Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ef7787-404b-4a1e-ba8b-68e7fb17a44b/1/rnG-sPlofGWlFVytclV0r_TQMwU.roa
File:                     rnG-sPlofGWlFVytclV0r_TQMwU.roa (raw, json)
Hash identifier:          yO2Gl9Mfj7SijpvP24OouM1qtBtGD8Xo7pI3DhnUYZ0=
Subject key identifier:   AE:71:BE:B0:F9:68:7C:65:A5:15:5C:AD:72:55:74:AF:F4:D0:33:05
Certificate issuer:       /CN=2e94ff0301be79d81260ac66ac7362efad968a41
Certificate serial:       F5A5
Authority key identifier: 2E:94:FF:03:01:BE:79:D8:12:60:AC:66:AC:73:62:EF:AD:96:8A:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LpT_AwG-edgSYKxmrHNi762WikE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/ef7787-404b-4a1e-ba8b-68e7fb17a44b/1/rnG-sPlofGWlFVytclV0r_TQMwU.roa
Signing time:             Thu 23 Jun 2022 06:09:32 +0000
ROA not before:           Thu 23 Jun 2022 06:09:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42134
IP address blocks:        194.0.138.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62885 (0xf5a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e94ff0301be79d81260ac66ac7362efad968a41
        Validity
            Not Before: Jun 23 06:09:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ae71beb0f9687c65a5155cad725574aff4d03305
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ae:12:2f:e5:2b:5c:1d:9c:ac:fc:f6:77:d9:
                    4f:ab:1a:cd:38:d0:a4:91:9e:c2:4c:47:65:9a:3a:
                    cf:bd:d4:d4:6a:9d:a1:19:31:9e:57:b8:3d:4f:86:
                    1d:91:d9:c6:89:e9:7f:7a:72:c3:04:90:39:92:80:
                    e0:46:af:8e:5b:61:c4:7c:28:53:1e:a9:e6:af:72:
                    46:73:21:dd:79:73:9b:2c:e2:a3:fc:2f:c6:6e:14:
                    91:7a:3a:89:d1:c2:42:f3:80:53:2e:61:7e:4e:66:
                    12:f8:4c:07:bd:42:5e:9e:80:80:14:3d:03:6d:29:
                    cd:c6:92:2e:67:d1:42:32:33:3a:1b:f4:1f:54:7c:
                    8b:b5:c5:dc:21:50:5a:73:3b:bb:61:b2:de:14:05:
                    12:29:46:00:b2:9d:b6:23:e8:a0:a7:dd:05:45:98:
                    8c:3d:71:fe:7c:e1:b1:0d:9c:df:70:96:d6:5e:e1:
                    70:ed:02:b8:21:5b:91:9d:04:56:a4:e8:ed:7f:bc:
                    b4:90:11:92:08:98:57:9d:60:4b:3d:9c:11:27:4d:
                    0d:a0:b6:53:20:c0:b1:54:a6:33:0b:eb:6f:16:6c:
                    e6:6e:c8:9f:93:91:19:b3:6c:ad:43:9e:05:06:80:
                    1f:8c:b2:29:d7:7b:8d:46:44:22:1d:81:db:11:47:
                    87:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:71:BE:B0:F9:68:7C:65:A5:15:5C:AD:72:55:74:AF:F4:D0:33:05
            X509v3 Authority Key Identifier:
                keyid:2E:94:FF:03:01:BE:79:D8:12:60:AC:66:AC:73:62:EF:AD:96:8A:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LpT_AwG-edgSYKxmrHNi762WikE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ef7787-404b-4a1e-ba8b-68e7fb17a44b/1/rnG-sPlofGWlFVytclV0r_TQMwU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ef7787-404b-4a1e-ba8b-68e7fb17a44b/1/LpT_AwG-edgSYKxmrHNi762WikE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.0.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:8d:77:d2:b4:37:ce:b5:b0:12:a7:5d:da:1c:10:6c:38:5e:
