Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/ReHjZ5jFbk2vm_HoR-a85IT-Kc4.roa
File:                     ReHjZ5jFbk2vm_HoR-a85IT-Kc4.roa (raw, json)
Hash identifier:          jdvJJedsZZqIgITWCJC9FamoFVo8nbSqWilamcv5nMs=
Subject key identifier:   45:E1:E3:67:98:C5:6E:4D:AF:9B:F1:E8:47:E6:BC:E4:84:FE:29:CE
Certificate issuer:       /CN=a2e606c7e93fed36ef90d42ce4a97260bb8aa9c1
Certificate serial:       09D3ECF7
Authority key identifier: A2:E6:06:C7:E9:3F:ED:36:EF:90:D4:2C:E4:A9:72:60:BB:8A:A9:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ouYGx-k_7TbvkNQs5KlyYLuKqcE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/ReHjZ5jFbk2vm_HoR-a85IT-Kc4.roa
Signing time:             Sat 01 Jan 2022 01:54:06 +0000
ROA not before:           Sat 01 Jan 2022 01:54:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13004
IP address blocks:        188.120.127.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 164883703 (0x9d3ecf7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2e606c7e93fed36ef90d42ce4a97260bb8aa9c1
        Validity
            Not Before: Jan  1 01:54:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=45e1e36798c56e4daf9bf1e847e6bce484fe29ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:1f:96:5f:d7:b2:75:ee:48:8d:02:aa:23:c0:
                    b4:f0:71:a6:ee:9c:79:2c:0f:4f:5b:26:ff:98:c7:
                    6b:c7:ce:86:ca:df:c4:32:14:45:68:91:8c:63:d7:
                    da:7f:80:28:35:7a:8c:c1:97:1e:70:dd:9f:a8:91:
                    16:85:2b:ee:99:a8:25:06:be:23:76:7f:db:ae:30:
                    05:00:3e:76:f8:a5:a0:40:f6:a7:36:fa:90:34:ad:
                    e5:bb:38:a6:4c:78:d8:1e:8a:79:15:57:13:02:09:
                    4e:0c:7a:3d:74:a7:8d:5b:72:a5:0f:3e:4e:06:bf:
                    75:cf:02:22:97:ca:ad:e6:71:fb:47:36:8a:25:87:
                    54:07:e9:a5:cb:aa:82:67:5d:a4:ee:93:2f:b4:ac:
                    2c:39:5f:06:2e:d0:29:00:6f:7d:14:b0:64:37:c1:
                    0a:22:75:6b:41:d7:f3:d9:61:54:b5:7e:49:3c:b5:
                    3f:16:9a:f3:f8:71:cb:92:7b:53:2d:2b:c1:11:ff:
                    28:8f:b8:29:8a:a3:37:b0:21:eb:00:fa:b4:09:99:
                    30:9a:85:95:8d:d7:9c:70:8e:1b:d3:01:d5:81:21:
                    48:78:2c:ac:bb:dc:c0:d8:69:f0:3e:54:5c:ae:8f:
                    5a:f5:1d:86:e7:cc:b7:20:a7:5d:10:29:4a:20:75:
                    b4:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:E1:E3:67:98:C5:6E:4D:AF:9B:F1:E8:47:E6:BC:E4:84:FE:29:CE
            X509v3 Authority Key Identifier:
                keyid:A2:E6:06:C7:E9:3F:ED:36:EF:90:D4:2C:E4:A9:72:60:BB:8A:A9:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouYGx-k_7TbvkNQs5KlyYLuKqcE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/ReHjZ5jFbk2vm_HoR-a85IT-Kc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/ouYGx-k_7TbvkNQs5KlyYLuKqcE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.120.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:7f:27:6c:26:68:89:20:a5:ce:a6:9b:9e:f0:aa:02:44:43:
         20:2d:e0:27:5a:ef:79:0b:aa:35:41:9a:e2:e8:5b:e5:6f:a7:
         5d:eb:ca:29:05:6e:d8:e8:e4:d7:70:3e:ba:4a:29:e9:fa:1c:
         9f:7a:40:d9:99:32:b4:70:d4:ff:51:a0:b8:d4:f6:d2:3a:db:
         c8:0d:92:e2:cc:29:9a:84:34:5e:f1:72:ec:3c:f6:b0:fc:6b:
         46:9f:a6:69:ec:7a:7b:56:c9:cd:7d:d6:e6:a2:bb:6d:d5:e8:
         8c:a8:2c:34:a7:02:f7:f1:40:cc:c6:b6:02:c0:90:3c:cb:b2:
         92:96:5a:0c:b1:61:4e:d1:63:75:2e:0a:a2:6a:96:a7:c2:4e:
         46:d6:c6:44:e4:d2:6c:b2:82:c4:0f:4d:04:9e:a5:99:ad:7d:
         a9:31:2b:c8:d9:d7:86:22:9b:97:98:23:9e:d9:82:2d:57:be:
         ef:6d:a3:44:b1:b7:44:f4:42:c1:49:6c:14:e8:f1:c6:41:88:
         63:82:aa:13:f1:6e:44:b2:59:c2:96:80:95:40:94:f6:80:0c:
         e4:f1:5b:82:40:4d:98:a0:fb:3d:56:49:f7:f1:6c:fc:d3:ee:
         82:de:db:e0:f4:3c:a9:12:bc:d4:c2:45:c6:28:57:ae:0b:ab:
         0d:89:58:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECdPs9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MmU2MDZjN2U5M2ZlZDM2ZWY5MGQ0MmNlNGE5NzI2MGJiOGFhOWMxMB4XDTIyMDEw
MTAxNTQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDVlMWUzNjc5OGM1
NmU0ZGFmOWJmMWU4NDdlNmJjZTQ4NGZlMjljZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkfll/XsnXuSI0CqiPAtPBxpu6ceSwPT1sm/5jHa8fOhsrf
xDIURWiRjGPX2n+AKDV6jMGXHnDdn6iRFoUr7pmoJQa+I3Z/264wBQA+dviloED2
pzb6kDSt5bs4pkx42B6KeRVXEwIJTgx6PXSnjVtypQ8+Tga/dc8CIpfKreZx+0c2
iiWHVAfppcuqgmddpO6TL7SsLDlfBi7QKQBvfRSwZDfBCiJ1a0HX89lhVLV+STy1
Pxaa8/hxy5J7Uy0rwRH/KI+4KYqjN7Ah6wD6tAmZMJqFlY3XnHCOG9MB1YEhSHgs
rLvcwNhp8D5UXK6PWvUdhufMtyCnXRApSiB1tHcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRF4eNnmMVuTa+b8ehH5rzkhP4pzjAfBgNVHSMEGDAWgBSi5gbH6T/tNu+Q
1CzkqXJgu4qpwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L291WUd4LWtfN1RidmtOUXM1S2x5WUx1S3FjRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvZDNlMjNmLTBlNWEtNDkyMy1hYjJmLWE5ZWEyMDU3MDQyYi8x
L1JlSGpaNWpGYmsydm1fSG9SLWE4NUlULUtjNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
ZDNlMjNmLTBlNWEtNDkyMy1hYjJmLWE5ZWEyMDU3MDQyYi8xL291WUd4LWtfN1Ri
dmtOUXM1S2x5WUx1S3FjRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALx4fzANBgkqhkiG9w0BAQsFAAOC
AQEAFX8nbCZoiSClzqabnvCqAkRDIC3gJ1rveQuqNUGa4uhb5W+nXevKKQVu2Ojk
13A+ukop6focn3pA2ZkytHDU/1GguNT20jrbyA2S4swpmoQ0XvFy7Dz2sPxrRp+m
aex6e1bJzX3W5qK7bdXojKgsNKcC9/FAzMa2AsCQPMuykpZaDLFhTtFjdS4KomqW
p8JORtbGROTSbLKCxA9NBJ6lma19qTEryNnXhiKbl5gjntmCLVe+722jRLG3RPRC
wUlsFOjxxkGIY4KqE/FuRLJZwpaAlUCU9oAM5PFbgkBNmKD7PVZJ9/Fs/NPugt7b
4PQ8qRK81MJFxihXrgurDYlYgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:10 2024 by rpki-client on console-ams.rpki-client.org