Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/VOtxGKt098AkDUHoho3M72oUrSM.roa
File:                     VOtxGKt098AkDUHoho3M72oUrSM.roa (raw, json)
Hash identifier:          TsHDmbpzXkAbvoGLcgAqCIYdoewd6AAeDe62Bgb5yf4=
Subject key identifier:   54:EB:71:18:AB:74:F7:C0:24:0D:41:E8:86:8D:CC:EF:6A:14:AD:23
Certificate issuer:       /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial:       39456CE0
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/VOtxGKt098AkDUHoho3M72oUrSM.roa
Signing time:             Sat 01 Jan 2022 08:05:34 +0000
ROA not before:           Sat 01 Jan 2022 08:05:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56765
IP address blocks:        194.225.24.0/21 maxlen: 24
                          94.184.112.0/21 maxlen: 24
                          2001:14e8:5::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 960851168 (0x39456ce0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
        Validity
            Not Before: Jan  1 08:05:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54eb7118ab74f7c0240d41e8868dccef6a14ad23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:6c:b5:47:46:e5:31:0c:30:29:c8:29:93:71:
                    43:9e:31:0d:5c:8a:ca:0e:24:12:1b:d0:40:2f:f8:
                    83:55:cb:ab:18:c2:3a:9a:3a:23:a3:43:04:5a:70:
                    1b:21:b8:e4:a5:45:e9:7c:2b:02:53:42:83:80:01:
                    fc:b3:7a:c4:1b:56:5b:34:dc:e1:ad:fa:7b:da:d8:
                    94:c1:33:ae:e4:c7:3d:ee:a3:10:ae:f7:d3:3d:8f:
                    12:1f:bc:be:23:90:e0:a1:1a:73:20:1f:63:36:87:
                    af:0c:4c:5d:4b:82:d8:e0:7d:54:ef:18:e4:62:d0:
                    f9:83:c4:59:7f:52:56:63:66:ce:78:35:6a:ab:76:
                    70:69:1c:8e:60:f2:86:e6:d4:94:03:3d:c3:8e:b3:
                    b5:8e:3b:83:6b:30:98:8a:06:be:8a:5b:e0:bf:57:
                    06:12:5d:f9:8d:26:2c:cd:48:cb:82:af:e6:5a:15:
                    25:0e:04:20:3d:7d:e4:f5:42:42:91:00:8f:8c:8c:
                    a3:b9:89:b9:60:6e:84:2e:2f:9f:46:32:e9:dc:e7:
                    59:40:15:c4:97:b9:6e:85:64:c0:dc:97:1d:af:a0:
                    3c:a9:24:a7:7a:51:f4:d8:60:66:6b:b8:d8:54:25:
                    a6:f6:dd:a7:6a:ac:44:ee:83:89:8c:63:d0:6d:b6:
                    20:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:EB:71:18:AB:74:F7:C0:24:0D:41:E8:86:8D:CC:EF:6A:14:AD:23
            X509v3 Authority Key Identifier:
                keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/VOtxGKt098AkDUHoho3M72oUrSM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.184.112.0/21
                  194.225.24.0/21
                IPv6:
