Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/AFotXq19v7zRi62g2ylfY10PKCI.roa
File:                     AFotXq19v7zRi62g2ylfY10PKCI.roa (raw, json)
Hash identifier:          iSkLt5lpo+GMci/nqQykAErDGSvlgoU9L6BnRtvKf+Q=
Subject key identifier:   00:5A:2D:5E:AD:7D:BF:BC:D1:8B:AD:A0:DB:29:5F:63:5D:0F:28:22
Certificate issuer:       /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial:       01842DAEEF4DF67E05A0C1A19B706EFEF457
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/AFotXq19v7zRi62g2ylfY10PKCI.roa
Signing time:             Mon 31 Oct 2022 10:55:49 +0000
ROA not before:           Mon 31 Oct 2022 10:55:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     137409
IP address blocks:        194.107.160.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2d:ae:ef:4d:f6:7e:05:a0:c1:a1:9b:70:6e:fe:f4:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
        Validity
            Not Before: Oct 31 10:55:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=005a2d5ead7dbfbcd18bada0db295f635d0f2822
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:37:07:18:84:68:2d:71:eb:11:8f:ae:ab:ac:
                    b5:0f:db:d2:48:7b:f8:49:35:11:0a:50:50:7a:7d:
                    11:91:a6:13:7c:15:57:e8:63:81:1c:59:ed:f7:42:
                    29:80:19:a2:4e:a1:0b:79:f6:7e:98:a8:db:b7:c0:
                    c3:76:16:f8:79:c4:f6:2a:8f:97:50:68:07:b5:5c:
                    8e:d1:07:aa:11:74:ec:08:7b:41:dc:29:4f:f6:7e:
                    a4:ef:7f:ef:9d:b9:3d:4f:a9:1f:52:5b:59:ec:36:
                    c1:1c:91:7a:70:42:39:cb:cf:c1:a4:75:c0:c6:fc:
                    43:52:8d:39:01:09:03:cd:93:53:8b:ae:e9:a1:89:
                    c8:31:8f:e0:46:0a:ca:ce:dc:bc:8e:be:df:54:20:
                    da:11:77:b0:eb:bb:8c:ee:0c:56:23:f4:76:3a:61:
                    08:27:ee:7c:00:95:68:8a:0b:41:fd:d5:e9:3a:5f:
                    dc:ae:ca:7c:14:2e:5a:4b:10:f0:a8:45:fe:54:10:
                    52:9e:c4:9c:5b:0f:cb:a5:f7:4f:4a:01:4b:86:ab:
                    36:b0:e1:54:ab:7c:7b:97:04:cf:bb:db:f3:4c:ac:
                    46:27:35:a6:63:63:c8:aa:73:72:13:86:2d:29:cc:
                    25:7c:62:fc:f9:3e:a0:dc:84:4a:c0:b6:70:05:4e:
                    23:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:5A:2D:5E:AD:7D:BF:BC:D1:8B:AD:A0:DB:29:5F:63:5D:0F:28:22
            X509v3 Authority Key Identifier:
                keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/AFotXq19v7zRi62g2ylfY10PKCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.107.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:4f:41:94:94:61:57:30:82:c4:f7:aa:4f:67:1a:5d:bb:ca:
         34:0c:10:89:df:d3:2d:9e:b0:d4:72:6e:68:41:7c:37:45:24:
         46:6a:33:3a:ce:12:4f:b0:e8:5b:2d:96:ca:be:60:ee:8d:ad:
         ca:da:07:80:c1:96:56:ec:07:72:e6:f1:31:c5:1d:9d:0c:32:
         ab:60:af:0b:0f:d9:33:97:6a:dd:cb:22:7c:38:f6:a4:92:b3:
         92:fc:bc:d3:0f:54:70:40:c8:a0:3b:bf:fe:b9:c3:23:01:f9:
         ec:13:89:12:01:b5:58:69:1b:d6:60:fd:38:e2:a9:1a:2d:96:
         75:b7:95:e7:a0:5e:6f:59:be:41:a7:f0:e0:06:63:7a:ec:70:
         02:85:2e:fb:e5:b9:8b:bc:cc:af:98:1d:d1:a3:02:59:3c:6d:
         12:c0:50:16:40:cc:d3:80:ea:70:5b:27:2b:d3:6c:02:18:36:
         05:b9:90:5a:58:ed:c6:35:24:e7:2c:41:6f:ef:41:85:ea:ca:
         c1:43:ee:92:5e:2a:0a:28:d6:70:4b:8c:b6:4c:6b:33:9d:e3:
         46:20:aa:c9:73:ea:67:a9:14:a9:12:8e:20:2b:0b:ce:d1:16:
         72:41:c1:45:66:ea:a4:1e:34:98:0f:db:80:c7:c0:3a:2c:f0:
         01:7d:b6:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQtru9N9n4FoMGhm3Bu/vRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjIxMDMxMTA1NTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVhMmQ1ZWFkN2RiZmJjZDE4YmFkYTBkYjI5NWY2MzVkMGYyODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDcHGIRoLXHrEY+uq6y1D9vSSHv4
STURClBQen0RkaYTfBVX6GOBHFnt90IpgBmiTqELefZ+mKjbt8DDdhb4ecT2Ko+X
UGgHtVyO0QeqEXTsCHtB3ClP9n6k73/vnbk9T6kfUltZ7DbBHJF6cEI5y8/BpHXA
xvxDUo05AQkDzZNTi67poYnIMY/gRgrKzty8jr7fVCDaEXew67uM7gxWI/R2OmEI
J+58AJVoigtB/dXpOl/crsp8FC5aSxDwqEX+VBBSnsScWw/LpfdPSgFLhqs2sOFU
q3x7lwTPu9vzTKxGJzWmY2PIqnNyE4YtKcwlfGL8+T6g3IRKwLZwBU4jFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABaLV6tfb+80YutoNspX2NdDygiMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvQUZvdFhxMTl2N3pSaTYyZzJ5bGZZMTBQS0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmugMA0G
CSqGSIb3DQEBCwUAA4IBAQByT0GUlGFXMILE96pPZxpdu8o0DBCJ39MtnrDUcm5o
QXw3RSRGajM6zhJPsOhbLZbKvmDuja3K2geAwZZW7Ady5vExxR2dDDKrYK8LD9kz
l2rdyyJ8OPakkrOS/LzTD1RwQMigO7/+ucMjAfnsE4kSAbVYaRvWYP044qkaLZZ1
t5XnoF5vWb5Bp/DgBmN67HAChS775bmLvMyvmB3RowJZPG0SwFAWQMzTgOpwWycr
02wCGDYFuZBaWO3GNSTnLEFv70GF6srBQ+6SXioKKNZwS4y2TGszneNGIKrJc+pn
qRSpEo4gKwvO0RZyQcFFZuqkHjSYD9uAx8A6LPABfbaE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:12 2024 by rpki-client on console-fra.rpki-client.org