Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/P2D5YaShr5HxzXC5u2rbJK-rk_8.roa
File:                     P2D5YaShr5HxzXC5u2rbJK-rk_8.roa (raw, json)
Hash identifier:          o6WjN8hALKqwuBDrsONBRhi4u6/MIpIe5yf0fT7JYoo=
Subject key identifier:   3F:60:F9:61:A4:A1:AF:91:F1:CD:70:B9:BB:6A:DB:24:AF:AB:93:FF
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01832213C138FBDF12A35923A9433C295551
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/P2D5YaShr5HxzXC5u2rbJK-rk_8.roa
Signing time:             Fri 09 Sep 2022 11:47:43 +0000
ROA not before:           Fri 09 Sep 2022 11:47:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204898
IP address blocks:        193.233.151.0/24 maxlen: 24
                          193.233.7.0/24 maxlen: 24
                          193.233.5.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:22:13:c1:38:fb:df:12:a3:59:23:a9:43:3c:29:55:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Sep  9 11:47:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3f60f961a4a1af91f1cd70b9bb6adb24afab93ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:89:8b:5a:b2:01:b4:57:40:5a:e9:84:10:07:
                    dd:fc:b2:67:d0:44:b4:82:6b:6f:eb:45:79:8a:d7:
                    e9:f0:9f:3c:b1:e3:58:1f:a5:a7:b0:f0:6f:44:1c:
                    35:e8:d2:86:6c:2b:74:c3:b7:28:f1:77:03:b0:b0:
                    17:57:19:ff:04:03:3b:30:22:2a:dc:ed:e2:58:18:
                    f1:f4:8d:bf:6f:15:8e:9e:6c:f3:07:d8:42:75:57:
                    ab:2d:1b:f5:25:5f:fd:53:f2:2c:14:00:7f:c4:00:
                    6e:e9:49:0d:33:b5:fc:83:49:b0:0c:f0:09:92:cc:
                    ad:7d:2e:7c:b2:02:0e:56:70:d4:41:ac:7a:44:63:
                    b9:64:8c:e9:d3:c7:8b:08:ed:a2:d4:c6:57:72:2f:
                    1a:70:ae:7f:0c:06:85:2b:36:34:a4:58:ae:d6:c0:
                    ca:d1:04:53:38:d3:36:ce:b0:d5:85:91:ff:5c:dc:
                    88:e9:58:c1:ca:6b:af:d4:57:10:39:f2:8d:36:99:
                    12:be:b8:8b:43:85:39:af:42:6f:71:a2:56:42:2b:
                    0e:62:d5:29:d9:c4:39:9e:e3:95:f0:75:01:1d:39:
                    19:f9:ea:d9:be:ee:d4:15:d1:b2:c6:26:6f:2f:59:
                    84:63:48:b7:24:b1:8c:64:a0:67:87:ac:d4:34:26:
                    f4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:60:F9:61:A4:A1:AF:91:F1:CD:70:B9:BB:6A:DB:24:AF:AB:93:FF
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/P2D5YaShr5HxzXC5u2rbJK-rk_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.5.0/24
                  193.233.7.0/24
                  193.233.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:db:28:4c:88:83:ab:0f:9c:0f:2d:61:1c:42:bb:53:6b:2c:
         b1:36:95:7b:bf:9b:e2:fc:48:a5:95:53:c9:db:b0:9b:af:7c:
         d7:92:1d:c2:06:f5:35:45:9f:75:f9:f7:aa:07:17:eb:60:b5:
         6b:32:33:b9:c6:2a:3e:df:92:af:40:0e:42:83:06:92:c0:de:
         22:98:06:48:60:77:78:41:d1:f4:4d:1b:3b:1d:ad:3f:39:8f:
         0f:2a:2a:7d:a7:cf:f2:20:47:0a:e0:b9:56:9a:db:0d:e4:03:
         4d:8f:84:79:4f:e3:e0:e4:45:97:7d:c6:2c:20:c6:d5:28:1c:
         62:d6:d8:94:dd:74:96:b4:50:5c:13:b7:a5:a9:67:cd:90:a3:
         07:ca:26:37:6b:76:19:bb:dc:a8:38:1a:57:e8:86:bd:51:fd:
         d4:1a:0f:c6:4c:19:ba:87:7e:48:84:90:50:b4:3d:da:96:cd:
         eb:69:08:42:02:57:7f:7c:63:90:9e:d0:af:e1:24:9d:fd:f3:
         1b:ab:4b:f6:b7:80:19:ae:b0:1e:d0:a8:2a:79:7e:42:ca:4f:
         8b:63:ff:37:78:8c:81:97:4e:96:a8:79:33:ce:fc:11:5a:90:
         db:d7:31:a3:cc:e4:b9:2e:f1:d1:d7:eb:c3:5d:c7:8a:aa:19:
         10:5d:f6:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMiE8E4+98So1kjqUM8KVVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwOTA5MTE0NzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjYwZjk2MWE0YTFhZjkxZjFjZDcwYjliYjZhZGIyNGFmYWI5M2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzImLWrIBtFdAWumEEAfd/LJn0ES0
gmtv60V5itfp8J88seNYH6WnsPBvRBw16NKGbCt0w7co8XcDsLAXVxn/BAM7MCIq
3O3iWBjx9I2/bxWOnmzzB9hCdVerLRv1JV/9U/IsFAB/xABu6UkNM7X8g0mwDPAJ
ksytfS58sgIOVnDUQax6RGO5ZIzp08eLCO2i1MZXci8acK5/DAaFKzY0pFiu1sDK
0QRTONM2zrDVhZH/XNyI6VjBymuv1FcQOfKNNpkSvriLQ4U5r0JvcaJWQisOYtUp
2cQ5nuOV8HUBHTkZ+erZvu7UFdGyxiZvL1mEY0i3JLGMZKBnh6zUNCb0mQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD9g+WGkoa+R8c1wubtq2ySvq5P/MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUDJENVlhU2hyNUh4elhDNXUycmJKSy1ya184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekFAwQA
wekHAwQAwemXMA0GCSqGSIb3DQEBCwUAA4IBAQAe2yhMiIOrD5wPLWEcQrtTayyx
NpV7v5vi/EillVPJ27Cbr3zXkh3CBvU1RZ91+feqBxfrYLVrMjO5xio+35KvQA5C
gwaSwN4imAZIYHd4QdH0TRs7Ha0/OY8PKip9p8/yIEcK4LlWmtsN5ANNj4R5T+Pg
5EWXfcYsIMbVKBxi1tiU3XSWtFBcE7elqWfNkKMHyiY3a3YZu9yoOBpX6Ia9Uf3U
Gg/GTBm6h35IhJBQtD3als3raQhCAld/fGOQntCv4SSd/fMbq0v2t4AZrrAe0Kgq
eX5Cyk+LY/83eIyBl06WqHkzzvwRWpDb1zGjzOS5LvHR1+vDXceKqhkQXfYl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org