Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/UdTO-zuZWlPFVyRN_unoGR7tIXU.roa
File:                     UdTO-zuZWlPFVyRN_unoGR7tIXU.roa (raw, json)
Hash identifier:          bFtOhiBe+n10UhHM6YhP47kyb3rJdW79jVzH1Deo7lg=
Subject key identifier:   51:D4:CE:FB:3B:99:5A:53:C5:57:24:4D:FE:E9:E8:19:1E:ED:21:75
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01854E1FC06BC8BBA22B1C2294B925A1FB79
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/UdTO-zuZWlPFVyRN_unoGR7tIXU.roa
Signing time:             Mon 26 Dec 2022 11:09:41 +0000
ROA not before:           Mon 26 Dec 2022 11:09:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49392
IP address blocks:        193.233.17.0/24 maxlen: 24
                          193.233.252.0/23 maxlen: 23
                          193.233.192.0/24 maxlen: 24
                          193.233.85.0/24 maxlen: 24
                          193.233.193.0/24 maxlen: 24
                          193.233.95.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:4e:1f:c0:6b:c8:bb:a2:2b:1c:22:94:b9:25:a1:fb:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Dec 26 11:09:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=51d4cefb3b995a53c557244dfee9e8191eed2175
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b9:e4:33:e7:82:b4:f2:61:be:30:13:83:d0:
                    a6:5d:a6:77:1b:09:9b:a6:3a:35:3a:17:ba:e9:ae:
                    31:5c:74:75:cd:40:d5:1f:ca:a2:7c:d6:cd:2c:9c:
                    37:e3:b1:38:c5:fd:31:c5:07:02:54:54:3e:ee:0a:
                    30:50:29:31:80:75:aa:fd:0f:2e:50:3e:6a:3b:b6:
                    cb:16:8e:c3:f5:da:47:e9:ac:b5:31:f4:af:ce:79:
                    87:0e:91:bf:da:19:bf:09:a0:66:36:cc:54:7a:9d:
                    77:1e:a8:d8:e8:40:60:4d:6c:6f:cf:08:47:98:2b:
                    c3:98:05:87:83:1f:c6:d4:1e:a7:66:29:ea:7b:0c:
                    ea:38:a8:9a:9e:40:29:8f:92:19:60:39:81:46:f3:
                    0a:9d:cb:09:29:2d:c5:e9:02:10:97:d6:fa:24:b6:
                    7d:17:c8:f6:52:db:68:47:44:81:82:b5:f5:11:c7:
                    8f:2d:f9:be:20:9c:26:18:26:67:cf:ac:38:1a:76:
                    ba:fd:39:50:10:08:aa:4d:31:40:9b:7f:81:53:89:
                    3a:98:d2:4c:01:ca:df:11:dc:b2:a6:d7:be:7a:4e:
                    b3:f3:43:d2:ab:f1:22:50:e9:21:e4:47:cc:77:f8:
                    72:fd:40:37:04:72:36:17:4b:94:a0:e8:be:5a:56:
                    ae:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:D4:CE:FB:3B:99:5A:53:C5:57:24:4D:FE:E9:E8:19:1E:ED:21:75
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/UdTO-zuZWlPFVyRN_unoGR7tIXU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.17.0/24
                  193.233.85.0/24
                  193.233.95.0/24
                  193.233.192.0/23
                  193.233.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:f8:66:05:46:4b:70:cc:62:a6:b7:19:65:32:97:35:a8:f5:
         53:f5:b3:72:52:da:12:40:3a:9b:d8:c5:73:ef:34:d9:1b:89:
         9b:3f:72:47:c0:cb:92:bd:86:c7:b9:13:37:ee:80:20:12:6c:
         15:e5:b7:88:44:f9:f1:7f:b2:42:6a:fe:33:89:a9:0d:07:06:
         ed:18:fd:3e:87:ea:2a:e1:11:3f:18:80:58:00:5b:9b:9d:2e:
         1c:a8:65:7f:eb:08:b0:95:e3:0e:2a:ce:d8:e3:45:60:26:ae:
         ed:ba:06:c0:6f:48:96:44:8b:60:c5:6e:90:25:d5:c6:1f:79:
         af:c7:0b:f1:54:27:88:2f:39:08:5d:a6:35:11:62:86:76:0f:
         5d:55:ab:e5:c7:16:41:fa:f5:c0:ef:f8:0e:db:dd:21:5f:26:
         5c:8e:3a:da:4f:5f:8e:77:c2:ff:ec:4a:af:b9:df:c0:5a:88:
         41:86:77:eb:45:cb:22:7c:72:30:19:50:8d:9f:0a:56:46:e5:
         be:57:4f:83:d5:d9:ff:14:80:7f:21:83:4d:0a:c7:7c:67:56:
         d8:57:46:a0:fd:f7:d8:41:34:cb:39:93:70:bd:c4:76:d7:1f:
         40:2f:42:2e:31:24:02:4d:5e:27:0e:27:02:99:ed:9f:5c:8d:
         e8:88:c1:e3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVOH8BryLuiKxwilLkloft5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMjI2MTEwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQ0Y2VmYjNiOTk1YTUzYzU1NzI0NGRmZWU5ZTgxOTFlZWQyMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLnkM+eCtPJhvjATg9CmXaZ3Gwmb
pjo1Ohe66a4xXHR1zUDVH8qifNbNLJw347E4xf0xxQcCVFQ+7gowUCkxgHWq/Q8u
UD5qO7bLFo7D9dpH6ay1MfSvznmHDpG/2hm/CaBmNsxUep13HqjY6EBgTWxvzwhH
mCvDmAWHgx/G1B6nZinqewzqOKiankApj5IZYDmBRvMKncsJKS3F6QIQl9b6JLZ9
F8j2UttoR0SBgrX1EcePLfm+IJwmGCZnz6w4Gna6/TlQEAiqTTFAm3+BU4k6mNJM
AcrfEdyypte+ek6z80PSq/EiUOkh5EfMd/hy/UA3BHI2F0uUoOi+WlauKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFHUzvs7mVpTxVckTf7p6Bke7SF1MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvVWRUTy16dVpXbFBGVnlSTl91bm9HUjd0SVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwekRAwQA
welVAwQAwelfAwQBwenAAwQBwen8MA0GCSqGSIb3DQEBCwUAA4IBAQAB+GYFRktw
zGKmtxllMpc1qPVT9bNyUtoSQDqb2MVz7zTZG4mbP3JHwMuSvYbHuRM37oAgEmwV
5beIRPnxf7JCav4ziakNBwbtGP0+h+oq4RE/GIBYAFubnS4cqGV/6wiwleMOKs7Y
40VgJq7tugbAb0iWRItgxW6QJdXGH3mvxwvxVCeILzkIXaY1EWKGdg9dVavlxxZB
+vXA7/gO290hXyZcjjraT1+Od8L/7Eqvud/AWohBhnfrRcsifHIwGVCNnwpWRuW+
V0+D1dn/FIB/IYNNCsd8Z1bYV0ag/ffYQTTLOZNwvcR21x9AL0IuMSQCTV4nDicC
me2fXI3oiMHj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org