Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8z-zMw4Lo2--GH1GQ4SdM14mz4A.roa
File:                     8z-zMw4Lo2--GH1GQ4SdM14mz4A.roa (raw, json)
Hash identifier:          TmMaRdIvmqZv2giIMOju92b0g71g+GYoy/mPKxqY2Io=
Subject key identifier:   F3:3F:B3:33:0E:0B:A3:6F:BE:18:7D:46:43:84:9D:33:5E:26:CF:80
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01843F073DE33DD323C43DAEB11D6FF09E33
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8z-zMw4Lo2--GH1GQ4SdM14mz4A.roa
Signing time:             Thu 03 Nov 2022 19:45:49 +0000
ROA not before:           Thu 03 Nov 2022 19:45:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207713
IP address blocks:        193.233.17.0/24 maxlen: 24
                          193.233.49.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:3f:07:3d:e3:3d:d3:23:c4:3d:ae:b1:1d:6f:f0:9e:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Nov  3 19:45:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f33fb3330e0ba36fbe187d4643849d335e26cf80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:33:5b:11:0e:92:45:3d:08:6b:38:4c:ed:62:
                    20:8b:20:58:9f:f9:1c:18:bd:5e:c2:11:7b:86:f3:
                    63:0c:d1:a5:13:ac:b7:34:f4:42:b0:19:7d:b2:93:
                    42:ac:20:97:ff:d7:9d:0c:25:85:59:ee:8b:fd:78:
                    9e:f5:f2:cb:3f:ea:31:d0:56:50:0e:d3:c5:8f:da:
                    f2:58:a3:41:f4:d1:c7:94:9d:62:43:66:13:95:6e:
                    2a:6c:34:06:3d:8d:dd:65:83:b2:71:48:e5:6e:53:
                    f7:61:a8:42:23:5f:67:02:51:03:65:d6:ba:76:7d:
                    ad:4e:5a:47:eb:b7:fc:b8:f4:0b:b0:fe:84:72:3c:
                    63:63:be:9d:7b:b7:cb:bd:3c:4d:a5:e3:0f:43:73:
                    06:fb:8b:f5:e4:23:04:45:9f:b3:dc:77:71:2a:f5:
                    23:61:72:0d:04:7a:69:54:a3:a1:8d:e0:fe:b8:35:
                    64:c6:86:36:09:0f:5e:2b:03:2f:a4:7c:8b:0f:1f:
                    4f:28:30:08:26:3f:0a:dd:41:4c:ed:0e:fe:fe:4f:
                    1b:42:46:62:86:e6:00:a9:ef:7a:2d:b7:86:2b:14:
                    62:b7:ed:1e:30:27:c0:2b:37:0a:85:dd:54:5f:1a:
                    af:67:c1:77:aa:b7:39:2b:01:5a:7a:73:e1:b8:de:
                    cc:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:3F:B3:33:0E:0B:A3:6F:BE:18:7D:46:43:84:9D:33:5E:26:CF:80
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8z-zMw4Lo2--GH1GQ4SdM14mz4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.17.0/24
                  193.233.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:7f:43:4f:33:05:ed:5a:87:18:5f:9a:b7:d0:8d:a1:b8:be:
         e8:88:b9:25:98:07:2c:ad:3e:16:7d:6c:6d:60:49:fd:4f:88:
         6f:fe:f1:d3:bc:4b:9b:84:5f:29:ca:8a:45:d9:a3:7b:1e:5a:
         82:44:70:91:e2:94:9b:0b:6a:42:54:f1:65:7f:2b:0d:90:3b:
         26:93:5b:53:a0:82:2e:a1:41:ef:41:b0:f4:a3:7b:ca:64:a2:
         7b:31:e6:2e:db:53:9c:3c:a0:28:a9:9a:3c:81:a4:45:55:10:
         a6:73:0a:21:73:76:4b:10:f0:51:57:78:d0:da:9a:b0:9a:ce:
         70:36:a1:62:62:0f:c0:09:fe:ea:42:3c:85:02:6e:52:33:68:
         25:f7:8d:dc:cd:63:42:37:ec:59:7a:8d:38:2d:2f:1a:b1:f6:
         e9:78:a9:04:68:e6:e8:92:90:bf:05:80:f2:e0:f2:51:ea:65:
         64:02:3c:ca:a0:d2:30:ab:84:f1:e0:4e:25:b0:87:e2:0d:ed:
         a5:6c:14:37:2f:a8:00:f8:40:cf:6a:20:24:8f:d7:78:d0:82:
         fa:ab:ba:a5:a9:b2:fa:6e:44:de:cf:0a:5e:4e:d9:08:0a:c0:
         66:de:30:24:a9:7e:58:8f:52:be:0a:2b:83:7d:cf:e3:e4:75:
         c4:09:7b:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQ/Bz3jPdMjxD2usR1v8J4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMTAzMTk0NTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNmYjMzMzBlMGJhMzZmYmUxODdkNDY0Mzg0OWQzMzVlMjZjZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDNbEQ6SRT0IazhM7WIgiyBYn/kc
GL1ewhF7hvNjDNGlE6y3NPRCsBl9spNCrCCX/9edDCWFWe6L/Xie9fLLP+ox0FZQ
DtPFj9ryWKNB9NHHlJ1iQ2YTlW4qbDQGPY3dZYOycUjlblP3YahCI19nAlEDZda6
dn2tTlpH67f8uPQLsP6EcjxjY76de7fLvTxNpeMPQ3MG+4v15CMERZ+z3HdxKvUj
YXINBHppVKOhjeD+uDVkxoY2CQ9eKwMvpHyLDx9PKDAIJj8K3UFM7Q7+/k8bQkZi
huYAqe96LbeGKxRit+0eMCfAKzcKhd1UXxqvZ8F3qrc5KwFaenPhuN7MsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPM/szMOC6Nvvhh9RkOEnTNeJs+AMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvOHotek13NExvMi0tR0gxR1E0U2RNMTRtejRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwekRAwQA
wekxMA0GCSqGSIb3DQEBCwUAA4IBAQCUf0NPMwXtWocYX5q30I2huL7oiLklmAcs
rT4WfWxtYEn9T4hv/vHTvEubhF8pyopF2aN7HlqCRHCR4pSbC2pCVPFlfysNkDsm
k1tToIIuoUHvQbD0o3vKZKJ7MeYu21OcPKAoqZo8gaRFVRCmcwohc3ZLEPBRV3jQ
2pqwms5wNqFiYg/ACf7qQjyFAm5SM2gl943czWNCN+xZeo04LS8asfbpeKkEaObo
kpC/BYDy4PJR6mVkAjzKoNIwq4Tx4E4lsIfiDe2lbBQ3L6gA+EDPaiAkj9d40IL6
q7qlqbL6bkTezwpeTtkICsBm3jAkqX5Yj1K+CiuDfc/j5HXECXv3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org