Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/4a02af-d548-44cf-9df8-13f898bc7d0e/1/RiCWCeBqbYSvyZ8QibsJWX7wpDw.roa
File:                     RiCWCeBqbYSvyZ8QibsJWX7wpDw.roa (raw, json)
Hash identifier:          mNxWhgaNdhEOyOQ1ySyYQiCM2mjQ/D6B+mgVy7MKpNg=
Subject key identifier:   46:20:96:09:E0:6A:6D:84:AF:C9:9F:10:89:BB:09:59:7E:F0:A4:3C
Certificate issuer:       /CN=9fe98ee6cfb3fba83b972ae12653b5d9fc70702e
Certificate serial:       B2BB
Authority key identifier: 9F:E9:8E:E6:CF:B3:FB:A8:3B:97:2A:E1:26:53:B5:D9:FC:70:70:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n-mO5s-z-6g7lyrhJlO12fxwcC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/4a02af-d548-44cf-9df8-13f898bc7d0e/1/RiCWCeBqbYSvyZ8QibsJWX7wpDw.roa
Signing time:             Tue 03 May 2022 07:12:49 +0000
ROA not before:           Tue 03 May 2022 07:12:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60709
IP address blocks:        194.102.126.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45755 (0xb2bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9fe98ee6cfb3fba83b972ae12653b5d9fc70702e
        Validity
            Not Before: May  3 07:12:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=46209609e06a6d84afc99f1089bb09597ef0a43c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fd:5a:e8:89:1e:f5:d3:53:ee:62:9a:7e:2b:
                    29:32:8e:96:ce:c5:33:87:f4:1d:b9:91:8f:a8:0d:
                    9c:d9:76:29:b1:45:e8:40:ad:d5:6d:36:8e:85:a6:
                    db:57:1c:06:61:9d:e7:28:ed:53:31:b4:9c:65:02:
                    e4:e3:9a:c5:4b:f6:53:cc:f8:b8:02:a5:da:c0:41:
                    a1:2d:09:06:b0:f9:9f:fa:ba:aa:ab:6f:52:f1:76:
                    9a:9f:f3:00:53:35:ef:2f:a4:d9:74:a0:22:82:f0:
                    d6:63:53:e0:d2:25:b5:b1:b0:f6:5e:80:ef:d1:db:
                    7c:1a:d7:13:a3:29:92:08:86:bb:7b:66:a1:c4:1e:
                    6f:65:46:17:c5:fc:ac:12:a7:50:f1:3d:81:17:84:
                    95:dd:d3:ba:f5:83:a3:fc:77:4c:f4:a6:68:d1:59:
                    d7:f7:4b:2f:bd:cd:0c:18:b9:fb:91:ed:44:b0:83:
                    f2:37:b1:69:de:08:be:77:38:61:68:35:cf:8a:9e:
                    ef:42:ea:87:3a:a1:0c:23:91:c0:04:bc:f4:40:9c:
                    33:10:7b:f9:ca:93:41:a6:ab:93:1d:1b:bd:f4:ff:
                    12:fb:90:22:1d:10:94:a6:4f:db:34:a9:ef:e7:0b:
                    ea:45:be:6b:17:12:89:05:31:cc:1e:69:f1:c0:48:
                    5e:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:20:96:09:E0:6A:6D:84:AF:C9:9F:10:89:BB:09:59:7E:F0:A4:3C
            X509v3 Authority Key Identifier:
                keyid:9F:E9:8E:E6:CF:B3:FB:A8:3B:97:2A:E1:26:53:B5:D9:FC:70:70:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n-mO5s-z-6g7lyrhJlO12fxwcC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/4a02af-d548-44cf-9df8-13f898bc7d0e/1/RiCWCeBqbYSvyZ8QibsJWX7wpDw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/4a02af-d548-44cf-9df8-13f898bc7d0e/1/n-mO5s-z-6g7lyrhJlO12fxwcC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.102.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:ae:f8:e6:09:de:f0:67:d4:f8:05:40:ba:c5:92:ac:0d:97:
         72:0e:c4:3d:c3:24:75:44:95:82:28:1b:ed:98:c6:5d:19:3e:
         b8:f4:a4:c7:51:73:2b:2a:6d:c1:28:6c:dc:94:54:50:05:66:
         53:62:3c:25:2e:0e:fd:ec:02:ee:0a:22:5d:06:3e:07:09:06:
         0f:fa:97:43:aa:0c:04:43:d8:38:44:f8:02:46:16:49:e1:69:
         63:ca:d9:c9:e0:dc:55:29:fc:ca:e7:5b:25:47:0d:7e:d7:e9:
         22:c1:d0:79:5b:e3:16:fb:26:17:ad:f1:f0:97:d3:68:83:55:
         15:14:3b:3d:e3:19:8c:3f:8c:b1:da:26:05:2b:0c:f8:d9:9c:
         29:64:f7:e0:5d:7b:1c:58:ac:9f:2e:ce:01:d1:2a:d2:c9:ce:
         7c:b1:c5:c9:18:51:b1:c1:d1:66:07:20:3b:b1:e3:08:d7:ca:
         24:c3:00:6a:93:3f:a1:32:30:01:05:6f:7a:70:4e:31:e0:b2:
         c9:16:f1:ac:af:d2:5f:9f:99:97:8e:52:7e:5a:70:1e:ee:81:
         0a:41:7d:92:6a:54:fe:bb:8a:8e:f9:61:5a:06:15:08:99:ce:
         f9:04:f1:80:d7:f3:33:95:74:11:d4:a3:e5:27:55:bf:5d:3c:
         3a:cc:3c:44
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDALK7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlm
ZTk4ZWU2Y2ZiM2ZiYTgzYjk3MmFlMTI2NTNiNWQ5ZmM3MDcwMmUwHhcNMjIwNTAz
MDcxMjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NjIwOTYwOWUwNmE2
ZDg0YWZjOTlmMTA4OWJiMDk1OTdlZjBhNDNjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAt/1a6Ike9dNT7mKafispMo6WzsUzh/QduZGPqA2c2XYpsUXo
QK3VbTaOhabbVxwGYZ3nKO1TMbScZQLk45rFS/ZTzPi4AqXawEGhLQkGsPmf+rqq
q29S8Xaan/MAUzXvL6TZdKAigvDWY1Pg0iW1sbD2XoDv0dt8GtcToymSCIa7e2ah
xB5vZUYXxfysEqdQ8T2BF4SV3dO69YOj/HdM9KZo0VnX90svvc0MGLn7ke1EsIPy
N7Fp3gi+dzhhaDXPip7vQuqHOqEMI5HABLz0QJwzEHv5ypNBpquTHRu99P8S+5Ai
HRCUpk/bNKnv5wvqRb5rFxKJBTHMHmnxwEheVQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFEYglgngam2Er8mfEIm7CVl+8KQ8MB8GA1UdIwQYMBaAFJ/pjubPs/uoO5cq
4SZTtdn8cHAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bi1tTzVzLXotNmc3bHlyaEpsTzEyZnh3Y0M0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iYS80YTAyYWYtZDU0OC00NGNmLTlkZjgtMTNmODk4YmM3ZDBlLzEv
UmlDV0NlQnFiWVN2eVo4UWlic0pXWDd3cER3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS80
YTAyYWYtZDU0OC00NGNmLTlkZjgtMTNmODk4YmM3ZDBlLzEvbi1tTzVzLXotNmc3
bHlyaEpsTzEyZnh3Y0M0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmZ+MA0GCSqGSIb3DQEBCwUAA4IB
AQATrvjmCd7wZ9T4BUC6xZKsDZdyDsQ9wyR1RJWCKBvtmMZdGT649KTHUXMrKm3B
KGzclFRQBWZTYjwlLg797ALuCiJdBj4HCQYP+pdDqgwEQ9g4RPgCRhZJ4WljytnJ
4NxVKfzK51slRw1+1+kiwdB5W+MW+yYXrfHwl9Nog1UVFDs94xmMP4yx2iYFKwz4
2ZwpZPfgXXscWKyfLs4B0SrSyc58scXJGFGxwdFmByA7seMI18okwwBqkz+hMjAB
BW96cE4x4LLJFvGsr9Jfn5mXjlJ+WnAe7oEKQX2SalT+u4qO+WFaBhUImc75BPGA
1/MzlXQR1KPlJ1W/XTw6zDxE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:45 2024 by rpki-client on console-ams.rpki-client.org