Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/ea19f8-7dd2-429d-9718-103b0485203b/1/OnrGHW1P2aLFpu60WlH4MwaX4P4.roa
File:                     OnrGHW1P2aLFpu60WlH4MwaX4P4.roa (raw, json)
Hash identifier:          /htB9qyH0/Lip3ZYo8saAa8kPOws3tRX7B5kA1xnAJ4=
Subject key identifier:   3A:7A:C6:1D:6D:4F:D9:A2:C5:A6:EE:B4:5A:51:F8:33:06:97:E0:FE
Certificate issuer:       /CN=f44b9f8093dd889e477cefa7a7556392a66b3870
Certificate serial:       0183831CD7C32927E3642FB55553D99B939A
Authority key identifier: F4:4B:9F:80:93:DD:88:9E:47:7C:EF:A7:A7:55:63:92:A6:6B:38:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9EufgJPdiJ5HfO-np1VjkqZrOHA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/ea19f8-7dd2-429d-9718-103b0485203b/1/OnrGHW1P2aLFpu60WlH4MwaX4P4.roa
Signing time:             Wed 28 Sep 2022 08:00:49 +0000
ROA not before:           Wed 28 Sep 2022 08:00:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1741
IP address blocks:        130.234.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:83:1c:d7:c3:29:27:e3:64:2f:b5:55:53:d9:9b:93:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f44b9f8093dd889e477cefa7a7556392a66b3870
        Validity
            Not Before: Sep 28 08:00:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3a7ac61d6d4fd9a2c5a6eeb45a51f8330697e0fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e7:34:7a:96:2c:fe:43:d4:80:75:6a:af:78:
                    14:ae:9e:c9:5e:f9:95:86:a5:88:e5:f5:91:82:1f:
                    60:1e:81:84:23:67:04:5e:2a:9d:d6:8b:92:33:78:
                    18:85:b5:72:45:a6:9d:ae:b5:17:e3:25:8a:86:c2:
                    5e:1d:73:2f:be:11:af:a2:18:e5:6f:a5:dc:50:68:
                    8f:70:1e:ae:4b:a9:fa:f4:ba:e3:46:f6:5b:57:52:
                    9d:34:f4:86:66:f9:76:0b:ee:ab:15:71:5a:8b:8f:
                    2e:4b:b3:e9:88:2f:47:ce:c5:8d:d5:b3:34:2c:9c:
                    81:2d:00:fb:b1:9b:f3:85:d3:04:f7:13:33:31:23:
                    f8:62:05:22:03:bb:58:d5:f0:47:51:83:2c:e0:b0:
                    44:73:73:c3:65:31:8b:60:d4:2e:ea:e3:3f:0b:67:
                    54:a0:35:24:49:f5:ad:2d:22:11:8e:c4:aa:67:8c:
                    b7:0d:5e:c4:af:7f:28:bc:3c:7d:9e:10:4f:8e:5f:
                    97:f8:f4:00:da:9e:c0:79:7b:b9:f1:33:2c:ee:d2:
                    d1:24:78:4f:89:44:2a:58:8d:fa:cb:79:a6:13:8b:
                    ef:0d:f5:00:61:03:41:a9:89:3f:7d:f5:06:53:ef:
                    d4:25:27:a7:18:c9:b9:f5:bd:e9:a0:a8:95:0a:0e:
                    da:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:7A:C6:1D:6D:4F:D9:A2:C5:A6:EE:B4:5A:51:F8:33:06:97:E0:FE
            X509v3 Authority Key Identifier:
