Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/ZVCYk9AV9PTFxsfbLF179gOQavQ.roa
File:                     ZVCYk9AV9PTFxsfbLF179gOQavQ.roa (raw, json)
Hash identifier:          utmLsfruYpYx3DbvAR5gBW+0AS3hkCwsRT5Zj5nWtBY=
Subject key identifier:   65:50:98:93:D0:15:F4:F4:C5:C6:C7:DB:2C:5D:7B:F6:03:90:6A:F4
Certificate issuer:       /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Certificate serial:       0184197E1CA2F753D28C69DF3522EBEAE62E
Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/ZVCYk9AV9PTFxsfbLF179gOQavQ.roa
Signing time:             Thu 27 Oct 2022 12:50:06 +0000
ROA not before:           Thu 27 Oct 2022 12:50:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19905
IP address blocks:        194.35.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:19:7e:1c:a2:f7:53:d2:8c:69:df:35:22:eb:ea:e6:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
        Validity
            Not Before: Oct 27 12:50:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=65509893d015f4f4c5c6c7db2c5d7bf603906af4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:fc:23:be:0f:fe:be:33:bc:f2:fe:0d:09:5d:
                    18:80:a3:5e:96:81:36:6d:54:18:c5:e1:33:a7:c4:
                    e9:be:16:9b:33:cb:87:20:0a:7a:2f:5e:fc:39:aa:
                    5a:1b:9b:e7:ed:87:e9:c5:48:42:36:d9:f5:91:f6:
                    24:95:6e:57:87:c1:a1:0d:9d:4d:3e:c1:a0:c7:24:
                    05:57:c1:08:d3:26:56:9f:3e:bb:04:9b:9b:30:8f:
                    ca:e6:cf:50:a6:5b:1f:7e:5f:6b:04:25:f6:00:ff:
                    9e:2a:fd:27:ae:03:f2:7e:06:34:0e:04:ad:7e:ef:
                    98:69:51:20:fe:37:91:f3:91:17:0e:68:2a:da:18:
                    0c:35:58:91:69:4a:7b:e6:22:31:0d:9e:e5:39:73:
                    4e:b2:f8:e6:e3:b3:da:6b:e8:a2:93:12:cc:c3:ce:
                    7f:75:ea:60:52:68:c0:98:8f:1a:3a:4c:f5:df:83:
                    0c:f8:7e:97:0c:69:dd:de:a6:2b:dd:02:e1:5d:3d:
                    ec:6a:f8:c3:b5:85:f9:64:32:98:c1:20:26:47:f3:
                    f9:79:cf:a5:0b:97:3a:d8:d9:93:e7:7c:de:91:24:
                    1e:9c:24:c9:36:ec:29:d1:da:9c:d0:8c:0d:04:12:
                    4e:9c:46:4f:9b:94:e3:7a:71:f5:a3:90:35:70:87:
                    4a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:50:98:93:D0:15:F4:F4:C5:C6:C7:DB:2C:5D:7B:F6:03:90:6A:F4
            X509v3 Authority Key Identifier:
                keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/ZVCYk9AV9PTFxsfbLF179gOQavQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.35.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:bb:db:34:51:82:66:86:a2:51:85:9a:8b:6c:d1:30:b1:28:
         f6:17:52:54:72:d0:28:5a:5e:25:5a:df:c3:88:b1:dd:8c:2a:
         0e:e7:d5:aa:cd:25:f1:33:88:bf:23:86:cf:87:e0:20:30:d6:
         c7:d0:62:e6:7c:4c:31:ee:33:3e:a5:2c:47:e2:75:6a:9f:e3:
         a1:c7:45:5b:aa:63:6e:2d:9f:6d:91:8e:c8:0d:e8:7f:72:84:
         b9:e1:5e:26:f4:f3:2d:04:d6:c4:12:0a:d3:2a:77:3e:42:f6:
         e7:79:0b:f5:53:b6:78:f5:cd:83:ea:c6:39:0f:9a:8d:85:7a:
         d4:b5:b3:5d:2a:5e:06:c5:a4:ea:1c:53:44:df:c8:10:83:5f:
         b8:44:6c:59:0b:a8:bc:c2:1a:1b:cd:de:05:61:e7:c0:ce:26:
         0a:1f:09:e4:b8:b6:eb:0e:d0:11:28:6c:43:41:cb:ea:96:fb:
         b4:f2:47:03:d6:7d:3b:c2:f4:d6:c6:34:8c:c4:e6:26:64:47:
         ba:78:92:fe:56:08:dc:e8:30:76:eb:0f:43:63:eb:74:86:e2:
         06:ab:fa:f3:86:03:96:97:f9:24:50:69:ae:59:fb:89:76:ff:
         d6:60:9b:a1:77:77:0a:07:18:57:87:01:33:38:37:e6:70:57:
         22:1d:fc:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQZfhyi91PSjGnfNSLr6uYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5
NWIyNjgwHhcNMjIxMDI3MTI1MDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTUwOTg5M2QwMTVmNGY0YzVjNmM3ZGIyYzVkN2JmNjAzOTA2YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/wjvg/+vjO88v4NCV0YgKNeloE2
bVQYxeEzp8TpvhabM8uHIAp6L178OapaG5vn7YfpxUhCNtn1kfYklW5Xh8GhDZ1N
PsGgxyQFV8EI0yZWnz67BJubMI/K5s9Qplsffl9rBCX2AP+eKv0nrgPyfgY0DgSt
fu+YaVEg/jeR85EXDmgq2hgMNViRaUp75iIxDZ7lOXNOsvjm47Paa+iikxLMw85/
depgUmjAmI8aOkz134MM+H6XDGnd3qYr3QLhXT3savjDtYX5ZDKYwSAmR/P5ec+l
C5c62NmT53zekSQenCTJNuwp0dqc0IwNBBJOnEZPm5TjenH1o5A1cIdKRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVQmJPQFfT0xcbH2yxde/YDkGr0MB8GA1UdIwQY
MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt
YmNjZDMyYWY5N2ZlLzEvWlZDWWs5QVY5UFRGeHNmYkxGMTc5Z09RYXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl
LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiMBMA0G
CSqGSIb3DQEBCwUAA4IBAQBGu9s0UYJmhqJRhZqLbNEwsSj2F1JUctAoWl4lWt/D
iLHdjCoO59WqzSXxM4i/I4bPh+AgMNbH0GLmfEwx7jM+pSxH4nVqn+Ohx0VbqmNu
LZ9tkY7IDeh/coS54V4m9PMtBNbEEgrTKnc+QvbneQv1U7Z49c2D6sY5D5qNhXrU
tbNdKl4GxaTqHFNE38gQg1+4RGxZC6i8whobzd4FYefAziYKHwnkuLbrDtARKGxD
Qcvqlvu08kcD1n07wvTWxjSMxOYmZEe6eJL+Vgjc6DB26w9DY+t0huIGq/rzhgOW
l/kkUGmuWfuJdv/WYJuhd3cKBxhXhwEzODfmcFciHfx7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:28 2024 by rpki-client on console-fra.rpki-client.org