Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/4yykEtl4wU_s1TuuAr_eyH5ubC8.roa
File:                     4yykEtl4wU_s1TuuAr_eyH5ubC8.roa (raw, json)
Hash identifier:          dnPWQ+Gyizj0CrvrBeF63ldz8BH9CckEEBcrm61WLzk=
Subject key identifier:   E3:2C:A4:12:D9:78:C1:4F:EC:D5:3B:AE:02:BF:DE:C8:7E:6E:6C:2F
Certificate issuer:       /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial:       01840D8C6B66414D038715D5C81B06797839
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/4yykEtl4wU_s1TuuAr_eyH5ubC8.roa
Signing time:             Tue 25 Oct 2022 05:10:16 +0000
ROA not before:           Tue 25 Oct 2022 05:10:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6658
IP address blocks:        194.1.128.0/24 maxlen: 24
                          194.1.129.0/24 maxlen: 24
                          194.1.136.0/22 maxlen: 22
                          194.1.140.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0d:8c:6b:66:41:4d:03:87:15:d5:c8:1b:06:79:78:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
        Validity
            Not Before: Oct 25 05:10:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e32ca412d978c14fecd53bae02bfdec87e6e6c2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:69:b4:64:1e:0a:12:36:2d:9a:d8:67:ac:ec:
                    86:84:17:76:97:f6:59:35:e9:20:97:c5:78:d3:e2:
                    de:60:d8:52:86:fe:6e:1a:2e:79:50:6b:77:b8:67:
                    23:2e:ae:76:02:72:6b:2e:3c:30:e0:3e:d7:1a:0f:
                    da:6e:2b:21:57:6e:a0:70:6d:05:0d:61:8f:ec:1c:
                    b6:1b:56:36:91:70:ca:35:c9:e4:b4:7f:e6:fc:e6:
                    48:10:b3:32:81:00:9c:e7:c7:49:cc:ee:ef:94:21:
                    aa:bb:11:3e:cc:53:82:2f:fc:bf:2e:c2:e3:fb:6d:
                    30:a2:93:47:fe:7e:ab:e7:82:6e:d1:b9:1a:7d:67:
                    f2:e1:b3:e3:b9:43:1e:6d:f4:a8:ba:31:7c:5c:b0:
                    9f:99:4f:bb:9c:97:2f:45:6c:03:ab:84:86:f3:94:
                    3c:9e:27:29:df:b9:df:1d:a1:52:90:33:ea:a7:32:
                    3c:e9:c6:9b:91:db:7e:ec:f8:ba:af:bf:cb:ab:cf:
                    f2:4f:94:38:38:23:3f:5f:81:64:98:88:c4:1b:94:
                    0e:02:13:55:84:21:20:30:9f:39:7a:d2:de:b4:8d:
                    eb:28:ef:3f:84:86:26:da:df:ef:46:fb:51:fb:47:
                    3b:9b:04:85:56:ce:92:56:64:32:38:4e:4b:bb:6a:
                    e7:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:2C:A4:12:D9:78:C1:4F:EC:D5:3B:AE:02:BF:DE:C8:7E:6E:6C:2F
            X509v3 Authority Key Identifier:
                keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/4yykEtl4wU_s1TuuAr_eyH5ubC8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.1.128.0/23
                  194.1.136.0-194.1.140.255

    Signature Algorithm: sha256WithRSAEncryption
         3b:9d:d8:45:7a:3c:28:ba:e1:33:a1:3a:02:4c:12:92:3e:b1:
         9c:4b:bb:16:de:6b:0f:40:58:ca:98:f1:fc:c2:ea:ac:29:79:
         31:b9:06:6f:6a:ba:39:10:21:7b:47:d1:a7:ec:ac:5a:90:e6:
         ad:1f:77:1f:b9:5c:7f:12:ad:54:8e:32:e4:90:bf:2a:06:6d:
         3f:86:21:b1:21:00:b5:70:78:28:de:ff:62:03:70:96:8c:42:
         3b:be:50:76:ae:a1:98:25:35:04:08:0f:e3:d7:57:ae:7f:d0:
         83:b7:5b:ce:18:d8:be:2b:5b:e7:46:eb:b2:51:cc:83:59:5a:
         dc:7a:07:d0:08:77:80:ea:7a:5a:06:f6:ef:ca:b6:26:d4:c9:
         62:c5:46:d2:23:a0:b0:6e:7f:e9:44:17:f4:ef:15:f2:44:07:
         2b:1c:6b:be:95:cd:ac:5f:b9:f6:0f:a4:53:93:4f:87:af:07:
         df:b6:0c:48:b5:21:98:64:f7:f1:96:4e:ba:9c:41:43:bd:f7:
         49:04:70:a0:0e:98:a6:d2:c3:8d:91:2e:65:65:8b:b5:a0:56:
         4d:a4:d4:f2:3a:76:ab:19:74:f6:4e:8a:50:30:0b:b8:5b:e9:
         9c:ea:e7:7f:56:35:db:d5:c7:8a:b5:81:d0:e7:64:e9:32:58:
         9f:f9:75:db
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYQNjGtmQU0DhxXVyBsGeXg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjIxMDI1MDUxMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJjYTQxMmQ5NzhjMTRmZWNkNTNiYWUwMmJmZGVjODdlNmU2YzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGm0ZB4KEjYtmthnrOyGhBd2l/ZZ
Nekgl8V40+LeYNhShv5uGi55UGt3uGcjLq52AnJrLjww4D7XGg/abishV26gcG0F
DWGP7By2G1Y2kXDKNcnktH/m/OZIELMygQCc58dJzO7vlCGquxE+zFOCL/y/LsLj
+20wopNH/n6r54Ju0bkafWfy4bPjuUMebfSoujF8XLCfmU+7nJcvRWwDq4SG85Q8
nicp37nfHaFSkDPqpzI86cabkdt+7Pi6r7/Lq8/yT5Q4OCM/X4FkmIjEG5QOAhNV
hCEgMJ85etLetI3rKO8/hIYm2t/vRvtR+0c7mwSFVs6SVmQyOE5Lu2rnEwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOMspBLZeMFP7NU7rgK/3sh+bmwvMB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvNHl5a0V0bDR3VV9zMVR1dUFyX2V5SDV1YkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBwgGAMAwD
BAPCAYgDBADCAYwwDQYJKoZIhvcNAQELBQADggEBADud2EV6PCi64TOhOgJMEpI+
sZxLuxbeaw9AWMqY8fzC6qwpeTG5Bm9qujkQIXtH0afsrFqQ5q0fdx+5XH8SrVSO
MuSQvyoGbT+GIbEhALVweCje/2IDcJaMQju+UHauoZglNQQID+PXV65/0IO3W84Y
2L4rW+dG67JRzINZWtx6B9AId4DqeloG9u/KtibUyWLFRtIjoLBuf+lEF/TvFfJE
Bysca76VzaxfufYPpFOTT4evB9+2DEi1IZhk9/GWTrqcQUO990kEcKAOmKbSw42R
LmVli7WgVk2k1PI6dqsZdPZOilAwC7hb6Zzq539WNdvVx4q1gdDnZOkyWJ/5dds=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:54 2024 by rpki-client on console-ams.rpki-client.org