Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/_Rxx89QU0m_Y_RWTigwlrF62PJg.roa
File:                     _Rxx89QU0m_Y_RWTigwlrF62PJg.roa (raw, json)
Hash identifier:          dzQoDVQE5sy1DAvQ3x7rFQ/AQzBvN17ajMkX2ZL2zhA=
Subject key identifier:   FD:1C:71:F3:D4:14:D2:6F:D8:FD:15:93:8A:0C:25:AC:5E:B6:3C:98
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0431242A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/_Rxx89QU0m_Y_RWTigwlrF62PJg.roa
Signing time:             Sat 01 Jan 2022 12:05:01 +0000
ROA not before:           Sat 01 Jan 2022 12:05:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202423
IP address blocks:        193.233.30.0/24 maxlen: 24
                          193.233.31.0/24 maxlen: 24
                          193.233.149.0/24 maxlen: 24
                          193.233.174.0/24 maxlen: 24
                          193.233.72.0/24 maxlen: 24
                          193.233.75.0/24 maxlen: 24
                          193.233.74.0/24 maxlen: 24
                          193.233.78.0/24 maxlen: 24
                          193.233.80.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70329386 (0x431242a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 12:05:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fd1c71f3d414d26fd8fd15938a0c25ac5eb63c98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:90:9f:87:b8:2a:e5:de:8e:0a:7e:f0:44:25:
                    4e:18:e7:cd:51:db:c7:e1:84:70:3f:4a:56:e8:e2:
                    5a:7c:8e:92:07:da:e8:fd:87:38:76:9d:28:2d:bd:
                    a1:81:ad:ae:8a:b0:53:19:d9:78:0d:81:e7:2d:76:
                    29:52:9f:2c:b8:8d:b8:f0:ac:a9:e5:7b:c3:01:61:
                    b7:df:bd:46:24:f7:60:ce:50:db:23:11:0d:72:57:
                    02:14:49:bd:66:a8:b3:85:18:3a:a8:ae:d9:e3:63:
                    7e:15:1e:49:be:98:17:75:40:68:b5:d1:26:56:bb:
                    81:7d:fb:0d:fd:22:b5:da:e3:f6:2b:8f:65:1a:1b:
                    2f:87:d8:dc:ad:cf:e2:fd:64:fd:63:0c:57:63:d5:
                    08:f6:5b:85:2e:a5:a9:87:c2:d3:00:e2:59:2f:72:
                    8f:d8:9e:4a:7f:e6:40:88:4d:3d:bd:79:3a:1a:3c:
                    75:dd:9c:be:e0:cb:38:6c:48:df:71:af:ff:84:84:
                    b8:2e:a5:b1:81:89:39:d0:3b:27:2d:81:99:9b:a1:
                    26:5e:cb:2a:e0:71:35:7a:91:30:4e:95:e9:09:40:
                    19:f1:94:b6:fa:93:28:fb:ba:74:89:22:07:e6:5e:
                    d8:0d:54:4a:b6:a5:47:12:8a:26:66:de:59:5e:aa:
                    7c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:1C:71:F3:D4:14:D2:6F:D8:FD:15:93:8A:0C:25:AC:5E:B6:3C:98
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/_Rxx89QU0m_Y_RWTigwlrF62PJg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.30.0/23
                  193.233.72.0/24
                  193.233.74.0/23
                  193.233.78.0/24
                  193.233.80.0/24
                  193.233.149.0/24
                  193.233.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:cc:86:f4:71:9b:ec:de:b5:2a:69:1b:0b:32:32:39:27:92:
         c3:e0:58:b6:bb:38:e0:79:48:a2:78:49:89:2a:be:9e:1f:6a:
         2b:09:0b:6f:9d:d8:66:0c:d1:3b:bd:7b:10:8c:84:fc:36:8b:
         19:96:e1:67:d9:07:9b:7e:c1:25:71:fd:8a:54:c5:4b:54:d2:
         96:45:99:e4:b4:a5:48:06:9c:ae:fb:ff:c4:9a:93:b8:63:26:
         95:b4:ce:d4:01:13:d6:60:b2:66:c3:e8:6d:55:8d:cc:6f:53:
         2b:33:d6:09:98:86:1d:72:d0:94:53:b4:31:95:fa:d0:6d:5f:
         c5:dd:10:14:89:6d:34:ad:84:08:2a:4e:ac:4b:76:b7:85:23:
         50:29:1a:c3:e4:ba:08:ab:ad:75:c5:47:ed:78:b0:af:37:55:
         f0:5d:a7:f0:ed:0a:e0:fa:0a:51:fb:7a:f8:cd:8d:7a:fe:46:
         1c:25:f2:69:0b:d6:bf:57:b5:df:f6:9f:bd:ba:ef:c7:22:8f:
         47:b0:78:d4:43:26:86:df:68:5c:0a:81:64:3f:63:eb:d8:f5:
         b6:fa:6c:c8:16:8b:fd:b4:96:75:93:ad:75:5a:3a:ef:16:09:
         e4:2e:c6:58:10:80:d1:c1:73:e2:d6:6f:82:40:ea:26:f6:31:
         99:19:c7:be
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBDEkKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQxYzcxZjNkNDE0
ZDI2ZmQ4ZmQxNTkzOGEwYzI1YWM1ZWI2M2M5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGQn4e4KuXejgp+8EQlThjnzVHbx+GEcD9KVujiWnyOkgfa
6P2HOHadKC29oYGtroqwUxnZeA2B5y12KVKfLLiNuPCsqeV7wwFht9+9RiT3YM5Q
2yMRDXJXAhRJvWaos4UYOqiu2eNjfhUeSb6YF3VAaLXRJla7gX37Df0itdrj9iuP
ZRobL4fY3K3P4v1k/WMMV2PVCPZbhS6lqYfC0wDiWS9yj9ieSn/mQIhNPb15Oho8
dd2cvuDLOGxI33Gv/4SEuC6lsYGJOdA7Jy2BmZuhJl7LKuBxNXqRME6V6QlAGfGU
tvqTKPu6dIkiB+Ze2A1USralRxKKJmbeWV6qfDcCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBT9HHHz1BTSb9j9FZOKDCWsXrY8mDAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L19SeHg4OVFVMG1fWV9SV1RpZ3dsckY2MlBKZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAcHpHgMEAMHpSAMEAcHpSgMEAMHp
TgMEAMHpUAMEAMHplQMEAMHprjANBgkqhkiG9w0BAQsFAAOCAQEAgMyG9HGb7N61
KmkbCzIyOSeSw+BYtrs44HlIonhJiSq+nh9qKwkLb53YZgzRO717EIyE/DaLGZbh
Z9kHm37BJXH9ilTFS1TSlkWZ5LSlSAacrvv/xJqTuGMmlbTO1AET1mCyZsPobVWN
zG9TKzPWCZiGHXLQlFO0MZX60G1fxd0QFIltNK2ECCpOrEt2t4UjUCkaw+S6CKut
dcVH7XiwrzdV8F2n8O0K4PoKUft6+M2Nev5GHCXyaQvWv1e13/afvbrvxyKPR7B4
1EMmht9oXAqBZD9j69j1tvpsyBaL/bSWdZOtdVo67xYJ5C7GWBCA0cFz4tZvgkDq
JvYxmRnHvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org