Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/oXd_134CaddIqLhMX0bXQeXCR18.roa
File:                     oXd_134CaddIqLhMX0bXQeXCR18.roa (raw, json)
Hash identifier:          HcrAwPTjPhB/v3cpJeWAp0FjrSkscr4sOhp0KdGnO20=
Subject key identifier:   A1:77:7F:D7:7E:02:69:D7:48:A8:B8:4C:5F:46:D7:41:E5:C2:47:5F
Certificate issuer:       /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial:       182CDCD9
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/oXd_134CaddIqLhMX0bXQeXCR18.roa
Signing time:             Sat 01 Jan 2022 04:52:44 +0000
ROA not before:           Sat 01 Jan 2022 04:52:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56908
IP address blocks:        194.58.198.0/24 maxlen: 24
                          194.58.198.0/23 maxlen: 23
                          194.58.199.0/24 maxlen: 24
                          2a01:3f1:3000::/38 maxlen: 38

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 405593305 (0x182cdcd9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
        Validity
            Not Before: Jan  1 04:52:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a1777fd77e0269d748a8b84c5f46d741e5c2475f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:18:bb:bb:6e:f4:6a:d8:2e:e5:f2:8a:dc:bb:
                    17:f5:82:a0:2b:90:f5:63:23:cb:36:13:c6:2c:81:
                    03:72:61:70:fd:04:32:47:52:2c:f3:33:03:18:f1:
                    97:31:b8:9d:b4:fd:07:ab:44:a0:bb:a9:97:a3:fc:
                    ff:ff:7b:1c:d3:dc:4e:48:c7:5f:2c:a3:ab:86:d5:
                    29:1b:cf:ff:c6:86:d3:84:67:a6:0b:fe:be:8e:1e:
                    77:64:fc:bb:0e:de:42:62:97:4c:02:c2:04:9b:30:
                    5f:b1:ef:1b:5d:26:37:24:75:94:b7:73:c5:d6:04:
                    6a:b8:36:03:4f:f6:cf:6c:0b:42:6e:d4:7b:33:ea:
                    8c:d0:c9:4a:ce:71:65:aa:ae:e1:5c:76:53:0b:bf:
                    b2:c8:f9:f7:f3:7c:5b:4f:2c:fb:20:5f:e3:bd:ef:
                    3b:89:91:4a:48:d2:c7:28:00:ee:7a:2c:15:3c:aa:
                    40:31:12:46:1b:3b:ac:8a:5d:ee:dc:0a:fc:56:35:
                    8b:57:87:9c:9b:be:5c:be:d2:22:e3:6b:0f:30:95:
                    cd:35:5b:0e:6e:74:8a:a5:16:20:9e:52:c6:5b:6c:
                    94:8e:14:45:85:53:51:34:f4:98:60:49:e4:3b:2c:
                    1a:67:cb:c7:1c:2d:6b:65:22:27:23:e4:30:d2:8d:
                    5d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:77:7F:D7:7E:02:69:D7:48:A8:B8:4C:5F:46:D7:41:E5:C2:47:5F
            X509v3 Authority Key Identifier:
                keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/oXd_134CaddIqLhMX0bXQeXCR18.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.58.198.0/23
                IPv6:
                  2a01:3f1:3000::/38

