Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1_C7pZeOce6jRQAvm-Np5dzCblI.roa
File:                     1_C7pZeOce6jRQAvm-Np5dzCblI.roa (raw, json)
Hash identifier:          MVETaQwc8O5zihpUuAD/8M0aM0iYpri3jCs36+FAgPg=
Subject key identifier:   D7:F0:BB:A5:97:8E:71:EE:A3:45:00:2F:9B:E3:69:E5:DC:C2:6E:52
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0183E04BB2512D58D8B4A895D00F67E15B06
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1_C7pZeOce6jRQAvm-Np5dzCblI.roa
Signing time:             Sun 16 Oct 2022 10:16:40 +0000
ROA not before:           Sun 16 Oct 2022 10:16:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        193.233.124.0/22 maxlen: 22
                          193.233.120.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:e0:4b:b2:51:2d:58:d8:b4:a8:95:d0:0f:67:e1:5b:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Oct 16 10:16:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7f0bba5978e71eea345002f9be369e5dcc26e52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3b:26:d1:8d:bd:c1:76:96:f6:e4:c5:f5:60:
                    02:3d:6b:57:54:8a:2d:fb:46:b0:48:70:90:25:86:
                    0b:4a:27:d3:0a:ee:e2:a7:eb:18:56:19:6a:f8:2b:
                    49:c9:d5:b2:33:ed:a2:e6:36:59:c4:24:5c:16:62:
                    2a:5e:d9:94:e3:e7:14:ff:dc:05:24:fb:42:42:35:
                    35:5c:cb:c6:4f:4e:53:49:15:cc:d5:59:a0:7c:de:
                    f6:6a:a0:54:fd:ac:f9:f8:17:76:dd:9c:70:dd:f0:
                    6e:8c:86:84:b0:4f:31:64:d0:e1:1b:63:13:a8:6f:
                    c6:a7:ca:da:d5:c6:5d:19:02:44:07:af:0e:63:f0:
                    21:97:a3:d0:f9:22:00:c3:b8:c7:43:53:39:c9:88:
                    14:e6:72:0e:23:ec:16:2d:0c:7f:56:ab:2e:14:90:
                    89:d3:63:f6:cb:db:c4:24:bc:87:7c:98:86:87:4b:
                    a0:53:14:60:80:1f:82:fc:e5:51:b8:c9:91:7e:18:
                    e9:9a:93:25:3f:64:65:42:e3:a8:c6:5b:13:e6:b4:
                    a9:b3:fc:ef:17:a8:7a:c4:fe:bb:2f:7a:bd:64:c3:
                    7c:14:1e:89:ce:35:0f:02:cb:86:9e:8c:2b:0b:75:
                    45:dd:f2:d7:5e:93:fe:75:59:72:ed:0e:d1:1a:33:
                    44:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:F0:BB:A5:97:8E:71:EE:A3:45:00:2F:9B:E3:69:E5:DC:C2:6E:52
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1_C7pZeOce6jRQAvm-Np5dzCblI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         18:29:31:a8:5e:ce:1c:c4:9e:21:33:b0:3e:ce:66:85:82:07:
         95:db:8a:5d:94:76:9f:29:03:47:3b:9e:98:f0:cc:de:60:31:
         7d:6e:dd:56:80:bb:66:8a:7f:e5:1a:1e:ac:65:25:b9:e6:ee:
         0a:8f:f8:57:85:71:e7:33:14:d2:b8:7c:3c:e8:7d:9d:07:c2:
         39:a7:08:1d:c8:0d:d4:a5:09:f2:96:68:10:b3:f7:ad:aa:f2:
         c5:6e:71:20:83:f0:ce:bc:7b:a3:aa:88:b8:06:2d:39:23:29:
         41:e9:ff:b3:a4:fe:06:28:c0:af:42:7a:c5:22:55:8a:53:36:
         1b:20:67:3c:8e:1e:fc:fe:77:d5:84:ca:92:c2:ad:b5:3a:27:
         5b:0a:90:d4:51:c0:86:25:86:5b:63:a9:a3:91:5b:48:ac:31:
         58:ba:f5:f4:36:8c:1e:a5:19:5b:cb:22:3d:44:13:b3:66:4c:
         47:35:c1:55:90:cd:5b:ed:58:04:1c:ad:b9:96:54:cc:26:8b:
         18:12:66:d8:5f:38:02:9d:c4:07:de:bb:4c:ed:88:2c:62:fe:
         99:c3:c0:26:ba:90:c5:dc:44:56:7c:73:7a:07:99:c2:22:36:
         61:17:5d:0b:a9:68:13:4a:1f:3a:ca:ed:09:01:7e:68:d9:5a:
         87:f6:ae:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPgS7JRLVjYtKiV0A9n4VsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMDE2MTAxNjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2YwYmJhNTk3OGU3MWVlYTM0NTAwMmY5YmUzNjllNWRjYzI2ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTsm0Y29wXaW9uTF9WACPWtXVIot
+0awSHCQJYYLSifTCu7ip+sYVhlq+CtJydWyM+2i5jZZxCRcFmIqXtmU4+cU/9wF
JPtCQjU1XMvGT05TSRXM1VmgfN72aqBU/az5+Bd23Zxw3fBujIaEsE8xZNDhG2MT
qG/Gp8ra1cZdGQJEB68OY/Ahl6PQ+SIAw7jHQ1M5yYgU5nIOI+wWLQx/VqsuFJCJ
02P2y9vEJLyHfJiGh0ugUxRggB+C/OVRuMmRfhjpmpMlP2RlQuOoxlsT5rSps/zv
F6h6xP67L3q9ZMN8FB6JzjUPAsuGnowrC3VF3fLXXpP+dVly7Q7RGjNEZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfwu6WXjnHuo0UAL5vjaeXcwm5SMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMV9DN3BaZU9jZTZqUlFBdm0tTnA1ZHpDYmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwel4MA0G
CSqGSIb3DQEBCwUAA4IBAQAYKTGoXs4cxJ4hM7A+zmaFggeV24pdlHafKQNHO56Y
8MzeYDF9bt1WgLtmin/lGh6sZSW55u4Kj/hXhXHnMxTSuHw86H2dB8I5pwgdyA3U
pQnylmgQs/etqvLFbnEgg/DOvHujqoi4Bi05IylB6f+zpP4GKMCvQnrFIlWKUzYb
IGc8jh78/nfVhMqSwq21OidbCpDUUcCGJYZbY6mjkVtIrDFYuvX0NowepRlbyyI9
RBOzZkxHNcFVkM1b7VgEHK25llTMJosYEmbYXzgCncQH3rtM7YgsYv6Zw8AmupDF
3ERWfHN6B5nCIjZhF10LqWgTSh86yu0JAX5o2VqH9q5s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org