Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Mo2jFrdHDbQe2nvNaeDqd56Fz_o.roa
File:                     Mo2jFrdHDbQe2nvNaeDqd56Fz_o.roa (raw, json)
Hash identifier:          xhWY9L0zB6wnErN3mKQUJOue6Am/kk0Sg60Hy27CHxA=
Subject key identifier:   32:8D:A3:16:B7:47:0D:B4:1E:DA:7B:CD:69:E0:EA:77:9E:85:CF:FA
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       04310A49
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Mo2jFrdHDbQe2nvNaeDqd56Fz_o.roa
Signing time:             Sat 01 Jan 2022 12:05:00 +0000
ROA not before:           Sat 01 Jan 2022 12:05:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201842
IP address blocks:        193.233.79.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70322761 (0x4310a49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 12:05:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=328da316b7470db41eda7bcd69e0ea779e85cffa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:d8:ef:7a:3a:bd:a7:44:6d:0f:de:53:3f:6f:
                    7a:ce:6c:4f:62:2e:c1:e1:33:ac:fd:98:5b:c2:a9:
                    1d:08:c7:65:c2:0b:88:6e:fa:f8:0d:5c:51:c4:9e:
                    a9:3a:0a:60:b2:95:01:9c:f0:e7:d6:2e:02:98:5d:
                    e6:60:f0:e8:b1:40:e4:c4:07:c2:ed:b1:56:37:f3:
                    a8:35:8e:9b:bb:f8:1c:b7:e6:03:18:a5:93:74:68:
                    8a:eb:f1:19:56:cb:55:c6:9b:08:53:db:ad:0f:54:
                    99:52:f6:3f:86:04:eb:cd:db:bc:29:00:47:16:67:
                    e8:75:83:5e:63:f7:11:34:56:3f:5f:4e:56:03:30:
                    93:45:39:79:4b:54:e8:83:18:e7:ee:76:44:50:70:
                    92:5e:67:9b:76:eb:d1:68:f6:11:0d:97:36:60:68:
                    5f:4c:f8:f6:c9:2f:29:13:98:cb:90:25:34:1f:8a:
                    bb:27:28:b2:ae:8a:07:2b:ea:02:12:bd:79:c6:70:
                    21:3d:5a:f9:36:f5:b5:47:d3:30:d2:02:41:bf:e0:
                    f0:42:92:c0:19:f4:f5:64:4a:95:f0:07:49:83:8c:
                    64:b2:e5:02:c8:fd:85:9a:af:70:f9:06:3b:4b:ab:
                    df:a2:2b:81:57:2b:46:da:73:fa:63:f9:0b:bc:79:
                    94:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:8D:A3:16:B7:47:0D:B4:1E:DA:7B:CD:69:E0:EA:77:9E:85:CF:FA
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Mo2jFrdHDbQe2nvNaeDqd56Fz_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:4f:71:44:06:89:f0:cc:ad:1f:35:d4:0d:60:44:e3:8d:e2:
         fb:b3:dd:d6:27:7b:3f:11:a3:e3:27:d2:c3:a9:83:97:9d:00:
         86:ac:70:61:95:47:b8:e5:68:21:c7:0c:89:d9:6e:9d:fd:3e:
         21:75:c7:12:e5:1f:c6:ea:2e:d1:21:e9:8c:c8:22:3a:39:a6:
         78:1e:4a:3e:cc:cb:88:94:26:42:70:81:f0:19:3c:67:ef:aa:
         f2:63:f3:51:b2:fc:13:b8:7e:c1:fd:c5:47:30:ee:6d:7a:74:
         9b:af:d3:d7:69:3f:20:d5:1d:d2:ea:f1:de:37:4d:8f:bd:eb:
         11:aa:f1:f0:90:d7:47:67:a7:a4:87:4a:bf:6c:b1:06:c5:f4:
         8d:ac:cb:7d:4b:a7:98:82:bb:1c:3d:22:57:a5:cb:bd:64:ea:
         58:bd:af:78:8c:7e:e6:89:1f:5f:97:57:b3:3f:f4:8b:56:08:
         94:8e:78:8d:b0:e2:36:d6:97:b6:8e:1d:fd:86:7b:50:97:bf:
         25:18:77:40:1d:56:dc:a3:07:cc:57:cc:08:0a:10:54:58:6a:
         a9:f2:d9:61:c8:8d:47:31:9f:30:f9:26:92:2f:41:10:18:83:
         d3:08:5e:72:a5:0c:83:25:a0:89:cc:8f:71:b4:5b:a0:b1:9e:
         00:72:99:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBDEKSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDUwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI4ZGEzMTZiNzQ3
MGRiNDFlZGE3YmNkNjllMGVhNzc5ZTg1Y2ZmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnY73o6vadEbQ/eUz9ves5sT2IuweEzrP2YW8KpHQjHZcIL
iG76+A1cUcSeqToKYLKVAZzw59YuAphd5mDw6LFA5MQHwu2xVjfzqDWOm7v4HLfm
Axilk3RoiuvxGVbLVcabCFPbrQ9UmVL2P4YE683bvCkARxZn6HWDXmP3ETRWP19O
VgMwk0U5eUtU6IMY5+52RFBwkl5nm3br0Wj2EQ2XNmBoX0z49skvKROYy5AlNB+K
uycosq6KByvqAhK9ecZwIT1a+Tb1tUfTMNICQb/g8EKSwBn09WRKlfAHSYOMZLLl
Asj9hZqvcPkGO0ur36IrgVcrRtpz+mP5C7x5lMkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQyjaMWt0cNtB7ae81p4Op3noXP+jAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L01vMmpGcmRIRGJRZTJudk5hZURxZDU2Rnpfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHpTzANBgkqhkiG9w0BAQsFAAOC
AQEAjE9xRAaJ8MytHzXUDWBE443i+7Pd1id7PxGj4yfSw6mDl50AhqxwYZVHuOVo
IccMidlunf0+IXXHEuUfxuou0SHpjMgiOjmmeB5KPszLiJQmQnCB8Bk8Z++q8mPz
UbL8E7h+wf3FRzDubXp0m6/T12k/INUd0urx3jdNj73rEarx8JDXR2enpIdKv2yx
BsX0jazLfUunmIK7HD0iV6XLvWTqWL2veIx+5okfX5dXsz/0i1YIlI54jbDiNtaX
to4d/YZ7UJe/JRh3QB1W3KMHzFfMCAoQVFhqqfLZYciNRzGfMPkmki9BEBiD0whe
cqUMgyWgicyPcbRboLGeAHKZng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org