Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a9a7d8-a9bf-49e2-b68a-a5b4f26fc976/1/SK64c0U1XFuC7EE2c_MvgLYGAQc.roa
File:                     SK64c0U1XFuC7EE2c_MvgLYGAQc.roa (raw, json)
Hash identifier:          +tqEN3ABvco05394U2k+mjb6B4EViO5xF+QwjWGUwns=
Subject key identifier:   48:AE:B8:73:45:35:5C:5B:82:EC:41:36:73:F3:2F:80:B6:06:01:07
Certificate issuer:       /CN=32559e07d6388dd2af753565e9253d682f93ebde
Certificate serial:       0183215294397781EB36216B347B4FF066C5
Authority key identifier: 32:55:9E:07:D6:38:8D:D2:AF:75:35:65:E9:25:3D:68:2F:93:EB:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlWeB9Y4jdKvdTVl6SU9aC-T694.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/a9a7d8-a9bf-49e2-b68a-a5b4f26fc976/1/SK64c0U1XFuC7EE2c_MvgLYGAQc.roa
Signing time:             Fri 09 Sep 2022 08:16:43 +0000
ROA not before:           Fri 09 Sep 2022 08:16:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     5610
IP address blocks:        194.50.248.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:21:52:94:39:77:81:eb:36:21:6b:34:7b:4f:f0:66:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32559e07d6388dd2af753565e9253d682f93ebde
        Validity
            Not Before: Sep  9 08:16:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48aeb87345355c5b82ec413673f32f80b6060107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:1d:cf:5d:bb:44:fb:82:61:14:38:ca:11:f8:
                    f4:ba:45:32:e6:7e:00:a2:55:fa:bb:f0:a1:af:ed:
                    7e:82:9e:17:e1:63:b5:c8:5f:da:70:84:41:52:3e:
                    50:06:64:2d:0f:fd:64:57:2e:c5:7e:95:c3:9c:de:
                    d2:01:5c:1b:2d:5e:e3:03:13:6a:50:00:89:73:74:
                    ed:9c:ca:ba:62:9f:47:3b:27:69:66:e4:3f:07:09:
                    bb:25:80:e6:e3:52:89:8b:d9:00:6e:0b:93:be:fc:
                    86:f9:13:8c:8b:77:b7:af:fa:0c:fc:72:41:5a:5a:
                    b7:71:e4:06:a4:ea:cd:79:71:bc:0f:ee:8d:9e:80:
                    70:08:47:39:3e:04:35:55:aa:d7:6d:25:da:77:f8:
                    c0:f3:9c:47:2e:68:a1:08:a6:03:b3:14:75:0d:8e:
                    11:2a:53:5d:8b:ec:dd:7c:2d:6c:2e:0b:65:a3:b9:
                    39:ba:cb:60:c6:f7:db:90:82:93:a6:52:14:5d:43:
                    4a:71:1d:45:d0:f5:6d:d7:0a:e8:1d:bc:f9:cb:0f:
                    af:79:77:d1:5a:49:41:72:42:89:6c:07:e5:55:e8:
                    bd:fb:0d:f3:47:36:d3:5f:8e:d9:cc:d1:83:f4:9b:
                    c6:a3:8f:9e:85:5e:c1:20:12:25:29:70:3b:93:8d:
                    bb:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:AE:B8:73:45:35:5C:5B:82:EC:41:36:73:F3:2F:80:B6:06:01:07
            X509v3 Authority Key Identifier:
