Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/4rA3GrplySjIQLJtO4Gll6CT9jM.roa
File:                     4rA3GrplySjIQLJtO4Gll6CT9jM.roa (raw, json)
Hash identifier:          hR4aBwwf1ccuELJqSXR9o0rK7+2UyMsGKy74qysJtdY=
Subject key identifier:   E2:B0:37:1A:BA:65:C9:28:C8:40:B2:6D:3B:81:A5:97:A0:93:F6:33
Certificate issuer:       /CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Certificate serial:       06E64ACE
Authority key identifier: F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/4rA3GrplySjIQLJtO4Gll6CT9jM.roa
Signing time:             Sat 01 Jan 2022 14:08:44 +0000
ROA not before:           Sat 01 Jan 2022 14:08:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        146.133.124.0/24 maxlen: 24
                          146.133.127.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115755726 (0x6e64ace)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7822d4597e5493d15178bfb10e6841dd17e5897
        Validity
            Not Before: Jan  1 14:08:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2b0371aba65c928c840b26d3b81a597a093f633
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:4f:14:53:3c:d7:39:42:f9:3b:e1:71:7f:1f:
                    82:91:cf:1d:61:da:c9:ae:42:a8:3d:75:49:87:e3:
                    6e:3e:90:a1:50:1a:79:f6:b8:54:b3:80:26:56:49:
                    fd:64:8e:33:d6:80:f6:4b:62:dc:4f:9f:bc:fa:93:
                    03:b0:0d:3c:21:9f:43:df:df:a8:d7:4b:9c:fd:06:
                    e7:ed:3d:c3:51:ff:33:60:b4:f8:12:21:5d:f9:65:
                    ef:b3:5d:65:55:7d:d8:59:10:0b:42:f3:37:eb:38:
                    d3:36:37:f3:d0:6a:33:c8:3a:2c:a8:61:7b:fd:82:
                    c7:ab:60:95:5b:b1:06:f0:a4:cb:5b:58:25:06:6a:
                    20:c3:99:86:7c:1b:bc:32:9c:9d:5d:17:4c:57:43:
                    dd:62:c5:ce:75:23:8d:7e:9f:0e:a4:98:be:34:32:
                    fe:4f:51:68:7a:c1:d1:84:58:c5:fe:02:29:15:d5:
                    a6:bd:d2:d1:31:c4:73:4c:7a:b6:99:2e:78:84:a1:
                    38:b0:9a:4c:b4:62:ee:8b:8d:44:f7:48:bd:16:fe:
                    10:5e:52:07:38:33:6e:17:0c:0e:57:3b:18:25:c1:
                    27:86:13:25:c1:e9:88:96:c9:5a:1a:85:fa:fa:aa:
                    ba:2d:1d:95:d7:f2:82:bd:34:d8:4a:e6:32:87:ac:
                    ac:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:B0:37:1A:BA:65:C9:28:C8:40:B2:6D:3B:81:A5:97:A0:93:F6:33
            X509v3 Authority Key Identifier:
                keyid:F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/4rA3GrplySjIQLJtO4Gll6CT9jM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.133.124.0/24
                  146.133.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:4e:91:24:8d:c5:21:1a:29:f4:ec:00:36:48:77:86:d7:a0:
         97:79:7e:0f:a3:5b:18:a8:cb:8a:50:0e:7d:33:d1:34:49:16:
         a9:b5:c5:18:5c:6a:14:b1:0b:17:b2:12:ac:f5:3a:91:49:54:
         e1:1a:82:05:03:94:26:3a:19:bd:a1:84:eb:68:1d:82:2c:a0:
         87:82:75:ca:7e:b3:98:cf:09:90:a1:1a:4a:a2:49:35:5b:c6:
         49:87:a3:6e:01:93:1c:8d:d5:69:3d:e8:0a:ac:b3:cf:43:c4:
         9e:17:66:ff:59:ba:dc:66:df:ab:43:0d:5c:a9:8c:84:2c:6c:
         a3:48:23:ab:d2:7e:1d:a4:2a:6e:ed:c1:65:b2:86:c5:21:63:
         d1:1b:8e:98:6f:22:1b:74:dc:3c:3e:69:34:42:79:cb:cf:1f:
         5b:91:e1:62:96:19:dc:71:31:0d:0e:0b:a9:22:b6:83:4e:ed:
         dc:f4:99:4e:1b:78:e8:f1:6f:14:21:9d:31:b0:fe:b8:b5:6d:
         7a:73:3f:34:a9:ae:df:70:a8:c6:5c:7d:b9:75:f1:f0:76:fc:
         55:db:99:0b:78:f4:5c:3c:9a:2f:41:f9:5a:19:9b:60:86:90:
         0f:bc:3f:aa:2a:c7:7d:46:34:ec:a5:9e:a5:b9:b6:9f:7a:32:
         32:af:76:56
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBuZKzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzgyMmQ0NTk3ZTU0OTNkMTUxNzhiZmIxMGU2ODQxZGQxN2U1ODk3MB4XDTIyMDEw
MTE0MDg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJiMDM3MWFiYTY1
YzkyOGM4NDBiMjZkM2I4MWE1OTdhMDkzZjYzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJPFFM81zlC+TvhcX8fgpHPHWHaya5CqD11SYfjbj6QoVAa
efa4VLOAJlZJ/WSOM9aA9kti3E+fvPqTA7ANPCGfQ9/fqNdLnP0G5+09w1H/M2C0
+BIhXfll77NdZVV92FkQC0LzN+s40zY389BqM8g6LKhhe/2Cx6tglVuxBvCky1tY
JQZqIMOZhnwbvDKcnV0XTFdD3WLFznUjjX6fDqSYvjQy/k9RaHrB0YRYxf4CKRXV
pr3S0THEc0x6tpkueIShOLCaTLRi7ouNRPdIvRb+EF5SBzgzbhcMDlc7GCXBJ4YT
JcHpiJbJWhqF+vqqui0dldfygr002ErmMoesrH0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTisDcaumXJKMhAsm07gaWXoJP2MzAfBgNVHSMEGDAWgBT3gi1Fl+VJPRUX
i/sQ5oQd0X5YlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzk0SXRSWmZsU1QwVkY0djdFT2FFSGRGLVdKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvMzEwODFhLThiNWEtNDllYy05MDM2LTg2MmU5OTk3M2ZjMy8x
LzRyQTNHcnBseVNqSVFMSnRPNEdsbDZDVDlqTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
MzEwODFhLThiNWEtNDllYy05MDM2LTg2MmU5OTk3M2ZjMy8xLzk0SXRSWmZsU1Qw
VkY0djdFT2FFSGRGLVdKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAJKFfAMEAJKFfzANBgkqhkiG9w0B
AQsFAAOCAQEAVU6RJI3FIRop9OwANkh3htegl3l+D6NbGKjLilAOfTPRNEkWqbXF
GFxqFLELF7ISrPU6kUlU4RqCBQOUJjoZvaGE62gdgiygh4J1yn6zmM8JkKEaSqJJ
NVvGSYejbgGTHI3VaT3oCqyzz0PEnhdm/1m63Gbfq0MNXKmMhCxso0gjq9J+HaQq
bu3BZbKGxSFj0RuOmG8iG3TcPD5pNEJ5y88fW5HhYpYZ3HExDQ4LqSK2g07t3PSZ
Tht46PFvFCGdMbD+uLVtenM/NKmu33Coxlx9uXXx8Hb8VduZC3j0XDyaL0H5Whmb
YIaQD7w/qirHfUY07KWepbm2n3oyMq92Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:24 2024 by rpki-client on console-ams.rpki-client.org