Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/fPKJyI7ntAnHuAYBDIbTvzxvNFQ.roa
File:                     fPKJyI7ntAnHuAYBDIbTvzxvNFQ.roa (raw, json)
Hash identifier:          B6lgu2rJnlyIlHKxGneDHOHa0MbfkT2GFz+rTK2hqhA=
Subject key identifier:   7C:F2:89:C8:8E:E7:B4:09:C7:B8:06:01:0C:86:D3:BF:3C:6F:34:54
Certificate issuer:       /CN=89da60f049dfba34be4b4e8418b9ff492125c449
Certificate serial:       01827D9F3CB25325E127D2616FE53BD301D7
Authority key identifier: 89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/fPKJyI7ntAnHuAYBDIbTvzxvNFQ.roa
Signing time:             Mon 08 Aug 2022 13:22:43 +0000
ROA not before:           Mon 08 Aug 2022 13:22:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57187
IP address blocks:        94.207.32.0/20 maxlen: 24
                          2a00:f2f::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:7d:9f:3c:b2:53:25:e1:27:d2:61:6f:e5:3b:d3:01:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89da60f049dfba34be4b4e8418b9ff492125c449
        Validity
            Not Before: Aug  8 13:22:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7cf289c88ee7b409c7b806010c86d3bf3c6f3454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:14:fa:51:2f:42:d2:29:de:ae:d5:dc:23:ac:
                    0f:d9:d5:19:d9:0c:9f:fc:59:3d:1d:05:15:6f:0c:
                    7a:86:77:7d:8b:f6:1f:ee:fc:37:e8:40:c0:04:61:
                    2e:cb:bb:09:fc:39:e8:1d:ca:b2:53:dc:ac:a1:c3:
                    46:65:04:90:08:45:8e:4a:ff:14:77:5a:fd:2d:63:
                    6d:01:b6:91:67:b6:b1:42:64:7a:a8:b1:ca:9c:1c:
                    4c:cd:cd:5a:0f:1e:f1:70:b2:ca:15:88:a8:5b:b7:
                    b7:6d:e4:db:e7:78:6c:af:7d:a5:c2:93:33:55:40:
                    4d:2f:ed:6b:3f:d3:bc:fa:e1:80:ad:e8:8d:6b:95:
                    fa:3b:4b:57:03:de:4a:b4:37:06:8f:26:9b:2d:1f:
                    3d:52:5a:92:5f:a1:ad:bc:22:88:b7:31:70:cb:38:
                    60:f3:60:48:d9:c4:86:1e:93:00:f9:34:6b:11:51:
                    1c:4f:0a:86:e7:68:fd:94:5a:73:9a:d4:0c:34:0d:
                    c0:e4:80:90:c0:03:3a:11:34:0b:a6:ff:1d:c4:9d:
                    77:1e:f9:4f:b7:5a:1c:b1:26:99:e9:71:4e:7b:b7:
                    8a:e7:bf:85:2c:33:a7:83:55:20:ca:ae:b9:64:67:
                    de:6c:49:e5:a0:5f:0a:4d:86:66:43:d4:46:23:a4:
                    ee:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:F2:89:C8:8E:E7:B4:09:C7:B8:06:01:0C:86:D3:BF:3C:6F:34:54
            X509v3 Authority Key Identifier:
                keyid:89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/fPKJyI7ntAnHuAYBDIbTvzxvNFQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.207.32.0/20
