Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/NgMONYU07BkGUbX8uBgOwOOPYCw.roa
File:                     NgMONYU07BkGUbX8uBgOwOOPYCw.roa (raw, json)
Hash identifier:          p4l3Tu0VCsCLHqq++cckYHyou2Wk+2B1kQP2/S4/YIE=
Subject key identifier:   36:03:0E:35:85:34:EC:19:06:51:B5:FC:B8:18:0E:C0:E3:8F:60:2C
Certificate issuer:       /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial:       0AABC5F6
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/NgMONYU07BkGUbX8uBgOwOOPYCw.roa
Signing time:             Sat 01 Jan 2022 15:01:54 +0000
ROA not before:           Sat 01 Jan 2022 15:01:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210312
IP address blocks:        147.189.216.0/21 maxlen: 21
                          193.5.16.0/22 maxlen: 22
                          2a0d:3dc0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 179029494 (0xaabc5f6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
        Validity
            Not Before: Jan  1 15:01:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=36030e358534ec190651b5fcb8180ec0e38f602c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:2f:0c:d0:1d:07:df:29:86:cf:23:27:91:0b:
                    18:68:75:2f:0e:9a:ab:5c:68:3d:20:e0:86:9d:02:
                    ca:63:9e:20:76:2d:83:96:37:16:5b:37:38:6c:8d:
                    cb:6b:7f:b2:68:3d:d7:51:66:d6:b4:b3:bd:44:79:
                    f3:7c:65:21:63:ec:48:18:a4:0d:75:4a:ab:71:09:
                    5c:45:8b:40:b1:95:d9:21:58:eb:22:72:37:65:ea:
                    0b:5a:7b:22:1c:29:0c:bb:ab:62:33:9f:f9:b2:5a:
                    55:cf:e0:4c:39:f5:5e:3f:13:c1:9e:4d:31:3b:8c:
                    da:ad:46:27:2d:5e:f2:c6:87:35:04:4f:a7:af:9c:
                    fd:82:56:69:56:8e:4f:e7:86:05:1f:1f:ee:5b:ee:
                    5d:71:db:de:f8:ed:d0:9c:25:50:8a:c7:4c:90:4c:
                    3a:76:6f:d9:c7:a7:96:7c:3d:f0:45:54:a5:41:95:
                    34:ec:91:c7:e9:56:9e:07:c3:42:4f:4f:48:45:c3:
                    42:99:d7:d5:67:17:cc:0c:9b:80:11:1e:f4:cb:9e:
                    39:21:40:b9:f6:b5:7f:40:b7:75:ed:66:84:5a:06:
                    2f:47:ab:78:67:b8:db:e5:0d:dc:8e:d4:4e:95:07:
                    4d:aa:5c:63:0f:02:30:10:8b:df:7b:38:29:dc:c6:
                    3c:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:03:0E:35:85:34:EC:19:06:51:B5:FC:B8:18:0E:C0:E3:8F:60:2C
            X509v3 Authority Key Identifier:
                keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/NgMONYU07BkGUbX8uBgOwOOPYCw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.189.216.0/21
                  193.5.16.0/22
                IPv6:
                  2a0d:3dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         1c:32:ce:6b:04:21:8f:f3:d2:19:66:fb:cb:c5:34:8c:f9:03:
         78:fa:9b:47:2d:3a:d2:46:f1:e5:5d:a5:80:8f:5c:da:0e:61:
         15:48:cf:33:29:9a:b3:d4:6c:80:c0:81:b1:5d:a8:7f:48:6d:
         54:4d:b2:4f:8e:bc:55:a8:cd:96:07:d9:ca:6a:e6:3e:b0:16:
         e1:7c:d8:dc:0a:9f:8f:b7:dc:c7:6c:8b:a6:88:70:17:56:09:
         c4:8f:16:5c:95:22:14:6f:f5:14:67:8e:63:35:4b:1a:a7:d4:
         3e:6c:f8:e8:c4:2b:a8:1f:23:4d:4a:88:db:e4:1b:7a:6e:fc:
         18:4d:a4:a7:d0:d9:cf:7c:53:10:99:08:eb:01:ab:fa:50:bf:
         bc:e3:04:8f:71:c6:48:15:99:2b:35:73:68:54:0f:30:65:ca:
         db:81:e8:04:38:bb:66:b1:fc:61:c4:2b:3e:0c:3e:ae:07:04:
         22:cc:7f:65:05:1a:79:98:29:ab:55:dd:81:24:d4:b8:62:c9:
         66:5f:ca:43:e2:46:ef:b6:be:7d:84:2c:f6:31:a1:bc:44:cd:
         fb:65:15:15:5a:77:d4:1b:9c:21:6d:e6:b8:b9:a7:1b:90:e1:
         da:b1:68:24:5b:31:b0:0e:f3:6b:5a:47:f5:ab:7d:ae:8a:bd:
         9d:c7:ea:f2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECqvF9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzgzYTU0ODdiMzVjMWQxZTFmMTU3YzE5MTMxMmIzZGY0YmMxN2FiMB4XDTIyMDEw
MTE1MDE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzYwMzBlMzU4NTM0
ZWMxOTA2NTFiNWZjYjgxODBlYzBlMzhmNjAyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8vDNAdB98phs8jJ5ELGGh1Lw6aq1xoPSDghp0CymOeIHYt
g5Y3Fls3OGyNy2t/smg911Fm1rSzvUR583xlIWPsSBikDXVKq3EJXEWLQLGV2SFY
6yJyN2XqC1p7IhwpDLurYjOf+bJaVc/gTDn1Xj8TwZ5NMTuM2q1GJy1e8saHNQRP
p6+c/YJWaVaOT+eGBR8f7lvuXXHb3vjt0JwlUIrHTJBMOnZv2cenlnw98EVUpUGV
NOyRx+lWngfDQk9PSEXDQpnX1WcXzAybgBEe9MueOSFAufa1f0C3de1mhFoGL0er
eGe42+UN3I7UTpUHTapcYw8CMBCL33s4KdzGPGsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ2Aw41hTTsGQZRtfy4GA7A449gLDAfBgNVHSMEGDAWgBSXg6VIezXB0eHx
V8GRMSs99LwXqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2w0T2xTSHMxd2RIaDhWZkJrVEVyUGZTOEY2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvZjIyMTMxLWEwZmYtNGYyNy04ZGZhLTY5MTUyZTlhMDhjMy8x
L05nTU9OWVUwN0JrR1ViWDh1QmdPd09PUFlDdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
ZjIyMTMxLWEwZmYtNGYyNy04ZGZhLTY5MTUyZTlhMDhjMy8xL2w0T2xTSHMxd2RI
aDhWZkJrVEVyUGZTOEY2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA5O92AMEAsEFEDANBAIAAjAHAwUD
Kg09wDANBgkqhkiG9w0BAQsFAAOCAQEAHDLOawQhj/PSGWb7y8U0jPkDePqbRy06
0kbx5V2lgI9c2g5hFUjPMymas9RsgMCBsV2of0htVE2yT468VajNlgfZymrmPrAW
4XzY3Aqfj7fcx2yLpohwF1YJxI8WXJUiFG/1FGeOYzVLGqfUPmz46MQrqB8jTUqI
2+Qbem78GE2kp9DZz3xTEJkI6wGr+lC/vOMEj3HGSBWZKzVzaFQPMGXK24HoBDi7
ZrH8YcQrPgw+rgcEIsx/ZQUaeZgpq1XdgSTUuGLJZl/KQ+JG77a+fYQs9jGhvETN
+2UVFVp31BucIW3muLmnG5Dh2rFoJFsxsA7za1pH9at9roq9ncfq8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:45 2024 by rpki-client on console-ams.rpki-client.org