Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/834407-163d-410c-b949-786cb1296e58/1/vuM_bTLNlpb-DzXGQnQJT98rxTc.roa
File:                     vuM_bTLNlpb-DzXGQnQJT98rxTc.roa (raw, json)
Hash identifier:          hX2r0XQ+QMO+t7hODA0c2i2P1asW5Ms+Xx3HaNAnt/A=
Subject key identifier:   BE:E3:3F:6D:32:CD:96:96:FE:0F:35:C6:42:74:09:4F:DF:2B:C5:37
Certificate issuer:       /CN=a37a126d7854ecd565ae82970c693f3359f85f37
Certificate serial:       07137115
Authority key identifier: A3:7A:12:6D:78:54:EC:D5:65:AE:82:97:0C:69:3F:33:59:F8:5F:37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3oSbXhU7NVlroKXDGk_M1n4Xzc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/834407-163d-410c-b949-786cb1296e58/1/vuM_bTLNlpb-DzXGQnQJT98rxTc.roa
Signing time:             Sat 01 Jan 2022 04:01:36 +0000
ROA not before:           Sat 01 Jan 2022 04:01:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41332
IP address blocks:        194.127.234.0/23 maxlen: 24
                          194.127.236.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118714645 (0x7137115)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a37a126d7854ecd565ae82970c693f3359f85f37
        Validity
            Not Before: Jan  1 04:01:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bee33f6d32cd9696fe0f35c64274094fdf2bc537
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:11:71:a9:08:25:c5:19:2b:44:cb:89:a2:1b:
                    97:88:c2:98:8f:dc:a6:bf:09:60:26:d5:c4:b6:a2:
                    d6:95:12:41:0c:84:c2:80:b1:03:aa:24:c4:c1:4c:
                    e6:b7:5c:08:85:2c:06:8f:33:05:5f:b2:d2:3a:76:
                    4e:7f:fa:c7:ab:22:74:3b:81:43:8f:81:a5:0a:4e:
                    dd:65:a5:04:2a:29:d0:67:ea:ad:1c:51:26:ea:bc:
                    30:e9:97:28:c9:e3:92:3f:1c:a6:64:af:80:88:b3:
                    87:d0:71:d0:c6:f1:ca:f1:0b:a4:8d:a7:39:08:00:
                    95:bc:10:75:b0:1b:bf:c7:4b:9c:f7:03:e5:b5:73:
                    2e:54:f7:bf:3e:82:21:85:45:36:47:2a:f9:18:71:
                    44:68:9e:e4:3d:d9:99:1e:13:99:c4:4c:70:d0:61:
                    67:6d:57:b9:76:31:9f:25:d7:47:85:2f:df:f2:76:
                    5a:3d:f8:0a:08:5a:b6:01:0c:78:e5:98:f2:e8:04:
                    0d:6f:26:94:2f:b7:67:9d:d7:a2:ef:95:f1:c9:bb:
                    55:78:32:72:db:59:c2:8c:56:3e:8e:0c:46:6c:a0:
                    a4:5f:02:af:d8:82:ec:21:ec:97:5a:d1:c7:27:3d:
                    73:44:91:a0:13:55:4f:87:ca:dc:d1:d9:5e:e8:27:
                    c5:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:E3:3F:6D:32:CD:96:96:FE:0F:35:C6:42:74:09:4F:DF:2B:C5:37
            X509v3 Authority Key Identifier:
                keyid:A3:7A:12:6D:78:54:EC:D5:65:AE:82:97:0C:69:3F:33:59:F8:5F:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3oSbXhU7NVlroKXDGk_M1n4Xzc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/834407-163d-410c-b949-786cb1296e58/1/vuM_bTLNlpb-DzXGQnQJT98rxTc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/834407-163d-410c-b949-786cb1296e58/1/o3oSbXhU7NVlroKXDGk_M1n4Xzc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.127.234.0-194.127.237.255

