Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/cG8vGop-X3RBN5_SWvWeF6Nv0Qg.roa
File:                     cG8vGop-X3RBN5_SWvWeF6Nv0Qg.roa (raw, json)
Hash identifier:          Hyg8M+jDIxvvFuhXxOTTKoYrUXK9kdTN0QeP/mAANJc=
Subject key identifier:   70:6F:2F:1A:8A:7E:5F:74:41:37:9F:D2:5A:F5:9E:17:A3:6F:D1:08
Certificate issuer:       /CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
Certificate serial:       0E1E7360
Authority key identifier: E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/cG8vGop-X3RBN5_SWvWeF6Nv0Qg.roa
Signing time:             Sat 01 Jan 2022 03:02:56 +0000
ROA not before:           Sat 01 Jan 2022 03:02:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41612
IP address blocks:        94.31.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 236876640 (0xe1e7360)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
        Validity
            Not Before: Jan  1 03:02:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=706f2f1a8a7e5f7441379fd25af59e17a36fd108
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:99:de:ca:5c:0b:7b:b7:45:f8:0a:94:19:0f:
                    c0:d0:4e:7a:0c:c9:a3:8d:71:fa:a7:82:01:52:4c:
                    0e:74:f1:e2:6f:5e:43:be:46:39:c6:b4:dc:9f:81:
                    9f:f8:7d:15:03:36:84:ae:7b:1a:bb:97:0b:f9:64:
                    0a:b3:23:8d:1a:9b:c3:a7:07:67:f5:6e:3c:41:73:
                    10:80:43:04:33:f4:c0:77:ee:1c:ac:b5:e4:14:26:
                    35:25:cf:dd:ab:b8:e6:09:59:5d:6c:c0:b9:7e:fc:
                    a9:e1:b2:67:39:a2:0e:8d:3d:9c:94:31:80:57:20:
                    84:3d:bc:07:69:01:df:b6:a4:c8:44:5d:41:d5:22:
                    67:97:27:52:ba:55:99:68:32:fc:1f:46:05:68:d2:
                    f7:36:8e:11:91:ca:96:0e:67:ee:dd:8a:9d:ff:3f:
                    d2:17:8d:a0:f9:c9:2c:08:96:27:24:1e:e0:f3:b5:
                    1b:bd:49:85:10:ac:9a:03:3b:c5:4c:87:7a:be:85:
                    9c:49:7e:08:5b:27:27:af:a9:d8:36:19:c4:4c:54:
                    1c:b5:cb:53:e6:c6:7f:87:29:12:d4:12:5c:ae:65:
                    33:f9:68:52:5e:4d:d0:3d:aa:60:8e:96:ed:a3:49:
                    be:50:c3:cf:dd:58:be:da:40:fc:b2:d2:dd:74:ce:
                    5a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:6F:2F:1A:8A:7E:5F:74:41:37:9F:D2:5A:F5:9E:17:A3:6F:D1:08
            X509v3 Authority Key Identifier:
                keyid:E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/cG8vGop-X3RBN5_SWvWeF6Nv0Qg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.31.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:0f:e7:89:11:6b:5f:e1:17:85:90:c0:41:17:a5:ca:37:af:
         62:24:49:f3:f9:1a:f3:60:94:b5:2d:c2:41:14:9d:10:4a:9a:
         d3:92:15:c2:d6:d0:3f:05:77:0e:c9:03:d1:07:8a:7a:8a:9d:
         53:13:01:52:3f:6b:9f:25:d8:40:85:23:ac:2d:8a:b4:28:ea:
         c4:08:a8:60:ba:ce:9f:34:4e:6b:5e:fc:0d:bb:86:11:f0:32:
         cd:32:1c:3b:aa:fc:c2:86:24:e9:5d:21:92:f4:f4:34:5f:0b:
         a0:e6:d9:fd:03:f3:24:aa:76:f1:7a:1f:b2:bf:e3:ee:b2:af:
         02:84:38:b3:e3:aa:2a:e9:a6:27:6e:c5:4c:0e:85:fd:86:7f:
         cb:b2:a8:96:64:c5:78:4d:62:93:c9:c8:76:cd:4f:80:d5:ae:
         2c:eb:3c:3f:66:fb:57:05:05:16:b1:34:39:b1:2c:ad:10:a5:
         fb:84:3f:9d:de:b1:6a:f7:b5:fc:e2:5c:a7:c2:65:e5:1e:36:
         6a:4e:5f:77:0b:51:30:d7:bf:e1:21:6b:11:01:05:3d:8f:c8:
         8a:e8:93:5c:40:c2:d9:6d:77:c8:df:af:c5:d3:e1:42:2b:75:
         2c:08:67:45:ba:ef:1e:c1:97:91:e2:9a:b3:c0:32:ce:4f:74:
         89:15:85:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDh5zYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzBjYzk0MjliNjMzODJlOWIxNzE0ZDIxYjNjOTZkMmU1ZWJlMjU3MB4XDTIyMDEw
MTAzMDI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA2ZjJmMWE4YTdl
NWY3NDQxMzc5ZmQyNWFmNTllMTdhMzZmZDEwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSZ3spcC3u3RfgKlBkPwNBOegzJo41x+qeCAVJMDnTx4m9e
Q75GOca03J+Bn/h9FQM2hK57GruXC/lkCrMjjRqbw6cHZ/VuPEFzEIBDBDP0wHfu
HKy15BQmNSXP3au45glZXWzAuX78qeGyZzmiDo09nJQxgFcghD28B2kB37akyERd
QdUiZ5cnUrpVmWgy/B9GBWjS9zaOEZHKlg5n7t2Knf8/0heNoPnJLAiWJyQe4PO1
G71JhRCsmgM7xUyHer6FnEl+CFsnJ6+p2DYZxExUHLXLU+bGf4cpEtQSXK5lM/lo
Ul5N0D2qYI6W7aNJvlDDz91YvtpA/LLS3XTOWp0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRwby8ain5fdEE3n9Ja9Z4Xo2/RCDAfBgNVHSMEGDAWgBTjDMlCm2M4LpsX
FNIbPJbS5eviVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR3ekpRcHRqT0M2YkZ4VFNHenlXMHVYcjRsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzczMjg3LWIxYjEtNGFjYS1iZDJlLWRiNGYzNTJlOWFkMy8x
L2NHOHZHb3AtWDNSQk41X1NXdldlRjZOdjBRZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzczMjg3LWIxYjEtNGFjYS1iZDJlLWRiNGYzNTJlOWFkMy8xLzR3ekpRcHRqT0M2
YkZ4VFNHenlXMHVYcjRsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF4fPDANBgkqhkiG9w0BAQsFAAOC
AQEAQw/niRFrX+EXhZDAQRelyjevYiRJ8/ka82CUtS3CQRSdEEqa05IVwtbQPwV3
DskD0QeKeoqdUxMBUj9rnyXYQIUjrC2KtCjqxAioYLrOnzROa178DbuGEfAyzTIc
O6r8woYk6V0hkvT0NF8LoObZ/QPzJKp28Xofsr/j7rKvAoQ4s+OqKummJ27FTA6F
/YZ/y7KolmTFeE1ik8nIds1PgNWuLOs8P2b7VwUFFrE0ObEsrRCl+4Q/nd6xave1
/OJcp8Jl5R42ak5fdwtRMNe/4SFrEQEFPY/IiuiTXEDC2W13yN+vxdPhQit1LAhn
RbrvHsGXkeKas8Ayzk90iRWFNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org