Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/bTw-vkLMc0HKqRs2NEmvhe_0fRI.roa
File:                     bTw-vkLMc0HKqRs2NEmvhe_0fRI.roa (raw, json)
Hash identifier:          KYO6nxeqXBrBdzsjdtT0sAC3Lh6EAwIyNDzw+tgnBbw=
Subject key identifier:   6D:3C:3E:BE:42:CC:73:41:CA:A9:1B:36:34:49:AF:85:EF:F4:7D:12
Certificate issuer:       /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial:       018534571C182A81C86C0AC990E294B7DA0E
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/bTw-vkLMc0HKqRs2NEmvhe_0fRI.roa
Signing time:             Wed 21 Dec 2022 11:00:02 +0000
ROA not before:           Wed 21 Dec 2022 11:00:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61138
IP address blocks:        194.107.162.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:34:57:1c:18:2a:81:c8:6c:0a:c9:90:e2:94:b7:da:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
        Validity
            Not Before: Dec 21 11:00:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d3c3ebe42cc7341caa91b363449af85eff47d12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:d0:58:6d:31:2b:e2:64:16:87:92:a0:69:8e:
                    29:f6:c2:4a:4f:44:36:c4:b3:ac:19:26:d3:88:cd:
                    59:98:8a:07:9c:40:d5:6a:aa:88:8a:cc:8b:49:88:
                    99:4f:48:33:04:12:b8:c5:59:86:c6:0f:67:21:6b:
                    25:ac:ff:52:91:5e:55:9d:64:ed:ee:f8:4e:98:22:
                    9e:fa:2c:12:83:b7:3e:15:c9:32:5b:89:1b:5a:a5:
                    6e:c3:93:de:5a:1a:cc:b8:7f:60:eb:a9:15:9a:9f:
                    59:35:01:3f:e6:3f:a1:9c:2f:9d:cb:aa:ea:2b:0c:
                    5c:3c:ff:d7:98:54:86:80:7a:86:ea:41:8c:0e:fe:
                    40:8e:64:f7:e5:40:02:47:07:6e:28:d9:c9:27:b0:
                    bf:80:e4:f0:82:97:23:51:a6:63:25:02:78:d6:4f:
                    2d:89:f3:b0:cb:42:6d:eb:55:37:ab:50:58:fc:35:
                    ca:76:46:ab:14:91:76:50:99:71:5c:8e:01:39:0b:
                    87:43:26:3e:2e:22:3f:64:d3:3c:2d:1d:50:06:43:
                    86:98:56:5a:94:e7:56:b1:81:3d:f8:ae:50:fd:22:
                    7f:9f:21:b7:10:6c:54:90:82:e5:7f:71:3d:d7:8c:
                    87:f8:db:bc:31:3a:6c:3e:ba:14:2f:a1:45:b2:35:
                    04:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:3C:3E:BE:42:CC:73:41:CA:A9:1B:36:34:49:AF:85:EF:F4:7D:12
            X509v3 Authority Key Identifier:
                keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/bTw-vkLMc0HKqRs2NEmvhe_0fRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.107.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:73:56:42:bf:f3:e0:eb:82:5e:ea:70:06:9a:60:2a:f1:f7:
         5c:c9:09:96:2b:05:ca:6f:a4:2d:d1:1b:0d:fa:e2:72:c6:70:
         32:76:d7:12:f0:c6:26:6c:d9:f2:51:3b:f7:19:f3:ef:bf:64:
         1e:d2:1a:0b:1d:79:ce:a7:a4:15:66:1b:58:34:17:18:2c:fa:
         c1:99:a1:b1:ca:ca:dc:25:e3:2f:97:64:d5:1d:de:9f:5a:8c:
         64:a8:63:fd:6d:81:97:5e:6e:e8:26:09:f7:82:71:6b:8a:e6:
         fa:cb:7f:de:2a:03:df:f7:15:db:e5:1d:9f:a8:20:a2:01:b7:
         24:49:cd:30:a0:55:fa:55:14:b0:7a:00:32:df:a9:f0:4f:5b:
         b4:ba:12:df:9d:8f:be:87:cc:58:75:a6:b8:68:24:de:90:e4:
         f8:2b:8e:85:9d:17:f6:48:83:df:82:0f:69:e2:bc:f6:c8:64:
         d8:f6:d5:ab:5b:88:76:03:a8:8a:a4:a0:8a:b9:69:18:50:81:
         3c:88:c9:42:41:35:63:3a:87:dc:2c:60:96:f5:43:82:26:2d:
         a5:b3:5f:46:92:46:09:2e:40:44:80:67:00:d2:47:5c:db:96:
         7d:79:a5:96:bc:65:1b:db:f4:be:b5:07:08:41:09:a9:d5:f5:
         eb:b8:66:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU0VxwYKoHIbArJkOKUt9oOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjIxMjIxMTEwMDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDNjM2ViZTQyY2M3MzQxY2FhOTFiMzYzNDQ5YWY4NWVmZjQ3ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNBYbTEr4mQWh5KgaY4p9sJKT0Q2
xLOsGSbTiM1ZmIoHnEDVaqqIisyLSYiZT0gzBBK4xVmGxg9nIWslrP9SkV5VnWTt
7vhOmCKe+iwSg7c+FckyW4kbWqVuw5PeWhrMuH9g66kVmp9ZNQE/5j+hnC+dy6rq
KwxcPP/XmFSGgHqG6kGMDv5AjmT35UACRwduKNnJJ7C/gOTwgpcjUaZjJQJ41k8t
ifOwy0Jt61U3q1BY/DXKdkarFJF2UJlxXI4BOQuHQyY+LiI/ZNM8LR1QBkOGmFZa
lOdWsYE9+K5Q/SJ/nyG3EGxUkILlf3E914yH+Nu8MTpsProUL6FFsjUE9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG08Pr5CzHNByqkbNjRJr4Xv9H0SMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvYlR3LXZrTE1jMEhLcVJzMk5FbXZoZV8wZlJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmuiMA0G
CSqGSIb3DQEBCwUAA4IBAQBcc1ZCv/Pg64Je6nAGmmAq8fdcyQmWKwXKb6Qt0RsN
+uJyxnAydtcS8MYmbNnyUTv3GfPvv2Qe0hoLHXnOp6QVZhtYNBcYLPrBmaGxysrc
JeMvl2TVHd6fWoxkqGP9bYGXXm7oJgn3gnFriub6y3/eKgPf9xXb5R2fqCCiAbck
Sc0woFX6VRSwegAy36nwT1u0uhLfnY++h8xYdaa4aCTekOT4K46FnRf2SIPfgg9p
4rz2yGTY9tWrW4h2A6iKpKCKuWkYUIE8iMlCQTVjOofcLGCW9UOCJi2ls19GkkYJ
LkBEgGcA0kdc25Z9eaWWvGUb2/S+tQcIQQmp1fXruGZW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:39 2024 by rpki-client on console-ams.rpki-client.org