Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/oO37-d3IMCSdduw44Kp2EDbOG7U.roa
File:                     oO37-d3IMCSdduw44Kp2EDbOG7U.roa (raw, json)
Hash identifier:          4CuM/Qgf8fqIsfdydF4s3d4lwpvcXdcO+iBM5PdOKWI=
Subject key identifier:   A0:ED:FB:F9:DD:C8:30:24:9D:76:EC:38:E0:AA:76:10:36:CE:1B:B5
Certificate issuer:       /CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Certificate serial:       01823CD190299F533F93E71B3B311B211415
Authority key identifier: 74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/oO37-d3IMCSdduw44Kp2EDbOG7U.roa
Signing time:             Tue 26 Jul 2022 23:22:23 +0000
ROA not before:           Tue 26 Jul 2022 23:22:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211398
IP address blocks:        31.24.249.0/24 maxlen: 32
                          2001:678:f30::/48 maxlen: 48
                          2a12:4942:174::/48 maxlen: 48
                          2a12:4940::/32 maxlen: 48
                          2a12:4946:46::/48 maxlen: 48
                          2a12:4946:1655::/48 maxlen: 48
                          2a12:4946:3005::/48 maxlen: 48
                          2a12:4946:1600::/48 maxlen: 48
                          2a12:4946:1700::/48 maxlen: 48
                          2a12:4946:1800::/48 maxlen: 48
                          2a12:4946:1900::/48 maxlen: 48
                          2a12:4946:1650::/48 maxlen: 48
                          2a12:4942::/31 maxlen: 48
                          2a12:4946:6960::/44 maxlen: 48
                          2a12:4946:1658::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:3c:d1:90:29:9f:53:3f:93:e7:1b:3b:31:1b:21:14:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
        Validity
            Not Before: Jul 26 23:22:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a0edfbf9ddc830249d76ec38e0aa761036ce1bb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f9:cc:1b:a8:6d:ab:b4:c4:22:69:3b:76:f4:
                    97:03:7b:f5:e1:8d:41:3d:0d:b8:2e:f9:2a:67:ef:
                    d2:14:1d:d8:27:0f:09:fc:eb:c4:5d:40:f2:8e:34:
                    18:bb:64:5c:da:bf:9d:ba:10:7d:63:18:55:7c:aa:
                    23:f3:99:24:2c:6b:e3:cc:21:ab:9a:24:8c:e4:13:
                    74:3b:a9:a0:cd:19:cc:9b:b1:fc:7b:a3:a0:dd:a6:
                    c1:63:43:d4:33:98:4b:5a:af:76:ff:40:32:70:34:
                    5b:a8:69:bb:6f:9d:0d:6d:e1:f1:5d:db:98:e5:8a:
                    63:54:a4:d0:7e:85:a3:ef:17:d4:79:1a:d5:45:db:
                    d8:43:6a:28:79:a3:39:5e:b4:ac:c5:ef:f1:66:fc:
                    d0:05:0d:15:05:a2:be:28:63:67:c2:90:b1:3e:41:
                    95:94:b0:5e:c2:26:5e:5c:18:51:c6:84:a8:1d:39:
                    2c:b9:60:84:50:d2:87:e7:d0:60:a9:85:d5:ea:5a:
                    1e:94:79:c7:be:bf:94:38:61:e3:a1:41:4a:49:5f:
                    1d:df:d7:20:36:63:60:de:5c:fb:77:da:9c:34:c8:
                    07:c9:fa:48:03:6b:db:0e:82:0b:47:58:42:53:79:
                    d4:db:b7:d2:f3:25:e4:e6:b1:a5:e1:9d:58:48:25:
                    8e:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:ED:FB:F9:DD:C8:30:24:9D:76:EC:38:E0:AA:76:10:36:CE:1B:B5
            X509v3 Authority Key Identifier:
                keyid:74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/oO37-d3IMCSdduw44Kp2EDbOG7U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.24.249.0/24
