Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/c4f0cf-782d-4cb4-925f-fb235aff4618/1/nDonLZmsE8IpqGmD6Hh_FAAsit0.roa
File:                     nDonLZmsE8IpqGmD6Hh_FAAsit0.roa (raw, json)
Hash identifier:          gNVtvi2UPYrrqeerkUmrmxGvAYtfLxU4KUggnmNtFgQ=
Subject key identifier:   9C:3A:27:2D:99:AC:13:C2:29:A8:69:83:E8:78:7F:14:00:2C:8A:DD
Certificate issuer:       /CN=852f70c0ec21010dbd6fe915f3326300fe314b23
Certificate serial:       7728
Authority key identifier: 85:2F:70:C0:EC:21:01:0D:BD:6F:E9:15:F3:32:63:00:FE:31:4B:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hS9wwOwhAQ29b-kV8zJjAP4xSyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/c4f0cf-782d-4cb4-925f-fb235aff4618/1/nDonLZmsE8IpqGmD6Hh_FAAsit0.roa
Signing time:             Fri 21 Jan 2022 12:44:18 +0000
ROA not before:           Fri 21 Jan 2022 12:44:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50350
IP address blocks:        193.104.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 30504 (0x7728)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=852f70c0ec21010dbd6fe915f3326300fe314b23
        Validity
            Not Before: Jan 21 12:44:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9c3a272d99ac13c229a86983e8787f14002c8add
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:16:82:dc:79:c3:c9:37:69:24:5e:52:fb:48:
                    81:71:10:ec:e6:4c:40:1b:c9:69:f2:ff:91:af:8c:
                    6e:5a:1e:65:61:5a:b5:78:ab:6b:ba:6b:d0:c8:f7:
                    c2:a8:44:2e:53:94:ee:72:c8:eb:3e:8a:1c:2e:06:
                    83:0d:97:e4:ca:16:5c:5b:6e:fe:20:1a:16:92:6e:
                    17:f1:aa:76:e4:cb:0a:1f:c6:e8:a6:d8:a4:b5:48:
                    f0:59:ad:40:7e:df:fc:23:00:25:c6:cc:c1:37:cd:
                    3d:66:6b:92:b2:62:e2:3d:6d:bb:13:43:3f:f3:86:
                    21:c2:d1:43:04:09:e9:71:2a:42:70:2d:a5:72:92:
                    ce:13:94:b5:04:69:6f:4f:a6:c5:45:39:0d:14:61:
                    a5:3f:61:2b:8e:47:c2:ea:59:61:13:76:bf:88:ce:
                    2f:39:93:d7:f8:e6:04:a7:a4:45:e8:9a:66:14:4a:
                    29:b9:0f:ed:c3:e8:a3:3c:36:c5:79:ff:6f:e6:ca:
                    8d:fd:5b:94:b7:3a:a4:fc:88:ce:a6:59:34:9d:e3:
                    10:f6:c4:e0:1f:3f:6f:88:db:05:a2:81:03:bd:ea:
                    53:e5:44:ac:40:70:b2:fe:2a:20:09:0a:22:2d:c5:
                    49:31:af:f4:2e:01:15:76:7d:5e:97:d9:de:32:1a:
                    c6:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:3A:27:2D:99:AC:13:C2:29:A8:69:83:E8:78:7F:14:00:2C:8A:DD
            X509v3 Authority Key Identifier:
                keyid:85:2F:70:C0:EC:21:01:0D:BD:6F:E9:15:F3:32:63:00:FE:31:4B:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS9wwOwhAQ29b-kV8zJjAP4xSyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c4f0cf-782d-4cb4-925f-fb235aff4618/1/nDonLZmsE8IpqGmD6Hh_FAAsit0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c4f0cf-782d-4cb4-925f-fb235aff4618/1/hS9wwOwhAQ29b-kV8zJjAP4xSyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.104.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:c4:34:e5:bf:0f:a9:61:c7:5d:8c:19:37:02:c4:1f:9a:cb:
         44:2b:9a:70:80:a2:06:b3:aa:8f:5e:e3:a6:8a:a6:46:5d:54:
         e3:79:bf:d0:0f:50:7a:12:24:3c:a5:6d:39:7d:4f:f6:13:c4:
         11:de:82:32:0f:a4:c5:2c:6d:a3:1a:0c:10:d2:9d:8e:89:4e:
         a8:5c:6a:3d:74:f0:ae:73:bc:3d:44:a3:02:43:4c:fb:1c:68:
         4b:59:2d:74:9c:f4:b7:ab:41:6b:95:35:fa:2c:5a:e6:48:b2:
         17:26:7a:ec:14:ee:b6:5b:98:f3:cd:10:74:da:7b:48:5c:a0:
         98:e4:33:3e:2d:8d:58:f5:f9:09:0e:8d:09:c7:9f:d9:d2:ea:
         60:f1:60:51:13:99:e7:ea:74:49:d9:a0:78:b6:57:ad:a5:1a:
         74:0a:8c:1c:b8:78:45:63:0c:65:55:d7:43:52:e7:38:20:45:
         9c:bb:1f:c2:f7:02:2c:ce:43:6f:3e:f9:55:ce:18:41:f4:84:
         85:19:57:b2:3a:4f:c3:57:b3:51:a9:d0:32:a4:81:56:66:9b:
         7e:94:3d:b0:7d:7e:27:05:fd:46:20:64:13:c7:7f:5e:ff:10:
         de:98:9c:ff:14:00:b7:23:bc:ae:14:17:29:ca:0f:99:b9:69:
         38:5b:9b:6c
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICdygwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODUy
ZjcwYzBlYzIxMDEwZGJkNmZlOTE1ZjMzMjYzMDBmZTMxNGIyMzAeFw0yMjAxMjEx
MjQ0MThaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDljM2EyNzJkOTlhYzEz
YzIyOWE4Njk4M2U4Nzg3ZjE0MDAyYzhhZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOFoLcecPJN2kkXlL7SIFxEOzmTEAbyWny/5GvjG5aHmVhWrV4
q2u6a9DI98KoRC5TlO5yyOs+ihwuBoMNl+TKFlxbbv4gGhaSbhfxqnbkywofxuim
2KS1SPBZrUB+3/wjACXGzME3zT1ma5KyYuI9bbsTQz/zhiHC0UMECelxKkJwLaVy
ks4TlLUEaW9PpsVFOQ0UYaU/YSuOR8LqWWETdr+Izi85k9f45gSnpEXommYUSim5
D+3D6KM8NsV5/2/myo39W5S3OqT8iM6mWTSd4xD2xOAfP2+I2wWigQO96lPlRKxA
cLL+KiAJCiItxUkxr/QuARV2fV6X2d4yGsbDAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUnDonLZmsE8IpqGmD6Hh/FAAsit0wHwYDVR0jBBgwFoAUhS9wwOwhAQ29b+kV
8zJjAP4xSyMwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9o
Uzl3d093aEFRMjliLWtWOHpKakFQNHhTeU0uY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzAxL2M0ZjBjZi03ODJkLTRjYjQtOTI1Zi1mYjIzNWFmZjQ2MTgvMS9u
RG9uTFptc0U4SXBxR21ENkhoX0ZBQXNpdDAucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAxL2M0
ZjBjZi03ODJkLTRjYjQtOTI1Zi1mYjIzNWFmZjQ2MTgvMS9oUzl3d093aEFRMjli
LWtWOHpKakFQNHhTeU0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBaO4wDQYJKoZIhvcNAQELBQADggEB
AJDENOW/D6lhx12MGTcCxB+ay0QrmnCAogazqo9e46aKpkZdVON5v9APUHoSJDyl
bTl9T/YTxBHegjIPpMUsbaMaDBDSnY6JTqhcaj108K5zvD1EowJDTPscaEtZLXSc
9LerQWuVNfosWuZIshcmeuwU7rZbmPPNEHTae0hcoJjkMz4tjVj1+QkOjQnHn9nS
6mDxYFETmefqdEnZoHi2V62lGnQKjBy4eEVjDGVV10NS5zggRZy7H8L3AizOQ28+
+VXOGEH0hIUZV7I6T8NXs1Gp0DKkgVZmm36UPbB9ficF/UYgZBPHf17/EN6YnP8U
ALcjvK4UFynKD5m5aThbm2w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:02 2024 by rpki-client on console-ams.rpki-client.org