Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/yYRgZ5osZAslekjVOOmfSQwT390.roa
File:                     yYRgZ5osZAslekjVOOmfSQwT390.roa (raw, json)
Hash identifier:          dvqaYrjcJ3/isitHHorYqiButfygk9PMT8nV8C1nxeg=
Subject key identifier:   C9:84:60:67:9A:2C:64:0B:25:7A:48:D5:38:E9:9F:49:0C:13:DF:DD
Certificate issuer:       /CN=8838e856b2272df174ba5a40a8fc7d5d3031caca
Certificate serial:       DEA1F1
Authority key identifier: 88:38:E8:56:B2:27:2D:F1:74:BA:5A:40:A8:FC:7D:5D:30:31:CA:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iDjoVrInLfF0ulpAqPx9XTAxyso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/yYRgZ5osZAslekjVOOmfSQwT390.roa
Signing time:             Sat 01 Jan 2022 06:03:30 +0000
ROA not before:           Sat 01 Jan 2022 06:03:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210745
IP address blocks:        188.93.114.0/24 maxlen: 24
                          2a11:10c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14590449 (0xdea1f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8838e856b2272df174ba5a40a8fc7d5d3031caca
        Validity
            Not Before: Jan  1 06:03:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c98460679a2c640b257a48d538e99f490c13dfdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:04:50:98:41:6c:1d:cf:8b:3d:46:6c:3d:56:
                    86:8f:63:ab:d3:25:0e:cb:a7:ff:2e:2c:74:c1:e1:
                    d9:77:93:14:6b:05:1e:24:72:38:aa:55:a6:1d:cd:
                    fe:69:96:0e:5c:d6:9c:e1:5c:16:10:39:45:94:27:
                    c6:ac:26:78:8c:67:de:ce:9b:a7:92:1b:4c:2b:be:
                    11:09:8f:e1:fc:44:fa:35:0f:10:44:d0:54:42:c7:
                    f2:ef:4d:02:dd:7e:42:ff:bb:23:0e:07:0e:49:9b:
                    e4:db:e8:7c:b2:38:99:95:2b:43:38:1d:f5:ef:f2:
                    95:e3:07:f4:99:c3:5d:53:20:e6:1f:7c:5f:fe:9c:
                    fd:c3:5b:cf:f0:be:d2:52:0d:46:f9:5e:08:02:1c:
                    60:c7:da:cb:ed:21:20:cf:f4:dc:d0:40:5f:fe:76:
                    fd:d9:ee:32:bd:85:69:9c:60:b3:27:94:ab:1c:e6:
                    a7:da:8b:9f:44:c1:38:0d:fc:52:01:a3:4d:e4:3a:
                    2f:e9:cc:4a:2c:d6:e0:a0:24:6f:fd:f4:79:45:28:
                    13:62:d6:c9:b0:fa:be:e2:ca:fa:8f:9b:53:7b:94:
                    ef:6c:ca:0c:35:aa:d6:f9:ba:e2:e3:f3:49:4b:92:
                    99:50:69:ad:ca:7c:dd:f6:f4:b2:78:8a:20:7f:69:
                    6a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:84:60:67:9A:2C:64:0B:25:7A:48:D5:38:E9:9F:49:0C:13:DF:DD
            X509v3 Authority Key Identifier:
                keyid:88:38:E8:56:B2:27:2D:F1:74:BA:5A:40:A8:FC:7D:5D:30:31:CA:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDjoVrInLfF0ulpAqPx9XTAxyso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/yYRgZ5osZAslekjVOOmfSQwT390.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.93.114.0/24