                IPv6:
                  2001:678:f30::/48
                  2a12:4940::/32
                  2a12:4942::/31
                  2a12:4946:46::/48
                  2a12:4946:1600::/48
                  2a12:4946:1650::/48
                  2a12:4946:1655::/48
                  2a12:4946:1658::/48
                  2a12:4946:1700::/48
                  2a12:4946:1800::/48
                  2a12:4946:1900::/48
                  2a12:4946:3005::/48
                  2a12:4946:6960::/44

    Signature Algorithm: sha256WithRSAEncryption
         c6:10:dd:d5:12:c2:ad:8c:fa:8e:e9:fc:c1:d5:54:c3:11:27:
         f5:6d:32:e5:18:18:93:6a:90:f0:15:54:53:00:d8:02:7a:e2:
         cb:0f:4c:12:b3:51:57:3f:2a:b9:d4:12:9c:a9:03:fa:9b:d7:
         41:88:a2:cb:f4:1a:5c:a9:88:c8:23:19:23:5d:c0:24:ef:cd:
         f3:05:fd:9f:99:cf:0c:ae:35:30:a3:27:c7:c7:c9:94:9e:19:
         38:40:62:fc:53:ca:ca:9f:5a:12:ac:20:d7:fc:2c:7c:a5:71:
         fe:81:bc:8d:d9:db:0f:d1:33:b3:6d:2a:d8:55:02:7c:ee:b1:
         c8:b1:f8:2e:bc:6d:bc:33:6e:1c:e5:8a:1f:3f:aa:32:ca:e3:
         c9:46:83:ca:de:40:00:45:80:b2:73:37:f3:db:3c:5f:c0:a9:
         40:3a:99:13:0f:75:08:ff:31:e6:9e:27:3c:f6:16:2f:d3:50:
         ac:3d:d5:f8:26:a7:0b:5b:11:99:af:01:1b:4c:7c:e1:51:e7:
         00:19:be:cf:5a:3d:17:3a:e8:89:fd:7f:f9:1c:89:d3:de:e0:
         b9:46:26:a6:e0:23:e3:1d:4c:43:dc:c7:9b:c3:07:64:16:91:
         6d:5d:84:0d:a9:ca:49:42:70:1a:33:0f:c7:25:b4:c1:c1:eb:
         88:6a:bf:ef
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYI80ZApn1M/k+cbOzEbIRQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM5NWMxMjY3MmFkOTU4OTIxYjYyYjlkYzliMmJjZDhh
NjhhOWYwHhcNMjIwNzI2MjMyMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGVkZmJmOWRkYzgzMDI0OWQ3NmVjMzhlMGFhNzYxMDM2Y2UxYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/nMG6htq7TEImk7dvSXA3v14Y1B
PQ24LvkqZ+/SFB3YJw8J/OvEXUDyjjQYu2Rc2r+duhB9YxhVfKoj85kkLGvjzCGr
miSM5BN0O6mgzRnMm7H8e6Og3abBY0PUM5hLWq92/0AycDRbqGm7b50NbeHxXduY
5YpjVKTQfoWj7xfUeRrVRdvYQ2ooeaM5XrSsxe/xZvzQBQ0VBaK+KGNnwpCxPkGV
lLBewiZeXBhRxoSoHTksuWCEUNKH59BgqYXV6loelHnHvr+UOGHjoUFKSV8d39cg
NmNg3lz7d9qcNMgHyfpIA2vbDoILR1hCU3nU27fS8yXk5rGl4Z1YSCWOiwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKDt+/ndyDAknXbsOOCqdhA2zhu1MB8GA1UdIwQY
MBaAFHRjlcEmcq2ViSG2K53JsrzYpoqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMt
ZmI3NzRhYmRmYWMyLzEvb08zNy1kM0lNQ1NkZHV3NDRLcDJFRGJPRzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMtZmI3NzRhYmRmYWMy
LzEvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzAMBAIAATAGAwQAHxj5
MHcEAgACMHEDBwAgAQZ4DzADBQAqEklAAwUBKhJJQgMHACoSSUYARgMHACoSSUYW
AAMHACoSSUYWUAMHACoSSUYWVQMHACoSSUYWWAMHACoSSUYXAAMHACoSSUYYAAMH
ACoSSUYZAAMHACoSSUYwBQMHBCoSSUZpYDANBgkqhkiG9w0BAQsFAAOCAQEAxhDd
1RLCrYz6jun8wdVUwxEn9W0y5RgYk2qQ8BVUUwDYAnriyw9MErNRVz8qudQSnKkD
+pvXQYiiy/QaXKmIyCMZI13AJO/N8wX9n5nPDK41MKMnx8fJlJ4ZOEBi/FPKyp9a
Eqwg1/wsfKVx/oG8jdnbD9Ezs20q2FUCfO6xyLH4LrxtvDNuHOWKHz+qMsrjyUaD
yt5AAEWAsnM389s8X8CpQDqZEw91CP8x5p4nPPYWL9NQrD3V+CanC1sRma8BG0x8
4VHnABm+z1o9Fzroif1/+RyJ097guUYmpuAj4x1MQ9zHm8MHZBaRbV2EDanKSUJw
GjMPxyW0wcHriGq/7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:29 2024 by rpki-client on console-ams.rpki-client.org