Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/I535GfIaxfOHkanT31_cr_ER7qU.roa
File:                     I535GfIaxfOHkanT31_cr_ER7qU.roa (raw, json)
Hash identifier:          78CTYaOI0uIHv8ZD3Hmcs1NSIdUnQcHu0soYkCa5jf8=
Subject key identifier:   23:9D:F9:19:F2:1A:C5:F3:87:91:A9:D3:DF:5F:DC:AF:F1:11:EE:A5
Certificate issuer:       /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial:       0184E620F27133D9885DFD4955D49B4B237B
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/I535GfIaxfOHkanT31_cr_ER7qU.roa
Signing time:             Tue 06 Dec 2022 06:30:29 +0000
ROA not before:           Tue 06 Dec 2022 06:30:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202371
IP address blocks:        94.185.122.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e6:20:f2:71:33:d9:88:5d:fd:49:55:d4:9b:4b:23:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
        Validity
            Not Before: Dec  6 06:30:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=239df919f21ac5f38791a9d3df5fdcaff111eea5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:05:6c:15:92:89:d5:1f:70:e4:c7:e1:e0:cb:
                    8a:9b:5f:cf:73:21:2e:a0:d1:e6:45:ba:32:10:57:
                    28:3e:b1:14:9f:8d:d9:7c:8b:c2:e9:2d:0c:49:af:
                    71:ac:bf:b1:88:a0:26:f7:69:af:0d:e4:30:10:fe:
                    3f:38:4c:00:7b:bd:0c:d8:01:88:25:e5:63:0f:e3:
                    11:37:9d:6c:3e:6b:e2:18:a3:58:36:f5:c9:9b:a0:
                    1d:d2:3d:97:84:46:95:8f:ab:ec:92:0e:62:a7:fc:
                    ff:15:98:2f:7b:88:48:be:d9:91:5f:30:4a:cb:c0:
                    2c:b8:48:8b:5f:37:49:27:41:0b:0f:9e:49:b7:b7:
                    d2:9f:1c:e6:f7:59:b7:50:b2:a5:8b:f0:16:66:a2:
                    fe:5d:59:76:1e:ff:42:17:6a:36:5f:0f:68:0e:8d:
                    ae:6d:3a:fa:c5:8e:3b:93:5c:fc:c9:6a:6a:82:03:
                    7c:e1:9f:a8:0b:9c:f8:e9:03:00:76:b1:1f:c0:7b:
                    4e:a1:93:1d:1e:cf:e7:53:71:ac:75:e9:67:5c:01:
                    1f:a9:6c:1a:22:0d:2f:c2:3b:2a:a3:7f:53:11:af:
                    f2:52:28:8b:ae:38:f5:48:ed:27:f1:3e:69:06:76:
                    c2:b5:d0:5c:6b:15:c1:d4:94:ad:0c:30:2c:8d:e0:
                    19:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:9D:F9:19:F2:1A:C5:F3:87:91:A9:D3:DF:5F:DC:AF:F1:11:EE:A5
            X509v3 Authority Key Identifier:
                keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/I535GfIaxfOHkanT31_cr_ER7qU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.185.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:42:ff:50:29:53:f9:6f:a1:8c:d8:db:df:23:d6:2b:e0:4d:
         ca:13:cb:12:54:ec:44:76:ea:e6:a9:08:73:93:b7:5d:b1:35:
         3d:af:93:55:b5:63:12:3d:aa:cd:5f:c7:b9:8b:db:53:49:60:
         b9:f8:42:03:8c:ce:97:a1:b7:c1:65:ae:aa:fa:be:f3:9d:5f:
         d8:b7:cb:eb:c5:ca:88:87:45:f3:ab:d2:c9:17:14:48:f9:33:
         96:4a:b7:5e:95:aa:22:34:a5:62:62:fa:fd:69:7e:74:7b:b2:
         b8:3c:7a:06:3f:ea:e7:14:f6:8c:c1:8c:97:bf:a1:f9:21:f9:
         3e:ad:78:56:8d:aa:3f:1b:10:d4:ae:80:85:86:ed:96:28:be:
         f1:fe:13:97:3c:00:db:d0:36:c3:57:1b:ab:26:d4:93:e5:7b:
         6a:f0:39:7a:61:f3:90:e9:07:8b:f3:3d:29:c0:88:3e:f5:b9:
         6f:d0:58:bb:59:26:0e:ae:54:0d:f9:7a:15:7a:30:0b:49:b8:
         cc:6f:7f:70:8a:dc:ef:33:a4:b5:6f:c0:7d:db:2b:df:79:e1:
         3d:9f:3b:1b:07:fd:5d:ff:a1:27:c1:ea:63:b4:f1:be:6d:2d:
         de:0c:c0:0a:73:45:bb:08:6d:66:05:e8:54:77:10:8f:0c:1b:
         2b:9d:de:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTmIPJxM9mIXf1JVdSbSyN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODhiMWI1NjBmOTk4ZWNjZDNhNmVmZjQwNTQzYjU5MjA0
ZDY3YjgwHhcNMjIxMjA2MDYzMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzlkZjkxOWYyMWFjNWYzODc5MWE5ZDNkZjVmZGNhZmYxMTFlZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAVsFZKJ1R9w5Mfh4MuKm1/PcyEu
oNHmRboyEFcoPrEUn43ZfIvC6S0MSa9xrL+xiKAm92mvDeQwEP4/OEwAe70M2AGI
JeVjD+MRN51sPmviGKNYNvXJm6Ad0j2XhEaVj6vskg5ip/z/FZgve4hIvtmRXzBK
y8AsuEiLXzdJJ0ELD55Jt7fSnxzm91m3ULKli/AWZqL+XVl2Hv9CF2o2Xw9oDo2u
bTr6xY47k1z8yWpqggN84Z+oC5z46QMAdrEfwHtOoZMdHs/nU3GsdelnXAEfqWwa
Ig0vwjsqo39TEa/yUiiLrjj1SO0n8T5pBnbCtdBcaxXB1JStDDAsjeAZBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOd+RnyGsXzh5Gp099f3K/xEe6lMB8GA1UdIwQY
MBaAFCWIsbVg+ZjszTpu/0BUO1kgTWe4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEt
OTlhMDE4OTg4OGI1LzEvSTUzNUdmSWF4Zk9Ia2FuVDMxX2NyX0VSN3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEtOTlhMDE4OTg4OGI1
LzEvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrl6MA0G
CSqGSIb3DQEBCwUAA4IBAQAVQv9QKVP5b6GM2NvfI9Yr4E3KE8sSVOxEdurmqQhz
k7ddsTU9r5NVtWMSParNX8e5i9tTSWC5+EIDjM6XobfBZa6q+r7znV/Yt8vrxcqI
h0Xzq9LJFxRI+TOWSrdelaoiNKViYvr9aX50e7K4PHoGP+rnFPaMwYyXv6H5Ifk+
rXhWjao/GxDUroCFhu2WKL7x/hOXPADb0DbDVxurJtST5Xtq8Dl6YfOQ6QeL8z0p
wIg+9blv0Fi7WSYOrlQN+XoVejALSbjMb39witzvM6S1b8B92yvfeeE9nzsbB/1d
/6EnwepjtPG+bS3eDMAKc0W7CG1mBehUdxCPDBsrnd48
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:20 2024 by rpki-client on console-ams.rpki-client.org