                IPv6:
                  2a11:10c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         10:07:8f:4b:4a:a4:0b:0b:ca:b8:bb:95:bc:68:90:05:2f:28:
         94:ef:60:13:9f:5a:3a:cb:7f:65:f7:65:63:f9:37:58:73:74:
         5f:6a:6b:37:6a:bf:6b:35:a1:af:9b:09:cf:7f:6b:ed:fb:a1:
         59:69:bd:8c:56:1c:64:4b:b0:51:9a:a6:29:5d:07:1a:b3:d9:
         d1:6c:ca:dc:6d:93:8d:2c:81:d5:88:38:6e:45:68:06:b5:11:
         11:f7:f4:24:2c:1a:eb:f8:15:6c:fa:7b:51:65:f3:0f:c2:b1:
         5e:e0:cf:6a:dc:6d:a2:ce:4e:53:a6:89:0f:07:09:73:12:34:
         d7:b1:72:fe:bb:80:c4:73:61:3c:5c:9d:e7:7f:c7:0a:3a:8e:
         d6:b9:6a:0e:35:97:5f:6a:e8:a7:6a:cf:62:42:9d:35:8a:48:
         33:1a:75:30:1c:58:0d:28:44:2e:15:50:53:6a:c1:0d:03:91:
         97:e6:6b:05:65:8b:7c:f0:0f:ab:3d:92:07:2b:4d:af:d4:ae:
         19:b5:e8:f3:2c:f4:dc:0d:da:ff:0b:4f:49:cc:22:4a:80:e7:
         c2:bc:0b:8e:74:7c:fe:b9:df:12:ef:40:74:0f:4b:4d:13:ff:
         12:4e:fb:50:bb:c1:70:20:ce:e3:37:ef:f3:4b:7c:3b:2c:85:
         bd:43:7d:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAN6h8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODM4ZTg1NmIyMjcyZGYxNzRiYTVhNDBhOGZjN2Q1ZDMwMzFjYWNhMB4XDTIyMDEw
MTA2MDMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk4NDYwNjc5YTJj
NjQwYjI1N2E0OGQ1MzhlOTlmNDkwYzEzZGZkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUEUJhBbB3Piz1GbD1Who9jq9MlDsun/y4sdMHh2XeTFGsF
HiRyOKpVph3N/mmWDlzWnOFcFhA5RZQnxqwmeIxn3s6bp5IbTCu+EQmP4fxE+jUP
EETQVELH8u9NAt1+Qv+7Iw4HDkmb5NvofLI4mZUrQzgd9e/yleMH9JnDXVMg5h98
X/6c/cNbz/C+0lINRvleCAIcYMfay+0hIM/03NBAX/52/dnuMr2FaZxgsyeUqxzm
p9qLn0TBOA38UgGjTeQ6L+nMSizW4KAkb/30eUUoE2LWybD6vuLK+o+bU3uU72zK
DDWq1vm64uPzSUuSmVBprcp83fb0sniKIH9pamECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTJhGBnmixkCyV6SNU46Z9JDBPf3TAfBgNVHSMEGDAWgBSIOOhWsict8XS6
WkCo/H1dMDHKyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lEam9WckluTGZGMHVscEFxUHg5WFRBeHlzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvN2RhM2E5LTM0ZGYtNDhmOC04YTFiLTA3OWUxMTFlZGJmOS8x
L3lZUmdaNW9zWkFzbGVralZPT21mU1F3VDM5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
N2RhM2E5LTM0ZGYtNDhmOC04YTFiLTA3OWUxMTFlZGJmOS8xL2lEam9WckluTGZG
MHVscEFxUHg5WFRBeHlzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALxdcjANBAIAAjAHAwUDKhEQwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEAePS0qkCwvKuLuVvGiQBS8olO9gE59aOst/Zfdl
Y/k3WHN0X2prN2q/azWhr5sJz39r7fuhWWm9jFYcZEuwUZqmKV0HGrPZ0WzK3G2T
jSyB1Yg4bkVoBrUREff0JCwa6/gVbPp7UWXzD8KxXuDPatxtos5OU6aJDwcJcxI0
17Fy/ruAxHNhPFyd53/HCjqO1rlqDjWXX2rop2rPYkKdNYpIMxp1MBxYDShELhVQ
U2rBDQORl+ZrBWWLfPAPqz2SBytNr9SuGbXo8yz03A3a/wtPScwiSoDnwrwLjnR8
/rnfEu9AdA9LTRP/Ek77ULvBcCDO4zfv80t8OyyFvUN9jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:41 2024 by rpki-client on console-ams.rpki-client.org