Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1j9TG0mFx12GOoJMX5sZwWs4NRQ.roa
File:                     1j9TG0mFx12GOoJMX5sZwWs4NRQ.roa (raw, json)
Hash identifier:          43Yxo/3PMclEI4B/NsMLuXGOkqdpSzj9VjG52EXZgmg=
Subject key identifier:   D6:3F:53:1B:49:85:C7:5D:86:3A:82:4C:5F:9B:19:C1:6B:38:35:14
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0183B7732B767D2131215E2BC4D8382964A9
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1j9TG0mFx12GOoJMX5sZwWs4NRQ.roa
Signing time:             Sat 08 Oct 2022 11:55:21 +0000
ROA not before:           Sat 08 Oct 2022 11:55:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50321
IP address blocks:        193.233.17.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:b7:73:2b:76:7d:21:31:21:5e:2b:c4:d8:38:29:64:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Oct  8 11:55:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d63f531b4985c75d863a824c5f9b19c16b383514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ab:de:f9:a4:f4:4d:d4:f5:85:b6:1f:b4:3c:
                    8b:60:c5:a3:c1:4c:1e:ba:b1:a4:9b:17:6d:63:f3:
                    b7:49:47:d0:71:ed:4e:12:21:06:a3:a2:9a:cc:62:
                    3b:12:3d:80:45:5a:7f:0b:a7:c0:52:ae:71:8e:c5:
                    13:a7:4f:b9:81:65:23:6a:12:bc:48:6c:73:96:34:
                    1e:fe:58:4c:37:70:ce:68:c2:b1:65:45:b4:f8:f5:
                    9f:50:38:f9:da:b0:b5:99:68:6f:78:71:b1:4a:d0:
                    9d:e6:2c:50:26:bf:e6:96:72:39:3e:57:ce:65:26:
                    96:8d:69:da:fb:a8:73:11:9f:d2:36:0b:51:b3:f5:
                    ec:51:53:b8:ac:55:ff:39:b9:32:f9:f1:58:59:9e:
                    25:53:3d:b4:d5:3a:71:5d:45:fe:32:c7:5f:3b:fb:
                    7c:97:e8:74:08:e2:12:9a:5e:ff:80:58:ce:1b:c6:
                    f7:93:89:6c:0c:2c:53:9f:31:5c:f8:37:40:6c:8e:
                    70:c9:6d:3a:c4:fe:52:48:8c:6a:aa:41:fd:ce:9b:
                    9a:7d:53:dc:79:de:24:90:0b:cb:ad:88:dd:30:60:
                    17:a9:db:0e:ac:6e:f4:d1:2c:c6:82:60:a9:68:7d:
                    13:15:15:23:2f:9f:c0:e0:6b:22:92:ad:37:0e:b0:
                    d5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:3F:53:1B:49:85:C7:5D:86:3A:82:4C:5F:9B:19:C1:6B:38:35:14
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1j9TG0mFx12GOoJMX5sZwWs4NRQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:8c:65:1a:0e:40:da:69:10:eb:bc:9e:60:ca:6a:ac:e5:da:
         19:af:88:b3:50:ae:68:df:40:27:4f:1a:86:84:06:fa:60:e0:
         1f:56:d4:80:e5:75:64:2b:b3:93:93:c1:56:26:a9:fe:a4:e1:
         1e:56:4e:11:f9:a7:e0:e2:da:4e:49:36:61:b5:d1:87:e0:44:
         1e:28:6e:b0:36:f0:3f:8c:34:69:5e:2c:46:9e:03:68:43:a4:
         f7:bd:0e:d3:dd:ab:19:3c:82:c3:00:77:0f:21:da:94:d0:f1:
         79:99:3e:3e:c7:f0:d7:55:8f:d8:4c:0b:0b:ec:38:d5:16:6b:
         c9:01:76:10:ce:45:8f:5f:f1:79:65:d4:a8:14:2e:09:87:0a:
         64:3f:e5:04:73:e8:bd:0f:c6:57:e2:7c:af:10:64:b8:42:cc:
         e2:b9:18:11:13:86:16:8a:da:4b:bf:f2:86:89:b2:d4:2e:7b:
         45:b0:9f:dc:bd:df:ae:46:1a:e6:00:dc:88:68:86:49:c0:80:
         f6:ef:55:38:a9:9f:13:cb:d5:3d:db:43:de:77:d5:77:ec:94:
         2d:5e:a3:60:fa:77:75:53:6c:bf:8d:cf:b7:c8:99:3f:f8:9e:
         8d:b8:38:f3:ae:fb:65:1a:bc:5f:22:de:bc:a2:1f:10:53:29:
         95:c1:4d:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYO3cyt2fSExIV4rxNg4KWSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMDA4MTE1NTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjNmNTMxYjQ5ODVjNzVkODYzYTgyNGM1ZjliMTljMTZiMzgzNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqve+aT0TdT1hbYftDyLYMWjwUwe
urGkmxdtY/O3SUfQce1OEiEGo6KazGI7Ej2ARVp/C6fAUq5xjsUTp0+5gWUjahK8
SGxzljQe/lhMN3DOaMKxZUW0+PWfUDj52rC1mWhveHGxStCd5ixQJr/mlnI5PlfO
ZSaWjWna+6hzEZ/SNgtRs/XsUVO4rFX/Obky+fFYWZ4lUz201TpxXUX+MsdfO/t8
l+h0COISml7/gFjOG8b3k4lsDCxTnzFc+DdAbI5wyW06xP5SSIxqqkH9zpuafVPc
ed4kkAvLrYjdMGAXqdsOrG700SzGgmCpaH0TFRUjL5/A4Gsikq03DrDVCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNY/UxtJhcddhjqCTF+bGcFrODUUMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMWo5VEcwbUZ4MTJHT29KTVg1c1p3V3M0TlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwekRMA0G
CSqGSIb3DQEBCwUAA4IBAQBGjGUaDkDaaRDrvJ5gymqs5doZr4izUK5o30AnTxqG
hAb6YOAfVtSA5XVkK7OTk8FWJqn+pOEeVk4R+afg4tpOSTZhtdGH4EQeKG6wNvA/
jDRpXixGngNoQ6T3vQ7T3asZPILDAHcPIdqU0PF5mT4+x/DXVY/YTAsL7DjVFmvJ
AXYQzkWPX/F5ZdSoFC4JhwpkP+UEc+i9D8ZX4nyvEGS4QsziuRgRE4YWitpLv/KG
ibLULntFsJ/cvd+uRhrmANyIaIZJwID271U4qZ8Ty9U920Ped9V37JQtXqNg+nd1
U2y/jc+3yJk/+J6NuDjzrvtlGrxfIt68oh8QUymVwU0v
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org