                keyid:F4:4B:9F:80:93:DD:88:9E:47:7C:EF:A7:A7:55:63:92:A6:6B:38:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EufgJPdiJ5HfO-np1VjkqZrOHA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/ea19f8-7dd2-429d-9718-103b0485203b/1/OnrGHW1P2aLFpu60WlH4MwaX4P4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/ea19f8-7dd2-429d-9718-103b0485203b/1/9EufgJPdiJ5HfO-np1VjkqZrOHA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.234.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         02:51:2c:88:ad:a1:74:9d:91:54:ab:b6:cc:17:c3:c3:5c:10:
         29:1e:00:89:57:5f:86:13:2d:5d:70:57:4a:94:63:97:88:64:
         21:a5:12:86:32:23:f2:96:d2:63:0b:8c:dc:20:7a:58:1a:de:
         a2:3d:c7:8b:ff:53:48:67:b9:b6:08:dd:ed:30:3d:08:23:8f:
         8e:eb:0e:28:06:2a:1d:fc:97:1c:ba:a5:9c:81:b3:20:ae:45:
         55:2f:d6:97:4d:0a:6f:bb:45:7c:6c:d8:17:83:ca:18:7c:b5:
         b6:05:bd:b7:6d:ed:87:df:ed:c6:c6:13:41:ea:20:69:5f:40:
         3e:5a:ac:88:2a:23:b0:33:8a:09:e2:bc:4e:76:5b:a6:ae:d3:
         37:af:3b:4d:13:08:c4:a4:30:81:07:3d:a5:34:cf:c3:2c:31:
         d8:2c:9d:0d:7b:2e:63:58:b9:6d:ca:7b:47:eb:55:8e:bd:1e:
         a0:7d:64:38:af:5c:13:54:e3:07:0c:e7:d4:2b:ca:95:a5:c6:
         f0:44:ec:bc:89:ac:e5:c9:f3:30:20:1b:a1:e4:83:2b:b1:b2:
         98:fe:ca:bd:98:14:fc:14:8c:fb:0a:28:7b:b8:16:37:8b:a4:
         2f:90:47:18:24:f1:19:de:8a:75:dc:0d:30:6b:59:39:71:64:
         18:e2:a8:8e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYODHNfDKSfjZC+1VVPZm5OaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NGI5ZjgwOTNkZDg4OWU0NzdjZWZhN2E3NTU2MzkyYTY2
YjM4NzAwHhcNMjIwOTI4MDgwMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdhYzYxZDZkNGZkOWEyYzVhNmVlYjQ1YTUxZjgzMzA2OTdlMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+c0epYs/kPUgHVqr3gUrp7JXvmV
hqWI5fWRgh9gHoGEI2cEXiqd1ouSM3gYhbVyRaadrrUX4yWKhsJeHXMvvhGvohjl
b6XcUGiPcB6uS6n69LrjRvZbV1KdNPSGZvl2C+6rFXFai48uS7PpiC9HzsWN1bM0
LJyBLQD7sZvzhdME9xMzMSP4YgUiA7tY1fBHUYMs4LBEc3PDZTGLYNQu6uM/C2dU
oDUkSfWtLSIRjsSqZ4y3DV7Er38ovDx9nhBPjl+X+PQA2p7AeXu58TMs7tLRJHhP
iUQqWI36y3mmE4vvDfUAYQNBqYk/ffUGU+/UJSenGMm59b3poKiVCg7aAQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDp6xh1tT9mixabutFpR+DMGl+D+MB8GA1UdIwQY
MBaAFPRLn4CT3YieR3zvp6dVY5KmazhwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUV1ZmdKUGRpSjVIZk8tbnAxVmprcVpyT0hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9lYTE5ZjgtN2RkMi00MjlkLTk3MTgt
MTAzYjA0ODUyMDNiLzEvT25yR0hXMVAyYUxGcHU2MFdsSDRNd2FYNFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9lYTE5ZjgtN2RkMi00MjlkLTk3MTgtMTAzYjA0ODUyMDNi
LzEvOUV1ZmdKUGRpSjVIZk8tbnAxVmprcVpyT0hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAguowDQYJ
KoZIhvcNAQELBQADggEBAAJRLIitoXSdkVSrtswXw8NcECkeAIlXX4YTLV1wV0qU
Y5eIZCGlEoYyI/KW0mMLjNwgelga3qI9x4v/U0hnubYI3e0wPQgjj47rDigGKh38
lxy6pZyBsyCuRVUv1pdNCm+7RXxs2BeDyhh8tbYFvbdt7Yff7cbGE0HqIGlfQD5a
rIgqI7AzignivE52W6au0zevO00TCMSkMIEHPaU0z8MsMdgsnQ17LmNYuW3Ke0fr
VY69HqB9ZDivXBNU4wcM59QrypWlxvBE7LyJrOXJ8zAgG6Hkgyuxspj+yr2YFPwU
jPsKKHu4FjeLpC+QRxgk8RneinXcDTBrWTlxZBjiqI4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:15 2024 by rpki-client on console-ams.rpki-client.org