Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/X7zYLrswWhnlT_K5SKYQxa-yV5A.roa
File:                     X7zYLrswWhnlT_K5SKYQxa-yV5A.roa (raw, json)
Hash identifier:          iiZm/05vxWgvFUWDvD1gwI7r1u0IMrS/5rW66ONEM5s=
Subject key identifier:   5F:BC:D8:2E:BB:30:5A:19:E5:4F:F2:B9:48:A6:10:C5:AF:B2:57:90
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       05062C52
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/X7zYLrswWhnlT_K5SKYQxa-yV5A.roa
Signing time:             Mon 14 Mar 2022 15:22:19 +0000
ROA not before:           Mon 14 Mar 2022 15:22:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200019
IP address blocks:        193.233.202.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 84290642 (0x5062c52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Mar 14 15:22:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5fbcd82ebb305a19e54ff2b948a610c5afb25790
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:a4:9a:d9:8e:ff:5b:5a:35:6c:9c:29:09:bd:
                    de:53:8d:87:a0:a2:24:68:1a:9b:38:dc:4b:68:15:
                    07:3d:f7:86:3d:84:85:9b:de:22:ec:0d:62:80:ed:
                    08:26:69:8f:d3:85:23:d5:7f:c9:d5:49:32:ab:8e:
                    ae:a3:d5:47:8e:93:96:e0:53:19:0e:fd:72:27:ff:
                    b3:29:20:9d:90:66:ab:d2:0a:34:dd:1e:29:3d:2e:
                    1f:69:de:3c:26:53:e6:78:43:b8:db:e9:af:92:a1:
                    7f:c5:d9:8f:8b:26:92:e2:37:ba:30:1f:a5:cc:83:
                    14:91:3e:ec:89:94:05:2b:d7:df:ca:b9:10:a5:fa:
                    5e:c0:79:27:de:bf:ac:14:9b:cf:91:e3:db:87:cd:
                    26:27:5b:be:c1:25:d2:aa:e4:88:cf:83:14:23:c3:
                    65:bc:7c:78:e3:e4:b6:93:fe:1d:c7:37:e1:0a:61:
                    cb:91:fc:2e:c0:b9:ce:c9:1a:32:65:7b:28:94:44:
                    cc:e8:50:cc:68:10:78:71:02:a3:2c:49:3c:95:24:
                    35:c1:01:f8:9c:f7:05:04:3f:16:34:3b:8c:00:82:
                    bf:01:9a:90:37:8f:ba:31:09:b7:a6:0d:af:3e:d6:
                    9a:87:89:0c:40:23:59:3f:c8:0c:07:2a:4e:a3:db:
                    5e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:BC:D8:2E:BB:30:5A:19:E5:4F:F2:B9:48:A6:10:C5:AF:B2:57:90
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/X7zYLrswWhnlT_K5SKYQxa-yV5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6a:27:bb:d6:ef:74:64:7f:e0:2b:d3:96:c1:5c:5e:ec:15:a3:
         bc:33:c1:e3:f4:ab:24:17:ea:d9:c8:5c:64:9e:09:cc:36:6b:
         a3:9e:bb:23:3e:b1:da:26:0c:0f:e8:cd:52:fb:5e:a7:fe:36:
         69:47:5c:4f:cc:26:1d:40:83:d8:89:67:ba:ee:87:3f:8e:94:
         4b:03:3a:1a:a0:44:33:09:74:61:dd:ca:20:d8:30:4c:65:e4:
         0f:5a:4d:bc:a9:0e:48:fe:b8:08:f8:ec:19:d3:b4:82:0a:c0:
         fb:90:d4:cb:49:37:f8:e1:64:92:0a:20:e3:89:eb:65:e8:70:
         6a:29:c0:49:13:fa:d6:18:9d:d7:f9:28:04:ca:b4:75:0a:8a:
         1d:fe:5a:bf:ac:c9:91:6e:7b:26:c8:50:28:7b:9c:6d:aa:6c:
         1c:a5:b9:d9:df:fd:ff:20:d1:97:b2:49:73:69:a8:c9:06:76:
         16:04:12:6e:cc:64:95:9e:75:eb:ef:46:ce:07:68:ec:88:ab:
         45:8d:68:70:db:16:eb:d2:70:fc:19:d6:bb:82:9c:b4:62:d8:
         43:56:c3:3b:b8:e7:98:2d:4f:f7:cb:c3:6c:d4:46:c7:ba:5d:
         1f:90:27:04:5b:66:93:99:ab:da:e5:3d:fa:5b:54:d9:05:58:
         51:1e:e0:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQYsUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDMx
NDE1MjIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZiY2Q4MmViYjMw
NWExOWU1NGZmMmI5NDhhNjEwYzVhZmIyNTc5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAImkmtmO/1taNWycKQm93lONh6CiJGgamzjcS2gVBz33hj2E
hZveIuwNYoDtCCZpj9OFI9V/ydVJMquOrqPVR46TluBTGQ79cif/sykgnZBmq9IK
NN0eKT0uH2nePCZT5nhDuNvpr5Khf8XZj4smkuI3ujAfpcyDFJE+7ImUBSvX38q5
EKX6XsB5J96/rBSbz5Hj24fNJidbvsEl0qrkiM+DFCPDZbx8eOPktpP+Hcc34Qph
y5H8LsC5zskaMmV7KJREzOhQzGgQeHECoyxJPJUkNcEB+Jz3BQQ/FjQ7jACCvwGa
kDePujEJt6YNrz7WmoeJDEAjWT/IDAcqTqPbXr8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfvNguuzBaGeVP8rlIphDFr7JXkDAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L1g3ellMcnN3V2hubFRfSzVTS1lReGEteVY1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcHpyjANBgkqhkiG9w0BAQsFAAOC
AQEAaie71u90ZH/gK9OWwVxe7BWjvDPB4/SrJBfq2chcZJ4JzDZro567Iz6x2iYM
D+jNUvtep/42aUdcT8wmHUCD2Ilnuu6HP46USwM6GqBEMwl0Yd3KINgwTGXkD1pN
vKkOSP64CPjsGdO0ggrA+5DUy0k3+OFkkgog44nrZehwainASRP61hid1/koBMq0
dQqKHf5av6zJkW57JshQKHucbapsHKW52d/9/yDRl7JJc2moyQZ2FgQSbsxklZ51
6+9Gzgdo7IirRY1ocNsW69Jw/BnWu4KctGLYQ1bDO7jnmC1P98vDbNRGx7pdH5An
BFtmk5mr2uU9+ltU2QVYUR7g+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org