Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/owbfn3Q9YfPTqxr4rKLklTX0qKM.roa
File:                     owbfn3Q9YfPTqxr4rKLklTX0qKM.roa (raw, json)
Hash identifier:          z5zJeBWCx0kGANP69tMtQIhYIzddapgOchlqO6DAYJM=
Subject key identifier:   A3:06:DF:9F:74:3D:61:F3:D3:AB:1A:F8:AC:A2:E4:95:35:F4:A8:A3
Certificate issuer:       /CN=e7f9a8a239683263e755e12c97d2d7a432d0b377
Certificate serial:       0762F564
Authority key identifier: E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/owbfn3Q9YfPTqxr4rKLklTX0qKM.roa
Signing time:             Sat 01 Jan 2022 15:07:28 +0000
ROA not before:           Sat 01 Jan 2022 15:07:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48220
IP address blocks:        217.198.64.0/21 maxlen: 21
                          217.198.72.0/21 maxlen: 21
                          2a00:1de8::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123925860 (0x762f564)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7f9a8a239683263e755e12c97d2d7a432d0b377
        Validity
            Not Before: Jan  1 15:07:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a306df9f743d61f3d3ab1af8aca2e49535f4a8a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:0d:ad:19:83:6c:88:9c:d1:70:f1:e9:88:d5:
                    d5:45:47:89:4c:b1:2d:7d:9b:b9:c7:f9:eb:7a:93:
                    73:b9:2e:1f:e6:42:ed:bf:79:f2:3f:8c:fc:d9:a6:
                    98:15:01:69:3b:e6:ef:1a:5b:39:91:b7:bc:48:c3:
                    32:6e:dc:8d:4b:89:c6:86:50:d7:c2:9d:13:af:05:
                    51:9a:15:ed:85:00:3b:2d:94:30:87:dd:b5:41:81:
                    a6:53:90:47:30:49:ee:38:29:b2:af:97:01:11:4b:
                    b0:ea:fc:24:f0:cc:5e:33:8e:2f:ec:1f:83:68:02:
                    6a:8b:e0:04:6a:92:ac:d7:07:82:86:58:b5:dd:3e:
                    1c:a4:b8:c9:f6:74:dd:25:5c:da:2e:80:9d:36:c7:
                    db:c3:9e:b3:c0:3c:90:b1:ed:b6:65:b4:75:ca:4f:
                    41:c7:f1:6d:25:05:c9:2e:36:78:d6:f0:56:d0:67:
                    cb:bb:fd:29:4e:6b:92:4f:e6:af:15:20:1c:cc:ca:
                    84:7e:95:09:70:bb:03:ac:59:71:37:3e:ab:3e:49:
                    2a:4d:eb:50:09:3c:5c:f9:56:1f:7f:96:3f:5a:85:
                    d3:7a:20:5e:05:77:14:e2:e9:fe:f9:e8:92:e8:5c:
                    25:4e:5b:75:67:8a:d0:dd:43:c1:70:9d:e3:ef:d9:
                    48:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:06:DF:9F:74:3D:61:F3:D3:AB:1A:F8:AC:A2:E4:95:35:F4:A8:A3
            X509v3 Authority Key Identifier:
                keyid:E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/owbfn3Q9YfPTqxr4rKLklTX0qKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/5_moojloMmPnVeEsl9LXpDLQs3c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.198.64.0/20
                IPv6:
                  2a00:1de8::/32

    Signature Algorithm: sha256WithRSAEncryption
         0a:98:4c:7a:84:69:8f:b3:22:25:41:01:15:48:32:c8:2f:6f:
         b1:4f:99:e3:74:0b:cc:30:5a:f4:94:48:a6:72:f4:d9:e9:bd:
         3f:6a:1a:82:ba:73:a1:ae:48:a3:ed:a0:6c:78:0e:6a:ac:95:
         0b:a0:7d:81:fb:65:de:74:71:ed:f1:49:14:8f:8f:4c:2f:1e:
         e4:13:89:be:a9:30:2c:aa:82:f2:75:54:8a:12:d5:95:a5:10:
         a0:89:cb:22:ef:68:3a:c2:85:13:1d:fa:6e:0c:38:92:19:dd:
         3d:2a:43:7a:d6:6d:58:14:90:93:02:30:44:96:08:ff:39:32:
         58:82:f1:8e:b0:f5:7d:df:c6:c3:52:72:46:5c:d5:f9:fd:a2:
         55:09:f9:d4:fc:d3:44:8c:9f:cf:11:38:d7:4b:da:5d:2a:6b:
         0b:e1:78:f1:23:9b:99:c7:dd:e0:49:ab:89:32:01:b8:06:df:
         05:f8:63:5d:9e:bc:fc:cd:5b:13:1c:d9:b2:5d:bc:b5:ca:ef:
         8d:4d:d5:d9:00:0f:5d:25:b1:af:13:b4:fc:85:8d:da:56:be:
         9a:1d:d4:cf:7f:4c:c4:28:3a:7b:9f:38:ec:88:9a:b0:a0:27:
         c9:bf:4e:d9:62:11:ae:8e:4a:55:55:ef:46:63:c5:3d:87:e8:
         83:67:f8:ae
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB2L1ZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Y5YThhMjM5NjgzMjYzZTc1NWUxMmM5N2QyZDdhNDMyZDBiMzc3MB4XDTIyMDEw
MTE1MDcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTMwNmRmOWY3NDNk
NjFmM2QzYWIxYWY4YWNhMmU0OTUzNWY0YThhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOsNrRmDbIic0XDx6YjV1UVHiUyxLX2bucf563qTc7kuH+ZC
7b958j+M/NmmmBUBaTvm7xpbOZG3vEjDMm7cjUuJxoZQ18KdE68FUZoV7YUAOy2U
MIfdtUGBplOQRzBJ7jgpsq+XARFLsOr8JPDMXjOOL+wfg2gCaovgBGqSrNcHgoZY
td0+HKS4yfZ03SVc2i6AnTbH28Oes8A8kLHttmW0dcpPQcfxbSUFyS42eNbwVtBn
y7v9KU5rkk/mrxUgHMzKhH6VCXC7A6xZcTc+qz5JKk3rUAk8XPlWH3+WP1qF03og
XgV3FOLp/vnokuhcJU5bdWeK0N1DwXCd4+/ZSP8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSjBt+fdD1h89OrGvisouSVNfSoozAfBgNVHSMEGDAWgBTn+aiiOWgyY+dV
4SyX0tekMtCzdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVfbW9vamxvTW1QblZlRXNsOUxYcERMUXMzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvMjU0OGE0LTc3MTUtNDEzNC04MTMyLTJiZjBhM2JjYzRmMS8x
L293YmZuM1E5WWZQVHF4cjRyS0xrbFRYMHFLTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
MjU0OGE0LTc3MTUtNDEzNC04MTMyLTJiZjBhM2JjYzRmMS8xLzVfbW9vamxvTW1Q
blZlRXNsOUxYcERMUXMzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBNnGQDANBAIAAjAHAwUAKgAd6DAN
BgkqhkiG9w0BAQsFAAOCAQEACphMeoRpj7MiJUEBFUgyyC9vsU+Z43QLzDBa9JRI
pnL02em9P2oagrpzoa5Io+2gbHgOaqyVC6B9gftl3nRx7fFJFI+PTC8e5BOJvqkw
LKqC8nVUihLVlaUQoInLIu9oOsKFEx36bgw4khndPSpDetZtWBSQkwIwRJYI/zky
WILxjrD1fd/Gw1JyRlzV+f2iVQn51PzTRIyfzxE410vaXSprC+F48SObmcfd4Emr
iTIBuAbfBfhjXZ68/M1bExzZsl28tcrvjU3V2QAPXSWxrxO0/IWN2la+mh3Uz39M
xCg6e5847IiasKAnyb9O2WIRro5KVVXvRmPFPYfog2f4rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:48 2024 by rpki-client on console-fra.rpki-client.org