Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/14ElHHFttLPPnOr1DB9sJQPN9GY.roa
File:                     14ElHHFttLPPnOr1DB9sJQPN9GY.roa (raw, json)
Hash identifier:          fwoQJi4yLM3ONYdeb2HksFzbEwhNXAR+MG2d/MOZyDM=
Subject key identifier:   D7:81:25:1C:71:6D:B4:B3:CF:9C:EA:F5:0C:1F:6C:25:03:CD:F4:66
Certificate issuer:       /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial:       08812820
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/14ElHHFttLPPnOr1DB9sJQPN9GY.roa
Signing time:             Sat 01 Jan 2022 10:00:10 +0000
ROA not before:           Sat 01 Jan 2022 10:00:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47129
IP address blocks:        193.34.115.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 142682144 (0x8812820)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
        Validity
            Not Before: Jan  1 10:00:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d781251c716db4b3cf9ceaf50c1f6c2503cdf466
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:86:bb:57:2d:7a:2c:b0:94:05:51:e0:3e:54:
                    e1:78:9b:fd:cc:34:78:00:6c:29:23:02:df:a6:d7:
                    df:3e:b1:b3:fa:0e:96:68:d4:c9:a0:17:38:be:57:
                    cc:d7:c8:59:47:fe:30:60:18:f0:62:21:72:dc:9b:
                    90:e1:cb:16:b1:97:2e:e2:98:2d:c6:db:d9:4e:04:
                    39:a4:9e:0a:14:db:4b:c5:4b:b0:7a:b7:b8:e5:bc:
                    92:cf:32:2d:28:9d:65:ae:02:19:65:6c:c0:b8:41:
                    b2:6a:75:65:f5:0d:2c:f4:20:59:f6:85:60:9e:96:
                    a5:fb:1c:b4:5e:cb:d8:b6:0f:98:00:fc:99:d1:18:
                    8a:37:9b:c4:e4:6c:9b:1d:44:95:f2:da:44:46:23:
                    b6:1e:f3:ca:21:0f:75:97:e0:35:4a:9c:95:55:09:
                    97:b1:e9:95:43:8c:b7:87:68:78:b3:b7:47:33:dc:
                    e4:93:3a:b5:58:2e:b6:82:f6:e6:35:4c:f3:f4:47:
                    bd:29:66:8b:f6:81:05:a5:e9:af:b7:f9:f8:9b:f1:
                    7b:a5:7a:ab:6d:93:f1:71:e7:c1:06:c8:2d:36:9c:
                    49:13:aa:91:ef:82:d4:27:ad:5f:56:8a:e5:a0:bb:
                    36:ca:44:8d:6a:a9:31:15:ba:87:cb:e5:00:dd:81:
                    b5:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:81:25:1C:71:6D:B4:B3:CF:9C:EA:F5:0C:1F:6C:25:03:CD:F4:66
            X509v3 Authority Key Identifier:
                keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/14ElHHFttLPPnOr1DB9sJQPN9GY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.34.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:b1:56:55:01:e5:bb:41:75:da:29:ef:40:43:f1:98:6a:d5:
         92:85:6a:8b:51:a4:fe:3d:85:47:b0:9a:5e:35:a1:54:fe:de:
         f5:11:69:d7:39:64:71:ca:33:22:47:a8:07:9a:f3:7d:1d:e8:
         fd:97:bc:04:3b:f7:3a:85:67:c0:d4:84:50:56:ca:7e:9f:3c:
         ab:e7:86:04:50:53:73:58:00:a5:37:6a:70:b7:e3:41:7d:bc:
         d7:92:36:95:7d:cf:72:ab:ea:c7:81:04:08:0d:c4:5e:f1:6c:
         39:54:e2:7b:c4:14:f3:9e:18:f2:87:cc:09:29:1f:22:eb:1f:
         50:c0:62:ad:68:a2:04:d1:0b:2b:2b:bc:6d:10:43:a0:ba:ac:
         09:48:61:50:5c:f8:24:c4:0b:b3:47:05:ed:42:42:f0:74:40:
         55:4a:b3:d8:3d:61:8f:01:4b:46:a5:ed:79:dd:63:fc:53:cd:
         01:fc:03:7c:54:38:18:4d:9d:cb:18:88:45:ab:a1:84:a8:99:
         0b:76:7d:7f:fd:91:a8:be:c7:5c:56:8f:91:73:ff:d3:57:ce:
         a0:1c:cc:27:07:54:61:1b:cd:ab:bc:43:0a:b0:ea:5b:0e:e9:
         22:03:4b:1b:d3:b5:62:48:01:a4:e4:08:a5:71:d3:30:5f:a0:
         da:bb:9f:bb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECIEoIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWE2Y2Q5ZjRiZWI3YjBjMDRkMzFmZmU1YzY3NGE4N2E3NzM5ZDIxMB4XDTIyMDEw
MTEwMDAxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc4MTI1MWM3MTZk
YjRiM2NmOWNlYWY1MGMxZjZjMjUwM2NkZjQ2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOGu1cteiywlAVR4D5U4Xib/cw0eABsKSMC36bX3z6xs/oO
lmjUyaAXOL5XzNfIWUf+MGAY8GIhctybkOHLFrGXLuKYLcbb2U4EOaSeChTbS8VL
sHq3uOW8ks8yLSidZa4CGWVswLhBsmp1ZfUNLPQgWfaFYJ6WpfsctF7L2LYPmAD8
mdEYijebxORsmx1ElfLaREYjth7zyiEPdZfgNUqclVUJl7HplUOMt4doeLO3RzPc
5JM6tVgutoL25jVM8/RHvSlmi/aBBaXpr7f5+Jvxe6V6q22T8XHnwQbILTacSROq
ke+C1CetX1aK5aC7NspEjWqpMRW6h8vlAN2Btd8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTXgSUccW20s8+c6vUMH2wlA830ZjAfBgNVHSMEGDAWgBSJps2fS+t7DATT
H/5cZ0qHp3OdITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lhYk5uMHZyZXd3RTB4Xy1YR2RLaDZkem5TRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvOTlhNGNjLTQ3MjAtNGE2NC1hYTA2LTFmOTI0NDk1ZmNkZC8x
LzE0RWxISEZ0dExQUG5PcjFEQjlzSlFQTjlHWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
OTlhNGNjLTQ3MjAtNGE2NC1hYTA2LTFmOTI0NDk1ZmNkZC8xL2lhYk5uMHZyZXd3
RTB4Xy1YR2RLaDZkem5TRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEiczANBgkqhkiG9w0BAQsFAAOC
AQEAT7FWVQHlu0F12invQEPxmGrVkoVqi1Gk/j2FR7CaXjWhVP7e9RFp1zlkccoz
IkeoB5rzfR3o/Ze8BDv3OoVnwNSEUFbKfp88q+eGBFBTc1gApTdqcLfjQX2815I2
lX3Pcqvqx4EECA3EXvFsOVTie8QU854Y8ofMCSkfIusfUMBirWiiBNELKyu8bRBD
oLqsCUhhUFz4JMQLs0cF7UJC8HRAVUqz2D1hjwFLRqXted1j/FPNAfwDfFQ4GE2d
yxiIRauhhKiZC3Z9f/2RqL7HXFaPkXP/01fOoBzMJwdUYRvNq7xDCrDqWw7pIgNL
G9O1YkgBpOQIpXHTMF+g2rufuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:27 2024 by rpki-client on console-ams.rpki-client.org