Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/VIiMG1vcpWnv5tB-ammJ5YJKMAk.roa
File:                     VIiMG1vcpWnv5tB-ammJ5YJKMAk.roa (raw, json)
Hash identifier:          GBWXA71xI6xvYWpfJQ3jic6kn0II1j0g1AvImG+1Cu8=
Subject key identifier:   54:88:8C:1B:5B:DC:A5:69:EF:E6:D0:7E:6A:69:89:E5:82:4A:30:09
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       041E3B37
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/VIiMG1vcpWnv5tB-ammJ5YJKMAk.roa
Signing time:             Sat 01 Jan 2022 12:04:49 +0000
ROA not before:           Sat 01 Jan 2022 12:04:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2587
IP address blocks:        193.233.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69090103 (0x41e3b37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 12:04:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54888c1b5bdca569efe6d07e6a6989e5824a3009
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:2a:b3:59:f3:a6:38:c3:8f:83:1a:96:a2:d1:
                    1d:ac:0e:9e:bd:8d:e3:d1:65:2f:6f:ae:d0:83:dd:
                    65:99:39:3a:e8:dc:11:bf:7d:a6:b3:a8:a9:9d:86:
                    36:1f:4d:2e:39:2f:16:dc:dd:f6:02:c0:69:34:72:
                    91:6e:75:72:04:7f:76:96:1a:f5:21:2e:e2:b9:ba:
                    e9:f4:ee:67:67:6c:7b:46:c1:87:f6:1d:7a:01:7d:
                    7d:70:0a:ef:a5:67:fa:b5:cd:13:a0:63:e7:36:33:
                    e2:fa:53:17:44:8f:24:5b:6a:b0:2b:f3:e0:03:cb:
                    2f:76:34:2a:6b:44:c6:5a:57:81:37:8e:7c:b7:b2:
                    0a:be:4b:58:2d:97:92:3d:a3:f7:bb:a4:e0:73:0d:
                    b2:fa:64:e6:80:2a:d5:1a:d0:d1:c6:c5:28:79:37:
                    33:47:26:8f:48:1a:7f:0e:a5:de:98:8a:02:5c:b8:
                    1b:0a:5b:10:12:30:59:3a:a8:90:db:36:ca:cb:76:
                    1c:73:77:e7:01:a5:37:7b:95:23:2d:f4:c5:03:68:
                    b8:98:ab:ba:00:e0:df:75:b1:98:57:85:92:cb:16:
                    00:b8:37:98:b0:19:fb:fd:32:f8:86:b7:31:72:c3:
                    d0:c0:4f:ac:f2:89:f5:9a:7f:d2:80:be:a4:61:a6:
                    c5:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:88:8C:1B:5B:DC:A5:69:EF:E6:D0:7E:6A:69:89:E5:82:4A:30:09
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/VIiMG1vcpWnv5tB-ammJ5YJKMAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:0e:da:6a:87:30:b7:d5:2d:c6:0f:e2:d4:77:6b:9a:f9:7e:
         ba:7f:14:89:ab:c1:de:82:64:67:f3:2a:05:7d:f2:1b:76:d5:
         cc:d4:ad:57:00:71:83:22:d6:2b:3c:fb:d0:e3:3a:2b:7a:f4:
         b3:38:fc:22:88:3d:23:93:94:65:29:cf:3d:f3:f2:b6:60:59:
         db:ef:73:4c:d0:e4:25:8c:7a:e5:21:ea:2b:39:b9:85:d9:ca:
         7f:8b:78:d1:6f:90:44:41:05:6d:dc:af:9e:33:06:b1:f4:f9:
         c7:36:50:d3:5e:e6:e5:30:35:c7:8d:d4:de:19:f7:ea:95:3c:
         38:18:17:cb:7d:df:d8:25:e4:62:26:7e:a8:d2:7b:8a:19:a5:
         d4:af:0c:3d:09:5b:b5:06:1f:fa:7a:85:48:29:ff:d4:6f:2b:
         57:47:7c:9a:2f:f8:fa:ef:2a:4a:d1:98:63:77:4e:05:6f:49:
         b2:fc:74:df:1d:6f:6e:6b:b0:a3:42:71:17:86:cf:9f:ac:aa:
         bb:31:6d:37:05:3d:08:a2:34:c1:7b:29:93:f8:96:46:25:2c:
         7d:52:48:99:2b:e3:63:64:65:c8:65:c3:40:50:29:51:21:43:
         96:8d:6b:e8:a7:ba:c2:02:fa:26:f2:12:17:65:0d:be:52:82:
         31:aa:df:13
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBB47NzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ4ODhjMWI1YmRj
YTU2OWVmZTZkMDdlNmE2OTg5ZTU4MjRhMzAwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJEqs1nzpjjDj4MalqLRHawOnr2N49FlL2+u0IPdZZk5Oujc
Eb99prOoqZ2GNh9NLjkvFtzd9gLAaTRykW51cgR/dpYa9SEu4rm66fTuZ2dse0bB
h/YdegF9fXAK76Vn+rXNE6Bj5zYz4vpTF0SPJFtqsCvz4APLL3Y0KmtExlpXgTeO
fLeyCr5LWC2Xkj2j97uk4HMNsvpk5oAq1RrQ0cbFKHk3M0cmj0gafw6l3piKAly4
GwpbEBIwWTqokNs2yst2HHN35wGlN3uVIy30xQNouJirugDg33WxmFeFkssWALg3
mLAZ+/0y+Ia3MXLD0MBPrPKJ9Zp/0oC+pGGmxfUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRUiIwbW9ylae/m0H5qaYnlgkowCTAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L1ZJaU1HMXZjcFdudjV0Qi1hbW1KNVlKS01Bay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHpDjANBgkqhkiG9w0BAQsFAAOC
AQEAWg7aaocwt9Utxg/i1Hdrmvl+un8UiavB3oJkZ/MqBX3yG3bVzNStVwBxgyLW
Kzz70OM6K3r0szj8Iog9I5OUZSnPPfPytmBZ2+9zTNDkJYx65SHqKzm5hdnKf4t4
0W+QREEFbdyvnjMGsfT5xzZQ017m5TA1x43U3hn36pU8OBgXy33f2CXkYiZ+qNJ7
ihml1K8MPQlbtQYf+nqFSCn/1G8rV0d8mi/4+u8qStGYY3dOBW9Jsvx03x1vbmuw
o0JxF4bPn6yquzFtNwU9CKI0wXspk/iWRiUsfVJImSvjY2RlyGXDQFApUSFDlo1r
6Ke6wgL6JvISF2UNvlKCMarfEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org