Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/03a0aa-2b69-4a98-a61b-60b988c95230/1/A7rJuyDg7m0QxStVsTsHyVOzOHE.roa
File:                     A7rJuyDg7m0QxStVsTsHyVOzOHE.roa (raw, json)
Hash identifier:          GGs6yPPa233iJct+xyJMyx5R9/WQRsdbLcU4OCv4Ux0=
Subject key identifier:   03:BA:C9:BB:20:E0:EE:6D:10:C5:2B:55:B1:3B:07:C9:53:B3:38:71
Certificate issuer:       /CN=f454f84f78085f8ea03a49689cbe372e74ac153c
Certificate serial:       0729064A
Authority key identifier: F4:54:F8:4F:78:08:5F:8E:A0:3A:49:68:9C:BE:37:2E:74:AC:15:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9FT4T3gIX46gOklonL43LnSsFTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/03a0aa-2b69-4a98-a61b-60b988c95230/1/A7rJuyDg7m0QxStVsTsHyVOzOHE.roa
Signing time:             Sat 01 Jan 2022 01:51:55 +0000
ROA not before:           Sat 01 Jan 2022 01:51:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39647
IP address blocks:        194.30.175.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120129098 (0x729064a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f454f84f78085f8ea03a49689cbe372e74ac153c
        Validity
            Not Before: Jan  1 01:51:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=03bac9bb20e0ee6d10c52b55b13b07c953b33871
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6a:c6:87:4a:dd:76:6c:72:74:11:95:99:ad:
                    77:f6:1d:0f:8a:4c:32:56:f6:2a:7a:45:00:dd:5a:
                    fa:77:62:a4:75:e9:2a:31:23:85:3c:75:fc:30:ea:
                    09:c3:e6:f1:c1:c1:f1:2b:a6:90:51:67:32:92:fc:
                    ed:4e:c2:07:02:76:9b:92:c0:df:d6:e1:60:4b:a6:
                    95:81:a5:da:77:ae:b8:af:e8:7b:2d:9a:61:ce:7c:
                    00:06:14:05:75:33:b8:dc:62:8a:a8:af:0a:e4:89:
                    5b:93:0a:0f:8e:88:ac:8d:c4:2d:23:d9:1c:13:41:
                    36:d3:bc:b3:e6:8a:fe:23:f3:74:e9:2d:32:ac:e6:
                    0c:0c:ca:74:51:52:fa:68:5f:e1:1c:d0:48:71:fe:
                    e3:a9:cd:77:a1:9e:e3:9f:f1:fd:ec:35:7c:8a:74:
                    6c:83:ad:a3:3f:f8:b1:e8:93:6d:92:ea:9a:0d:cd:
                    6f:5d:65:79:ad:16:f8:e0:0b:19:d8:8a:92:57:de:
                    71:45:5a:0f:8d:b6:81:3d:2e:ef:ba:44:e9:89:bd:
                    97:ad:f2:2b:79:42:a9:72:3f:88:44:b5:7e:bd:9a:
                    34:eb:f7:f3:3c:7e:0f:b6:0b:da:c6:f8:4f:4c:0e:
                    6e:f1:9b:b4:51:15:23:4c:0c:4e:fc:72:ba:42:c8:
                    0b:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:BA:C9:BB:20:E0:EE:6D:10:C5:2B:55:B1:3B:07:C9:53:B3:38:71
            X509v3 Authority Key Identifier:
                keyid:F4:54:F8:4F:78:08:5F:8E:A0:3A:49:68:9C:BE:37:2E:74:AC:15:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9FT4T3gIX46gOklonL43LnSsFTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/03a0aa-2b69-4a98-a61b-60b988c95230/1/A7rJuyDg7m0QxStVsTsHyVOzOHE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/03a0aa-2b69-4a98-a61b-60b988c95230/1/9FT4T3gIX46gOklonL43LnSsFTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.30.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:41:44:99:c8:f9:ee:f2:a6:b9:2c:c8:c1:11:4d:99:ed:98:
         28:51:61:58:6f:d2:77:c6:f9:da:1a:b3:bf:60:d8:6b:fc:3f:
         b5:50:56:eb:e7:7e:94:cd:7c:78:36:1f:7c:a7:c9:2b:7f:2c:
         17:9d:e3:e5:64:41:6d:7d:f5:5f:a7:7e:b9:6c:79:60:ea:3b:
         f6:fa:c0:6a:f3:a6:8d:57:37:5a:91:fc:3c:6c:e2:2f:c3:11:
         5f:3c:58:92:6e:61:85:cf:c0:f7:fa:d9:b9:f2:b1:dc:44:88:
         46:45:c0:73:45:ec:e5:78:15:cb:e2:e6:63:f8:52:d9:0e:fd:
         0e:5a:df:ac:40:e7:fc:f5:07:ec:40:ee:85:7e:d3:88:80:c7:
         bf:c3:c1:8d:8d:21:0f:b1:ed:c6:e9:c7:b5:dd:e2:1a:59:dc:
         04:8c:8f:f7:fb:6d:da:ce:1a:4a:bc:2f:b3:47:10:d3:0e:f1:
         42:e7:34:5a:d9:f6:a7:23:6f:bf:19:fc:dc:1d:cf:94:16:b5:
         7c:43:86:d7:1f:70:71:fd:1e:9d:e2:f0:7f:c5:e2:a6:d7:a3:
         60:1a:cf:ac:06:9d:fc:35:45:d9:00:47:7c:fc:be:78:f4:ba:
         0b:fd:d9:0c:bf:50:68:1b:52:33:84:fa:30:f1:4e:6a:73:ac:
         2e:0f:89:81
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBykGSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDU0Zjg0Zjc4MDg1ZjhlYTAzYTQ5Njg5Y2JlMzcyZTc0YWMxNTNjMB4XDTIyMDEw
MTAxNTE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDNiYWM5YmIyMGUw
ZWU2ZDEwYzUyYjU1YjEzYjA3Yzk1M2IzMzg3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpqxodK3XZscnQRlZmtd/YdD4pMMlb2KnpFAN1a+ndipHXp
KjEjhTx1/DDqCcPm8cHB8SumkFFnMpL87U7CBwJ2m5LA39bhYEumlYGl2neuuK/o
ey2aYc58AAYUBXUzuNxiiqivCuSJW5MKD46IrI3ELSPZHBNBNtO8s+aK/iPzdOkt
MqzmDAzKdFFS+mhf4RzQSHH+46nNd6Ge45/x/ew1fIp0bIOtoz/4seiTbZLqmg3N
b11lea0W+OALGdiKklfecUVaD422gT0u77pE6Ym9l63yK3lCqXI/iES1fr2aNOv3
8zx+D7YL2sb4T0wObvGbtFEVI0wMTvxyukLICy8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQDusm7IODubRDFK1WxOwfJU7M4cTAfBgNVHSMEGDAWgBT0VPhPeAhfjqA6
SWicvjcudKwVPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlGVDRUM2dJWDQ2Z09rbG9uTDQzTG5Tc0ZUdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvMDNhMGFhLTJiNjktNGE5OC1hNjFiLTYwYjk4OGM5NTIzMC8x
L0E3ckp1eURnN20wUXhTdFZzVHNIeVZPek9IRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
MDNhMGFhLTJiNjktNGE5OC1hNjFiLTYwYjk4OGM5NTIzMC8xLzlGVDRUM2dJWDQ2
Z09rbG9uTDQzTG5Tc0ZUdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIerzANBgkqhkiG9w0BAQsFAAOC
AQEAdEFEmcj57vKmuSzIwRFNme2YKFFhWG/Sd8b52hqzv2DYa/w/tVBW6+d+lM18
eDYffKfJK38sF53j5WRBbX31X6d+uWx5YOo79vrAavOmjVc3WpH8PGziL8MRXzxY
km5hhc/A9/rZufKx3ESIRkXAc0Xs5XgVy+LmY/hS2Q79DlrfrEDn/PUH7EDuhX7T
iIDHv8PBjY0hD7HtxunHtd3iGlncBIyP9/tt2s4aSrwvs0cQ0w7xQuc0Wtn2pyNv
vxn83B3PlBa1fEOG1x9wcf0eneLwf8XiptejYBrPrAad/DVF2QBHfPy+ePS6C/3Z
DL9QaBtSM4T6MPFOanOsLg+JgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:30 2024 by rpki-client on console-fra.rpki-client.org