    Signature Algorithm: sha256WithRSAEncryption
         00:5d:84:6e:7b:21:1b:2a:ef:9d:34:47:3f:76:a4:39:68:f2:
         f6:cf:33:37:46:30:bb:7c:4a:11:2f:0a:20:fe:89:1c:7c:bb:
         cc:8e:39:f2:22:9b:11:4a:49:6b:24:48:ee:1c:64:d7:53:96:
         a5:66:c0:e4:13:3c:71:1a:32:57:80:a2:cf:3b:e9:70:d1:31:
         91:ef:6c:c5:83:5f:b7:88:76:9f:04:27:e0:d1:6b:f0:21:e8:
         2b:4e:15:af:eb:2a:2c:da:be:92:11:7b:2e:7d:19:11:27:92:
         80:7d:43:9b:a0:d4:21:99:c1:8d:f6:9b:8a:6f:82:30:69:85:
         6e:d6:17:86:96:f2:6e:df:0f:92:53:5b:d5:b5:5b:4c:fe:1b:
         ed:20:34:6d:aa:be:29:2e:4b:95:f5:73:1c:d3:9f:4d:53:6f:
         dc:2d:87:e0:48:ca:05:95:0e:79:0d:5c:f2:2f:88:db:4b:67:
         42:1b:31:23:8b:dc:01:ac:dd:6d:a1:2c:bd:e1:05:df:ff:32:
         88:df:48:26:92:2f:6f:1f:0d:a8:f1:29:b8:06:1b:6f:5e:a6:
         93:bb:c8:8a:37:2e:aa:3c:a4:d7:88:fd:4f:b0:c9:ab:03:ab:
         d8:81:c5:5a:77:a6:6d:e8:03:c3:be:7f:59:d4:e4:bf:1b:71:
         ee:4d:7c:3c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEGCzc2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YmFjODI4MDQ3MDBhZDM2NTM4YmY4NmYzNGMwNzNlOTcxNDMwZGE1MB4XDTIyMDEw
MTA0NTI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE3NzdmZDc3ZTAy
NjlkNzQ4YThiODRjNWY0NmQ3NDFlNWMyNDc1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUYu7tu9GrYLuXyity7F/WCoCuQ9WMjyzYTxiyBA3JhcP0E
MkdSLPMzAxjxlzG4nbT9B6tEoLupl6P8//97HNPcTkjHXyyjq4bVKRvP/8aG04Rn
pgv+vo4ed2T8uw7eQmKXTALCBJswX7HvG10mNyR1lLdzxdYEarg2A0/2z2wLQm7U
ezPqjNDJSs5xZaqu4Vx2Uwu/ssj59/N8W08s+yBf473vO4mRSkjSxygA7nosFTyq
QDESRhs7rIpd7twK/FY1i1eHnJu+XL7SIuNrDzCVzTVbDm50iqUWIJ5SxltslI4U
RYVTUTT0mGBJ5DssGmfLxxwta2UiJyPkMNKNXVECAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBShd3/XfgJp10iouExfRtdB5cJHXzAfBgNVHSMEGDAWgBQLrIKARwCtNlOL
+G80wHPpcUMNpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0M2eUNnRWNBclRaVGlfaHZOTUJ6NlhGRERhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvYTcyODkxLWRlMmYtNDE1Ni1hMDExLTQzZjY0YmNlYTk5ZC8x
L29YZF8xMzRDYWRkSXFMaE1YMGJYUWVYQ1IxOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
YTcyODkxLWRlMmYtNDE1Ni1hMDExLTQzZjY0YmNlYTk5ZC8xL0M2eUNnRWNBclRa
VGlfaHZOTUJ6NlhGRERhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAcI6xjAOBAIAAjAIAwYCKgED8TAw
DQYJKoZIhvcNAQELBQADggEBAABdhG57IRsq7500Rz92pDlo8vbPMzdGMLt8ShEv
CiD+iRx8u8yOOfIimxFKSWskSO4cZNdTlqVmwOQTPHEaMleAos876XDRMZHvbMWD
X7eIdp8EJ+DRa/Ah6CtOFa/rKizavpIRey59GREnkoB9Q5ug1CGZwY32m4pvgjBp
hW7WF4aW8m7fD5JTW9W1W0z+G+0gNG2qvikuS5X1cxzTn01Tb9wth+BIygWVDnkN
XPIviNtLZ0IbMSOL3AGs3W2hLL3hBd//MojfSCaSL28fDajxKbgGG29eppO7yIo3
Lqo8pNeI/U+wyasDq9iBxVp3pm3oA8O+f1nU5L8bce5NfDw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:35 2024 by rpki-client on console-ams.rpki-client.org