Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/RlxQtzfhohS82PZMK1pGq7TwjCU.roa
File:                     RlxQtzfhohS82PZMK1pGq7TwjCU.roa (raw, json)
Hash identifier:          7mva/mjyJ9vVHMHeIV253bEzKOoNm32y3vEndaQiAWM=
Subject key identifier:   46:5C:50:B7:37:E1:A2:14:BC:D8:F6:4C:2B:5A:46:AB:B4:F0:8C:25
Certificate issuer:       /CN=89b332d57ce14fab1ebd746817dd701062c74a88
Certificate serial:       0EB33194
Authority key identifier: 89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/RlxQtzfhohS82PZMK1pGq7TwjCU.roa
Signing time:             Wed 25 May 2022 07:56:13 +0000
ROA not before:           Wed 25 May 2022 07:56:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39830
IP address blocks:        83.173.125.0/24 maxlen: 24
                          83.173.124.0/24 maxlen: 24
                          83.173.126.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 246624660 (0xeb33194)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b332d57ce14fab1ebd746817dd701062c74a88
        Validity
            Not Before: May 25 07:56:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=465c50b737e1a214bcd8f64c2b5a46abb4f08c25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:73:e8:97:e9:27:14:75:2b:4b:e7:83:81:cf:
                    8c:c3:81:e4:53:d3:2b:cf:db:03:1e:dc:89:97:92:
                    4d:e0:98:28:c8:4a:95:75:8f:c9:7a:bb:c0:44:cf:
                    bb:7a:1f:2a:56:db:2a:ff:14:7a:63:dd:ac:44:73:
                    31:e9:16:c8:77:32:be:7e:6a:89:f8:bf:77:b2:f9:
                    b1:a0:70:10:4f:b0:79:5d:fa:11:cb:73:4f:e5:cc:
                    0a:30:56:14:69:47:6f:2d:e0:ea:f6:0a:ef:b6:11:
                    ab:5c:03:4c:a6:ed:1c:9b:34:e5:e0:2d:99:10:1d:
                    d4:7a:28:f4:6e:14:9a:05:e9:1a:17:c0:fd:b2:6d:
                    65:da:dd:b7:85:94:07:0b:15:44:b1:bd:ed:3d:d6:
                    8a:11:75:96:76:8d:82:d5:7d:62:a2:ff:05:93:30:
                    3d:1d:d6:21:a8:a6:d8:a1:d4:12:af:58:3c:a4:40:
                    af:70:e7:03:1b:1a:90:84:cc:5e:b1:14:5c:95:32:
                    15:91:6f:fb:c8:06:7d:f9:bd:c3:f3:4f:11:1b:21:
                    85:16:16:6b:15:b8:cb:05:fb:1d:4c:02:0d:8b:48:
                    69:2b:07:d4:5e:0c:69:98:c0:4e:9c:7c:16:26:be:
                    19:59:62:9f:44:1f:33:27:e3:da:dc:0b:92:ee:bc:
                    8d:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:5C:50:B7:37:E1:A2:14:BC:D8:F6:4C:2B:5A:46:AB:B4:F0:8C:25
            X509v3 Authority Key Identifier:
                keyid:89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/RlxQtzfhohS82PZMK1pGq7TwjCU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/ibMy1XzhT6sevXRoF91wEGLHSog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.173.124.0-83.173.126.255

