Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/ugDa8rI2vrsQYrM0eo90tyybdrc.roa
File:                     ugDa8rI2vrsQYrM0eo90tyybdrc.roa (raw, json)
Hash identifier:          ns6FeL33IxlJ3cLsrS2daNbxeoO90Iurf7gbG+qIMkw=
Subject key identifier:   BA:00:DA:F2:B2:36:BE:BB:10:62:B3:34:7A:8F:74:B7:2C:9B:76:B7
Certificate issuer:       /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial:       0391AB8F
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/ugDa8rI2vrsQYrM0eo90tyybdrc.roa
Signing time:             Fri 01 Apr 2022 11:59:58 +0000
ROA not before:           Fri 01 Apr 2022 11:59:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211252
IP address blocks:        194.31.96.0/24 maxlen: 24
                          194.31.97.0/24 maxlen: 24
                          194.99.44.0/24 maxlen: 24
                          194.99.46.0/24 maxlen: 24
                          31.210.20.0/23 maxlen: 24
                          162.12.206.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59878287 (0x391ab8f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
        Validity
            Not Before: Apr  1 11:59:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ba00daf2b236bebb1062b3347a8f74b72c9b76b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:29:42:88:1e:fe:50:c2:fc:c2:d0:55:da:72:
                    7f:98:eb:72:e2:8c:01:dc:39:3e:1a:26:41:9a:12:
                    fa:75:15:98:a5:b3:6a:9a:4f:69:cc:24:f7:7d:da:
                    a2:ca:23:f1:73:c6:d1:b8:27:b6:1a:61:13:58:c5:
                    ca:0a:55:c8:06:8a:a8:4e:45:72:3e:0b:c7:af:bb:
                    e8:13:80:a6:f6:86:cf:8e:4a:95:9f:b7:c8:c1:37:
                    ca:53:ab:ab:7d:0d:a8:56:5c:46:eb:c1:50:2c:0c:
                    7c:19:4a:0a:13:bb:3b:2c:fc:cf:be:d6:b7:3d:0b:
                    c0:e0:ce:21:80:d3:67:96:b2:f5:0b:76:9e:03:83:
                    ca:f6:1e:7e:91:ec:7c:41:a9:36:16:9c:c1:3b:49:
                    14:92:ff:5b:ef:3d:64:2e:4c:d4:88:f1:4e:32:e7:
                    78:18:92:e5:78:e1:c3:17:7f:b6:e7:bc:31:1c:6a:
                    62:72:e9:49:4e:19:93:bb:8e:a4:e6:00:1a:4c:7f:
                    31:41:ee:59:aa:c7:b2:47:7c:9c:1f:2e:84:06:97:
                    07:2f:82:c5:65:cb:19:61:98:e3:29:fe:e4:2f:ac:
                    2f:53:1f:d7:12:40:41:90:22:b0:ee:ab:76:85:27:
                    61:f4:d0:1c:da:8a:c8:86:d2:ac:ff:9e:11:0f:dc:
                    cd:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:00:DA:F2:B2:36:BE:BB:10:62:B3:34:7A:8F:74:B7:2C:9B:76:B7
            X509v3 Authority Key Identifier:
                keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/ugDa8rI2vrsQYrM0eo90tyybdrc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.210.20.0/23
                  162.12.206.0/24
                  194.31.96.0/23
