Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MTZDBs87Hl3FsM8Kjwd9Dzh8MWs.roa
File:                     MTZDBs87Hl3FsM8Kjwd9Dzh8MWs.roa (raw, json)
Hash identifier:          BWOAp3N2ogGdcGoHJpnp1blAUTia00jA6Wo0m9wXiLo=
Subject key identifier:   31:36:43:06:CF:3B:1E:5D:C5:B0:CF:0A:8F:07:7D:0F:38:7C:31:6B
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       041FDB22
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MTZDBs87Hl3FsM8Kjwd9Dzh8MWs.roa
Signing time:             Sat 01 Jan 2022 12:04:51 +0000
ROA not before:           Sat 01 Jan 2022 12:04:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3229
IP address blocks:        193.233.172.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69196578 (0x41fdb22)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 12:04:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=31364306cf3b1e5dc5b0cf0a8f077d0f387c316b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ca:d5:44:d1:e8:24:7c:a4:50:51:63:e2:c0:
                    4a:5a:e1:05:82:4c:33:50:70:8d:0b:ee:15:e7:ef:
                    06:07:62:7a:12:90:31:d8:5a:8c:5b:2d:74:31:d6:
                    77:3b:9e:52:36:a4:e3:e2:47:5e:28:ad:32:d1:49:
                    35:61:50:ab:7b:20:80:51:42:29:97:54:50:48:e7:
                    06:6b:bc:2a:f7:ad:45:72:49:6a:68:83:46:e3:f6:
                    fb:de:54:2a:70:15:8b:74:0a:47:83:2a:e9:b9:5b:
                    45:2c:4d:2b:7d:34:47:62:db:83:ca:12:34:f6:bf:
                    c7:cd:9e:20:ac:7f:49:55:de:9e:81:56:8e:0f:90:
                    2a:96:b6:f4:3f:b7:02:5c:d7:c8:b8:a4:e6:0a:bf:
                    ea:ac:39:9e:29:df:64:b5:1a:5b:ad:7a:17:12:62:
                    b6:22:6a:fa:9c:40:6f:6e:54:a7:82:a6:49:bb:bf:
                    08:5d:ed:5b:2e:4a:ca:47:0f:92:da:56:3c:fe:28:
                    60:71:89:11:16:24:35:fb:16:11:5b:5a:ae:08:34:
                    3b:a2:25:d1:78:3a:24:c8:d9:28:fe:b8:d3:a8:2d:
                    bd:c7:fc:34:80:3a:5d:c7:4f:cc:14:c1:a9:22:21:
                    99:06:df:bc:ae:0c:a8:4e:6f:6b:b1:33:da:7b:73:
                    62:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:36:43:06:CF:3B:1E:5D:C5:B0:CF:0A:8F:07:7D:0F:38:7C:31:6B
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MTZDBs87Hl3FsM8Kjwd9Dzh8MWs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:70:8c:55:c2:80:78:41:d0:09:f2:e5:33:53:46:a7:0c:a2:
         5c:11:a2:84:53:b4:54:bd:20:0b:18:39:07:a5:69:6f:9d:18:
         38:aa:2a:13:61:27:35:f1:40:05:c1:1e:6b:28:6e:2a:00:a8:
         2d:29:b7:54:f9:ae:43:f2:a2:3e:db:23:46:c6:e4:28:39:7e:
         be:96:96:df:b0:ca:e7:93:d6:da:af:aa:2a:6b:99:a9:73:03:
         ea:e0:ce:1b:c7:06:01:8c:90:d0:6b:5a:1a:31:2d:c9:17:a9:
         58:d8:78:47:15:d1:f6:8c:ad:0a:8a:9e:03:01:0a:52:45:5e:
         97:5e:7e:61:87:7d:9a:44:08:87:69:b2:58:50:fb:d9:01:94:
         dc:04:04:90:f2:3d:a3:f4:77:b2:a3:32:c7:be:2c:71:ef:36:
         83:f9:92:61:b4:d9:29:c9:d8:fe:13:a2:6d:3e:2d:f2:43:d3:
         fa:26:3d:df:ca:c9:37:d9:16:45:c2:25:84:8d:a9:24:29:ca:
         60:51:27:0f:78:51:66:e7:2d:bd:96:9d:ef:dc:b3:0e:52:5f:
         84:40:1c:38:b3:aa:fa:60:a6:6c:20:2a:de:06:e2:88:d8:74:
         29:3a:72:cc:a8:49:8a:31:c2:8b:49:69:d6:6a:e2:28:72:d1:
         fa:eb:23:67
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBB/bIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzEzNjQzMDZjZjNi
MWU1ZGM1YjBjZjBhOGYwNzdkMGYzODdjMzE2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLK1UTR6CR8pFBRY+LASlrhBYJMM1BwjQvuFefvBgdiehKQ
MdhajFstdDHWdzueUjak4+JHXiitMtFJNWFQq3sggFFCKZdUUEjnBmu8KvetRXJJ
amiDRuP2+95UKnAVi3QKR4Mq6blbRSxNK300R2Lbg8oSNPa/x82eIKx/SVXenoFW
jg+QKpa29D+3AlzXyLik5gq/6qw5ninfZLUaW616FxJitiJq+pxAb25Up4KmSbu/
CF3tWy5KykcPktpWPP4oYHGJERYkNfsWEVtargg0O6Il0Xg6JMjZKP6406gtvcf8
NIA6XcdPzBTBqSIhmQbfvK4MqE5va7Ez2ntzYk0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQxNkMGzzseXcWwzwqPB30POHwxazAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L01UWkRCczg3SGwzRnNNOEtqd2Q5RHpoOE1Xcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHprDANBgkqhkiG9w0BAQsFAAOC
AQEAeHCMVcKAeEHQCfLlM1NGpwyiXBGihFO0VL0gCxg5B6Vpb50YOKoqE2EnNfFA
BcEeayhuKgCoLSm3VPmuQ/KiPtsjRsbkKDl+vpaW37DK55PW2q+qKmuZqXMD6uDO
G8cGAYyQ0GtaGjEtyRepWNh4RxXR9oytCoqeAwEKUkVel15+YYd9mkQIh2myWFD7
2QGU3AQEkPI9o/R3sqMyx74sce82g/mSYbTZKcnY/hOibT4t8kPT+iY938rJN9kW
RcIlhI2pJCnKYFEnD3hRZuctvZad79yzDlJfhEAcOLOq+mCmbCAq3gbiiNh0KTpy
zKhJijHCi0lp1mriKHLR+usjZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org