Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/wr2T_Ezx17TW8OJOfRCyhyy2G2M.roa
File:                     wr2T_Ezx17TW8OJOfRCyhyy2G2M.roa (raw, json)
Hash identifier:          PUyDtIbLAwaLg3qC9aCR6Cm+vAGaMZB5n8HHR9Ues78=
Subject key identifier:   C2:BD:93:FC:4C:F1:D7:B4:D6:F0:E2:4E:7D:10:B2:87:2C:B6:1B:63
Certificate issuer:       /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial:       0185147B27E8767214F6346011EB72C8FCE3
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/wr2T_Ezx17TW8OJOfRCyhyy2G2M.roa
Signing time:             Thu 15 Dec 2022 06:31:33 +0000
ROA not before:           Thu 15 Dec 2022 06:31:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199820
IP address blocks:        194.124.38.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:14:7b:27:e8:76:72:14:f6:34:60:11:eb:72:c8:fc:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
        Validity
            Not Before: Dec 15 06:31:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c2bd93fc4cf1d7b4d6f0e24e7d10b2872cb61b63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:08:da:69:c3:0d:a3:9d:e2:8e:0c:d7:2c:bf:
                    76:0f:3a:12:6e:88:e0:bd:cc:cc:13:83:e9:0a:e7:
                    43:d5:df:d7:40:60:c1:7d:f1:53:43:28:2f:57:9f:
                    36:a7:42:3b:fd:e0:15:d0:62:41:8d:17:5c:1a:af:
                    cf:e5:fc:be:07:9f:9a:2e:98:db:07:b8:e0:0c:14:
                    62:4c:cf:3e:25:32:d0:2d:1f:f0:b0:99:4e:a0:1b:
                    80:5e:d7:75:f2:da:1c:7d:ed:af:0d:b5:87:1b:44:
                    ab:94:a9:28:11:62:d3:10:0e:86:fe:34:1d:fe:dc:
                    36:85:0c:f1:e3:63:f6:63:35:10:5e:80:66:3d:70:
                    3d:1b:b4:b6:54:75:82:e7:6a:e6:bf:d1:f6:92:38:
                    a0:74:20:ec:06:25:a7:a0:b1:9d:88:fe:d9:a9:d2:
                    67:61:b7:2a:1c:f7:46:d7:1f:c1:4e:66:11:2d:fb:
                    5c:76:f0:65:ed:e4:95:b2:48:84:1e:ce:86:91:62:
                    a7:9b:6a:15:28:56:b9:44:f3:73:24:6c:f9:84:d0:
                    fb:91:31:7e:4a:69:6e:1f:e2:5d:20:a7:6f:44:e0:
                    01:bb:a4:b0:f8:35:cd:79:f2:40:45:ab:d5:17:2f:
                    5b:db:cb:6c:7b:8c:3b:f2:b1:74:d8:ad:58:3d:32:
                    d5:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:BD:93:FC:4C:F1:D7:B4:D6:F0:E2:4E:7D:10:B2:87:2C:B6:1B:63
            X509v3 Authority Key Identifier:
                keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/wr2T_Ezx17TW8OJOfRCyhyy2G2M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.124.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:bd:09:05:b9:de:d1:c7:e6:bb:3e:36:ea:6f:1b:36:fb:10:
         10:f1:8c:a6:34:d2:ef:89:76:87:69:d3:e3:4a:ac:f0:0b:a7:
         85:2e:86:75:a1:fc:04:0d:4e:c1:26:7a:fd:9b:8d:25:6b:c9:
         98:f0:90:39:74:7a:77:b0:1d:fa:ee:3e:b7:b6:04:e1:df:b1:
         62:fb:a6:91:31:f1:14:c0:63:7b:ea:20:02:00:90:7e:3a:a3:
         ba:b4:b2:59:bf:16:36:f3:bf:d2:74:7c:cd:f9:cc:a8:73:32:
         10:82:04:a4:2a:75:f4:82:ff:37:4d:61:cf:b7:81:cc:8a:75:
         8f:07:44:82:20:dd:1f:7a:ec:c2:e7:b3:98:52:f0:33:c1:39:
         44:02:66:fd:40:fe:7f:51:78:b4:51:da:43:32:97:67:6c:01:
         28:36:00:34:2b:88:26:cd:c5:b5:fa:5e:91:73:c4:52:ea:c2:
         ad:4f:51:cb:95:8c:2c:8e:75:11:81:5e:72:bb:47:04:bf:61:
         47:88:4e:23:46:7b:6d:b3:96:c1:b3:a0:0d:97:8f:92:ca:03:
         59:ec:14:8f:6b:81:36:50:b7:0f:c3:96:54:5d:77:11:c1:c0:
         82:15:26:2d:73:02:68:80:c5:18:3b:79:bd:de:05:4c:ba:cd:
         a8:ab:3c:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUUeyfodnIU9jRgEetyyPzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjIxMjE1MDYzMTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmJkOTNmYzRjZjFkN2I0ZDZmMGUyNGU3ZDEwYjI4NzJjYjYxYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwjaacMNo53ijgzXLL92DzoSbojg
vczME4PpCudD1d/XQGDBffFTQygvV582p0I7/eAV0GJBjRdcGq/P5fy+B5+aLpjb
B7jgDBRiTM8+JTLQLR/wsJlOoBuAXtd18tocfe2vDbWHG0SrlKkoEWLTEA6G/jQd
/tw2hQzx42P2YzUQXoBmPXA9G7S2VHWC52rmv9H2kjigdCDsBiWnoLGdiP7ZqdJn
YbcqHPdG1x/BTmYRLftcdvBl7eSVskiEHs6GkWKnm2oVKFa5RPNzJGz5hND7kTF+
SmluH+JdIKdvROABu6Sw+DXNefJARavVFy9b28tse4w78rF02K1YPTLVtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMK9k/xM8de01vDiTn0QsocsthtjMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvd3IyVF9FengxN1RXOE9KT2ZSQ3loeXkyRzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnwmMA0G
CSqGSIb3DQEBCwUAA4IBAQCovQkFud7Rx+a7Pjbqbxs2+xAQ8YymNNLviXaHadPj
SqzwC6eFLoZ1ofwEDU7BJnr9m40la8mY8JA5dHp3sB367j63tgTh37Fi+6aRMfEU
wGN76iACAJB+OqO6tLJZvxY287/SdHzN+cyoczIQggSkKnX0gv83TWHPt4HMinWP
B0SCIN0feuzC57OYUvAzwTlEAmb9QP5/UXi0UdpDMpdnbAEoNgA0K4gmzcW1+l6R
c8RS6sKtT1HLlYwsjnURgV5yu0cEv2FHiE4jRntts5bBs6ANl4+SygNZ7BSPa4E2
ULcPw5ZUXXcRwcCCFSYtcwJogMUYO3m93gVMus2oqzxn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:30 2024 by rpki-client on console-ams.rpki-client.org