Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/q5sjMvE6t1P2aYDSZhq0tevxdxQ.roa
File:                     q5sjMvE6t1P2aYDSZhq0tevxdxQ.roa (raw, json)
Hash identifier:          0DmX2GHg3dZchnNuTv/W+lImpSMWZtQX2nvhziyA+SI=
Subject key identifier:   AB:9B:23:32:F1:3A:B7:53:F6:69:80:D2:66:1A:B4:B5:EB:F1:77:14
Certificate issuer:       /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial:       01835B27AF3D758E15D4490ABBEEBC8A75A0
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/q5sjMvE6t1P2aYDSZhq0tevxdxQ.roa
Signing time:             Tue 20 Sep 2022 13:47:50 +0000
ROA not before:           Tue 20 Sep 2022 13:47:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400377
IP address blocks:        194.107.161.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:5b:27:af:3d:75:8e:15:d4:49:0a:bb:ee:bc:8a:75:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
        Validity
            Not Before: Sep 20 13:47:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ab9b2332f13ab753f66980d2661ab4b5ebf17714
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c4:f8:64:21:43:ab:47:88:22:c2:0c:4c:ee:
                    28:d7:d0:0f:23:6b:20:b7:2b:73:b5:a9:e2:d4:28:
                    a6:f2:03:5a:b9:83:09:5e:71:05:35:9a:f5:57:9c:
                    1e:5f:45:65:33:22:df:b0:84:ae:64:79:6b:0c:20:
                    ee:ae:28:9a:9f:fa:6b:2b:ce:d8:ab:c5:c2:da:d9:
                    04:57:b3:15:50:7e:a2:95:58:cf:8a:a9:c0:78:b7:
                    8e:13:49:9e:dd:98:ca:d4:64:cc:95:46:d8:8f:46:
                    5f:85:73:cf:e1:4e:1b:4e:76:2d:1d:c3:8b:bd:11:
                    c2:ea:8c:d7:a9:b4:84:8e:ec:b0:2b:34:34:87:e3:
                    9d:40:e9:10:7f:ee:14:d3:91:03:a6:c0:51:20:e4:
                    d9:44:3a:08:9f:17:48:5d:b6:f9:bc:04:01:8f:46:
                    2b:1b:09:0f:10:c5:29:2b:13:1f:0c:07:46:5b:ee:
                    e4:35:48:70:10:9b:0e:01:2a:f3:95:47:79:90:fa:
                    cf:bf:57:68:b5:37:93:a1:1c:91:ed:23:6f:9b:53:
                    29:65:eb:ab:ac:e2:e1:c3:8d:ec:56:53:08:6a:ee:
                    ea:ce:fa:6a:10:ba:0f:88:ad:f0:a2:63:8e:4e:7f:
                    70:2f:6d:c7:6f:10:ce:07:b2:1a:f2:48:51:67:22:
                    66:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:9B:23:32:F1:3A:B7:53:F6:69:80:D2:66:1A:B4:B5:EB:F1:77:14
            X509v3 Authority Key Identifier:
                keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/q5sjMvE6t1P2aYDSZhq0tevxdxQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.107.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:7c:0e:75:77:ec:94:26:ea:38:ce:2f:5d:e6:ef:5c:01:62:
         c4:02:11:d5:1d:36:b7:0f:1e:17:b4:90:0e:0d:fa:c8:fa:8a:
         81:25:1b:36:d3:b7:1b:7b:ff:e0:92:8d:98:d6:0d:bd:fe:f1:
         56:17:59:8f:a3:c9:8c:7f:9d:1f:ef:56:06:49:b1:fe:13:c7:
         78:4a:42:4b:a2:39:53:eb:16:a8:4f:bd:f0:a3:b7:e4:30:74:
         48:fa:22:35:85:98:4b:2f:88:cc:14:68:70:7e:b7:8a:cf:4c:
         7f:07:c7:52:f7:df:77:bf:23:e1:d5:de:06:81:21:b3:b9:e1:
         8e:db:3e:02:90:e5:4e:a2:08:85:5a:2b:86:92:16:9a:12:ad:
         c1:6f:fe:61:4a:21:e3:4d:11:f5:98:10:c2:1b:a0:a9:85:e4:
         48:4d:46:ae:60:aa:2a:63:ec:58:4d:21:8a:56:a4:da:d9:71:
         3c:1b:c8:5b:2a:11:7d:be:f9:27:af:22:5c:fb:c8:30:03:19:
         6c:98:27:bc:00:50:c7:fa:75:56:9b:bd:e6:c9:34:99:03:d9:
         98:9d:6f:af:95:17:2f:02:65:91:f4:54:b5:3c:1c:cc:37:e3:
         a4:9b:51:68:75:fc:18:f2:c4:c0:c3:32:2c:d8:8f:d4:e6:cc:
         47:86:6f:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNbJ689dY4V1EkKu+68inWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjIwOTIwMTM0NzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjliMjMzMmYxM2FiNzUzZjY2OTgwZDI2NjFhYjRiNWViZjE3NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcT4ZCFDq0eIIsIMTO4o19API2sg
tytztani1Cim8gNauYMJXnEFNZr1V5weX0VlMyLfsISuZHlrDCDuriian/prK87Y
q8XC2tkEV7MVUH6ilVjPiqnAeLeOE0me3ZjK1GTMlUbYj0ZfhXPP4U4bTnYtHcOL
vRHC6ozXqbSEjuywKzQ0h+OdQOkQf+4U05EDpsBRIOTZRDoInxdIXbb5vAQBj0Yr
GwkPEMUpKxMfDAdGW+7kNUhwEJsOASrzlUd5kPrPv1dotTeToRyR7SNvm1MpZeur
rOLhw43sVlMIau7qzvpqELoPiK3womOOTn9wL23HbxDOB7Ia8khRZyJmfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKubIzLxOrdT9mmA0mYatLXr8XcUMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvcTVzak12RTZ0MVAyYVlEU1pocTB0ZXZ4ZHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmuhMA0G
CSqGSIb3DQEBCwUAA4IBAQCNfA51d+yUJuo4zi9d5u9cAWLEAhHVHTa3Dx4XtJAO
DfrI+oqBJRs207cbe//gko2Y1g29/vFWF1mPo8mMf50f71YGSbH+E8d4SkJLojlT
6xaoT73wo7fkMHRI+iI1hZhLL4jMFGhwfreKz0x/B8dS9993vyPh1d4GgSGzueGO
2z4CkOVOogiFWiuGkhaaEq3Bb/5hSiHjTRH1mBDCG6CpheRITUauYKoqY+xYTSGK
VqTa2XE8G8hbKhF9vvknryJc+8gwAxlsmCe8AFDH+nVWm73myTSZA9mYnW+vlRcv
AmWR9FS1PBzMN+Okm1FodfwY8sTAwzIs2I/U5sxHhm8/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:09 2023 by rpki-client on console-fra.rpki-client.org