Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/PeMM7p-UqhyDkXj_5nuq8dgvFTc.roa
File:                     PeMM7p-UqhyDkXj_5nuq8dgvFTc.roa (raw, json)
Hash identifier:          mzUsRJcxIDu1E9/iW161GDf0t9fD1QTSe+0nVFqgtyo=
Subject key identifier:   3D:E3:0C:EE:9F:94:AA:1C:83:91:78:FF:E6:7B:AA:F1:D8:2F:15:37
Certificate issuer:       /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial:       4D051B89
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/PeMM7p-UqhyDkXj_5nuq8dgvFTc.roa
Signing time:             Sat 01 Jan 2022 15:56:17 +0000
ROA not before:           Sat 01 Jan 2022 15:56:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204137
IP address blocks:        134.19.128.0/21 maxlen: 21
                          2a05:7400:4000::/34 maxlen: 34

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1292180361 (0x4d051b89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
        Validity
            Not Before: Jan  1 15:56:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3de30cee9f94aa1c839178ffe67baaf1d82f1537
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:e1:df:f9:57:96:1f:ba:db:3f:f4:8f:06:68:
                    d7:fd:18:ca:08:aa:3f:a4:df:a3:96:05:04:d6:92:
                    46:ee:3e:d2:19:ad:23:b6:e1:8f:d4:fc:82:e8:2e:
                    dc:66:1b:c4:59:18:4e:fd:dc:c4:b4:0c:78:61:66:
                    0c:c4:6e:07:95:54:4e:a5:1f:07:5d:eb:e6:ee:2d:
                    8e:62:91:94:bf:81:24:b4:cc:93:7c:c7:d2:64:b7:
                    c4:87:ef:c6:e3:83:0b:ac:ca:04:25:a3:e7:d9:0b:
                    ec:bf:7d:0b:69:9e:f1:ed:93:35:da:ad:66:19:f0:
                    4b:14:d4:22:cb:7b:07:62:b4:a7:5e:60:5a:2f:bd:
                    54:b3:e4:72:4d:aa:aa:8a:d0:9a:9e:46:3b:7f:68:
                    e8:9f:9c:ca:bc:80:11:53:d9:1e:a4:9d:13:6f:68:
                    55:80:06:33:25:62:c8:ea:d5:ea:b6:93:1e:83:07:
                    99:a3:10:df:79:99:88:46:9a:23:e2:c3:15:44:eb:
                    3c:9e:77:4c:4e:84:4a:30:d3:8b:f0:65:3a:db:ae:
                    e5:8f:51:f4:68:3b:4e:86:1d:0e:a5:2b:b5:7f:10:
                    ab:45:c5:9c:dd:c5:b0:c6:7c:41:3f:35:6f:56:54:
                    5f:28:69:b6:1d:f3:9f:ad:8b:5e:80:e7:33:7a:e3:
                    e4:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:E3:0C:EE:9F:94:AA:1C:83:91:78:FF:E6:7B:AA:F1:D8:2F:15:37
            X509v3 Authority Key Identifier:
                keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/PeMM7p-UqhyDkXj_5nuq8dgvFTc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.19.128.0/21
                IPv6:
                  2a05:7400:4000::/34

    Signature Algorithm: sha256WithRSAEncryption
