Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3e0e9a-51f3-49de-9d1b-00cd86af849d/1/wXRo1tzmpDA35O0cHvLzexFBxJ0.roa
File:                     wXRo1tzmpDA35O0cHvLzexFBxJ0.roa (raw, json)
Hash identifier:          Ofv+YPX7h4K0dmZsoigIBjkhzmxY1+tQGT5a1/iji20=
Subject key identifier:   C1:74:68:D6:DC:E6:A4:30:37:E4:ED:1C:1E:F2:F3:7B:11:41:C4:9D
Certificate issuer:       /CN=9ca8a132519a242949497363b8caa33e72c673f8
Certificate serial:       0170CB40
Authority key identifier: 9C:A8:A1:32:51:9A:24:29:49:49:73:63:B8:CA:A3:3E:72:C6:73:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nKihMlGaJClJSXNjuMqjPnLGc_g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3e0e9a-51f3-49de-9d1b-00cd86af849d/1/wXRo1tzmpDA35O0cHvLzexFBxJ0.roa
Signing time:             Sat 01 Jan 2022 05:01:09 +0000
ROA not before:           Sat 01 Jan 2022 05:01:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15943
IP address blocks:        194.45.20.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24169280 (0x170cb40)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ca8a132519a242949497363b8caa33e72c673f8
        Validity
            Not Before: Jan  1 05:01:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c17468d6dce6a43037e4ed1c1ef2f37b1141c49d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:80:71:7e:89:ad:5a:ca:be:91:7b:a1:79:61:
                    8e:5b:e9:f2:7f:e3:de:09:5b:ca:6e:38:21:c1:d8:
                    3f:bf:da:e9:69:60:7e:ec:b9:8b:f0:ed:31:a4:23:
                    5b:71:88:48:2a:06:c3:cd:41:05:da:4d:64:89:4a:
                    86:11:1f:f1:99:7d:b8:e9:9b:6f:42:db:56:33:bd:
                    bd:a1:8e:65:88:39:5b:fe:00:84:11:6e:59:a9:a9:
                    f4:43:da:96:4d:e9:4a:1f:dc:e4:df:e6:2c:73:74:
                    df:50:1b:05:ee:48:ef:8f:bd:2d:bf:9b:d3:be:9f:
                    65:6b:65:59:15:ac:a3:4c:84:18:06:44:33:9c:27:
                    cc:08:da:6d:b5:45:22:f9:88:d9:b4:e3:a2:1b:78:
                    3b:e5:e9:09:bc:3a:0c:4a:4a:45:e5:c9:9a:0a:f6:
                    4b:c1:91:6b:ff:cc:80:5f:2f:30:ed:d6:e7:87:65:
                    2e:3a:54:93:b0:de:cc:19:52:cf:91:a3:c8:72:c4:
                    2d:35:1a:d0:80:9c:7e:b9:9b:67:97:f4:84:e7:2a:
                    8d:b1:fc:a1:4c:30:f4:d2:e9:60:54:49:e7:b1:0d:
                    e5:59:e7:91:f0:e9:10:96:8c:7e:56:c4:a0:8b:09:
                    41:6e:b4:fc:6b:d8:1f:00:e4:22:02:03:f9:82:c0:
                    2d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:74:68:D6:DC:E6:A4:30:37:E4:ED:1C:1E:F2:F3:7B:11:41:C4:9D
            X509v3 Authority Key Identifier:
                keyid:9C:A8:A1:32:51:9A:24:29:49:49:73:63:B8:CA:A3:3E:72:C6:73:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nKihMlGaJClJSXNjuMqjPnLGc_g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3e0e9a-51f3-49de-9d1b-00cd86af849d/1/wXRo1tzmpDA35O0cHvLzexFBxJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3e0e9a-51f3-49de-9d1b-00cd86af849d/1/nKihMlGaJClJSXNjuMqjPnLGc_g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.45.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:a2:a4:b4:41:33:fe:34:db:c7:27:e4:34:80:49:81:ff:fe:
         22:5d:0b:26:33:97:58:10:0b:67:db:31:f7:ee:70:73:5b:b9:
         e8:0b:bb:03:16:d3:bb:39:61:ce:4f:f2:6a:f9:f2:42:2d:fc:
         c8:a9:fc:f3:4f:9a:1b:53:5d:6c:33:4d:a1:ce:70:8a:e7:71:
         97:0d:61:9b:4a:aa:ce:6b:fe:94:0f:a4:69:7d:81:e5:dd:68:
         17:5f:30:2a:8d:e9:c8:56:df:14:a0:b4:58:75:90:7c:05:05:
         1a:4d:d9:7a:11:3d:18:b9:41:7e:43:2c:c5:24:5f:52:e0:fc:
         18:07:7d:fd:8c:c6:11:c3:7a:ff:b3:a0:2b:2f:97:c5:93:f5:
         f0:d6:2a:e1:2f:7d:a8:54:08:b9:68:47:3d:39:11:fb:87:0b:
         4c:b4:b7:9f:e5:85:85:f5:10:24:95:98:00:5a:75:81:c8:ed:
         fc:71:96:fe:ba:d3:c6:16:54:4f:b2:82:e7:56:4f:e8:4b:c8:
         09:6f:37:52:36:c6:f9:bf:97:9b:65:a1:3d:96:fc:cd:7a:66:
         b5:dd:1a:1f:b6:4f:1a:d8:56:b0:ef:f4:2a:7e:20:03:f6:12:
         e5:7d:44:2c:c1:78:c5:00:91:36:16:28:ff:98:6b:b7:79:23:
         7b:9c:79:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXDLQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2E4YTEzMjUxOWEyNDI5NDk0OTczNjNiOGNhYTMzZTcyYzY3M2Y4MB4XDTIyMDEw
MTA1MDEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzE3NDY4ZDZkY2U2
YTQzMDM3ZTRlZDFjMWVmMmYzN2IxMTQxYzQ5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeAcX6JrVrKvpF7oXlhjlvp8n/j3glbym44IcHYP7/a6Wlg
fuy5i/DtMaQjW3GISCoGw81BBdpNZIlKhhEf8Zl9uOmbb0LbVjO9vaGOZYg5W/4A
hBFuWamp9EPalk3pSh/c5N/mLHN031AbBe5I74+9Lb+b076fZWtlWRWso0yEGAZE
M5wnzAjabbVFIvmI2bTjoht4O+XpCbw6DEpKReXJmgr2S8GRa//MgF8vMO3W54dl
LjpUk7DezBlSz5GjyHLELTUa0ICcfrmbZ5f0hOcqjbH8oUww9NLpYFRJ57EN5Vnn
kfDpEJaMflbEoIsJQW60/GvYHwDkIgID+YLALSkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTBdGjW3OakMDfk7Rwe8vN7EUHEnTAfBgNVHSMEGDAWgBScqKEyUZokKUlJ
c2O4yqM+csZz+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25LaWhNbEdhSkNsSlNYTmp1TXFqUG5MR2NfZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvM2UwZTlhLTUxZjMtNDlkZS05ZDFiLTAwY2Q4NmFmODQ5ZC8x
L3dYUm8xdHptcERBMzVPMGNIdkx6ZXhGQnhKMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
M2UwZTlhLTUxZjMtNDlkZS05ZDFiLTAwY2Q4NmFmODQ5ZC8xL25LaWhNbEdhSkNs
SlNYTmp1TXFqUG5MR2NfZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMItFDANBgkqhkiG9w0BAQsFAAOC
AQEAeKKktEEz/jTbxyfkNIBJgf/+Il0LJjOXWBALZ9sx9+5wc1u56Au7AxbTuzlh
zk/yavnyQi38yKn880+aG1NdbDNNoc5wiudxlw1hm0qqzmv+lA+kaX2B5d1oF18w
Ko3pyFbfFKC0WHWQfAUFGk3ZehE9GLlBfkMsxSRfUuD8GAd9/YzGEcN6/7OgKy+X
xZP18NYq4S99qFQIuWhHPTkR+4cLTLS3n+WFhfUQJJWYAFp1gcjt/HGW/rrTxhZU
T7KC51ZP6EvICW83UjbG+b+Xm2WhPZb8zXpmtd0aH7ZPGthWsO/0Kn4gA/YS5X1E
LMF4xQCRNhYo/5hrt3kje5x5dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:50 2024 by rpki-client on console-fra.rpki-client.org