Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/yEwWoNtojgUokCkbvhqpKLGYLb8.roa
File:                     yEwWoNtojgUokCkbvhqpKLGYLb8.roa (raw, json)
Hash identifier:          FuOKGYmgpBt6oC6NTVfZTK58L1vjt02Dpe54AfU5qG0=
Subject key identifier:   C8:4C:16:A0:DB:68:8E:05:28:90:29:1B:BE:1A:A9:28:B1:98:2D:BF
Certificate issuer:       /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial:       018354D76AC8629B80F60D37ED0436F51FE8
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/yEwWoNtojgUokCkbvhqpKLGYLb8.roa
Signing time:             Mon 19 Sep 2022 08:22:27 +0000
ROA not before:           Mon 19 Sep 2022 08:22:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205361
IP address blocks:        147.161.3.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:54:d7:6a:c8:62:9b:80:f6:0d:37:ed:04:36:f5:1f:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
        Validity
            Not Before: Sep 19 08:22:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c84c16a0db688e052890291bbe1aa928b1982dbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:93:c5:c3:eb:fc:1d:8e:e0:4e:fb:33:22:cd:
                    e3:13:8c:04:48:32:1a:e8:ed:2c:d2:69:a4:0f:59:
                    75:3f:f9:56:55:f5:eb:dc:df:69:e2:14:5e:84:02:
                    93:5b:a1:38:3f:85:91:10:48:e1:56:11:f4:4d:48:
                    4f:db:34:63:ad:21:d5:35:ac:0b:f2:14:6b:6e:a3:
                    6f:8f:70:e5:f5:bc:c7:d8:43:4b:28:22:5d:f8:92:
                    24:2b:cb:18:35:f6:07:48:48:39:2b:60:c6:f5:65:
                    41:db:40:ed:0e:d7:53:6b:b0:de:eb:a0:7f:13:3f:
                    1d:ab:6f:0f:aa:28:c3:5a:2b:5c:b3:55:1b:06:6e:
                    3f:36:5d:44:82:78:fa:83:79:f7:b7:ec:86:b2:c4:
                    3b:8c:a1:ba:c8:32:61:97:0f:36:37:73:d3:c8:ed:
                    40:15:fa:17:39:a8:62:72:b0:f3:d8:0c:7e:54:ad:
                    83:ab:94:a5:eb:0c:0e:fb:d9:df:17:88:98:22:8a:
                    bd:05:7f:ab:54:ea:17:13:0e:10:51:a8:c2:94:54:
                    d0:e1:c6:95:7d:2d:09:2c:63:47:52:e2:bb:0c:99:
                    c7:fe:fa:b7:b7:15:1e:75:79:95:af:d6:98:da:57:
                    e4:a8:8a:9d:b4:11:48:e8:df:95:90:6d:b8:6c:17:
                    e1:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:4C:16:A0:DB:68:8E:05:28:90:29:1B:BE:1A:A9:28:B1:98:2D:BF
            X509v3 Authority Key Identifier:
                keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/yEwWoNtojgUokCkbvhqpKLGYLb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.161.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:2e:6a:8c:22:d5:73:3b:a6:39:bc:25:46:ff:41:cb:6c:d8:
         f7:d2:46:3d:54:9e:7a:c4:36:59:94:78:e1:66:5d:57:78:57:
         7c:82:43:e0:88:1e:ef:85:16:88:bd:90:01:39:b3:b7:66:a4:
         90:5d:0e:ba:ba:ba:6a:84:89:a7:73:1b:b8:10:21:64:44:4a:
         b6:25:68:1a:47:1c:c2:bf:3c:d2:7d:75:eb:f3:6e:f6:71:e4:
         bb:8f:e7:e1:ea:da:51:d9:cc:c4:25:88:e3:55:8c:9f:b9:11:
         95:9f:7a:73:44:67:c2:02:c8:d3:c2:24:1e:17:4f:1a:3c:36:
         4c:85:04:e4:59:4b:05:7b:5b:62:ab:b2:18:10:34:30:1e:8a:
         57:b8:40:7a:23:bc:45:ee:c3:4b:b9:7f:2f:93:2c:8b:0e:7e:
         f9:c5:81:43:6d:bc:11:12:29:20:13:03:57:31:8c:24:d9:71:
         40:75:0e:d5:38:a2:5b:cd:c7:53:53:c2:a6:a6:02:6e:c6:31:
         63:08:f1:d1:f2:24:4e:85:69:93:e2:b3:0c:12:48:47:f4:09:
         2a:0e:08:d2:be:c3:82:11:5a:76:03:7d:58:49:e2:9f:42:c4:
         db:c5:39:77:94:16:3f:b1:a7:51:a1:1e:01:d7:a4:bf:d9:0a:
         57:f4:04:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNU12rIYpuA9g037QQ29R/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjIwOTE5MDgyMjI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODRjMTZhMGRiNjg4ZTA1Mjg5MDI5MWJiZTFhYTkyOGIxOTgyZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJPFw+v8HY7gTvszIs3jE4wESDIa
6O0s0mmkD1l1P/lWVfXr3N9p4hRehAKTW6E4P4WREEjhVhH0TUhP2zRjrSHVNawL
8hRrbqNvj3Dl9bzH2ENLKCJd+JIkK8sYNfYHSEg5K2DG9WVB20DtDtdTa7De66B/
Ez8dq28PqijDWitcs1UbBm4/Nl1Egnj6g3n3t+yGssQ7jKG6yDJhlw82N3PTyO1A
FfoXOahicrDz2Ax+VK2Dq5Sl6wwO+9nfF4iYIoq9BX+rVOoXEw4QUajClFTQ4caV
fS0JLGNHUuK7DJnH/vq3txUedXmVr9aY2lfkqIqdtBFI6N+VkG24bBfhBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhMFqDbaI4FKJApG74aqSixmC2/MB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEveUV3V29OdG9qZ1Vva0NrYnZocXBLTEdZTGI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk6EDMA0G
CSqGSIb3DQEBCwUAA4IBAQCoLmqMItVzO6Y5vCVG/0HLbNj30kY9VJ56xDZZlHjh
Zl1XeFd8gkPgiB7vhRaIvZABObO3ZqSQXQ66urpqhImncxu4ECFkREq2JWgaRxzC
vzzSfXXr8272ceS7j+fh6tpR2czEJYjjVYyfuRGVn3pzRGfCAsjTwiQeF08aPDZM
hQTkWUsFe1tiq7IYEDQwHopXuEB6I7xF7sNLuX8vkyyLDn75xYFDbbwREikgEwNX
MYwk2XFAdQ7VOKJbzcdTU8KmpgJuxjFjCPHR8iROhWmT4rMMEkhH9AkqDgjSvsOC
EVp2A31YSeKfQsTbxTl3lBY/sadRoR4B16S/2QpX9ARH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:14 2024 by rpki-client on console-ams.rpki-client.org