Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/aBGcey7Q6XADfNfwutnLu-vrVJ4.roa
File:                     aBGcey7Q6XADfNfwutnLu-vrVJ4.roa (raw, json)
Hash identifier:          kLvMH3Eiy4Sl9ZrhKXQXG9wV3VNLU7mqmaHZd+3Y1dY=
Subject key identifier:   68:11:9C:7B:2E:D0:E9:70:03:7C:D7:F0:BA:D9:CB:BB:EB:EB:54:9E
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       05C940D7
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/aBGcey7Q6XADfNfwutnLu-vrVJ4.roa
Signing time:             Wed 01 Jun 2022 18:03:20 +0000
ROA not before:           Wed 01 Jun 2022 18:03:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6079
IP address blocks:        193.233.108.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 97075415 (0x5c940d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jun  1 18:03:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=68119c7b2ed0e970037cd7f0bad9cbbbebeb549e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:bb:f2:35:8e:f5:8d:b6:c6:c8:73:44:43:44:
                    cf:6d:8f:eb:fb:be:4a:fe:e9:e9:b8:37:f2:1b:0e:
                    13:75:e2:61:bc:55:a5:06:2f:7c:d5:c0:b2:45:8b:
                    ac:e0:f5:b2:b1:09:0b:62:83:cd:47:46:76:b9:27:
                    85:46:51:a0:23:22:f0:c0:0a:31:49:72:0f:5f:fa:
                    ab:64:e9:fc:5d:43:b3:1f:fb:6f:1e:fa:17:d5:ab:
                    06:83:a5:22:b4:7a:71:d6:7d:54:7f:b3:2c:98:fa:
                    d5:2b:4a:ef:79:3a:74:31:b1:2f:43:17:9b:5a:6f:
                    a0:f2:da:12:bd:81:b2:61:3a:67:2f:e1:7b:98:cb:
                    8f:9f:83:58:2c:dc:5a:9d:3f:89:0c:5d:da:e3:d5:
                    b9:aa:0e:29:d9:30:ff:58:29:b6:5f:35:a6:6c:80:
                    ba:77:95:f5:94:36:43:e5:5c:48:56:dc:4e:40:e6:
                    52:ea:f2:70:70:fe:96:9e:8e:82:5b:29:b0:34:23:
                    8c:51:55:dd:16:fb:6e:01:24:5c:4f:e3:68:ce:09:
                    92:e4:ec:29:fe:c2:0d:00:81:8c:ee:f8:68:38:62:
                    18:63:cb:98:d2:ed:b6:df:0c:51:d9:9f:20:1c:43:
                    26:bf:a9:8c:eb:de:6c:78:f8:20:75:98:7d:42:1e:
                    37:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:11:9C:7B:2E:D0:E9:70:03:7C:D7:F0:BA:D9:CB:BB:EB:EB:54:9E
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/aBGcey7Q6XADfNfwutnLu-vrVJ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:d0:1f:39:91:b7:eb:ee:ee:5c:c8:19:2b:8d:ef:7d:e2:76:
         68:a7:c8:ab:db:60:50:3b:5b:34:a2:1c:17:7a:9b:10:e7:bc:
         0e:81:fb:de:d2:78:25:3f:45:eb:cb:bd:b5:e6:a7:fb:37:a7:
         bf:4f:1e:52:3d:3a:2c:16:7e:71:42:6d:68:be:02:fa:50:cd:
         b1:7b:90:04:46:a0:3f:97:9f:5a:30:4d:a3:8f:c7:99:b4:a4:
         75:a9:2b:1b:99:ff:51:2e:17:66:4f:eb:6d:0e:bc:b7:cf:23:
         82:c9:13:66:31:4f:86:24:e5:52:e6:e4:27:be:39:9a:60:8c:
         33:03:cc:10:94:e4:b4:82:d6:53:e1:e3:1a:bc:5f:a3:0b:b5:
         a6:b2:5d:96:88:fc:09:86:aa:fd:80:72:6b:b5:a3:92:8c:f4:
         c5:cd:6f:65:f1:86:25:b0:34:5a:8b:85:44:f3:52:c2:03:96:
         1e:3f:ff:fe:1e:bf:e4:e2:f2:ad:9e:f1:e1:93:2e:68:61:70:
         8e:3b:65:9a:3e:5e:be:44:b1:22:65:de:97:f4:6c:00:a7:df:
         c2:88:0f:b8:49:ba:cc:1e:26:b3:db:43:03:a6:82:6a:1f:d7:
         c3:7b:81:79:37:03:be:4c:35:c0:37:10:2e:72:0f:eb:e3:27:
         a1:9a:9f:f2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBclA1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDYw
MTE4MDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgxMTljN2IyZWQw
ZTk3MDAzN2NkN2YwYmFkOWNiYmJlYmViNTQ5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMW78jWO9Y22xshzRENEz22P6/u+Sv7p6bg38hsOE3XiYbxV
pQYvfNXAskWLrOD1srEJC2KDzUdGdrknhUZRoCMi8MAKMUlyD1/6q2Tp/F1Dsx/7
bx76F9WrBoOlIrR6cdZ9VH+zLJj61StK73k6dDGxL0MXm1pvoPLaEr2BsmE6Zy/h
e5jLj5+DWCzcWp0/iQxd2uPVuaoOKdkw/1gptl81pmyAuneV9ZQ2Q+VcSFbcTkDm
UurycHD+lp6OglspsDQjjFFV3Rb7bgEkXE/jaM4JkuTsKf7CDQCBjO74aDhiGGPL
mNLttt8MUdmfIBxDJr+pjOvebHj4IHWYfUIeN60CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRoEZx7LtDpcAN81/C62cu76+tUnjAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L2FCR2NleTdRNlhBRGZOZnd1dG5MdS12clZKNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsHpbDANBgkqhkiG9w0BAQsFAAOC
AQEAiNAfOZG36+7uXMgZK43vfeJ2aKfIq9tgUDtbNKIcF3qbEOe8DoH73tJ4JT9F
68u9tean+zenv08eUj06LBZ+cUJtaL4C+lDNsXuQBEagP5efWjBNo4/HmbSkdakr
G5n/US4XZk/rbQ68t88jgskTZjFPhiTlUubkJ745mmCMMwPMEJTktILWU+HjGrxf
owu1prJdloj8CYaq/YBya7Wjkoz0xc1vZfGGJbA0WouFRPNSwgOWHj///h6/5OLy
rZ7x4ZMuaGFwjjtlmj5evkSxImXel/RsAKffwogPuEm6zB4ms9tDA6aCah/Xw3uB
eTcDvkw1wDcQLnIP6+MnoZqf8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org