         68:fb:cb:b2:28:98:51:17:d8:0b:fa:10:46:41:d5:68:d1:c5:
         b2:f5:28:48:db:d7:90:5d:8b:80:60:d6:40:c2:a0:12:c9:93:
         2c:9d:6f:1b:9d:ae:6a:aa:b6:92:ab:60:49:8d:99:b6:13:fa:
         70:2d:b0:ec:4d:3e:3c:9f:57:1b:66:20:02:39:a5:e4:28:57:
         76:ee:9d:e5:fb:26:d5:bc:14:90:62:67:04:b9:e2:65:bd:8c:
         fc:5b:28:4b:f0:78:94:81:b5:a5:07:9d:80:84:be:29:ef:b0:
         6a:ff:73:8a:fd:ae:ba:a3:bf:40:4e:a4:5c:f6:40:da:b0:90:
         6c:58:9c:b8:80:be:a2:7b:cd:4e:04:e0:94:e3:0a:3e:1e:fb:
         26:ca:dc:4c:8d:f4:3d:4d:e6:a3:8d:cb:2c:0c:53:33:94:01:
         d0:98:2f:ed:17:a2:b6:ca:04:9d:d9:c2:a5:9d:f5:e4:35:d4:
         4e:48:61:0a:5d:f1:9c:0d:fe:78:4b:99:d3:44:03:d6:52:92:
         53:bf:70:57:6d:d2:aa:a2:53:c6:d7:ee:0b:71:95:8c:b4:07:
         e9:38:f9:ef:aa:e6:7e:d9:b7:34:57:00:b8:86:74:28:61:20:
         d3:53:89:48
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAPWlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJl
OTRmZjAzMDFiZTc5ZDgxMjYwYWM2NmFjNzM2MmVmYWQ5NjhhNDEwHhcNMjIwNjIz
MDYwOTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhZTcxYmViMGY5Njg3
YzY1YTUxNTVjYWQ3MjU1NzRhZmY0ZDAzMzA1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApq4SL+UrXB2crPz2d9lPqxrNONCkkZ7CTEdlmjrPvdTUap2h
GTGeV7g9T4YdkdnGiel/enLDBJA5koDgRq+OW2HEfChTHqnmr3JGcyHdeXObLOKj
/C/GbhSRejqJ0cJC84BTLmF+TmYS+EwHvUJenoCAFD0DbSnNxpIuZ9FCMjM6G/Qf
VHyLtcXcIVBaczu7YbLeFAUSKUYAsp22I+igp90FRZiMPXH+fOGxDZzfcJbWXuFw
7QK4IVuRnQRWpOjtf7y0kBGSCJhXnWBLPZwRJ00NoLZTIMCxVKYzC+tvFmzmbsif
k5EZs2ytQ54FBoAfjLIp13uNRkQiHYHbEUeHEQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFK5xvrD5aHxlpRVcrXJVdK/00DMFMB8GA1UdIwQYMBaAFC6U/wMBvnnYEmCs
ZqxzYu+tlopBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
THBUX0F3Ry1lZGdTWUt4bXJITmk3NjJXaWtFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZS9lZjc3ODctNDA0Yi00YTFlLWJhOGItNjhlN2ZiMTdhNDRiLzEv
cm5HLXNQbG9mR1dsRlZ5dGNsVjByX1RRTXdVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9l
Zjc3ODctNDA0Yi00YTFlLWJhOGItNjhlN2ZiMTdhNDRiLzEvTHBUX0F3Ry1lZGdT
WUt4bXJITmk3NjJXaWtFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgCKMA0GCSqGSIb3DQEBCwUAA4IB
AQBJjXfStDfOtbASp13aHBBsOF5o+8uyKJhRF9gL+hBGQdVo0cWy9ShI29eQXYuA
YNZAwqASyZMsnW8bna5qqraSq2BJjZm2E/pwLbDsTT48n1cbZiACOaXkKFd27p3l
+ybVvBSQYmcEueJlvYz8WyhL8HiUgbWlB52AhL4p77Bq/3OK/a66o79ATqRc9kDa
sJBsWJy4gL6ie81OBOCU4wo+HvsmytxMjfQ9TeajjcssDFMzlAHQmC/tF6K2ygSd
2cKlnfXkNdROSGEKXfGcDf54S5nTRAPWUpJTv3BXbdKqolPG1+4LcZWMtAfpOPnv
quZ+2bc0VwC4hnQoYSDTU4lI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:06 2024 by rpki-client on console-ams.rpki-client.org