Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/XCPH7NQqpEvJPAu1oHfsXaEBouU.roa
File:                     XCPH7NQqpEvJPAu1oHfsXaEBouU.roa (raw, json)
Hash identifier:          ocGq4q50aAY5JH375e1JuET4Rm6Cg55zlHcbbM9Gj9k=
Subject key identifier:   5C:23:C7:EC:D4:2A:A4:4B:C9:3C:0B:B5:A0:77:EC:5D:A1:01:A2:E5
Certificate issuer:       /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial:       01842DAEEE82045DF94F431C36B8539AA744
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/XCPH7NQqpEvJPAu1oHfsXaEBouU.roa
Signing time:             Mon 31 Oct 2022 10:55:49 +0000
ROA not before:           Mon 31 Oct 2022 10:55:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        194.107.161.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2d:ae:ee:82:04:5d:f9:4f:43:1c:36:b8:53:9a:a7:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
        Validity
            Not Before: Oct 31 10:55:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5c23c7ecd42aa44bc93c0bb5a077ec5da101a2e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:21:4c:4e:ee:1f:ee:f3:b5:51:a7:8e:9a:3e:
                    0f:74:79:7b:ac:6d:c2:12:23:c7:42:4e:82:3e:33:
                    08:37:6d:28:fe:e9:f4:73:36:34:c5:83:b6:60:3a:
                    89:84:ef:d7:fb:5a:25:62:5c:2f:53:d1:46:bd:fd:
                    15:91:74:d9:d9:32:28:8b:17:16:d7:bc:4f:3a:58:
                    d4:44:c0:15:81:84:91:e3:0a:63:0f:cd:ea:d3:5f:
                    a0:61:65:3c:d7:e9:bf:bf:88:06:ba:54:98:ad:73:
                    06:9e:10:55:ae:b6:37:67:90:69:dd:c2:e6:a6:9c:
                    df:1e:cc:e2:5c:0f:67:f6:9c:ce:4d:bc:bf:75:df:
                    8b:ad:06:b9:ae:7b:88:62:92:61:a3:8b:ce:86:80:
                    00:e1:19:25:7e:64:01:a8:45:80:79:9c:cb:2f:6f:
                    19:e1:d3:23:94:4f:8a:18:31:df:6e:c3:20:15:b3:
                    13:21:05:93:f5:54:08:5c:40:75:5c:44:d0:7a:72:
                    c7:78:96:b0:2a:c4:cd:ba:7b:52:5e:55:dc:64:e4:
                    ad:10:57:97:c6:60:fe:b9:a4:7b:c7:1a:40:4f:a9:
                    3c:f1:0d:ad:24:ed:91:f9:47:25:5c:a4:e8:a2:ed:
                    34:77:9f:f9:b8:8a:7e:51:1d:fa:49:eb:07:ac:95:
                    33:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:23:C7:EC:D4:2A:A4:4B:C9:3C:0B:B5:A0:77:EC:5D:A1:01:A2:E5
            X509v3 Authority Key Identifier:
                keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/XCPH7NQqpEvJPAu1oHfsXaEBouU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.107.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:84:89:7e:c5:94:32:31:3b:ae:bf:96:f5:1a:a4:c2:df:26:
         c4:fb:88:08:cd:e4:af:22:f1:86:0b:70:de:11:fd:48:ca:9c:
         9e:66:93:83:73:75:9f:09:e3:6e:6a:ef:bd:ef:17:a3:55:73:
         5e:34:ad:b0:75:fe:24:80:85:3c:2b:77:d1:78:f4:7e:e0:e0:
         4c:12:de:41:9a:7d:eb:de:d7:d0:ab:58:e6:76:0d:f3:cf:7d:
         7f:d2:20:8c:47:f6:ef:46:78:9a:4e:e2:8a:4f:8e:47:b6:67:
         a4:3a:31:1b:74:a0:44:aa:2e:32:c0:7f:24:2c:61:1a:a2:be:
         8d:41:21:63:84:5b:ef:9d:33:8c:c7:ee:bb:43:f8:d4:82:c3:
         d1:51:ca:b0:98:29:86:ef:97:4f:cb:63:50:8b:4c:a8:50:65:
         75:1c:4a:63:16:53:9b:e2:7d:c4:f5:21:46:78:a6:3a:f1:c8:
         27:c4:44:5d:25:bb:bd:b5:03:0d:fe:fb:a2:4d:19:5b:23:9d:
         be:92:7f:6b:7a:97:31:7e:b7:98:74:be:ca:2c:68:44:b0:3c:
         11:f7:aa:68:2f:2f:d8:f8:85:a2:17:81:fc:2b:0b:f4:00:92:
         1d:f3:9e:d9:c5:c8:b0:76:81:8c:fd:8c:c9:ba:06:10:14:70:
         29:97:dd:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQtru6CBF35T0McNrhTmqdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjIxMDMxMTA1NTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzIzYzdlY2Q0MmFhNDRiYzkzYzBiYjVhMDc3ZWM1ZGExMDFhMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyFMTu4f7vO1UaeOmj4PdHl7rG3C
EiPHQk6CPjMIN20o/un0czY0xYO2YDqJhO/X+1olYlwvU9FGvf0VkXTZ2TIoixcW
17xPOljURMAVgYSR4wpjD83q01+gYWU81+m/v4gGulSYrXMGnhBVrrY3Z5Bp3cLm
ppzfHsziXA9n9pzOTby/dd+LrQa5rnuIYpJho4vOhoAA4RklfmQBqEWAeZzLL28Z
4dMjlE+KGDHfbsMgFbMTIQWT9VQIXEB1XETQenLHeJawKsTNuntSXlXcZOStEFeX
xmD+uaR7xxpAT6k88Q2tJO2R+UclXKToou00d5/5uIp+UR36SesHrJUzJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwjx+zUKqRLyTwLtaB37F2hAaLlMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvWENQSDdOUXFwRXZKUEF1MW9IZnNYYUVCb3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmuhMA0G
CSqGSIb3DQEBCwUAA4IBAQAehIl+xZQyMTuuv5b1GqTC3ybE+4gIzeSvIvGGC3De
Ef1IypyeZpODc3WfCeNuau+97xejVXNeNK2wdf4kgIU8K3fRePR+4OBMEt5Bmn3r
3tfQq1jmdg3zz31/0iCMR/bvRniaTuKKT45HtmekOjEbdKBEqi4ywH8kLGEaor6N
QSFjhFvvnTOMx+67Q/jUgsPRUcqwmCmG75dPy2NQi0yoUGV1HEpjFlOb4n3E9SFG
eKY68cgnxERdJbu9tQMN/vuiTRlbI52+kn9repcxfreYdL7KLGhEsDwR96poLy/Y
+IWiF4H8Kwv0AJId857ZxciwdoGM/YzJugYQFHApl92Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:12 2024 by rpki-client on console-fra.rpki-client.org