Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oaVzNkqfXzVHvG177KXJzcB2ye8.roa
File:                     oaVzNkqfXzVHvG177KXJzcB2ye8.roa (raw, json)
Hash identifier:          QB8ENtFMVfxIwg/m9JRvzMiCqshnWQbcK7Q+LY5NZf8=
Subject key identifier:   A1:A5:73:36:4A:9F:5F:35:47:BC:6D:7B:EC:A5:C9:CD:C0:76:C9:EF
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1EA7479B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oaVzNkqfXzVHvG177KXJzcB2ye8.roa
Signing time:             Wed 25 May 2022 14:07:13 +0000
ROA not before:           Wed 25 May 2022 14:07:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210106
IP address blocks:        93.123.16.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 514279323 (0x1ea7479b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 25 14:07:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a1a573364a9f5f3547bc6d7beca5c9cdc076c9ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:ae:8f:2d:e7:27:9e:af:d6:ff:fd:b2:f4:d1:
                    dd:08:22:b6:c6:44:3f:aa:3f:b9:6e:07:db:39:cb:
                    0a:0b:74:32:3b:ae:b5:15:47:31:d6:6d:6d:eb:79:
                    30:d4:cb:75:d1:81:97:31:0e:e2:78:00:eb:e4:a8:
                    c4:0a:d2:3a:d5:88:76:af:91:7b:b0:ea:16:ae:f3:
                    2a:e5:fe:71:4b:42:a7:5e:69:31:14:45:77:eb:26:
                    84:b1:97:07:49:cf:84:79:7c:e6:47:a9:13:a6:68:
                    97:ce:c9:ee:0d:17:4c:89:f6:35:37:fd:71:7c:da:
                    97:cb:49:17:a5:d1:1b:11:05:94:27:a4:ed:0d:a5:
                    d0:9f:b2:a0:8d:6c:ad:01:8a:e1:6d:5d:45:a3:e9:
                    89:60:d6:ca:ef:fa:7c:6a:04:30:c5:0d:f5:2f:b6:
                    bc:d5:03:cc:3f:60:bf:75:79:3b:21:7a:af:2e:bf:
                    bd:fc:17:a6:be:95:57:f4:b5:e7:f7:7f:9c:b0:4c:
                    20:79:ec:91:38:ed:02:de:4b:09:a7:6b:95:c8:29:
                    e2:6d:73:b7:f3:e3:28:26:d9:d1:3b:1d:49:61:52:
                    27:a7:a8:9b:0d:ae:b3:0a:17:8d:ff:85:c5:c2:07:
                    f2:73:93:fd:ee:89:9b:9a:c2:42:d4:44:a0:84:e2:
                    e7:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:A5:73:36:4A:9F:5F:35:47:BC:6D:7B:EC:A5:C9:CD:C0:76:C9:EF
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oaVzNkqfXzVHvG177KXJzcB2ye8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.123.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:e9:e6:51:90:98:52:40:6f:22:44:c5:e6:0d:36:65:1c:40:
         45:65:45:09:a6:83:c7:3a:91:a7:59:ee:5d:b2:39:89:f8:d2:
         f3:46:9f:26:25:b7:d3:c7:6e:7d:34:d1:f4:a9:83:e1:0b:14:
         46:62:c4:08:ab:4d:c5:55:2b:59:d1:1e:0c:c4:2e:3a:57:72:
         dc:18:1f:2e:39:aa:88:04:24:94:50:ab:82:d1:7d:5c:f0:a7:
         23:b3:df:ad:89:aa:6a:86:e4:44:da:86:9a:f9:95:09:4b:d8:
         8a:3a:00:25:40:0f:2b:0d:8a:67:d3:cd:c5:26:17:b8:51:6f:
         f3:ca:b1:80:bc:e6:58:06:b7:89:68:9a:b2:1b:1f:d7:e4:13:
         d2:c1:30:2c:ae:63:de:a4:fa:3b:82:87:c7:70:b0:8f:1b:19:
         7e:84:90:f8:95:31:6a:5f:ac:fe:fe:35:fc:a2:62:90:09:40:
         61:98:91:3e:03:59:5a:25:7d:ea:19:03:50:c0:30:13:e8:64:
         e9:e4:3e:0a:43:03:06:0d:95:4e:c5:97:87:59:1f:bf:c0:ad:
         28:40:d2:4d:20:a8:59:f9:2e:b7:ad:18:e2:c6:12:a3:fd:0f:
         50:e7:60:5e:ca:a0:f6:cc:af:78:8d:eb:fc:13:80:0e:78:6a:
         44:64:20:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHqdHmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUy
NTE0MDcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFhNTczMzY0YTlm
NWYzNTQ3YmM2ZDdiZWNhNWM5Y2RjMDc2YzllZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGujy3nJ56v1v/9svTR3QgitsZEP6o/uW4H2znLCgt0Mjuu
tRVHMdZtbet5MNTLddGBlzEO4ngA6+SoxArSOtWIdq+Re7DqFq7zKuX+cUtCp15p
MRRFd+smhLGXB0nPhHl85kepE6Zol87J7g0XTIn2NTf9cXzal8tJF6XRGxEFlCek
7Q2l0J+yoI1srQGK4W1dRaPpiWDWyu/6fGoEMMUN9S+2vNUDzD9gv3V5OyF6ry6/
vfwXpr6VV/S15/d/nLBMIHnskTjtAt5LCadrlcgp4m1zt/PjKCbZ0TsdSWFSJ6eo
mw2uswoXjf+FxcIH8nOT/e6Jm5rCQtREoITi5/0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShpXM2Sp9fNUe8bXvspcnNwHbJ7zAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L29hVnpOa3FmWHpWSHZHMTc3S1hKemNCMnllOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF17EDANBgkqhkiG9w0BAQsFAAOC
AQEAPOnmUZCYUkBvIkTF5g02ZRxARWVFCaaDxzqRp1nuXbI5ifjS80afJiW308du
fTTR9KmD4QsURmLECKtNxVUrWdEeDMQuOldy3BgfLjmqiAQklFCrgtF9XPCnI7Pf
rYmqaobkRNqGmvmVCUvYijoAJUAPKw2KZ9PNxSYXuFFv88qxgLzmWAa3iWiashsf
1+QT0sEwLK5j3qT6O4KHx3CwjxsZfoSQ+JUxal+s/v41/KJikAlAYZiRPgNZWiV9
6hkDUMAwE+hk6eQ+CkMDBg2VTsWXh1kfv8CtKEDSTSCoWfkut60Y4sYSo/0PUOdg
Xsqg9syveI3r/BOADnhqRGQgWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:43 2024 by rpki-client on console-ams.rpki-client.org