Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/3822e5-07a4-4a38-ae68-b6c04330ccd1/1/4qTTA4KhJ_yAUsvJD83q6Rf_oxE.roa
File:                     4qTTA4KhJ_yAUsvJD83q6Rf_oxE.roa (raw, json)
Hash identifier:          3tE8RnBpepwzi6FpTzK9eltRDdef6Tj0Oqu89lBwaAI=
Subject key identifier:   E2:A4:D3:03:82:A1:27:FC:80:52:CB:C9:0F:CD:EA:E9:17:FF:A3:11
Certificate issuer:       /CN=00ca712bb4911b7674c7af047ddd86aa2063ce00
Certificate serial:       D6D6C6
Authority key identifier: 00:CA:71:2B:B4:91:1B:76:74:C7:AF:04:7D:DD:86:AA:20:63:CE:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AMpxK7SRG3Z0x68Efd2GqiBjzgA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/3822e5-07a4-4a38-ae68-b6c04330ccd1/1/4qTTA4KhJ_yAUsvJD83q6Rf_oxE.roa
Signing time:             Sat 01 Jan 2022 08:06:17 +0000
ROA not before:           Sat 01 Jan 2022 08:06:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        194.104.135.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14079686 (0xd6d6c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00ca712bb4911b7674c7af047ddd86aa2063ce00
        Validity
            Not Before: Jan  1 08:06:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2a4d30382a127fc8052cbc90fcdeae917ffa311
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b6:ac:1e:26:c9:88:de:af:55:74:1c:42:7d:
                    a2:ea:ce:5b:cc:31:94:dc:cb:a3:52:10:a5:14:5d:
                    6e:2e:df:10:bf:23:fa:c7:90:e8:fd:b1:1f:4f:37:
                    6f:98:de:9e:00:f2:d9:c2:13:76:ba:64:91:96:47:
                    8d:57:eb:4e:ca:71:a5:a0:a1:a2:fb:b0:70:3f:41:
                    4a:7a:27:b2:bd:07:5b:3b:36:59:7f:f2:e7:62:8c:
                    e7:94:76:19:d4:5e:1b:b2:49:70:42:ac:9f:c2:b4:
                    f6:2c:6b:36:f3:f9:83:61:5a:56:72:50:6b:0b:bb:
                    a4:b5:fa:e3:67:b1:b1:1b:73:d7:bc:c9:a4:26:5b:
                    35:0f:f0:60:cc:73:c9:11:bf:5d:9e:ce:9a:46:79:
                    04:06:51:0a:90:f2:5c:55:38:7e:42:ce:47:ec:fa:
                    3a:d5:c5:e8:dd:53:f5:f4:d1:00:f2:6b:ff:e2:69:
                    4e:44:82:57:4e:55:2b:69:89:7f:48:f5:be:85:fe:
                    ba:c5:fd:2e:0b:a1:79:d6:ed:f8:64:fb:94:e8:ab:
                    db:a8:ea:9e:75:13:05:1f:78:da:81:39:3a:38:72:
                    ef:9a:ec:0f:23:5f:f0:59:98:1c:5c:af:fe:b9:82:
                    18:8b:8d:9c:d0:d1:d7:eb:d8:88:a7:9a:74:fd:b7:
                    72:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:A4:D3:03:82:A1:27:FC:80:52:CB:C9:0F:CD:EA:E9:17:FF:A3:11
            X509v3 Authority Key Identifier:
                keyid:00:CA:71:2B:B4:91:1B:76:74:C7:AF:04:7D:DD:86:AA:20:63:CE:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AMpxK7SRG3Z0x68Efd2GqiBjzgA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/3822e5-07a4-4a38-ae68-b6c04330ccd1/1/4qTTA4KhJ_yAUsvJD83q6Rf_oxE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/3822e5-07a4-4a38-ae68-b6c04330ccd1/1/AMpxK7SRG3Z0x68Efd2GqiBjzgA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:54:8a:d8:84:a7:e1:50:24:24:e3:d1:af:6a:85:e0:c6:7e:
         07:10:57:1e:f1:13:d3:1b:dc:75:0e:dd:29:ba:eb:b7:36:24:
         9f:be:f4:da:3f:97:6a:cd:2c:2f:43:88:10:f9:34:ab:e9:ce:
         69:e6:15:65:71:9e:82:5e:06:82:9f:f2:16:3d:ea:61:d1:79:
         70:fd:34:7d:06:e1:d9:b6:cb:88:3b:6d:d2:a5:df:69:37:8f:
         e8:ae:de:0b:84:ad:40:f4:8e:e5:07:34:97:b5:05:e2:f4:ad:
         8b:cc:87:dd:f0:bc:0e:b3:55:73:1a:e4:4d:f0:91:f8:e7:2c:
         9f:7b:b2:9a:41:8a:be:62:7a:65:0a:e7:63:02:f3:59:83:b8:
         0a:63:62:37:52:63:63:79:a5:db:dc:b2:69:ce:1a:f7:94:01:
         2b:6e:0f:ab:83:29:ec:2a:54:be:c3:cc:f5:e3:2e:f5:f5:a8:
         27:c9:36:ee:c4:2a:63:68:bb:d5:7c:ef:1e:29:6b:29:30:82:
         52:89:54:9a:92:25:01:25:ff:b8:b8:33:3b:11:15:5f:45:98:
         bd:4f:05:e2:b4:66:8b:07:10:ad:dc:d3:a8:dd:07:b0:d9:5e:
         ef:9a:7c:f6:9e:7e:93:1c:5e:ce:f9:cb:cb:d7:e4:dd:a6:4f:
         00:11:2e:0a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANbWxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MGNhNzEyYmI0OTExYjc2NzRjN2FmMDQ3ZGRkODZhYTIwNjNjZTAwMB4XDTIyMDEw
MTA4MDYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJhNGQzMDM4MmEx
MjdmYzgwNTJjYmM5MGZjZGVhZTkxN2ZmYTMxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK22rB4myYjer1V0HEJ9ourOW8wxlNzLo1IQpRRdbi7fEL8j
+seQ6P2xH083b5jengDy2cITdrpkkZZHjVfrTspxpaChovuwcD9BSnonsr0HWzs2
WX/y52KM55R2GdReG7JJcEKsn8K09ixrNvP5g2FaVnJQawu7pLX642exsRtz17zJ
pCZbNQ/wYMxzyRG/XZ7OmkZ5BAZRCpDyXFU4fkLOR+z6OtXF6N1T9fTRAPJr/+Jp
TkSCV05VK2mJf0j1voX+usX9Lguhedbt+GT7lOir26jqnnUTBR942oE5Ojhy75rs
DyNf8FmYHFyv/rmCGIuNnNDR1+vYiKeadP23clsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTipNMDgqEn/IBSy8kPzerpF/+jETAfBgNVHSMEGDAWgBQAynErtJEbdnTH
rwR93YaqIGPOADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FNcHhLN1NSRzNaMHg2OEVmZDJHcWlCanpnQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvMzgyMmU1LTA3YTQtNGEzOC1hZTY4LWI2YzA0MzMwY2NkMS8x
LzRxVFRBNEtoSl95QVVzdkpEODNxNlJmX294RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
MzgyMmU1LTA3YTQtNGEzOC1hZTY4LWI2YzA0MzMwY2NkMS8xL0FNcHhLN1NSRzNa
MHg2OEVmZDJHcWlCanpnQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJohzANBgkqhkiG9w0BAQsFAAOC
AQEAVVSK2ISn4VAkJOPRr2qF4MZ+BxBXHvET0xvcdQ7dKbrrtzYkn7702j+Xas0s
L0OIEPk0q+nOaeYVZXGegl4Ggp/yFj3qYdF5cP00fQbh2bbLiDtt0qXfaTeP6K7e
C4StQPSO5Qc0l7UF4vSti8yH3fC8DrNVcxrkTfCR+Ocsn3uymkGKvmJ6ZQrnYwLz
WYO4CmNiN1JjY3ml29yyac4a95QBK24Pq4Mp7CpUvsPM9eMu9fWoJ8k27sQqY2i7
1XzvHilrKTCCUolUmpIlASX/uLgzOxEVX0WYvU8F4rRmiwcQrdzTqN0HsNle75p8
9p5+kxxezvnLy9fk3aZPABEuCg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-fra.rpki-client.org