuyAyb
b2HyBYBCFD+XpNWis7s0g3I9jQFc6Vqj2T7prqbnV7zBi2waMBP+uzcspO3LoicY
d8HCgj166z9ggLRFFVXWv+WUTFK2uqPsA0ylIYIu5Q1q8NnhyccsdOJiUNaLcLbM
f28xjGXhrHz2kXhAoFAOsNfUi/OuYaHHsAgGpK0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQyIkr0MqU9GkSeUk6wKcaqaO41LDAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
L01pSks5REtsUFJwRW5sSk9zQ25HcW1qdU5Tdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEACVyOQMEALBkIjANBAIAAjAHAwUA
KgDMxTANBgkqhkiG9w0BAQsFAAOCAQEAgZBL8b6J8FAyFAkdEt5fVeW3IrAXnw36
v4i9Ob2sW63FrcQecyRLYfNSffRyTy6xFzXrjXUhVtZoDONLZpvomIm4w2BcNSvD
bfTMOdycWMl6+eODqrJgvIbX+llGbo+eV1ROMOa3kOVm32XSU0lRch9X8oaj7Vw/
pLDWcCzZHGU3uPJKcHMIauNFyDJ8MghaHhcb966uO71KCE0jzomk7blrLDclgoBM
AWE5wDXyzWokcYmHiACIu+J+WujEllKopFjl2MMNr/mDA/sIByUBB5HqIhVpOrRU
ZGDM6JAp0vzzwfJj7PHTLWUhZ1LWGwQCYAZesnJx9vdZDIfZO8Dppw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org