                  194.99.44.0/24
                  194.99.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:13:63:bf:a4:81:57:23:37:fb:82:2a:36:9a:85:55:b9:ee:
         39:60:1d:2a:c5:8f:68:32:13:1e:82:49:8a:32:be:07:b0:32:
         9e:d8:a7:14:73:7f:d4:26:7b:c9:f9:57:8b:cb:4c:b5:fa:65:
         ca:b2:c8:e4:68:68:26:70:76:74:14:b8:3a:5d:e2:a7:c1:15:
         f7:57:06:a1:ad:75:2e:06:0b:87:8a:bd:7d:bf:93:b5:d1:29:
         a6:61:06:b5:6d:70:2d:5e:09:92:bc:77:a5:4d:de:d2:06:80:
         04:9b:10:11:5f:1c:0e:b8:23:6b:a9:82:a6:47:95:5e:c1:5e:
         42:0b:5b:bf:50:99:96:52:0d:2a:ad:e6:77:6b:89:30:35:fa:
         aa:02:f9:cc:4a:0a:09:be:9f:9d:a6:bf:2f:1a:65:57:22:d2:
         67:ee:8b:f2:3b:7d:e9:3c:39:b8:b6:3e:7b:c2:4b:be:d4:38:
         44:18:46:e4:fa:de:43:17:54:df:1f:af:60:5a:87:4f:df:64:
         47:31:20:db:2f:92:f2:70:29:3c:9d:ba:e2:91:fa:34:8d:dc:
         9d:b9:ed:66:38:09:97:ba:26:7c:0c:cd:dc:d9:ee:d9:c9:e6:
         8d:02:ec:c7:fb:06:78:d1:2a:fc:ee:77:c9:d4:21:5a:4d:3f:
         c6:be:55:e5
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA5GrjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjRmZWZmYjU3NmU0MTFkZTUxMTg3MWRjMWUwYmQ3YTIwZTJjNGQ3MB4XDTIyMDQw
MTExNTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmEwMGRhZjJiMjM2
YmViYjEwNjJiMzM0N2E4Zjc0YjcyYzliNzZiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYpQoge/lDC/MLQVdpyf5jrcuKMAdw5PhomQZoS+nUVmKWz
appPacwk933aosoj8XPG0bgnthphE1jFygpVyAaKqE5Fcj4Lx6+76BOApvaGz45K
lZ+3yME3ylOrq30NqFZcRuvBUCwMfBlKChO7Oyz8z77Wtz0LwODOIYDTZ5ay9Qt2
ngODyvYefpHsfEGpNhacwTtJFJL/W+89ZC5M1IjxTjLneBiS5Xjhwxd/tue8MRxq
YnLpSU4Zk7uOpOYAGkx/MUHuWarHskd8nB8uhAaXBy+CxWXLGWGY4yn+5C+sL1Mf
1xJAQZAisO6rdoUnYfTQHNqKyIbSrP+eEQ/czQECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBS6ANrysja+uxBiszR6j3S3LJt2tzAfBgNVHSMEGDAWgBRCT+/7V25BHeUR
hx3B4L16IOLE1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FrX3YtMWR1UVIzbEVZY2R3ZUM5ZWlEaXhOYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvNjEzNTA4LTA4MzItNDFmNi1hY2I3LTgzMWY3ZTZmNWNjZC8x
L3VnRGE4ckkydnJzUVlyTTBlbzkwdHl5YmRyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
NjEzNTA4LTA4MzItNDFmNi1hY2I3LTgzMWY3ZTZmNWNjZC8xL1FrX3YtMWR1UVIz
bEVZY2R3ZUM5ZWlEaXhOYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAR/SFAMEAKIMzgMEAcIfYAMEAMJj
LAMEAMJjLjANBgkqhkiG9w0BAQsFAAOCAQEALRNjv6SBVyM3+4IqNpqFVbnuOWAd
KsWPaDITHoJJijK+B7AyntinFHN/1CZ7yflXi8tMtfplyrLI5GhoJnB2dBS4Ol3i
p8EV91cGoa11LgYLh4q9fb+TtdEppmEGtW1wLV4Jkrx3pU3e0gaABJsQEV8cDrgj
a6mCpkeVXsFeQgtbv1CZllINKq3md2uJMDX6qgL5zEoKCb6fnaa/LxplVyLSZ+6L
8jt96Tw5uLY+e8JLvtQ4RBhG5PreQxdU3x+vYFqHT99kRzEg2y+S8nApPJ264pH6
NI3cnbntZjgJl7omfAzN3Nnu2cnmjQLsx/sGeNEq/O53ydQhWk0/xr5V5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:45 2024 by rpki-client on console-ams.rpki-client.org