                keyid:32:55:9E:07:D6:38:8D:D2:AF:75:35:65:E9:25:3D:68:2F:93:EB:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlWeB9Y4jdKvdTVl6SU9aC-T694.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a9a7d8-a9bf-49e2-b68a-a5b4f26fc976/1/SK64c0U1XFuC7EE2c_MvgLYGAQc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a9a7d8-a9bf-49e2-b68a-a5b4f26fc976/1/MlWeB9Y4jdKvdTVl6SU9aC-T694.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         03:5c:eb:35:b1:92:52:ec:bb:e4:23:b0:aa:06:61:71:80:ae:
         73:f2:37:7b:b6:72:bc:aa:6b:7f:12:a2:1e:00:6b:f3:85:1d:
         ca:c0:d5:1a:6a:ec:1c:af:63:a4:21:37:fe:1f:77:72:b2:0f:
         bf:24:60:51:52:1e:fc:16:66:8b:bd:99:7e:80:80:bf:15:e5:
         a7:c1:2c:41:1b:70:8c:f5:2e:fd:f1:ce:7b:f2:87:bd:4a:4e:
         85:88:b1:92:5e:36:e2:3c:ba:72:e5:31:c2:fd:2d:dc:73:6e:
         21:1d:de:f3:e5:d8:4e:4b:b0:d4:09:ce:7c:22:e3:db:e8:7e:
         01:96:92:c4:09:e6:c9:45:6f:30:a6:16:fc:13:38:89:7b:fa:
         d4:eb:7b:e6:13:4c:07:fd:96:7e:92:db:d3:a9:82:2f:d8:ec:
         2f:13:18:e7:a6:d2:4a:63:b9:8a:60:7d:93:e1:02:d1:15:17:
         c5:07:62:1c:37:c6:0f:fa:bc:09:32:cf:87:ea:d3:b7:a4:cf:
         d8:5f:1a:1d:84:9c:47:de:00:f4:91:98:f6:83:88:2c:03:c7:
         4c:bf:24:4d:5f:19:df:b6:86:04:d8:dd:22:99:06:1c:cb:bf:
         61:bd:6f:e0:30:e5:99:5b:ba:0c:6d:12:68:13:7a:06:54:a2:
         3a:b7:e0:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMhUpQ5d4HrNiFrNHtP8GbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTU5ZTA3ZDYzODhkZDJhZjc1MzU2NWU5MjUzZDY4MmY5
M2ViZGUwHhcNMjIwOTA5MDgxNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGFlYjg3MzQ1MzU1YzViODJlYzQxMzY3M2YzMmY4MGI2MDYwMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkh3PXbtE+4JhFDjKEfj0ukUy5n4A
olX6u/Chr+1+gp4X4WO1yF/acIRBUj5QBmQtD/1kVy7FfpXDnN7SAVwbLV7jAxNq
UACJc3TtnMq6Yp9HOydpZuQ/Bwm7JYDm41KJi9kAbguTvvyG+ROMi3e3r/oM/HJB
Wlq3ceQGpOrNeXG8D+6NnoBwCEc5PgQ1VarXbSXad/jA85xHLmihCKYDsxR1DY4R
KlNdi+zdfC1sLgtlo7k5ustgxvfbkIKTplIUXUNKcR1F0PVt1wroHbz5yw+veXfR
WklBckKJbAflVei9+w3zRzbTX47ZzNGD9JvGo4+ehV7BIBIlKXA7k427RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEiuuHNFNVxbguxBNnPzL4C2BgEHMB8GA1UdIwQY
MBaAFDJVngfWOI3Sr3U1ZeklPWgvk+veMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxXZUI5WTRqZEt2ZFRWbDZTVTlhQy1UNjk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hOWE3ZDgtYTliZi00OWUyLWI2OGEt
YTViNGYyNmZjOTc2LzEvU0s2NGMwVTFYRnVDN0VFMmNfTXZnTFlHQVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hOWE3ZDgtYTliZi00OWUyLWI2OGEtYTViNGYyNmZjOTc2
LzEvTWxXZUI5WTRqZEt2ZFRWbDZTVTlhQy1UNjk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwjL4MA0G
CSqGSIb3DQEBCwUAA4IBAQADXOs1sZJS7LvkI7CqBmFxgK5z8jd7tnK8qmt/EqIe
AGvzhR3KwNUaauwcr2OkITf+H3dysg+/JGBRUh78FmaLvZl+gIC/FeWnwSxBG3CM
9S798c578oe9Sk6FiLGSXjbiPLpy5THC/S3cc24hHd7z5dhOS7DUCc58IuPb6H4B
lpLECebJRW8wphb8EziJe/rU63vmE0wH/ZZ+ktvTqYIv2OwvExjnptJKY7mKYH2T
4QLRFRfFB2IcN8YP+rwJMs+H6tO3pM/YXxodhJxH3gD0kZj2g4gsA8dMvyRNXxnf
toYE2N0imQYcy79hvW/gMOWZW7oMbRJoE3oGVKI6t+Ah
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:26 2024 by rpki-client on console-ams.rpki-client.org