                  2001:14e8:5::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:ca:51:93:1a:12:c6:00:0b:e1:b9:25:bc:ba:f5:a1:ce:8b:
         d4:2e:99:79:e4:15:97:13:27:25:a5:9a:d2:4b:b5:b9:19:e5:
         48:33:4b:f9:f3:52:5f:a9:19:73:9b:86:b0:9e:e1:20:9f:b4:
         fb:c7:3a:cb:43:6e:39:f8:69:61:6a:7d:a4:17:66:cc:81:8d:
         12:f0:d6:47:9c:5c:7b:84:8c:d3:f8:21:ea:7d:f1:8f:65:80:
         25:31:2b:d0:cd:30:c0:93:d0:90:bf:c5:86:15:33:f9:12:65:
         f7:0f:54:57:62:3e:e4:b5:3a:58:89:15:c7:7b:93:f3:bb:d4:
         ff:4c:26:d9:9a:fb:f4:eb:c6:9c:a3:bc:98:b4:91:30:34:13:
         28:5a:80:6e:4b:12:e3:35:24:c7:3b:01:11:9e:0d:e9:ed:22:
         9b:a3:04:13:68:fd:c6:60:28:ab:13:ff:84:7e:c3:e2:fc:12:
         d9:36:06:44:bd:04:c8:18:4f:fa:9b:1c:90:41:fc:35:77:d9:
         d1:76:00:07:e8:79:ee:ac:00:f7:6c:73:09:54:82:4c:aa:fa:
         89:c7:a8:a4:83:32:9c:9d:c7:77:09:72:d8:5d:70:1c:eb:13:
         d4:1a:19:43:53:74:a9:bb:71:c7:ce:97:7c:07:b5:87:b8:09:
         ae:3c:a5:2c
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEOUVs4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODNkNzYwNTEwMTdkMGFmYTkxNWZjZmI3OTBhMDBmNDY2N2IwYTg4MB4XDTIyMDEw
MTA4MDUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRlYjcxMThhYjc0
ZjdjMDI0MGQ0MWU4ODY4ZGNjZWY2YTE0YWQyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFstUdG5TEMMCnIKZNxQ54xDVyKyg4kEhvQQC/4g1XLqxjC
Opo6I6NDBFpwGyG45KVF6XwrAlNCg4AB/LN6xBtWWzTc4a36e9rYlMEzruTHPe6j
EK730z2PEh+8viOQ4KEacyAfYzaHrwxMXUuC2OB9VO8Y5GLQ+YPEWX9SVmNmzng1
aqt2cGkcjmDyhubUlAM9w46ztY47g2swmIoGvopb4L9XBhJd+Y0mLM1Iy4Kv5loV
JQ4EID195PVCQpEAj4yMo7mJuWBuhC4vn0Yy6dznWUAVxJe5boVkwNyXHa+gPKkk
p3pR9NhgZmu42FQlpvbdp2qsRO6DiYxj0G22IEcCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBRU63EYq3T3wCQNQeiGjczvahStIzAfBgNVHSMEGDAWgBRYPXYFEBfQr6kV
/Pt5CgD0ZnsKiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dEMTJCUkFYMEstcEZmejdlUW9BOUdaN0NvZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvNGYxYjI3LTMyNmEtNDY3OS1hNjRiLWRhNjE1Mzg4NWYzYi8x
L1ZPdHhHS3QwOThBa0RVSG9obzNNNzJvVXJTTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
NGYxYjI3LTMyNmEtNDY3OS1hNjRiLWRhNjE1Mzg4NWYzYi8xL1dEMTJCUkFYMEst
cEZmejdlUW9BOUdaN0NvZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEA164cAMEA8LhGDAPBAIAAjAJAwcA
IAEU6AAFMA0GCSqGSIb3DQEBCwUAA4IBAQAQylGTGhLGAAvhuSW8uvWhzovULpl5
5BWXEyclpZrSS7W5GeVIM0v581JfqRlzm4awnuEgn7T7xzrLQ245+Glhan2kF2bM
gY0S8NZHnFx7hIzT+CHqffGPZYAlMSvQzTDAk9CQv8WGFTP5EmX3D1RXYj7ktTpY
iRXHe5Pzu9T/TCbZmvv068aco7yYtJEwNBMoWoBuSxLjNSTHOwERng3p7SKbowQT
aP3GYCirE/+EfsPi/BLZNgZEvQTIGE/6mxyQQfw1d9nRdgAH6HnurAD3bHMJVIJM
qvqJx6ikgzKcncd3CXLYXXAc6xPUGhlDU3Spu3HHzpd8B7WHuAmuPKUs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:22 2024 by rpki-client on console-fra.rpki-client.org