Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bUq0sbJU4DZBdY3HUu2Yu3Co4VM.roa
File:                     bUq0sbJU4DZBdY3HUu2Yu3Co4VM.roa (raw, json)
Hash identifier:          7bxkNPkPG2ws8DxcuszMNZhSLw83SJBLKC8yhyiZLCI=
Subject key identifier:   6D:4A:B4:B1:B2:54:E0:36:41:75:8D:C7:52:ED:98:BB:70:A8:E1:53
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0184E6EAD8BD04A76ADD76040FADFAA37994
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bUq0sbJU4DZBdY3HUu2Yu3Co4VM.roa
Signing time:             Tue 06 Dec 2022 10:11:01 +0000
ROA not before:           Tue 06 Dec 2022 10:11:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6939
IP address blocks:        212.193.9.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e6:ea:d8:bd:04:a7:6a:dd:76:04:0f:ad:fa:a3:79:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec  6 10:11:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d4ab4b1b254e03641758dc752ed98bb70a8e153
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:7a:5c:65:71:61:32:3e:20:f4:b5:ad:a3:51:
                    a5:a3:78:da:90:63:e1:b8:33:a3:f4:36:42:75:a5:
                    1b:47:b4:a7:a6:49:da:73:45:c3:67:d7:ad:cd:79:
                    5d:a9:b1:01:a9:20:dc:87:8f:1a:2d:60:a9:50:02:
                    de:45:28:8d:ec:8c:cc:bd:5b:f9:f8:57:cb:1e:b6:
                    4f:c7:f0:8f:06:22:fe:ed:2e:ea:64:82:2a:f9:dc:
                    26:9a:44:4d:c2:85:02:dc:15:23:a1:ac:67:9e:b0:
                    35:ae:c5:c7:91:7e:e3:a1:49:19:95:4e:e1:9a:22:
                    2a:99:78:81:6e:b0:03:30:7e:37:c2:ad:6b:5b:01:
                    79:e1:c7:69:42:a2:ac:91:c2:62:fe:bd:d9:8b:9e:
                    84:f4:ed:6d:6b:07:2a:67:18:e1:1b:61:7a:22:c6:
                    f1:06:a2:ce:72:e6:c6:f9:80:50:e6:4f:86:f5:d5:
                    f3:74:d6:88:dc:d8:ff:c4:15:3d:e5:51:14:cd:97:
                    69:27:4f:47:e9:b4:07:af:80:76:15:c8:9b:6c:87:
                    78:86:78:e9:0f:d2:02:9e:43:0d:35:69:77:f5:b2:
                    67:e2:26:2c:9c:58:87:d1:4d:f7:fd:1b:92:61:e4:
                    e2:06:fe:11:cd:e1:dc:00:66:30:fe:34:9f:4e:3d:
                    32:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:4A:B4:B1:B2:54:E0:36:41:75:8D:C7:52:ED:98:BB:70:A8:E1:53
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bUq0sbJU4DZBdY3HUu2Yu3Co4VM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.193.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:fe:09:6b:a6:85:02:b4:df:17:db:b0:bc:77:29:a9:d1:ed:
         87:90:1c:b8:b6:cf:21:d9:59:dd:71:95:e0:12:a9:d1:e9:a5:
         44:25:7a:8f:4b:87:a0:c6:fe:75:07:23:98:f3:db:84:a0:f0:
         5d:0a:34:14:3e:95:a4:23:72:c4:38:97:39:d4:9f:b7:f4:e6:
         d7:2b:4d:0e:a0:0e:fb:58:78:b6:3e:b3:9d:93:bf:4a:8c:09:
         c3:7d:d8:83:a7:c6:68:4c:6b:d5:82:0e:f4:33:42:cb:ac:c4:
         1a:bf:5d:15:b7:5d:f9:10:5f:55:e0:40:42:33:1e:b2:73:8f:
         1d:66:66:a0:9f:2a:23:af:c0:f4:d8:7b:44:a4:6a:fc:5b:fb:
         cd:86:b3:06:da:6c:d8:78:42:98:17:cd:c6:cf:27:cc:7e:c2:
         6e:c9:21:7a:65:de:13:6d:5f:13:1a:8d:ed:42:eb:b8:c1:4c:
         06:c4:80:3c:17:91:1c:08:5c:47:a4:7a:77:ae:7d:e8:f6:64:
         54:67:92:22:03:2a:dc:a5:fd:f0:56:18:58:2a:e6:58:51:3c:
         4f:95:38:77:92:92:57:df:a1:4b:85:7e:23:b4:69:30:7e:10:
         0a:f2:e4:b9:06:35:40:93:33:55:8e:87:99:c9:db:10:cb:ff:
         e8:ef:1a:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTm6ti9BKdq3XYED636o3mUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA2MTAxMTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRhYjRiMWIyNTRlMDM2NDE3NThkYzc1MmVkOThiYjcwYThlMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXpcZXFhMj4g9LWto1Glo3jakGPh
uDOj9DZCdaUbR7Snpknac0XDZ9etzXldqbEBqSDch48aLWCpUALeRSiN7IzMvVv5
+FfLHrZPx/CPBiL+7S7qZIIq+dwmmkRNwoUC3BUjoaxnnrA1rsXHkX7joUkZlU7h
miIqmXiBbrADMH43wq1rWwF54cdpQqKskcJi/r3Zi56E9O1tawcqZxjhG2F6Isbx
BqLOcubG+YBQ5k+G9dXzdNaI3Nj/xBU95VEUzZdpJ09H6bQHr4B2FcibbId4hnjp
D9ICnkMNNWl39bJn4iYsnFiH0U33/RuSYeTiBv4RzeHcAGYw/jSfTj0ySwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1KtLGyVOA2QXWNx1LtmLtwqOFTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYlVxMHNiSlU0RFpCZFkzSFV1Mll1M0NvNFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MEJMA0G
CSqGSIb3DQEBCwUAA4IBAQBq/glrpoUCtN8X27C8dymp0e2HkBy4ts8h2VndcZXg
EqnR6aVEJXqPS4egxv51ByOY89uEoPBdCjQUPpWkI3LEOJc51J+39ObXK00OoA77
WHi2PrOdk79KjAnDfdiDp8ZoTGvVgg70M0LLrMQav10Vt135EF9V4EBCMx6yc48d
Zmagnyojr8D02HtEpGr8W/vNhrMG2mzYeEKYF83GzyfMfsJuySF6Zd4TbV8TGo3t
Quu4wUwGxIA8F5EcCFxHpHp3rn3o9mRUZ5IiAyrcpf3wVhhYKuZYUTxPlTh3kpJX
36FLhX4jtGkwfhAK8uS5BjVAkzNVjoeZydsQy//o7xq9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org