Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e7fe5a-b626-4a32-a1cc-a327b8b56ed6/1/IPe0x_TElzEcJdadeKAOU5-wpOk.roa
File:                     IPe0x_TElzEcJdadeKAOU5-wpOk.roa (raw, json)
Hash identifier:          IAU2AVAKtM7/ijYoFWV9gCnAz7wKYoO2/cwrDNEyRxA=
Subject key identifier:   20:F7:B4:C7:F4:C4:97:31:1C:25:D6:9D:78:A0:0E:53:9F:B0:A4:E9
Certificate issuer:       /CN=1e0c47ba799a060733383b8a4db36e84b62d315d
Certificate serial:       0421037B
Authority key identifier: 1E:0C:47:BA:79:9A:06:07:33:38:3B:8A:4D:B3:6E:84:B6:2D:31:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HgxHunmaBgczODuKTbNuhLYtMV0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/e7fe5a-b626-4a32-a1cc-a327b8b56ed6/1/IPe0x_TElzEcJdadeKAOU5-wpOk.roa
Signing time:             Sat 01 Jan 2022 10:02:58 +0000
ROA not before:           Sat 01 Jan 2022 10:02:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213142
IP address blocks:        193.247.67.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69272443 (0x421037b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e0c47ba799a060733383b8a4db36e84b62d315d
        Validity
            Not Before: Jan  1 10:02:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=20f7b4c7f4c497311c25d69d78a00e539fb0a4e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:65:51:9e:68:d9:95:76:cb:22:e6:5e:92:41:
                    30:96:ba:57:3d:20:c1:10:7d:4e:d3:13:4c:84:c3:
                    55:d1:94:28:be:21:8a:c0:3a:8c:e2:d6:8a:b4:13:
                    aa:8e:06:d3:e5:2f:af:74:d7:30:88:2e:82:73:95:
                    78:e3:b7:1b:46:66:cb:17:58:04:a3:d6:8d:95:f1:
                    53:a4:cc:2d:dc:d7:29:70:bf:71:76:3c:77:49:22:
                    3f:56:98:94:58:1f:ee:7a:c2:e6:1c:97:b2:aa:5a:
                    65:59:f0:d8:d7:40:c2:14:f3:1b:22:12:46:70:74:
                    00:fb:3d:e2:9c:e6:54:f2:f5:49:a1:c6:58:0f:18:
                    e6:32:b0:92:c0:27:1e:60:13:a0:bd:f9:84:be:fa:
                    94:89:f1:5a:75:2a:5a:81:b9:6c:7f:fa:7d:20:7c:
                    7e:70:43:fd:cc:53:e4:6f:47:6b:46:de:fd:be:71:
                    02:c5:2b:a1:15:3c:71:84:94:21:96:5f:22:f5:94:
                    03:66:00:69:96:c8:19:ec:5f:0b:47:e9:67:a2:bd:
                    35:65:77:bb:37:3b:ed:90:79:11:50:d1:42:44:b3:
                    77:72:36:62:22:4a:56:e4:36:28:0c:93:a7:ee:3c:
                    b8:d6:22:fe:19:bc:de:9e:a1:df:e9:11:cc:59:3c:
                    f4:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:F7:B4:C7:F4:C4:97:31:1C:25:D6:9D:78:A0:0E:53:9F:B0:A4:E9
            X509v3 Authority Key Identifier:
                keyid:1E:0C:47:BA:79:9A:06:07:33:38:3B:8A:4D:B3:6E:84:B6:2D:31:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgxHunmaBgczODuKTbNuhLYtMV0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e7fe5a-b626-4a32-a1cc-a327b8b56ed6/1/IPe0x_TElzEcJdadeKAOU5-wpOk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e7fe5a-b626-4a32-a1cc-a327b8b56ed6/1/HgxHunmaBgczODuKTbNuhLYtMV0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.247.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:dd:9f:9e:9e:4e:aa:a5:8d:09:ea:82:d9:a0:26:ca:6e:b5:
         fb:e2:6c:49:63:7b:4e:67:fb:37:79:93:53:29:08:e3:35:d8:
         3d:29:71:02:73:ae:1f:3b:eb:ea:c4:66:34:80:26:1d:56:a6:
         f2:8c:21:f7:06:8f:bd:71:66:23:2d:3a:74:6c:a9:3e:2c:2f:
         fa:b6:8a:1f:a5:69:20:6e:9e:ec:3b:10:32:52:f8:8b:36:bc:
         fb:8c:31:db:73:db:84:c9:54:c2:19:68:a3:27:d6:5a:64:35:
         7c:65:37:1e:98:4a:a6:2c:a8:43:f6:ff:9e:53:1a:ba:ad:dc:
         c1:1c:42:f6:ad:df:de:dd:2b:d4:03:6e:bd:30:3b:32:0e:97:
         9a:ad:73:e7:2a:83:95:76:6e:03:fd:43:3c:53:71:49:da:34:
         c0:2a:52:5c:b6:d3:08:d7:e5:8b:40:23:fd:f0:2f:d4:cf:e8:
         85:3d:5a:9c:31:09:16:3a:26:96:0d:10:24:9c:00:02:b9:08:
         66:8f:f1:f1:ee:32:1b:44:dd:29:f6:3f:a6:a7:2d:ca:bf:ed:
         f0:15:0f:aa:e1:87:62:45:07:b7:07:a4:ed:df:b0:95:9a:9c:
         f4:60:e4:d0:6c:aa:d3:2e:ee:28:73:89:80:d5:5e:6f:9b:39:
         8c:da:63:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCEDezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTBjNDdiYTc5OWEwNjA3MzMzODNiOGE0ZGIzNmU4NGI2MmQzMTVkMB4XDTIyMDEw
MTEwMDI1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBmN2I0YzdmNGM0
OTczMTFjMjVkNjlkNzhhMDBlNTM5ZmIwYTRlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFlUZ5o2ZV2yyLmXpJBMJa6Vz0gwRB9TtMTTITDVdGUKL4h
isA6jOLWirQTqo4G0+Uvr3TXMIgugnOVeOO3G0ZmyxdYBKPWjZXxU6TMLdzXKXC/
cXY8d0kiP1aYlFgf7nrC5hyXsqpaZVnw2NdAwhTzGyISRnB0APs94pzmVPL1SaHG
WA8Y5jKwksAnHmAToL35hL76lInxWnUqWoG5bH/6fSB8fnBD/cxT5G9Ha0be/b5x
AsUroRU8cYSUIZZfIvWUA2YAaZbIGexfC0fpZ6K9NWV3uzc77ZB5EVDRQkSzd3I2
YiJKVuQ2KAyTp+48uNYi/hm83p6h3+kRzFk89P8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQg97TH9MSXMRwl1p14oA5Tn7Ck6TAfBgNVHSMEGDAWgBQeDEe6eZoGBzM4
O4pNs26Eti0xXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hneEh1bm1hQmdjek9EdUtUYk51aExZdE1WMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZTdmZTVhLWI2MjYtNGEzMi1hMWNjLWEzMjdiOGI1NmVkNi8x
L0lQZTB4X1RFbHpFY0pkYWRlS0FPVTUtd3BPay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZTdmZTVhLWI2MjYtNGEzMi1hMWNjLWEzMjdiOGI1NmVkNi8xL0hneEh1bm1hQmdj
ek9EdUtUYk51aExZdE1WMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMH3QzANBgkqhkiG9w0BAQsFAAOC
AQEAkN2fnp5OqqWNCeqC2aAmym61++JsSWN7Tmf7N3mTUykI4zXYPSlxAnOuHzvr
6sRmNIAmHVam8owh9waPvXFmIy06dGypPiwv+raKH6VpIG6e7DsQMlL4iza8+4wx
23PbhMlUwhlooyfWWmQ1fGU3HphKpiyoQ/b/nlMauq3cwRxC9q3f3t0r1ANuvTA7
Mg6Xmq1z5yqDlXZuA/1DPFNxSdo0wCpSXLbTCNfli0Aj/fAv1M/ohT1anDEJFjom
lg0QJJwAArkIZo/x8e4yG0TdKfY/pqctyr/t8BUPquGHYkUHtwek7d+wlZqc9GDk
0Gyq0y7uKHOJgNVeb5s5jNpjIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:10 2024 by rpki-client on console-fra.rpki-client.org