Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a64cb-a7f5-42b0-ac15-ce29fd3526a8/1/5H4YjO1BVEgxJOqN7aLyEc1rUdc.roa
File:                     5H4YjO1BVEgxJOqN7aLyEc1rUdc.roa (raw, json)
Hash identifier:          0otg4sKtLF1oh+diCf3Bt+XIM96/h+4hi3QoNPcCmIU=
Subject key identifier:   E4:7E:18:8C:ED:41:54:48:31:24:EA:8D:ED:A2:F2:11:CD:6B:51:D7
Certificate issuer:       /CN=b7f39e3670b43f57f1511b78dde2085964017455
Certificate serial:       01837A7282BA0CCB5FDBCD3A9A017AAB66A1
Authority key identifier: B7:F3:9E:36:70:B4:3F:57:F1:51:1B:78:DD:E2:08:59:64:01:74:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t_OeNnC0P1fxURt43eIIWWQBdFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4a64cb-a7f5-42b0-ac15-ce29fd3526a8/1/5H4YjO1BVEgxJOqN7aLyEc1rUdc.roa
Signing time:             Mon 26 Sep 2022 15:37:48 +0000
ROA not before:           Mon 26 Sep 2022 15:37:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43326
IP address blocks:        185.124.242.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:7a:72:82:ba:0c:cb:5f:db:cd:3a:9a:01:7a:ab:66:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b7f39e3670b43f57f1511b78dde2085964017455
        Validity
            Not Before: Sep 26 15:37:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e47e188ced4154483124ea8deda2f211cd6b51d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:e2:07:5e:26:cb:6f:da:bc:ae:0e:38:ba:ff:
                    0d:2e:d7:f6:b9:4f:e9:8a:01:91:84:65:e0:82:3d:
                    6e:c9:a9:ac:f5:d1:56:38:fb:5e:36:33:de:9f:be:
                    6f:a9:25:d7:cb:f4:79:8a:d8:44:bb:aa:55:54:e1:
                    8c:b3:da:f1:21:8a:eb:3e:48:32:d4:93:9c:b9:0c:
                    82:62:36:64:78:bb:de:9b:53:70:d8:bf:a3:8d:dc:
                    6c:05:02:f8:90:2c:c2:25:3a:53:1a:f2:ec:17:51:
                    fe:35:e9:46:15:02:df:4e:b2:9f:75:79:80:a0:0e:
                    c3:cd:7f:31:bc:61:2e:9d:51:4e:59:78:7b:0b:93:
                    d8:29:72:ec:95:3a:06:b7:ee:51:ca:af:b0:1d:ff:
                    3f:6a:f4:4e:25:13:4e:25:85:57:0f:41:bc:4d:77:
                    37:0c:04:0f:99:0a:4d:b8:fc:46:18:35:9c:0b:e3:
                    40:22:22:0c:20:0a:07:c6:48:cf:47:f1:c9:01:83:
                    7c:6b:34:a3:86:4f:ea:9e:34:51:cc:98:86:25:18:
                    49:ca:f8:ac:9c:9e:29:55:4e:33:de:fe:ee:71:90:
                    0e:08:2e:ef:96:dd:60:14:ce:41:f7:c2:ea:c4:b2:
                    20:a8:2f:2c:20:23:fe:85:17:0c:eb:fc:83:37:25:
                    d8:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:7E:18:8C:ED:41:54:48:31:24:EA:8D:ED:A2:F2:11:CD:6B:51:D7
            X509v3 Authority Key Identifier:
                keyid:B7:F3:9E:36:70:B4:3F:57:F1:51:1B:78:DD:E2:08:59:64:01:74:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_OeNnC0P1fxURt43eIIWWQBdFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a64cb-a7f5-42b0-ac15-ce29fd3526a8/1/5H4YjO1BVEgxJOqN7aLyEc1rUdc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a64cb-a7f5-42b0-ac15-ce29fd3526a8/1/t_OeNnC0P1fxURt43eIIWWQBdFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.124.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:e0:39:4d:16:d8:af:a4:89:dd:94:a1:2a:11:98:f8:04:e6:
         98:31:f7:a7:b9:1f:8c:cd:19:1d:96:c7:58:7f:56:3a:d6:c2:
         21:fc:ea:19:23:39:52:7a:43:6b:87:ef:f1:b1:12:ed:7d:39:
         c8:8f:ef:ec:f0:2e:04:07:01:21:17:4d:eb:47:9c:09:0f:6c:
         fe:93:c9:3c:6d:84:d1:da:50:d7:2a:61:0b:03:de:ac:82:7a:
         eb:31:50:91:e2:75:4c:16:a0:e6:f7:8e:9f:8a:06:67:9a:ae:
         d4:f8:24:65:b5:b8:cc:21:23:4c:95:d8:98:d8:6c:d2:3d:e6:
         2a:76:d7:9c:47:1b:87:20:17:a0:ab:f3:87:92:56:11:8a:69:
         c2:df:f4:7a:dd:08:a7:d4:d0:a2:c8:84:f7:e6:99:dd:43:72:
         f9:8f:6a:d9:4e:41:0a:ae:04:f5:62:54:2a:be:08:de:fe:07:
         11:55:cc:3d:cf:17:65:a8:d7:eb:2b:85:53:3a:44:b9:41:00:
         94:cd:a2:53:93:6e:20:31:e8:f0:3c:0d:5d:e0:87:93:61:63:
         b2:99:c8:6e:05:7a:ae:72:50:61:c6:7f:bd:1e:ff:8e:86:6b:
         78:21:37:9a:e2:70:e3:ed:b1:a9:09:f8:95:fe:c7:a7:58:1f:
         be:aa:07:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN6coK6DMtf2806mgF6q2ahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjM5ZTM2NzBiNDNmNTdmMTUxMWI3OGRkZTIwODU5NjQw
MTc0NTUwHhcNMjIwOTI2MTUzNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDdlMTg4Y2VkNDE1NDQ4MzEyNGVhOGRlZGEyZjIxMWNkNmI1MWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOIHXibLb9q8rg44uv8NLtf2uU/p
igGRhGXggj1uyams9dFWOPteNjPen75vqSXXy/R5ithEu6pVVOGMs9rxIYrrPkgy
1JOcuQyCYjZkeLvem1Nw2L+jjdxsBQL4kCzCJTpTGvLsF1H+NelGFQLfTrKfdXmA
oA7DzX8xvGEunVFOWXh7C5PYKXLslToGt+5Ryq+wHf8/avROJRNOJYVXD0G8TXc3
DAQPmQpNuPxGGDWcC+NAIiIMIAoHxkjPR/HJAYN8azSjhk/qnjRRzJiGJRhJyvis
nJ4pVU4z3v7ucZAOCC7vlt1gFM5B98LqxLIgqC8sICP+hRcM6/yDNyXYDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOR+GIztQVRIMSTqje2i8hHNa1HXMB8GA1UdIwQY
MBaAFLfznjZwtD9X8VEbeN3iCFlkAXRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9PZU5uQzBQMWZ4VVJ0NDNlSUlXV1FCZEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTY0Y2ItYTdmNS00MmIwLWFjMTUt
Y2UyOWZkMzUyNmE4LzEvNUg0WWpPMUJWRWd4Sk9xTjdhTHlFYzFyVWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80YTY0Y2ItYTdmNS00MmIwLWFjMTUtY2UyOWZkMzUyNmE4
LzEvdF9PZU5uQzBQMWZ4VVJ0NDNlSUlXV1FCZEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXzyMA0G
CSqGSIb3DQEBCwUAA4IBAQBC4DlNFtivpIndlKEqEZj4BOaYMfenuR+MzRkdlsdY
f1Y61sIh/OoZIzlSekNrh+/xsRLtfTnIj+/s8C4EBwEhF03rR5wJD2z+k8k8bYTR
2lDXKmELA96sgnrrMVCR4nVMFqDm946figZnmq7U+CRltbjMISNMldiY2GzSPeYq
dtecRxuHIBegq/OHklYRimnC3/R63Qin1NCiyIT35pndQ3L5j2rZTkEKrgT1YlQq
vgje/gcRVcw9zxdlqNfrK4VTOkS5QQCUzaJTk24gMejwPA1d4IeTYWOymchuBXqu
clBhxn+9Hv+Ohmt4ITea4nDj7bGpCfiV/senWB++qgfs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org