Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/n09yMRXZB-5dbE0c8SWCCYKtfzw.roa
File:                     n09yMRXZB-5dbE0c8SWCCYKtfzw.roa (raw, json)
Hash identifier:          uxt3jHwevZqkKtHZ8xBSwf64zc2S7igxnojWe6zHYcA=
Subject key identifier:   9F:4F:72:31:15:D9:07:EE:5D:6C:4D:1C:F1:25:82:09:82:AD:7F:3C
Certificate issuer:       /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial:       03683EFB
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/n09yMRXZB-5dbE0c8SWCCYKtfzw.roa
Signing time:             Sat 01 Jan 2022 11:54:07 +0000
ROA not before:           Sat 01 Jan 2022 11:54:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201934
IP address blocks:        193.38.252.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 57163515 (0x3683efb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
        Validity
            Not Before: Jan  1 11:54:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9f4f723115d907ee5d6c4d1cf125820982ad7f3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0a:71:04:08:e6:22:ac:31:3f:85:f1:8d:71:
                    81:16:d9:ed:0d:c1:e0:8e:63:6b:46:03:67:c2:f6:
                    e1:cb:6a:2b:d1:85:9e:fb:53:aa:73:37:d3:e5:06:
                    18:57:e4:1d:12:50:4a:c4:fa:81:a6:6f:87:3e:da:
                    0b:d0:33:b2:5c:ce:b0:68:35:13:b4:58:56:1d:42:
                    3a:4d:24:9e:7b:be:38:6d:fb:59:86:f1:07:ab:b8:
                    3b:22:4f:df:ac:a9:5d:38:42:bb:b1:6f:3b:19:16:
                    15:0e:30:de:77:c9:c8:30:30:3f:44:a5:28:55:14:
                    88:72:37:0a:cc:6e:69:b4:c1:e6:f7:0a:17:a9:f8:
                    55:35:60:13:da:31:c0:73:e4:69:f2:1f:98:5c:9c:
                    46:1e:5e:15:da:bd:16:3a:4f:50:58:be:2f:04:73:
                    dd:a3:f0:cb:de:cf:ed:e2:8d:94:6a:f8:73:22:75:
                    3e:51:c3:34:a9:8b:04:3c:82:79:a6:f9:97:26:e7:
                    eb:60:cb:e0:ef:1d:16:e0:06:ec:7c:f0:15:e8:ea:
                    9e:fc:e4:ae:50:fd:e8:ba:36:6a:a4:fc:09:97:de:
                    7c:5e:3b:68:e2:0f:13:66:f5:7b:82:89:d8:58:a0:
                    30:33:63:bd:a6:a1:a2:c8:b0:82:dd:1a:64:ba:da:
                    e1:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:4F:72:31:15:D9:07:EE:5D:6C:4D:1C:F1:25:82:09:82:AD:7F:3C
            X509v3 Authority Key Identifier:
                keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/n09yMRXZB-5dbE0c8SWCCYKtfzw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.38.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:46:7a:da:b0:7c:58:5e:9b:1e:1e:51:58:5c:5e:e6:91:e0:
         8c:1d:2a:60:ce:12:77:4e:1d:9c:c3:eb:02:c6:73:63:aa:0a:
         5f:ba:99:a9:c1:cc:cb:95:8a:e8:d5:e8:62:08:52:7d:4e:00:
         2a:9e:19:48:5c:cf:8d:ae:ea:be:fa:0b:e4:9a:75:1d:c8:db:
         f4:81:fd:bc:ea:a1:5d:11:18:d7:a8:a2:33:08:12:ea:95:3b:
         36:9c:cf:ce:4a:97:28:9f:08:fe:b5:99:25:c7:07:4b:8f:ca:
         7a:dc:c7:d2:54:29:78:ed:75:0c:21:85:3a:58:f7:ef:db:18:
         b7:d1:49:18:f4:1d:af:12:a0:93:58:e1:3a:90:20:7b:77:7d:
         23:f3:ae:24:cc:01:6b:ed:6e:89:f1:e7:00:76:d8:4f:d4:ee:
         39:78:b3:7a:d7:05:ee:21:47:59:a6:57:53:45:45:3d:52:b0:
         02:1c:2f:ea:ea:0e:97:fe:ca:db:b0:92:dd:87:65:fa:fb:aa:
         e2:d2:93:1a:10:7b:34:86:d9:ef:cd:00:ba:a9:c8:49:f5:c1:
         b4:f6:9b:4e:a9:7f:a6:91:1d:3e:a7:f6:79:2c:19:93:a3:ff:
         70:2a:99:d5:ba:3a:16:37:77:4f:1b:46:0c:86:25:c3:29:78:
         57:cc:6f:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA2g++zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YmY1NDNlMjNlMjlmYjAzNzQ4ZDA5Mzk3MjZmMzBmZTlhZmZhMTllMB4XDTIyMDEw
MTExNTQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY0ZjcyMzExNWQ5
MDdlZTVkNmM0ZDFjZjEyNTgyMDk4MmFkN2YzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoKcQQI5iKsMT+F8Y1xgRbZ7Q3B4I5ja0YDZ8L24ctqK9GF
nvtTqnM30+UGGFfkHRJQSsT6gaZvhz7aC9AzslzOsGg1E7RYVh1COk0knnu+OG37
WYbxB6u4OyJP36ypXThCu7FvOxkWFQ4w3nfJyDAwP0SlKFUUiHI3CsxuabTB5vcK
F6n4VTVgE9oxwHPkafIfmFycRh5eFdq9FjpPUFi+LwRz3aPwy97P7eKNlGr4cyJ1
PlHDNKmLBDyCeab5lybn62DL4O8dFuAG7HzwFejqnvzkrlD96Lo2aqT8CZfefF47
aOIPE2b1e4KJ2FigMDNjvaahosiwgt0aZLra4WUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSfT3IxFdkH7l1sTRzxJYIJgq1/PDAfBgNVHSMEGDAWgBQL9UPiPin7A3SN
CTlybzD+mv+hnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NfVkQ0ajRwLXdOMGpRazVjbTh3X3ByX29aNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvYWZhMzRjLWYzZjAtNDA1Yy1iMDgzLWEzNWZjNDM4ZDRjYS8x
L24wOXlNUlhaQi01ZGJFMGM4U1dDQ1lLdGZ6dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
YWZhMzRjLWYzZjAtNDA1Yy1iMDgzLWEzNWZjNDM4ZDRjYS8xL0NfVkQ0ajRwLXdO
MGpRazVjbTh3X3ByX29aNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEm/DANBgkqhkiG9w0BAQsFAAOC
AQEAr0Z62rB8WF6bHh5RWFxe5pHgjB0qYM4Sd04dnMPrAsZzY6oKX7qZqcHMy5WK
6NXoYghSfU4AKp4ZSFzPja7qvvoL5Jp1Hcjb9IH9vOqhXREY16iiMwgS6pU7NpzP
zkqXKJ8I/rWZJccHS4/KetzH0lQpeO11DCGFOlj379sYt9FJGPQdrxKgk1jhOpAg
e3d9I/OuJMwBa+1uifHnAHbYT9TuOXizetcF7iFHWaZXU0VFPVKwAhwv6uoOl/7K
27CS3Ydl+vuq4tKTGhB7NIbZ780AuqnISfXBtPabTql/ppEdPqf2eSwZk6P/cCqZ
1bo6Fjd3TxtGDIYlwyl4V8xvoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:13 2024 by rpki-client on console-ams.rpki-client.org