Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/rSshJ3xe8P78ukd3QwkevWxXd_Y.roa
File:                     rSshJ3xe8P78ukd3QwkevWxXd_Y.roa (raw, json)
Hash identifier:          /tlle9IUMYbxZZELGflvsgQBg3ZNrZV6t/YMBs2uH2E=
Subject key identifier:   AD:2B:21:27:7C:5E:F0:FE:FC:BA:47:77:43:09:1E:BD:6C:57:77:F6
Certificate issuer:       /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial:       0184A9A0B0AB13FFDB84A0185B997DF4BB2D
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/rSshJ3xe8P78ukd3QwkevWxXd_Y.roa
Signing time:             Thu 24 Nov 2022 12:33:11 +0000
ROA not before:           Thu 24 Nov 2022 12:33:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        194.32.144.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a9:a0:b0:ab:13:ff:db:84:a0:18:5b:99:7d:f4:bb:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
        Validity
            Not Before: Nov 24 12:33:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ad2b21277c5ef0fefcba477743091ebd6c5777f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b1:f5:20:99:60:9e:00:66:d4:db:94:22:18:
                    a1:83:86:89:a3:cc:79:dd:d1:57:15:6c:47:a3:6b:
                    a6:76:67:e8:43:9f:d2:76:56:6d:ce:53:e5:14:f3:
                    79:47:47:e9:c9:17:be:e0:37:ff:23:fb:f8:a1:a6:
                    9c:b3:b4:46:c2:a5:c8:f1:8b:e2:4d:af:fc:89:b0:
                    e1:9e:5c:9b:13:36:1a:c0:86:ba:e3:01:4c:2b:ce:
                    51:72:a3:56:a1:df:e5:65:1d:da:aa:ea:bd:b9:81:
                    e9:90:32:c7:40:23:5d:76:52:c0:c2:d9:43:4c:f1:
                    48:2c:9b:cc:79:42:26:77:62:7a:13:11:c3:f0:fc:
                    ac:3d:93:9d:f5:fd:ff:f6:e3:7f:5c:61:fa:fc:24:
                    74:78:c6:32:f6:9b:74:86:f4:99:fa:56:37:a8:14:
                    22:0e:dd:46:3b:d4:c3:8d:f0:e4:fc:24:21:dd:83:
                    6b:3b:82:f1:e5:de:71:55:bf:34:74:8f:c8:2d:65:
                    cf:df:04:e1:0e:cc:68:87:35:b6:0b:f1:75:53:05:
                    ac:67:08:36:9f:58:2f:86:4a:23:7b:78:24:72:64:
                    db:22:b8:43:62:19:b2:c8:8c:99:d1:2c:ae:fe:ce:
                    e4:b8:62:28:1e:18:41:b9:d8:eb:a2:b0:44:1a:8c:
                    49:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:2B:21:27:7C:5E:F0:FE:FC:BA:47:77:43:09:1E:BD:6C:57:77:F6
            X509v3 Authority Key Identifier:
                keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/rSshJ3xe8P78ukd3QwkevWxXd_Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4b:89:01:dd:79:66:74:e7:af:5c:fb:54:c8:ae:ef:da:09:b0:
         72:be:73:73:14:8f:a7:9c:51:3b:64:ac:9e:8a:2d:1f:b0:8f:
         de:e3:f5:ec:31:ed:1b:83:46:b1:e0:02:0b:c1:9b:8d:db:96:
         49:4c:e0:a5:8d:c9:44:51:75:9b:8d:f6:9e:bb:6f:fa:c7:a6:
         6b:0e:d4:c2:f0:ac:99:6c:9b:58:14:b7:ff:73:b1:13:7f:98:
         73:3e:6c:56:91:d2:16:dd:e2:74:67:d3:70:57:d3:d9:11:99:
         0c:8f:8e:e5:09:72:e5:df:64:f3:6e:1f:33:51:9b:9f:9e:19:
         56:1f:79:1b:96:1a:52:16:98:5d:4a:55:0a:b9:a7:4c:e3:09:
         11:51:52:e8:e4:fb:bd:3c:22:51:f2:39:25:70:97:2e:ec:44:
         8b:16:ba:00:9b:cf:b6:75:c5:b9:0e:61:a3:f2:b2:f5:76:ee:
         3e:5f:ec:d8:41:7e:41:a8:77:76:dc:42:50:ff:98:9e:34:18:
         05:c5:be:df:64:0a:c0:ab:4e:a6:3a:88:7b:7a:d8:bf:3a:ab:
         6d:d7:0f:29:0c:82:ff:a2:cb:dc:46:95:3e:96:50:82:24:d8:
         08:3b:e8:0d:43:62:71:a5:c9:4f:c1:32:e4:b5:fd:70:0c:41:
         c2:31:1e:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSpoLCrE//bhKAYW5l99LstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjIxMTI0MTIzMzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDJiMjEyNzdjNWVmMGZlZmNiYTQ3Nzc0MzA5MWViZDZjNTc3N2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrH1IJlgngBm1NuUIhihg4aJo8x5
3dFXFWxHo2umdmfoQ5/SdlZtzlPlFPN5R0fpyRe+4Df/I/v4oaacs7RGwqXI8Yvi
Ta/8ibDhnlybEzYawIa64wFMK85RcqNWod/lZR3aquq9uYHpkDLHQCNddlLAwtlD
TPFILJvMeUImd2J6ExHD8PysPZOd9f3/9uN/XGH6/CR0eMYy9pt0hvSZ+lY3qBQi
Dt1GO9TDjfDk/CQh3YNrO4Lx5d5xVb80dI/ILWXP3wThDsxohzW2C/F1UwWsZwg2
n1gvhkoje3gkcmTbIrhDYhmyyIyZ0Syu/s7kuGIoHhhBudjrorBEGoxJKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0rISd8XvD+/LpHd0MJHr1sV3f2MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvclNzaEozeGU4UDc4dWtkM1F3a2V2V3hYZF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCQMA0G
CSqGSIb3DQEBCwUAA4IBAQBLiQHdeWZ0569c+1TIru/aCbByvnNzFI+nnFE7ZKye
ii0fsI/e4/XsMe0bg0ax4AILwZuN25ZJTOCljclEUXWbjfaeu2/6x6ZrDtTC8KyZ
bJtYFLf/c7ETf5hzPmxWkdIW3eJ0Z9NwV9PZEZkMj47lCXLl32Tzbh8zUZufnhlW
H3kblhpSFphdSlUKuadM4wkRUVLo5Pu9PCJR8jklcJcu7ESLFroAm8+2dcW5DmGj
8rL1du4+X+zYQX5BqHd23EJQ/5ieNBgFxb7fZArAq06mOoh7eti/Oqtt1w8pDIL/
osvcRpU+llCCJNgIO+gNQ2JxpclPwTLktf1wDEHCMR7t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:21 2024 by rpki-client on console-fra.rpki-client.org