Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/J8HemZNxMQHleajKvYOZZ5PnKGU.roa
File:                     J8HemZNxMQHleajKvYOZZ5PnKGU.roa (raw, json)
Hash identifier:          3yHtJG/sQlioTo2/K7L/augGXFaN9a8Qv7GKOu7jowQ=
Subject key identifier:   27:C1:DE:99:93:71:31:01:E5:79:A8:CA:BD:83:99:67:93:E7:28:65
Certificate issuer:       /CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
Certificate serial:       0E1B8611
Authority key identifier: E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/J8HemZNxMQHleajKvYOZZ5PnKGU.roa
Signing time:             Sat 01 Jan 2022 03:02:55 +0000
ROA not before:           Sat 01 Jan 2022 03:02:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33438
IP address blocks:        94.31.29.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 236684817 (0xe1b8611)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
        Validity
            Not Before: Jan  1 03:02:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=27c1de9993713101e579a8cabd83996793e72865
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:52:b4:8a:4b:87:6f:67:bd:ab:f5:44:d6:d2:
                    f5:1f:34:15:41:4e:e7:8c:41:b0:9d:3b:b6:5a:d9:
                    80:d3:73:26:d0:93:34:80:ad:92:2e:2f:b9:7f:bf:
                    3c:60:7f:10:d5:bf:bc:57:5c:c7:3e:f2:1c:f1:eb:
                    dc:ce:b3:44:59:00:12:5d:72:5d:db:ef:cc:4b:16:
                    22:78:70:79:e8:b2:4f:58:5a:15:b1:66:ee:6d:14:
                    79:a8:ec:25:ea:46:58:99:92:ef:20:d4:0e:2e:3e:
                    e9:5d:35:1d:c9:44:21:e5:8f:c9:8c:27:c0:39:29:
                    da:1c:50:3c:33:87:7d:a1:af:9c:23:6b:84:d4:e4:
                    35:5c:49:97:7d:b3:6b:6a:aa:9a:49:4b:b7:f9:d5:
                    79:95:02:d8:03:15:b7:d7:82:bf:f3:70:44:58:3b:
                    d5:80:f5:5b:57:a7:ef:96:f9:16:f5:61:11:6a:a4:
                    51:85:0c:0a:35:5f:df:c4:28:05:b2:a0:d1:af:4f:
                    97:ee:d4:f6:8e:4b:6d:3a:31:57:06:cf:d4:62:e2:
                    7e:5f:c8:04:26:bd:27:5b:6f:4d:39:af:14:1b:e4:
                    eb:60:76:21:ad:2c:40:f0:e7:62:1e:36:87:c6:4e:
                    2e:ab:bf:0c:64:08:56:8d:15:cf:44:79:c3:78:09:
                    c3:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:C1:DE:99:93:71:31:01:E5:79:A8:CA:BD:83:99:67:93:E7:28:65
            X509v3 Authority Key Identifier:
                keyid:E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/J8HemZNxMQHleajKvYOZZ5PnKGU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.31.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:45:95:64:89:ef:d8:4f:63:46:76:52:08:89:3e:d3:30:be:
         1b:07:67:fd:20:a2:54:67:dd:91:86:67:2d:07:6b:15:05:da:
         e9:22:32:de:a8:ab:ce:5f:9c:00:44:85:23:30:3d:d8:d7:8b:
         b8:36:68:26:1a:47:f2:6a:a8:90:b3:47:44:6d:4b:70:5f:cc:
         ec:ed:97:15:e8:95:4c:b0:9e:aa:28:50:84:88:ee:a2:d3:15:
         22:46:bb:e7:80:49:77:81:69:92:76:e8:1c:75:8b:52:b8:eb:
         25:37:16:24:e9:be:82:19:66:1c:ce:9f:a6:88:18:ca:db:6a:
         14:c2:8d:01:ad:53:e0:be:24:a7:57:1b:3a:4c:81:cc:23:52:
         46:9e:99:2b:a6:97:57:b5:ef:26:64:2c:dd:90:fd:c8:12:bc:
         0b:0e:3e:5f:b6:a3:c8:4e:09:46:56:37:a1:5d:aa:c8:84:3c:
         f0:9f:b9:8f:89:3a:8a:96:19:a8:cf:32:61:3a:48:c2:5c:65:
         dc:a1:8f:b4:6c:95:f0:0a:9b:53:5d:c6:ea:a9:2f:d2:bd:07:
         f3:44:e8:4b:8d:65:33:d7:a3:74:4a:f7:18:06:0a:5f:fc:ca:
         50:0c:d0:be:22:10:12:03:4d:4e:83:c9:eb:f3:70:be:95:d5:
         f2:c4:1f:59
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDhuGETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzBjYzk0MjliNjMzODJlOWIxNzE0ZDIxYjNjOTZkMmU1ZWJlMjU3MB4XDTIyMDEw
MTAzMDI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdjMWRlOTk5Mzcx
MzEwMWU1NzlhOGNhYmQ4Mzk5Njc5M2U3Mjg2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpStIpLh29nvav1RNbS9R80FUFO54xBsJ07tlrZgNNzJtCT
NICtki4vuX+/PGB/ENW/vFdcxz7yHPHr3M6zRFkAEl1yXdvvzEsWInhweeiyT1ha
FbFm7m0UeajsJepGWJmS7yDUDi4+6V01HclEIeWPyYwnwDkp2hxQPDOHfaGvnCNr
hNTkNVxJl32za2qqmklLt/nVeZUC2AMVt9eCv/NwRFg71YD1W1en75b5FvVhEWqk
UYUMCjVf38QoBbKg0a9Pl+7U9o5LbToxVwbP1GLifl/IBCa9J1tvTTmvFBvk62B2
Ia0sQPDnYh42h8ZOLqu/DGQIVo0Vz0R5w3gJw9cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQnwd6Zk3ExAeV5qMq9g5lnk+coZTAfBgNVHSMEGDAWgBTjDMlCm2M4LpsX
FNIbPJbS5eviVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR3ekpRcHRqT0M2YkZ4VFNHenlXMHVYcjRsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzczMjg3LWIxYjEtNGFjYS1iZDJlLWRiNGYzNTJlOWFkMy8x
L0o4SGVtWk54TVFIbGVhakt2WU9aWjVQbktHVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzczMjg3LWIxYjEtNGFjYS1iZDJlLWRiNGYzNTJlOWFkMy8xLzR3ekpRcHRqT0M2
YkZ4VFNHenlXMHVYcjRsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF4fHTANBgkqhkiG9w0BAQsFAAOC
AQEAj0WVZInv2E9jRnZSCIk+0zC+Gwdn/SCiVGfdkYZnLQdrFQXa6SIy3qirzl+c
AESFIzA92NeLuDZoJhpH8mqokLNHRG1LcF/M7O2XFeiVTLCeqihQhIjuotMVIka7
54BJd4FpknboHHWLUrjrJTcWJOm+ghlmHM6fpogYyttqFMKNAa1T4L4kp1cbOkyB
zCNSRp6ZK6aXV7XvJmQs3ZD9yBK8Cw4+X7ajyE4JRlY3oV2qyIQ88J+5j4k6ipYZ
qM8yYTpIwlxl3KGPtGyV8AqbU13G6qkv0r0H80ToS41lM9ejdEr3GAYKX/zKUAzQ
viIQEgNNToPJ6/NwvpXV8sQfWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org