Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/4LcRta5emYGaPafn6DHFtaICZqc.roa
File:                     4LcRta5emYGaPafn6DHFtaICZqc.roa (raw, json)
Hash identifier:          AWGKxRsWhco4bR91gj3guW2fEsUAppXT6+SdLGOotnA=
Subject key identifier:   E0:B7:11:B5:AE:5E:99:81:9A:3D:A7:E7:E8:31:C5:B5:A2:02:66:A7
Certificate issuer:       /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial:       3A7DB805
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/4LcRta5emYGaPafn6DHFtaICZqc.roa
Signing time:             Sat 01 Jan 2022 05:59:57 +0000
ROA not before:           Sat 01 Jan 2022 05:59:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14230
IP address blocks:        188.172.234.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 981317637 (0x3a7db805)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
        Validity
            Not Before: Jan  1 05:59:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e0b711b5ae5e99819a3da7e7e831c5b5a20266a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:aa:f6:e8:19:6f:9c:6e:9d:f0:55:00:f9:a6:
                    56:3a:6c:ad:a0:a5:0a:ee:cb:67:62:cf:fb:e6:c9:
                    00:cf:11:6e:41:3e:ec:77:eb:8e:ce:5b:d0:f9:0a:
                    2a:5c:8e:14:b3:86:cc:57:f6:de:1d:c8:56:9f:42:
                    43:60:1f:b7:a5:c2:b6:7b:12:d9:22:f2:8c:42:c9:
                    2c:79:08:0b:3e:cc:10:ce:59:a7:83:3b:39:b0:eb:
                    19:ed:ca:0b:cf:85:dc:47:b7:95:c2:b3:42:b3:e5:
                    e7:6f:57:46:45:3c:8d:27:4f:b3:70:5f:8e:3e:65:
                    22:53:26:14:b6:d3:06:63:6b:61:12:c6:07:df:f8:
                    48:21:2f:fd:cb:61:8c:30:7e:71:eb:16:06:d7:e3:
                    a4:23:69:59:e3:a3:31:73:d2:c2:19:9f:6e:cd:c7:
                    65:37:76:4e:a8:d4:f4:5e:a8:02:4e:50:3a:7a:18:
                    0d:65:2a:a4:0f:e5:17:f3:6b:76:5a:c7:66:48:82:
                    f4:16:17:3b:95:6d:a3:91:eb:63:63:a6:fb:03:15:
                    c8:c8:6c:65:06:18:21:21:b5:fc:f9:ba:f0:4e:42:
                    ae:38:48:73:7d:1b:c6:ba:d8:cb:f1:0f:0a:a6:ae:
                    ef:ed:53:86:2c:38:62:ca:89:10:88:f9:a8:be:f0:
                    fd:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:B7:11:B5:AE:5E:99:81:9A:3D:A7:E7:E8:31:C5:B5:A2:02:66:A7
            X509v3 Authority Key Identifier:
                keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/4LcRta5emYGaPafn6DHFtaICZqc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.172.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:b6:7e:75:20:27:1e:59:18:e9:5e:c7:14:ce:c7:9a:1b:98:
         76:1c:3e:50:7f:13:1a:bb:56:1e:35:07:b3:47:0f:fb:44:df:
         b8:b1:93:47:d1:db:93:1c:c3:1a:29:1c:33:dc:25:02:6c:77:
         f9:fb:72:c6:5b:c8:05:75:71:ba:44:30:8c:a2:63:f2:b2:f8:
         d7:05:3a:02:d7:45:02:84:61:de:43:5c:d3:b4:f4:78:15:56:
         c7:2b:2e:61:5d:d6:b0:9e:c2:b7:8a:69:91:0e:1f:04:bb:e6:
         a4:02:02:68:a3:69:d8:5c:53:de:d5:04:c3:69:c6:39:43:3d:
         9c:bb:d7:de:55:35:8d:25:e7:6c:2f:e2:94:88:09:85:be:6f:
         db:4f:71:7d:56:99:e7:c3:9e:2d:c3:5d:14:3f:4a:87:a6:00:
         58:2d:72:24:59:db:28:be:93:24:b2:a6:9c:60:62:04:4a:a2:
         95:0e:a9:06:6b:d7:c1:50:5e:85:da:db:6f:85:0b:0d:49:2a:
         aa:ac:b1:c7:5e:73:99:2f:0f:0c:34:bc:3c:a5:dd:65:d3:41:
         2a:ed:27:84:a5:29:25:01:cf:35:e2:35:ce:dc:a9:94:66:f0:
         f0:9e:67:bb:4c:24:69:2d:1a:86:34:3a:45:65:aa:69:21:7e:
         a3:46:3f:f7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOn24BTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTM5YWZlYmFjZTg5OWE4ZWUwYmI0ZjhiYjQ0NzVmZTI0N2ExNTI4MB4XDTIyMDEw
MTA1NTk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBiNzExYjVhZTVl
OTk4MTlhM2RhN2U3ZTgzMWM1YjVhMjAyNjZhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCq9ugZb5xunfBVAPmmVjpsraClCu7LZ2LP++bJAM8RbkE+
7Hfrjs5b0PkKKlyOFLOGzFf23h3IVp9CQ2Aft6XCtnsS2SLyjELJLHkICz7MEM5Z
p4M7ObDrGe3KC8+F3Ee3lcKzQrPl529XRkU8jSdPs3Bfjj5lIlMmFLbTBmNrYRLG
B9/4SCEv/cthjDB+cesWBtfjpCNpWeOjMXPSwhmfbs3HZTd2TqjU9F6oAk5QOnoY
DWUqpA/lF/NrdlrHZkiC9BYXO5Vto5HrY2Om+wMVyMhsZQYYISG1/Pm68E5CrjhI
c30bxrrYy/EPCqau7+1Thiw4YsqJEIj5qL7w/YkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTgtxG1rl6ZgZo9p+foMcW1ogJmpzAfBgNVHSMEGDAWgBSlOa/rrOiZqO4L
tPi7RHX+JHoVKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BUbXY2NnpvbWFqdUM3VDR1MFIxX2lSNkZTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvOThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8x
LzRMY1J0YTVlbVlHYVBhZm42REhGdGFJQ1pxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
OThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8xL3BUbXY2NnpvbWFq
dUM3VDR1MFIxX2lSNkZTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALys6jANBgkqhkiG9w0BAQsFAAOC
AQEAArZ+dSAnHlkY6V7HFM7HmhuYdhw+UH8TGrtWHjUHs0cP+0TfuLGTR9HbkxzD
GikcM9wlAmx3+ftyxlvIBXVxukQwjKJj8rL41wU6AtdFAoRh3kNc07T0eBVWxysu
YV3WsJ7Ct4ppkQ4fBLvmpAICaKNp2FxT3tUEw2nGOUM9nLvX3lU1jSXnbC/ilIgJ
hb5v209xfVaZ58OeLcNdFD9Kh6YAWC1yJFnbKL6TJLKmnGBiBEqilQ6pBmvXwVBe
hdrbb4ULDUkqqqyxx15zmS8PDDS8PKXdZdNBKu0nhKUpJQHPNeI1ztyplGbw8J5n
u0wkaS0ahjQ6RWWqaSF+o0Y/9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org