                IPv6:
                  2a00:f2f::/32

    Signature Algorithm: sha256WithRSAEncryption
         a2:d2:06:e1:49:f7:f8:3b:c2:e2:60:88:47:a6:b3:f4:f4:ac:
         16:57:97:59:6a:55:05:a0:fe:b8:2e:a2:f7:4d:b1:d4:21:aa:
         6e:44:8e:e7:65:a5:35:fa:63:95:79:63:9c:3b:52:1e:32:b0:
         53:ae:fe:5f:42:18:c9:03:0d:3c:4b:e0:85:3e:19:fb:3c:a0:
         ca:52:3a:ad:ee:98:6c:35:8e:6e:3a:38:cb:84:64:ed:e0:fe:
         b5:bf:2a:91:47:d0:28:46:92:49:14:a6:5b:50:5e:a1:bd:38:
         22:c2:cc:f8:31:53:77:fc:ee:95:d1:49:41:79:38:6e:eb:dc:
         be:fb:7a:0d:92:4d:e6:1b:d4:26:33:94:74:29:c5:56:08:2b:
         e5:e8:98:e2:04:fd:24:64:f4:90:53:9d:64:d5:3a:2f:c4:bc:
         1a:b6:0b:00:23:15:84:6f:3c:be:20:e3:5e:2f:f0:24:8b:7e:
         9d:14:35:18:95:ba:65:49:5e:62:7c:d9:f5:59:2b:90:cd:67:
         f6:4d:46:7c:c9:b8:73:ce:f2:96:7e:8f:93:b6:d8:b2:63:37:
         5e:54:0a:76:b8:45:3e:ff:85:16:ae:0c:76:31:d5:b7:41:72:
         f2:93:5c:b0:d4:c0:f4:06:a4:d7:c3:44:35:03:5e:63:44:4a:
         30:b6:12:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYJ9nzyyUyXhJ9Jhb+U70wHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZGE2MGYwNDlkZmJhMzRiZTRiNGU4NDE4YjlmZjQ5MjEy
NWM0NDkwHhcNMjIwODA4MTMyMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2YyODljODhlZTdiNDA5YzdiODA2MDEwYzg2ZDNiZjNjNmYzNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBT6US9C0inertXcI6wP2dUZ2Qyf
/Fk9HQUVbwx6hnd9i/Yf7vw36EDABGEuy7sJ/DnoHcqyU9ysocNGZQSQCEWOSv8U
d1r9LWNtAbaRZ7axQmR6qLHKnBxMzc1aDx7xcLLKFYioW7e3beTb53hsr32lwpMz
VUBNL+1rP9O8+uGAreiNa5X6O0tXA95KtDcGjyabLR89UlqSX6GtvCKItzFwyzhg
82BI2cSGHpMA+TRrEVEcTwqG52j9lFpzmtQMNA3A5ICQwAM6ETQLpv8dxJ13HvlP
t1ocsSaZ6XFOe7eK57+FLDOng1Ugyq65ZGfebEnloF8KTYZmQ9RGI6TulwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHzyiciO57QJx7gGAQyG0788bzRUMB8GA1UdIwQY
MBaAFInaYPBJ37o0vktOhBi5/0khJcRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUt
Njk4OTBjODI5ZTMzLzEvZlBLSnlJN250QW5IdUFZQkRJYlR2enh2TkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUtNjk4OTBjODI5ZTMz
LzEvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEXs8gMA0E
AgACMAcDBQAqAA8vMA0GCSqGSIb3DQEBCwUAA4IBAQCi0gbhSff4O8LiYIhHprP0
9KwWV5dZalUFoP64LqL3TbHUIapuRI7nZaU1+mOVeWOcO1IeMrBTrv5fQhjJAw08
S+CFPhn7PKDKUjqt7phsNY5uOjjLhGTt4P61vyqRR9AoRpJJFKZbUF6hvTgiwsz4
MVN3/O6V0UlBeThu69y++3oNkk3mG9QmM5R0KcVWCCvl6JjiBP0kZPSQU51k1Tov
xLwatgsAIxWEbzy+IONeL/Aki36dFDUYlbplSV5ifNn1WSuQzWf2TUZ8ybhzzvKW
fo+TttiyYzdeVAp2uEU+/4UWrgx2MdW3QXLyk1yw1MD0BqTXw0Q1A15jREowthJK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org