Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/e0RG94vXcX0dKuZ28u1366xSGGA.roa
File:                     e0RG94vXcX0dKuZ28u1366xSGGA.roa (raw, json)
Hash identifier:          v3R7JOH7GR45Mu+3RkgETQnIUpDB5nDk5rUNcVemKHI=
Subject key identifier:   7B:44:46:F7:8B:D7:71:7D:1D:2A:E6:76:F2:ED:77:EB:AC:52:18:60
Certificate issuer:       /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial:       018288D1B82C60D3D3FD139F250B1DC485FF
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/e0RG94vXcX0dKuZ28u1366xSGGA.roa
Signing time:             Wed 10 Aug 2022 17:33:41 +0000
ROA not before:           Wed 10 Aug 2022 17:33:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62651
IP address blocks:        176.67.82.0/24 maxlen: 24
                          176.67.84.0/24 maxlen: 24
                          176.67.87.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:88:d1:b8:2c:60:d3:d3:fd:13:9f:25:0b:1d:c4:85:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
        Validity
            Not Before: Aug 10 17:33:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7b4446f78bd7717d1d2ae676f2ed77ebac521860
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:b5:34:b6:f3:e9:25:f4:fb:3d:79:9d:dd:b9:
                    51:87:3f:fd:d5:f3:87:e8:3e:99:64:e6:59:d4:1d:
                    5d:a1:a1:3b:88:61:ce:2b:79:1c:c6:42:0c:b3:00:
                    6d:c5:3a:ca:9a:3a:29:b9:fd:a0:3d:0c:d2:c6:fd:
                    4e:ea:13:b3:1a:04:70:33:26:2e:78:e4:51:57:be:
                    27:c2:34:5c:57:f6:82:e1:16:14:d5:68:ba:df:ef:
                    f5:0c:5a:29:a7:c4:e4:38:2e:95:56:be:20:95:ff:
                    d9:a1:1e:40:53:b5:c9:bc:53:d6:3b:f1:8d:9a:da:
                    25:08:8c:22:63:7b:dc:20:83:86:c1:d7:31:90:35:
                    37:6d:5a:34:70:f7:8f:a0:2a:35:18:27:92:d4:8f:
                    20:70:83:f3:b2:9a:02:68:9a:e9:7c:26:b3:5d:89:
                    6a:03:fc:09:14:3b:83:9e:53:4b:df:e6:04:a6:9c:
                    42:7c:f2:ae:5b:9e:d3:5c:69:87:9e:71:79:65:7f:
                    bf:0b:5b:83:de:2a:25:c2:26:99:94:d3:39:46:8b:
                    cd:75:c7:62:90:59:84:75:da:28:9d:2c:47:85:ea:
                    af:d1:9a:8b:05:76:74:df:b6:9e:3f:0c:4c:ba:19:
                    c5:8b:2c:99:6c:cc:ce:7d:05:13:b1:1a:d4:c0:28:
                    b1:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:44:46:F7:8B:D7:71:7D:1D:2A:E6:76:F2:ED:77:EB:AC:52:18:60
            X509v3 Authority Key Identifier:
                keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/e0RG94vXcX0dKuZ28u1366xSGGA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.67.82.0/24
                  176.67.84.0/24
                  176.67.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:58:e2:95:dd:88:c0:05:71:8b:05:60:06:5d:31:ae:8c:40:
         f4:fc:bf:7b:24:74:13:e0:bb:29:5a:f5:81:90:cc:93:7f:4c:
         ad:c8:52:40:39:6b:ec:e0:35:5b:61:f3:15:6b:91:83:b0:ca:
         76:82:26:d4:4e:0a:af:b8:86:51:3e:74:37:a2:97:98:6e:8d:
         58:90:b1:da:cb:75:88:fc:54:3f:df:3f:62:6b:8e:97:25:73:
         94:56:cc:3c:8c:71:c7:f5:b7:6f:13:8d:ae:0c:d7:4a:17:5b:
         9c:e0:c8:d0:e9:89:03:ab:78:4f:3d:8c:a7:42:9d:2b:47:85:
         a5:43:1e:1d:b3:29:02:ef:34:12:1e:69:c8:82:cc:b3:cc:57:
         05:2a:c5:73:29:5a:02:9f:37:5c:86:be:c3:da:93:e1:da:fe:
         ca:d9:0c:d6:84:2a:51:8d:ed:f7:9f:c2:18:dd:0c:a8:1a:3a:
         43:70:2b:be:65:5f:52:ab:9b:bc:36:4b:c0:30:49:ec:34:14:
         fb:22:c6:0e:d4:ca:04:9d:2c:e3:03:99:aa:f7:64:af:66:af:
         91:2c:d9:d1:d2:df:c6:15:f9:38:d0:9b:88:3f:72:1f:11:5e:
         0b:66:41:97:16:36:c2:df:b4:67:e3:79:bb:94:83:71:03:54:
         5d:4b:e8:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKI0bgsYNPT/ROfJQsdxIX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjIwODEwMTczMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQ0NDZmNzhiZDc3MTdkMWQyYWU2NzZmMmVkNzdlYmFjNTIxODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbU0tvPpJfT7PXmd3blRhz/91fOH
6D6ZZOZZ1B1doaE7iGHOK3kcxkIMswBtxTrKmjopuf2gPQzSxv1O6hOzGgRwMyYu
eORRV74nwjRcV/aC4RYU1Wi63+/1DFopp8TkOC6VVr4glf/ZoR5AU7XJvFPWO/GN
mtolCIwiY3vcIIOGwdcxkDU3bVo0cPePoCo1GCeS1I8gcIPzspoCaJrpfCazXYlq
A/wJFDuDnlNL3+YEppxCfPKuW57TXGmHnnF5ZX+/C1uD3iolwiaZlNM5RovNdcdi
kFmEddoonSxHheqv0ZqLBXZ037aePwxMuhnFiyyZbMzOfQUTsRrUwCixkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHtERveL13F9HSrmdvLtd+usUhhgMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvZTBSRzk0dlhjWDBkS3VaMjh1MTM2NnhTR0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsENSAwQA
sENUAwQAsENXMA0GCSqGSIb3DQEBCwUAA4IBAQCVWOKV3YjABXGLBWAGXTGujED0
/L97JHQT4LspWvWBkMyTf0ytyFJAOWvs4DVbYfMVa5GDsMp2gibUTgqvuIZRPnQ3
opeYbo1YkLHay3WI/FQ/3z9ia46XJXOUVsw8jHHH9bdvE42uDNdKF1uc4MjQ6YkD
q3hPPYynQp0rR4WlQx4dsykC7zQSHmnIgsyzzFcFKsVzKVoCnzdchr7D2pPh2v7K
2QzWhCpRje33n8IY3QyoGjpDcCu+ZV9Sq5u8NkvAMEnsNBT7IsYO1MoEnSzjA5mq
92SvZq+RLNnR0t/GFfk40JuIP3IfEV4LZkGXFjbC37Rn43m7lINxA1RdS+ju
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:38 2024 by rpki-client on console-ams.rpki-client.org