    Signature Algorithm: sha256WithRSAEncryption
         31:a1:16:4a:82:71:96:03:8b:ca:32:93:cb:21:d5:8f:54:a0:
         96:5e:41:f8:03:49:62:16:f1:1f:01:f7:48:fa:6d:19:63:36:
         7b:c5:bd:5b:37:a1:f2:a0:6a:78:fd:9e:51:ac:f3:e9:6a:a2:
         c4:b8:b4:87:db:ae:38:76:31:e6:06:2f:60:c7:66:8d:fb:b9:
         45:4a:bf:b8:10:a6:87:1a:77:2e:c2:7e:64:f9:ea:0c:76:ea:
         ca:2b:65:4c:8b:8c:39:d5:b8:9c:44:3b:00:a5:6a:d4:cb:db:
         22:fc:a8:0c:4b:95:9e:26:83:9d:31:fb:06:7e:e9:fa:09:43:
         dd:ed:4c:99:9b:db:d1:7a:7a:86:d3:72:9b:72:67:e0:76:2d:
         31:46:03:b5:6a:ee:e9:d5:98:a7:57:95:8b:2a:de:8e:74:cd:
         f2:4d:f0:4f:04:c4:db:42:fc:e2:70:c8:bf:b6:9f:f0:a6:07:
         13:77:7a:e6:44:b2:eb:29:72:99:c0:87:14:2a:bd:85:bc:0c:
         be:31:9a:7c:1a:ee:32:12:6d:ae:e3:ff:56:be:f1:ea:78:ec:
         de:3a:97:d9:a8:57:45:ce:53:07:e6:57:09:54:97:25:ac:e7:
         a6:a9:22:f7:47:c4:92:ec:53:f5:22:49:a0:d5:5e:b5:fb:aa:
         c0:4f:36:7d
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBxNxFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzdhMTI2ZDc4NTRlY2Q1NjVhZTgyOTcwYzY5M2YzMzU5Zjg1ZjM3MB4XDTIyMDEw
MTA0MDEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmVlMzNmNmQzMmNk
OTY5NmZlMGYzNWM2NDI3NDA5NGZkZjJiYzUzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0RcakIJcUZK0TLiaIbl4jCmI/cpr8JYCbVxLai1pUSQQyE
woCxA6okxMFM5rdcCIUsBo8zBV+y0jp2Tn/6x6sidDuBQ4+BpQpO3WWlBCop0Gfq
rRxRJuq8MOmXKMnjkj8cpmSvgIizh9Bx0MbxyvELpI2nOQgAlbwQdbAbv8dLnPcD
5bVzLlT3vz6CIYVFNkcq+RhxRGie5D3ZmR4TmcRMcNBhZ21XuXYxnyXXR4Uv3/J2
Wj34CghatgEMeOWY8ugEDW8mlC+3Z53Xou+V8cm7VXgycttZwoxWPo4MRmygpF8C
r9iC7CHsl1rRxyc9c0SRoBNVT4fK3NHZXugnxZ8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBS+4z9tMs2Wlv4PNcZCdAlP3yvFNzAfBgNVHSMEGDAWgBSjehJteFTs1WWu
gpcMaT8zWfhfNzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28zb1NiWGhVN05WbHJvS1hER2tfTTFuNFh6Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvODM0NDA3LTE2M2QtNDEwYy1iOTQ5LTc4NmNiMTI5NmU1OC8x
L3Z1TV9iVExObHBiLUR6WEdRblFKVDk4cnhUYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ODM0NDA3LTE2M2QtNDEwYy1iOTQ5LTc4NmNiMTI5NmU1OC8xL28zb1NiWGhVN05W
bHJvS1hER2tfTTFuNFh6Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBwn/qAwQBwn/sMA0GCSqGSIb3
DQEBCwUAA4IBAQAxoRZKgnGWA4vKMpPLIdWPVKCWXkH4A0liFvEfAfdI+m0ZYzZ7
xb1bN6HyoGp4/Z5RrPPpaqLEuLSH2644djHmBi9gx2aN+7lFSr+4EKaHGncuwn5k
+eoMdurKK2VMi4w51bicRDsApWrUy9si/KgMS5WeJoOdMfsGfun6CUPd7UyZm9vR
enqG03Kbcmfgdi0xRgO1au7p1ZinV5WLKt6OdM3yTfBPBMTbQvzicMi/tp/wpgcT
d3rmRLLrKXKZwIcUKr2FvAy+MZp8Gu4yEm2u4/9WvvHqeOzeOpfZqFdFzlMH5lcJ
VJclrOemqSL3R8SS7FP1Ikmg1V61+6rATzZ9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:02 2024 by rpki-client on console-fra.rpki-client.org