Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/1bad7e-cf5c-4d1c-864a-4937601c8fea/1/2zm_1lXUAWD5oOmziXR3JuE0Ezs.roa
File:                     2zm_1lXUAWD5oOmziXR3JuE0Ezs.roa (raw, json)
Hash identifier:          8XaqXugnRhTErpwUFbr4lUvOz+wf1AG5JrrhhggQCr8=
Subject key identifier:   DB:39:BF:D6:55:D4:01:60:F9:A0:E9:B3:89:74:77:26:E1:34:13:3B
Certificate issuer:       /CN=546de326de9522bd296bed482385c9769258d8f1
Certificate serial:       FC9D
Authority key identifier: 54:6D:E3:26:DE:95:22:BD:29:6B:ED:48:23:85:C9:76:92:58:D8:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VG3jJt6VIr0pa-1II4XJdpJY2PE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/1bad7e-cf5c-4d1c-864a-4937601c8fea/1/2zm_1lXUAWD5oOmziXR3JuE0Ezs.roa
Signing time:             Tue 26 Apr 2022 06:54:31 +0000
ROA not before:           Tue 26 Apr 2022 06:54:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8614
IP address blocks:        193.239.64.0/24 maxlen: 24
                          193.239.67.0/24 maxlen: 24
                          193.239.66.0/24 maxlen: 24
                          193.239.65.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64669 (0xfc9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=546de326de9522bd296bed482385c9769258d8f1
        Validity
            Not Before: Apr 26 06:54:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db39bfd655d40160f9a0e9b389747726e134133b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:f0:c6:3c:fb:81:70:b1:b9:e1:e5:69:23:60:
                    48:05:71:d5:a5:dd:3f:08:0e:a2:fd:f1:82:55:80:
                    5e:c3:9c:7f:8f:bd:f8:e6:6f:59:a3:fb:6d:a7:f4:
                    20:50:fa:5c:04:4a:c2:a9:b8:22:a8:30:e5:ab:a8:
                    f3:01:01:5e:5e:81:5f:8c:33:96:6d:5f:02:35:ba:
                    68:69:7c:b9:5c:5b:6f:c5:82:5b:26:ca:76:5a:5c:
                    03:e3:c2:2a:e2:63:3e:c2:51:c4:1d:54:9b:2b:65:
                    39:16:fa:b6:85:36:f2:7c:53:ae:52:ba:5f:41:d0:
                    74:77:4b:df:ab:a2:1c:ab:f4:80:91:f7:70:93:4e:
                    cc:25:a5:47:9f:5f:bb:04:39:80:d6:c5:12:68:20:
                    9a:23:ae:c3:96:ca:36:4a:51:b6:86:2d:46:b0:03:
                    4e:54:ae:fb:7e:9f:30:c6:4d:e8:55:90:3e:9a:09:
                    51:b6:86:6f:bf:3d:53:4c:26:1a:c7:c3:b8:99:a5:
                    9f:d1:d7:93:16:73:36:50:73:e7:0a:3d:78:39:23:
                    e8:d9:3a:34:32:3e:60:46:18:07:5b:fe:3d:47:d0:
                    b3:eb:a9:58:00:42:be:d1:73:4d:fe:86:a5:f2:8f:
                    88:98:c9:54:f3:47:b1:4c:1a:6d:2d:7d:80:36:08:
                    17:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:39:BF:D6:55:D4:01:60:F9:A0:E9:B3:89:74:77:26:E1:34:13:3B
            X509v3 Authority Key Identifier:
                keyid:54:6D:E3:26:DE:95:22:BD:29:6B:ED:48:23:85:C9:76:92:58:D8:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VG3jJt6VIr0pa-1II4XJdpJY2PE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/1bad7e-cf5c-4d1c-864a-4937601c8fea/1/2zm_1lXUAWD5oOmziXR3JuE0Ezs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/1bad7e-cf5c-4d1c-864a-4937601c8fea/1/VG3jJt6VIr0pa-1II4XJdpJY2PE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.239.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:4a:f6:8c:20:0f:c4:5b:b2:90:d5:ae:9b:09:be:c5:d7:99:
         0f:dd:66:22:36:98:f8:e2:dc:6d:26:a7:7f:b0:44:64:f6:35:
         7e:fc:04:3d:e1:41:6e:10:45:6a:22:1f:4e:ee:40:d0:bc:31:
         f6:68:ab:a8:3c:34:28:77:0e:cd:18:5f:2b:89:71:87:e0:22:
         20:c5:9b:13:66:85:72:83:da:35:9d:ef:63:d1:93:fe:04:36:
         b0:df:ae:61:c9:45:47:50:55:51:b6:f3:51:9f:66:48:9b:e3:
         83:65:36:c8:5c:3c:0c:5c:23:c1:67:69:c7:4e:d3:d8:01:0b:
         4f:5d:e3:0c:af:83:41:f6:08:ba:81:a8:86:42:04:0d:62:9f:
         8f:a3:a8:ac:49:6f:34:59:07:a6:d0:05:ef:aa:a4:51:2a:4f:
         0d:a3:a3:fb:3a:06:6f:fd:a6:a3:f8:99:2e:fa:89:36:54:ad:
         f5:4f:37:a2:e1:76:3e:89:f2:78:b6:61:02:b8:b8:6c:7d:8b:
         ef:e1:fb:8a:a2:bd:88:66:a8:21:86:ee:7d:32:ac:87:39:17:
         3a:b8:06:f8:35:42:ab:0c:60:05:62:c4:20:27:22:8a:ba:a7:
         ef:8b:24:a5:2b:5a:3c:fc:46:e7:3e:4e:9a:a8:01:ac:10:8b:
         4b:36:4a:46
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAPydMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU0
NmRlMzI2ZGU5NTIyYmQyOTZiZWQ0ODIzODVjOTc2OTI1OGQ4ZjEwHhcNMjIwNDI2
MDY1NDMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYjM5YmZkNjU1ZDQw
MTYwZjlhMGU5YjM4OTc0NzcyNmUxMzQxMzNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5/DGPPuBcLG54eVpI2BIBXHVpd0/CA6i/fGCVYBew5x/j734
5m9Zo/ttp/QgUPpcBErCqbgiqDDlq6jzAQFeXoFfjDOWbV8CNbpoaXy5XFtvxYJb
Jsp2WlwD48Iq4mM+wlHEHVSbK2U5Fvq2hTbyfFOuUrpfQdB0d0vfq6Icq/SAkfdw
k07MJaVHn1+7BDmA1sUSaCCaI67Dlso2SlG2hi1GsANOVK77fp8wxk3oVZA+mglR
toZvvz1TTCYax8O4maWf0deTFnM2UHPnCj14OSPo2To0Mj5gRhgHW/49R9Cz66lY
AEK+0XNN/oal8o+ImMlU80exTBptLX2ANggXpwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFNs5v9ZV1AFg+aDps4l0dybhNBM7MB8GA1UdIwQYMBaAFFRt4ybelSK9KWvt
SCOFyXaSWNjxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Vkczakp0NlZJcjBwYS0xSUk0WEpkcEpZMlBFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMC8xYmFkN2UtY2Y1Yy00ZDFjLTg2NGEtNDkzNzYwMWM4ZmVhLzEv
MnptXzFsWFVBV0Q1b09temlYUjNKdUUwRXpzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8x
YmFkN2UtY2Y1Yy00ZDFjLTg2NGEtNDkzNzYwMWM4ZmVhLzEvVkczakp0NlZJcjBw
YS0xSUk0WEpkcEpZMlBFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwe9AMA0GCSqGSIb3DQEBCwUAA4IB
AQCTSvaMIA/EW7KQ1a6bCb7F15kP3WYiNpj44txtJqd/sERk9jV+/AQ94UFuEEVq
Ih9O7kDQvDH2aKuoPDQodw7NGF8riXGH4CIgxZsTZoVyg9o1ne9j0ZP+BDaw365h
yUVHUFVRtvNRn2ZIm+ODZTbIXDwMXCPBZ2nHTtPYAQtPXeMMr4NB9gi6gaiGQgQN
Yp+Po6isSW80WQem0AXvqqRRKk8No6P7OgZv/aaj+Jku+ok2VK31Tzei4XY+ifJ4
tmECuLhsfYvv4fuKor2IZqghhu59MqyHORc6uAb4NUKrDGAFYsQgJyKKuqfviySl
K1o8/EbnPk6aqAGsEItLNkpG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:20 2024 by rpki-client on console-fra.rpki-client.org