Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/0eTNTkbgfx0hQhC6Wxe6IJVGqBs.roa
File:                     0eTNTkbgfx0hQhC6Wxe6IJVGqBs.roa (raw, json)
Hash identifier:          7GhlbLxDh4JmcwJ8MV8YTwfR829eExq2gHrUyAoNfG0=
Subject key identifier:   D1:E4:CD:4E:46:E0:7F:1D:21:42:10:BA:5B:17:BA:20:95:46:A8:1B
Certificate issuer:       /CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Certificate serial:       0B191B5A
Authority key identifier: AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/0eTNTkbgfx0hQhC6Wxe6IJVGqBs.roa
Signing time:             Sat 01 Jan 2022 01:58:28 +0000
ROA not before:           Sat 01 Jan 2022 01:58:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8881
IP address blocks:        194.99.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 186194778 (0xb191b5a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
        Validity
            Not Before: Jan  1 01:58:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1e4cd4e46e07f1d214210ba5b17ba209546a81b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:28:36:6a:53:12:e1:bb:7a:45:b2:4b:32:36:
                    33:ef:02:69:84:85:4e:cf:ea:24:6b:de:b5:fe:25:
                    c7:f4:e6:29:33:67:17:e4:02:e7:7f:c3:4c:2f:99:
                    59:28:05:8d:3b:e9:6c:96:80:b2:8b:ec:23:64:02:
                    cc:5b:06:e9:7d:73:50:05:8a:2a:cb:fb:95:7c:6d:
                    b3:b2:07:29:c4:e5:ec:eb:ad:ba:ba:81:ea:4a:25:
                    3b:ce:e0:f8:65:9a:d0:64:7e:e3:d9:88:33:8c:6b:
                    ef:95:5c:4f:81:d6:26:f6:d8:e7:bf:49:6b:11:a2:
                    cb:30:fe:ea:f1:b3:77:bf:20:4d:78:d7:28:cf:d3:
                    8e:ba:5d:40:18:3c:0d:b3:0c:4b:b8:7e:3c:cf:84:
                    8b:fb:62:26:52:ef:40:9e:3d:1f:61:04:b4:67:96:
                    19:68:38:f2:c1:4f:98:1e:d6:1c:eb:fb:bd:f3:60:
                    ad:82:a5:ac:0a:35:41:2a:f6:a5:6b:37:ed:7c:7a:
                    87:9f:39:03:72:0e:ec:c7:0b:95:83:b6:9f:fc:0a:
                    8a:39:4a:f6:cc:36:ea:f7:ce:ad:84:2b:be:66:ad:
                    23:47:33:18:d7:26:76:2b:c4:cd:0d:b1:0a:4b:fe:
                    28:74:03:69:c7:b7:57:62:6d:70:82:c1:19:08:d9:
                    fd:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:E4:CD:4E:46:E0:7F:1D:21:42:10:BA:5B:17:BA:20:95:46:A8:1B
            X509v3 Authority Key Identifier:
                keyid:AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/0eTNTkbgfx0hQhC6Wxe6IJVGqBs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/rh3Biksfv-LCur2Lu0f-H9HPIvg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.99.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:ef:ee:70:fd:16:9e:95:b0:92:38:0c:4d:c5:a0:be:65:30:
         ba:84:f7:f8:14:a4:6c:3f:a1:93:15:28:85:08:a8:dd:62:8f:
         02:0e:fa:fc:b0:59:4d:0e:e9:65:49:0f:59:23:6c:d7:e9:fc:
         de:40:9a:c7:2e:b8:94:54:5b:1a:f2:7d:38:ef:72:6f:7a:3c:
         4e:d4:bd:af:dd:88:fa:00:02:de:3b:d7:72:7e:a7:9b:9d:3e:
         40:87:7e:4e:21:f3:75:11:4b:a1:51:01:d1:ca:34:09:ef:51:
         e6:9f:62:97:ae:a3:5b:91:17:14:68:75:b3:7b:54:d5:e5:94:
         93:ec:bf:a7:2b:ad:b6:2a:d4:3f:39:8d:15:04:b7:a4:ee:ea:
         16:4a:3f:9e:a4:0f:2a:68:f1:f8:05:f4:6f:28:80:f2:d6:81:
         36:eb:cb:86:16:bd:65:59:c8:d2:29:82:16:a9:03:c5:fc:e0:
         af:7c:6e:59:8d:71:c1:74:55:7b:a7:c7:19:f7:59:9e:4d:05:
         17:7b:26:1b:30:c9:51:d7:0d:fd:f3:1a:fc:3b:5d:90:19:26:
         c5:b9:c0:e9:18:cb:70:19:0a:ee:b8:96:8c:25:63:61:66:ff:
         46:df:2e:11:28:52:04:45:85:66:7a:37:57:79:f6:cc:f3:12:
         6a:02:9d:32
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECxkbWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTFkYzE4YTRiMWZiZmUyYzJiYWJkOGJiYjQ3ZmUxZmQxY2YyMmY4MB4XDTIyMDEw
MTAxNTgyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFlNGNkNGU0NmUw
N2YxZDIxNDIxMGJhNWIxN2JhMjA5NTQ2YTgxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQoNmpTEuG7ekWySzI2M+8CaYSFTs/qJGvetf4lx/TmKTNn
F+QC53/DTC+ZWSgFjTvpbJaAsovsI2QCzFsG6X1zUAWKKsv7lXxts7IHKcTl7Out
urqB6kolO87g+GWa0GR+49mIM4xr75VcT4HWJvbY579JaxGiyzD+6vGzd78gTXjX
KM/TjrpdQBg8DbMMS7h+PM+Ei/tiJlLvQJ49H2EEtGeWGWg48sFPmB7WHOv7vfNg
rYKlrAo1QSr2pWs37Xx6h585A3IO7McLlYO2n/wKijlK9sw26vfOrYQrvmatI0cz
GNcmdivEzQ2xCkv+KHQDace3V2JtcILBGQjZ/cUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTR5M1ORuB/HSFCELpbF7oglUaoGzAfBgNVHSMEGDAWgBSuHcGKSx+/4sK6
vYu7R/4f0c8i+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JoM0Jpa3Nmdi1MQ3VyMkx1MGYtSDlIUEl2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvMDM3NmQxLTEyY2EtNDEzNS05NDgzLThlNzE0OWYwNGE0ZS8x
LzBlVE5Ua2JnZngwaFFoQzZXeGU2SUpWR3FCcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
MDM3NmQxLTEyY2EtNDEzNS05NDgzLThlNzE0OWYwNGE0ZS8xL3JoM0Jpa3Nmdi1M
Q3VyMkx1MGYtSDlIUEl2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJjcTANBgkqhkiG9w0BAQsFAAOC
AQEAeu/ucP0WnpWwkjgMTcWgvmUwuoT3+BSkbD+hkxUohQio3WKPAg76/LBZTQ7p
ZUkPWSNs1+n83kCaxy64lFRbGvJ9OO9yb3o8TtS9r92I+gAC3jvXcn6nm50+QId+
TiHzdRFLoVEB0co0Ce9R5p9il66jW5EXFGh1s3tU1eWUk+y/pyuttirUPzmNFQS3
pO7qFko/nqQPKmjx+AX0byiA8taBNuvLhha9ZVnI0imCFqkDxfzgr3xuWY1xwXRV
e6fHGfdZnk0FF3smGzDJUdcN/fMa/DtdkBkmxbnA6RjLcBkK7riWjCVjYWb/Rt8u
EShSBEWFZno3V3n2zPMSagKdMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:28 2024 by rpki-client on console-fra.rpki-client.org