Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qdVl9wWVnUXTGZeghyDj-UUIaUw.roa
File:                     qdVl9wWVnUXTGZeghyDj-UUIaUw.roa (raw, json)
Hash identifier:          kDUStgkNjb/5u0d61IuuUwquOb9HqgrbIq9LMF4ysv8=
Subject key identifier:   A9:D5:65:F7:05:95:9D:45:D3:19:97:A0:87:20:E3:F9:45:08:69:4C
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0181F2DF02791B9153E3C809331B89F56474
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qdVl9wWVnUXTGZeghyDj-UUIaUw.roa
Signing time:             Tue 12 Jul 2022 14:45:10 +0000
ROA not before:           Tue 12 Jul 2022 14:45:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16276
IP address blocks:        193.47.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f2:df:02:79:1b:91:53:e3:c8:09:33:1b:89:f5:64:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jul 12 14:45:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a9d565f705959d45d31997a08720e3f94508694c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:d2:60:83:be:f4:13:26:b6:ca:0e:96:a7:b2:
                    49:01:b3:d7:0b:1e:b2:5b:db:ec:0e:15:fb:c2:58:
                    cd:2c:66:c9:df:4d:79:d9:37:b6:3c:d7:54:fd:9c:
                    47:51:4d:f4:a3:a7:ed:c0:16:cc:88:f6:c0:ab:4e:
                    25:f7:37:fc:1d:24:19:2b:63:cc:a3:a6:a0:fc:f8:
                    5c:4f:d5:56:d8:ba:8d:88:a3:b2:82:48:fa:7c:26:
                    b0:07:c3:b4:9b:a6:c0:20:7c:0d:55:3e:57:4a:34:
                    e7:18:7d:fb:86:55:93:13:01:69:65:1d:d3:75:e5:
                    b6:2e:52:cc:59:98:89:04:e1:dd:08:1a:e6:2f:e4:
                    22:65:45:42:1b:48:e4:39:4e:29:9b:73:ff:6f:82:
                    3f:7f:3c:5e:75:6f:60:21:86:cb:38:3d:c9:35:69:
                    96:23:f8:e7:f0:81:9a:93:5c:60:53:ff:63:a4:91:
                    f6:f5:b5:89:95:3b:d5:d5:79:fc:1b:a0:19:02:30:
                    f2:8b:6e:a2:a4:1f:51:eb:b2:f2:3e:85:bb:9e:bc:
                    68:10:f1:1e:b4:3c:07:ab:e3:a0:68:49:3c:e0:d6:
                    68:6f:12:76:16:ee:19:72:62:21:89:41:ad:38:04:
                    b2:fc:fa:36:08:35:44:f1:20:74:f9:48:33:5c:0a:
                    a1:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:D5:65:F7:05:95:9D:45:D3:19:97:A0:87:20:E3:F9:45:08:69:4C
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qdVl9wWVnUXTGZeghyDj-UUIaUw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.47.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:b3:73:dc:80:d9:18:ff:1f:f2:e2:c8:d3:f4:1e:04:e3:20:
         a4:5f:22:3e:de:86:68:db:60:1a:67:e2:d9:1b:1e:19:71:b9:
         e7:51:c0:38:10:fb:2d:67:1a:e8:fc:9c:20:dc:30:23:21:4f:
         00:a5:8e:40:40:c6:50:1b:af:ce:b9:3d:40:58:75:de:1f:02:
         05:72:18:26:4d:70:88:3f:89:5b:05:3b:6c:7a:96:a8:e0:22:
         7a:82:8f:fb:72:c0:84:0d:de:42:ed:94:53:39:c3:95:ba:b4:
         75:2a:f9:9c:76:f9:98:94:86:42:6d:1f:b8:f3:d1:5b:94:54:
         a7:06:27:8d:99:88:e7:66:3f:21:a0:15:f4:ff:5c:b5:b6:69:
         63:47:af:9d:b0:27:9c:5e:47:01:f5:2e:f3:fe:6f:ff:5e:f0:
         b0:be:b7:2c:bd:e0:6b:24:73:0a:ea:e7:6b:f3:4c:1d:ee:3b:
         6f:14:69:7f:df:6d:a7:4e:b3:2a:40:52:f2:84:fc:b2:91:70:
         2d:f8:17:ce:a2:07:35:f7:6a:73:bc:00:8c:3f:58:ed:ae:a0:
         86:e6:27:25:15:01:e4:ad:09:78:49:f0:26:6a:a6:e4:ff:dd:
         ea:d2:66:8b:31:61:26:0d:55:c6:05:8e:e7:51:bd:16:6d:27:
         33:9d:91:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHy3wJ5G5FT48gJMxuJ9WR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzEyMTQ0NTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQ1NjVmNzA1OTU5ZDQ1ZDMxOTk3YTA4NzIwZTNmOTQ1MDg2OTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidJgg770Eya2yg6Wp7JJAbPXCx6y
W9vsDhX7wljNLGbJ30152Te2PNdU/ZxHUU30o6ftwBbMiPbAq04l9zf8HSQZK2PM
o6ag/PhcT9VW2LqNiKOygkj6fCawB8O0m6bAIHwNVT5XSjTnGH37hlWTEwFpZR3T
deW2LlLMWZiJBOHdCBrmL+QiZUVCG0jkOU4pm3P/b4I/fzxedW9gIYbLOD3JNWmW
I/jn8IGak1xgU/9jpJH29bWJlTvV1Xn8G6AZAjDyi26ipB9R67LyPoW7nrxoEPEe
tDwHq+OgaEk84NZobxJ2Fu4ZcmIhiUGtOASy/Po2CDVE8SB0+UgzXAqhowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnVZfcFlZ1F0xmXoIcg4/lFCGlMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcWRWbDl3V1ZuVVhUR1plZ2h5RGotVVVJYVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwS88MA0G
CSqGSIb3DQEBCwUAA4IBAQBys3PcgNkY/x/y4sjT9B4E4yCkXyI+3oZo22AaZ+LZ
Gx4ZcbnnUcA4EPstZxro/Jwg3DAjIU8ApY5AQMZQG6/OuT1AWHXeHwIFchgmTXCI
P4lbBTtsepao4CJ6go/7csCEDd5C7ZRTOcOVurR1KvmcdvmYlIZCbR+489FblFSn
BieNmYjnZj8hoBX0/1y1tmljR6+dsCecXkcB9S7z/m//XvCwvrcsveBrJHMK6udr
80wd7jtvFGl/322nTrMqQFLyhPyykXAt+BfOogc192pzvACMP1jtrqCG5iclFQHk
rQl4SfAmaqbk/93q0maLMWEmDVXGBY7nUb0WbScznZFF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:44 2024 by rpki-client on console-ams.rpki-client.org