    Signature Algorithm: sha256WithRSAEncryption
         87:22:fe:5b:b0:44:19:e5:b3:12:0c:a8:6a:26:8d:4a:66:3e:
         03:41:6a:45:a0:8f:31:0b:77:1d:a7:24:79:14:cf:51:8d:42:
         80:21:63:e4:07:f8:7b:24:3d:de:b8:a1:bb:af:e7:0c:a1:6e:
         ab:67:10:3f:b3:89:4f:05:c5:e4:37:ac:c6:d4:fb:38:6d:b8:
         2a:97:9b:7e:55:6d:05:4a:09:a8:6b:51:64:47:5b:17:da:a0:
         07:e4:1a:89:a3:8c:fc:01:2e:41:8f:c5:ce:64:0c:42:ad:91:
         77:4d:50:45:46:41:0b:bb:4b:1f:5a:0a:b4:5d:0c:0c:53:08:
         fe:2b:c3:8a:24:93:b6:8d:13:dc:06:51:20:99:98:cc:e6:4b:
         5f:d3:81:23:de:70:0c:0d:7e:6a:9d:e8:84:3f:93:1b:3c:27:
         f1:6a:8a:c5:25:5e:15:50:51:52:e9:61:fe:8b:8a:ee:ec:f5:
         73:0a:82:97:d3:d9:70:e1:f1:32:87:96:45:1f:ae:49:05:98:
         94:f7:66:f0:91:2e:59:53:86:09:4a:75:7a:6d:65:a4:7f:c1:
         de:81:cb:f2:98:ac:40:25:f4:a2:d3:31:af:b2:62:99:53:a2:
         6d:db:21:2b:fd:8d:05:94:6a:8a:48:ba:30:3a:6c:c3:48:3d:
         13:a1:40:d1
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEDrMxlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWIzMzJkNTdjZTE0ZmFiMWViZDc0NjgxN2RkNzAxMDYyYzc0YTg4MB4XDTIyMDUy
NTA3NTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDY1YzUwYjczN2Ux
YTIxNGJjZDhmNjRjMmI1YTQ2YWJiNGYwOGMyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJz6JfpJxR1K0vng4HPjMOB5FPTK8/bAx7ciZeSTeCYKMhK
lXWPyXq7wETPu3ofKlbbKv8UemPdrERzMekWyHcyvn5qifi/d7L5saBwEE+weV36
EctzT+XMCjBWFGlHby3g6vYK77YRq1wDTKbtHJs05eAtmRAd1Hoo9G4UmgXpGhfA
/bJtZdrdt4WUBwsVRLG97T3WihF1lnaNgtV9YqL/BZMwPR3WIaim2KHUEq9YPKRA
r3DnAxsakITMXrEUXJUyFZFv+8gGffm9w/NPERshhRYWaxW4ywX7HUwCDYtIaSsH
1F4MaZjATpx8Fia+GVlin0QfMyfj2twLku68jXkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRGXFC3N+GiFLzY9kwrWkartPCMJTAfBgNVHSMEGDAWgBSJszLVfOFPqx69
dGgX3XAQYsdKiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2liTXkxWHpoVDZzZXZYUm9GOTF3RUdMSFNvZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvODE3MTlkLTQ2N2MtNGFmNy1hODI0LTQ2YTBkZjc3NGZlMS8x
L1JseFF0emZob2hTODJQWk1LMXBHcTdUd2pDVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
ODE3MTlkLTQ2N2MtNGFmNy1hODI0LTQ2YTBkZjc3NGZlMS8xL2liTXkxWHpoVDZz
ZXZYUm9GOTF3RUdMSFNvZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCU618AwQAU61+MA0GCSqGSIb3
DQEBCwUAA4IBAQCHIv5bsEQZ5bMSDKhqJo1KZj4DQWpFoI8xC3cdpyR5FM9RjUKA
IWPkB/h7JD3euKG7r+cMoW6rZxA/s4lPBcXkN6zG1Ps4bbgql5t+VW0FSgmoa1Fk
R1sX2qAH5BqJo4z8AS5Bj8XOZAxCrZF3TVBFRkELu0sfWgq0XQwMUwj+K8OKJJO2
jRPcBlEgmZjM5ktf04Ej3nAMDX5qneiEP5MbPCfxaorFJV4VUFFS6WH+i4ru7PVz
CoKX09lw4fEyh5ZFH65JBZiU92bwkS5ZU4YJSnV6bWWkf8HegcvymKxAJfSi0zGv
smKZU6Jt2yEr/Y0FlGqKSLowOmzDSD0ToUDR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org