         b2:5f:16:7c:03:35:05:77:d8:45:f6:8b:e7:6f:1b:29:d8:00:
         19:8c:83:86:7b:95:b9:6a:be:46:26:9e:bd:ce:5b:62:0a:17:
         73:6c:4e:99:a4:56:0c:ad:da:67:2b:52:ef:e7:de:b9:b5:c2:
         4b:ac:ee:bb:c2:1e:dc:6f:5d:94:2f:c4:57:96:b1:e0:43:4e:
         04:51:de:7e:66:1b:bb:1c:18:d4:fd:b9:43:d3:38:14:5c:47:
         cc:20:34:7a:13:c3:92:7b:27:03:0f:f5:cf:d8:7e:64:03:ab:
         b8:88:8c:ad:df:44:0a:f6:fa:b7:8f:c8:e9:3d:f8:95:90:58:
         9a:56:a4:43:2e:0c:01:7f:52:9e:dd:82:9a:1c:f0:39:3d:0a:
         a8:90:7a:26:80:35:37:4b:a0:14:83:24:47:01:02:ff:13:35:
         ae:17:3e:74:8d:cb:9b:92:c8:3a:2c:9a:7c:0a:5b:a5:9c:57:
         4e:36:77:3a:4b:2f:21:e9:02:1d:98:f9:52:67:a4:c8:a4:f8:
         29:2d:be:5a:45:d4:03:ad:0f:58:89:9d:d9:97:36:7e:e2:0d:
         2f:e3:66:a4:25:0f:dd:78:86:74:c2:fa:87:83:de:9a:5b:e0:
         31:e1:37:a6:3a:3f:7a:69:08:3c:ba:7e:26:d4:4e:30:49:ab:
         81:64:a3:99
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIETQUbiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTdmNzQ3ZGY1ZjI0MzUzMTU0ZGM0ZDRiZjcwZDJkZGNiNTNlOTAwMB4XDTIyMDEw
MTE1NTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2RlMzBjZWU5Zjk0
YWExYzgzOTE3OGZmZTY3YmFhZjFkODJmMTUzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOvh3/lXlh+62z/0jwZo1/0YygiqP6Tfo5YFBNaSRu4+0hmt
I7bhj9T8gugu3GYbxFkYTv3cxLQMeGFmDMRuB5VUTqUfB13r5u4tjmKRlL+BJLTM
k3zH0mS3xIfvxuODC6zKBCWj59kL7L99C2me8e2TNdqtZhnwSxTUIst7B2K0p15g
Wi+9VLPkck2qqorQmp5GO39o6J+cyryAEVPZHqSdE29oVYAGMyViyOrV6raTHoMH
maMQ33mZiEaaI+LDFUTrPJ53TE6ESjDTi/BlOtuu5Y9R9Gg7ToYdDqUrtX8Qq0XF
nN3FsMZ8QT81b1ZUXyhpth3zn62LXoDnM3rj5G8CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQ94wzun5SqHIOReP/me6rx2C8VNzAfBgNVHSMEGDAWgBSuf3R99fJDUxVN
xNS/cNLdy1PpADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JuOTBmZlh5UTFNVlRjVFV2M0RTM2N0VDZRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNThhZjI0LWM0NTQtNDRiMC1hN2NhLWM2ZjFlNmFjOWJhOS8x
L1BlTU03cC1VcWh5RGtYal81bnVxOGRndkZUYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NThhZjI0LWM0NTQtNDRiMC1hN2NhLWM2ZjFlNmFjOWJhOS8xL3JuOTBmZlh5UTFN
VlRjVFV2M0RTM2N0VDZRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEA4YTgDAOBAIAAjAIAwYGKgV0AEAw
DQYJKoZIhvcNAQELBQADggEBALJfFnwDNQV32EX2i+dvGynYABmMg4Z7lblqvkYm
nr3OW2IKF3NsTpmkVgyt2mcrUu/n3rm1wkus7rvCHtxvXZQvxFeWseBDTgRR3n5m
G7scGNT9uUPTOBRcR8wgNHoTw5J7JwMP9c/YfmQDq7iIjK3fRAr2+rePyOk9+JWQ
WJpWpEMuDAF/Up7dgpoc8Dk9CqiQeiaANTdLoBSDJEcBAv8TNa4XPnSNy5uSyDos
mnwKW6WcV042dzpLLyHpAh2Y+VJnpMik+CktvlpF1AOtD1iJndmXNn7iDS/jZqQl
D914hnTC+oeD3ppb4DHhN6Y6P3ppCDy6fibUTjBJq4Fko5k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:23 2024 by rpki-client on console-fra.rpki-client.org