Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/g0WuSaWfmZCrKkfajGy_gtyi_vk.roa
File:                     g0WuSaWfmZCrKkfajGy_gtyi_vk.roa (raw, json)
Hash identifier:          ey/T9KGQyQ/9jbT9XQOUkAZ8HresAWlYeozm2MQU5q8=
Subject key identifier:   83:45:AE:49:A5:9F:99:90:AB:2A:47:DA:8C:6C:BF:82:DC:A2:FE:F9
Certificate issuer:       /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial:       05A73345
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/g0WuSaWfmZCrKkfajGy_gtyi_vk.roa
Signing time:             Sat 01 Jan 2022 07:04:07 +0000
ROA not before:           Sat 01 Jan 2022 07:04:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        188.241.74.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94843717 (0x5a73345)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
        Validity
            Not Before: Jan  1 07:04:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8345ae49a59f9990ab2a47da8c6cbf82dca2fef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:10:af:e0:2a:af:6c:a8:fc:72:38:13:10:9b:
                    01:e9:1e:e4:19:93:f7:a5:f0:a1:b5:e6:b2:26:da:
                    63:99:7d:40:b8:1f:01:ea:af:61:a7:51:ad:44:54:
                    61:ac:5c:9f:6f:3f:11:66:1b:28:d7:e4:59:67:63:
                    61:c3:40:1b:31:74:68:38:0f:cf:91:1d:c1:cb:08:
                    67:76:21:4b:fe:a7:d6:ea:f6:2f:71:1a:98:2d:74:
                    df:34:4d:20:db:30:3b:93:5d:93:af:47:db:bd:99:
                    91:7b:e8:a1:ea:05:34:a7:44:70:47:c9:08:e1:5e:
                    b8:6a:bd:f4:4a:45:c6:97:44:7d:d2:76:65:3f:90:
                    c5:1b:08:5e:de:66:8f:47:fc:ce:29:0a:35:ed:ac:
                    63:9f:3d:01:94:48:99:9e:71:d2:24:a8:f4:b7:79:
                    0b:18:09:f4:a9:a7:dc:76:a3:25:c0:9e:7a:fb:99:
                    db:6a:5d:bd:fe:c6:78:b0:fc:91:ac:87:13:4c:b5:
                    2b:11:b3:3c:f7:76:74:49:af:99:a6:4b:ff:13:e3:
                    1b:3d:05:b5:15:95:b2:bc:04:cc:dc:b3:a1:df:a8:
                    9a:54:ed:a8:9b:d5:61:7a:d4:57:68:82:89:21:fb:
                    bc:d1:25:c9:e1:c0:de:f2:07:3e:09:41:70:90:59:
                    5c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:45:AE:49:A5:9F:99:90:AB:2A:47:DA:8C:6C:BF:82:DC:A2:FE:F9
            X509v3 Authority Key Identifier:
                keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/g0WuSaWfmZCrKkfajGy_gtyi_vk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.241.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:f2:8a:69:b1:2a:0f:90:83:16:01:3b:07:c1:40:2d:ba:a0:
         e1:15:55:b8:2a:5e:c6:71:d3:a2:fe:50:cf:db:5e:05:75:14:
         0c:ca:ef:2f:0d:a5:25:d6:7f:0f:ef:53:5b:b8:06:5d:d3:ea:
         07:40:31:ed:1f:48:f5:bd:91:a2:86:12:8a:6d:b7:ce:98:9a:
         99:91:c0:c7:2a:be:c4:4e:26:5a:30:4a:2f:56:59:d1:a4:6c:
         31:03:9d:76:07:21:12:a1:1c:f6:f4:0b:cd:d0:a1:59:3a:0d:
         84:09:41:f2:6b:40:19:5a:69:cb:d8:70:87:5d:61:88:aa:6b:
         a9:0d:90:08:70:0e:38:8f:a9:5a:bb:ef:34:f6:df:e4:fc:ee:
         49:0b:c1:64:eb:b0:16:5a:3b:bb:54:40:c9:5e:8d:78:78:66:
         fc:3e:bd:65:b0:a3:e0:ac:b5:1f:d7:1c:67:88:51:79:dd:9a:
         d2:07:fe:85:d4:f2:5f:76:e5:8a:01:8a:be:80:8f:6c:cd:21:
         22:d5:7c:a5:1b:1f:f6:ee:49:da:a4:23:7f:a7:3f:df:cb:f1:
         31:34:d0:e7:38:91:a1:08:d5:83:12:fc:5d:53:e0:70:eb:ad:
         ba:2b:3f:e7:bf:11:dc:75:ae:9d:06:60:50:5c:de:89:7d:75:
         0d:df:dc:49
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaczRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2VmNThkNGNmYTM1NTQzZjg0ODhhMjc1NmU2OTI0ZTY0N2I0NTg5MB4XDTIyMDEw
MTA3MDQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODM0NWFlNDlhNTlm
OTk5MGFiMmE0N2RhOGM2Y2JmODJkY2EyZmVmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkQr+Aqr2yo/HI4ExCbAeke5BmT96XwobXmsibaY5l9QLgf
AeqvYadRrURUYaxcn28/EWYbKNfkWWdjYcNAGzF0aDgPz5EdwcsIZ3YhS/6n1ur2
L3EamC103zRNINswO5Ndk69H272ZkXvooeoFNKdEcEfJCOFeuGq99EpFxpdEfdJ2
ZT+QxRsIXt5mj0f8zikKNe2sY589AZRImZ5x0iSo9Ld5CxgJ9Kmn3HajJcCeevuZ
22pdvf7GeLD8kayHE0y1KxGzPPd2dEmvmaZL/xPjGz0FtRWVsrwEzNyzod+omlTt
qJvVYXrUV2iCiSH7vNElyeHA3vIHPglBcJBZXLkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSDRa5JpZ+ZkKsqR9qMbL+C3KL++TAfBgNVHSMEGDAWgBTc71jUz6NVQ/hI
iidW5pJOZHtFiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8x
L2cwV3VTYVdmbVpDcktrZmFqR3lfZ3R5aV92ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8xLzNPOVkxTS1qVlVQ
NFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALzxSjANBgkqhkiG9w0BAQsFAAOC
AQEAnPKKabEqD5CDFgE7B8FALbqg4RVVuCpexnHTov5Qz9teBXUUDMrvLw2lJdZ/
D+9TW7gGXdPqB0Ax7R9I9b2RooYSim23zpiamZHAxyq+xE4mWjBKL1ZZ0aRsMQOd
dgchEqEc9vQLzdChWToNhAlB8mtAGVppy9hwh11hiKprqQ2QCHAOOI+pWrvvNPbf
5PzuSQvBZOuwFlo7u1RAyV6NeHhm/D69ZbCj4Ky1H9ccZ4hRed2a0gf+hdTyX3bl
igGKvoCPbM0hItV8pRsf9u5J2qQjf6c/38vxMTTQ5ziRoQjVgxL8XVPgcOutuis/
578R3HWunQZgUFzeiX11Dd/cSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org