Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/FWrxp1so37jMossUO-pyRxAZvjQ.roa
File:                     FWrxp1so37jMossUO-pyRxAZvjQ.roa (raw, json)
Hash identifier:          3VePrddeE66H2bMI1O8rpT/dNdfSh8VQY9we0qxAkJE=
Subject key identifier:   15:6A:F1:A7:5B:28:DF:B8:CC:A2:CB:14:3B:EA:72:47:10:19:BE:34
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018289433FE6219E67B98632CD896DC5507E
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/FWrxp1so37jMossUO-pyRxAZvjQ.roa
Signing time:             Wed 10 Aug 2022 19:37:42 +0000
ROA not before:           Wed 10 Aug 2022 19:37:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204603
IP address blocks:        193.233.193.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:89:43:3f:e6:21:9e:67:b9:86:32:cd:89:6d:c5:50:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Aug 10 19:37:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=156af1a75b28dfb8cca2cb143bea72471019be34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:39:5d:65:5e:86:57:95:6c:a9:4b:58:7b:8f:
                    2b:f6:e8:aa:02:92:9c:4f:65:27:43:5e:4f:95:60:
                    67:a0:91:3e:4f:05:57:6a:74:ec:1c:21:9e:6a:7e:
                    de:4d:34:f2:2d:d7:78:99:91:98:71:9f:02:dc:1b:
                    94:13:74:92:8a:00:c1:50:98:63:83:9c:5f:bd:08:
                    0a:a7:ce:e3:96:e1:87:03:22:3c:10:3f:74:2f:22:
                    28:87:72:66:de:7d:06:62:96:a9:8d:0e:0f:af:bf:
                    f9:cb:85:e1:ba:ba:d2:1b:05:40:62:49:4e:39:5e:
                    76:0d:e2:98:a4:e3:a5:51:e9:bb:33:72:dd:10:03:
                    99:82:d4:fb:6d:63:c1:07:64:5c:74:df:6c:3b:a9:
                    ba:d3:90:04:d1:b1:47:3e:eb:6e:30:44:c9:6e:35:
                    88:a5:e8:73:46:52:c0:40:c8:fe:22:99:06:1c:d0:
                    48:ed:a3:36:57:9a:00:1e:9f:34:aa:dd:91:18:09:
                    17:4a:9e:2a:48:06:3e:ea:de:a1:39:17:b0:42:e0:
                    2b:ae:90:17:09:a7:67:bf:cf:a5:e1:a9:d9:9f:e3:
                    88:fc:47:d9:bd:73:e3:59:81:d8:3f:12:06:4a:1d:
                    e2:1f:3a:8f:0e:6f:5a:c5:73:17:24:7a:54:5e:a0:
                    af:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:6A:F1:A7:5B:28:DF:B8:CC:A2:CB:14:3B:EA:72:47:10:19:BE:34
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/FWrxp1so37jMossUO-pyRxAZvjQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:6f:5a:a5:ab:9a:d7:b8:a6:ca:bf:81:a4:ce:1b:ff:ae:98:
         b0:34:20:05:64:dc:c7:bc:e1:ed:21:c2:5e:9e:ad:99:d1:d0:
         6c:fa:ba:df:be:b5:e9:14:95:8a:0e:0d:ea:8a:ae:ab:40:f1:
         84:b7:1f:d2:47:e3:94:a6:25:da:16:41:93:c8:be:c8:9a:0a:
         bf:fd:3b:59:31:ff:af:b0:6c:0b:fb:85:58:b5:c4:5b:d3:31:
         64:f9:dd:01:58:f9:ca:c6:b1:c1:4f:c3:88:48:82:01:35:dd:
         bc:00:39:60:09:1c:30:b5:2d:15:91:15:57:05:7b:46:6f:f8:
         8e:b9:31:86:3b:30:a1:c5:0f:26:11:2f:65:d2:5d:df:97:24:
         40:56:10:45:af:8c:f2:04:19:5a:98:91:81:ff:48:8f:97:44:
         28:63:5e:b0:c4:8c:32:33:fd:18:a5:d5:22:af:de:6b:a7:16:
         f0:91:1a:01:10:2b:95:92:94:b8:20:4c:de:cf:fe:28:ba:d1:
         7b:53:fd:90:13:5e:4b:e8:41:8e:43:bf:6a:6c:37:4f:fe:a6:
         c1:d5:f9:88:2b:43:71:4d:2f:dd:76:13:69:40:72:34:45:b3:
         8e:02:58:72:e8:5a:b9:9f:4d:1c:d4:88:a9:14:fb:c3:4d:b6:
         b8:14:f9:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKJQz/mIZ5nuYYyzYltxVB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwODEwMTkzNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTZhZjFhNzViMjhkZmI4Y2NhMmNiMTQzYmVhNzI0NzEwMTliZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzldZV6GV5VsqUtYe48r9uiqApKc
T2UnQ15PlWBnoJE+TwVXanTsHCGean7eTTTyLdd4mZGYcZ8C3BuUE3SSigDBUJhj
g5xfvQgKp87jluGHAyI8ED90LyIoh3Jm3n0GYpapjQ4Pr7/5y4XhurrSGwVAYklO
OV52DeKYpOOlUem7M3LdEAOZgtT7bWPBB2RcdN9sO6m605AE0bFHPutuMETJbjWI
pehzRlLAQMj+IpkGHNBI7aM2V5oAHp80qt2RGAkXSp4qSAY+6t6hORewQuArrpAX
Cadnv8+l4anZn+OI/EfZvXPjWYHYPxIGSh3iHzqPDm9axXMXJHpUXqCv5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBVq8adbKN+4zKLLFDvqckcQGb40MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvRldyeHAxc28zN2pNb3NzVU8tcHlSeEFadmpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwenBMA0G
CSqGSIb3DQEBCwUAA4IBAQB4b1qlq5rXuKbKv4Gkzhv/rpiwNCAFZNzHvOHtIcJe
nq2Z0dBs+rrfvrXpFJWKDg3qiq6rQPGEtx/SR+OUpiXaFkGTyL7Imgq//TtZMf+v
sGwL+4VYtcRb0zFk+d0BWPnKxrHBT8OISIIBNd28ADlgCRwwtS0VkRVXBXtGb/iO
uTGGOzChxQ8mES9l0l3flyRAVhBFr4zyBBlamJGB/0iPl0QoY16wxIwyM/0YpdUi
r95rpxbwkRoBECuVkpS4IEzez/4outF7U/2QE15L6EGOQ79qbDdP/qbB1fmIK0Nx
TS/ddhNpQHI0RbOOAlhy6Fq5n00c1IipFPvDTba4FPmW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org