Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/aVAjBl6HPMizeJLvDBn8UbzTT1U.roa
File:                     aVAjBl6HPMizeJLvDBn8UbzTT1U.roa (raw, json)
Hash identifier:          In5TYDIahxa4yEsZH7EAFyjXpWRAzv26swRHm5pLsqw=
Subject key identifier:   69:50:23:06:5E:87:3C:C8:B3:78:92:EF:0C:19:FC:51:BC:D3:4F:55
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0436AAD9
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/aVAjBl6HPMizeJLvDBn8UbzTT1U.roa
Signing time:             Sat 01 Jan 2022 12:05:03 +0000
ROA not before:           Sat 01 Jan 2022 12:05:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204898
IP address blocks:        193.233.7.0/24 maxlen: 24
                          193.233.5.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70691545 (0x436aad9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 12:05:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=695023065e873cc8b37892ef0c19fc51bcd34f55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:8b:d5:18:39:47:05:20:6b:b3:69:57:f4:6e:
                    e2:04:10:b6:15:37:51:d1:c4:fb:91:96:bf:d0:f0:
                    e1:5e:aa:89:1f:b9:41:d4:ec:c6:88:07:2e:37:06:
                    9f:9c:03:fc:39:a5:a9:9b:7e:e4:d0:9c:87:44:96:
                    21:d6:dd:d4:ce:85:0e:ea:72:c8:bd:46:d4:a7:ff:
                    6a:8f:ca:b9:e3:c6:a1:ab:26:a9:39:cf:8a:1a:96:
                    da:f4:2e:25:19:b1:ea:56:cc:2a:ee:52:b3:8f:82:
                    dd:75:bb:de:42:e8:70:93:a8:90:22:a2:89:21:f0:
                    25:29:e5:cf:53:85:4a:99:4b:ae:30:32:dd:fe:8d:
                    fa:43:28:02:65:41:60:f5:7e:83:eb:05:5e:0a:53:
                    15:43:f8:50:93:f2:4e:3a:c9:e6:e4:56:76:0e:01:
                    2e:8e:a8:ed:82:17:51:5f:b0:99:01:bd:56:09:b7:
                    29:43:5b:7b:45:eb:1b:ff:1a:66:27:8a:fc:d5:5b:
                    5c:f6:e6:cf:ca:a2:1b:ba:f2:fd:62:69:d7:4d:6a:
                    67:eb:13:17:c2:06:d2:a1:ad:41:e7:42:36:8a:35:
                    89:2f:17:6e:80:8c:5e:79:35:d3:0d:8e:92:fe:ef:
                    ac:14:58:31:d1:ea:f1:5e:31:db:f1:89:a7:d9:6a:
                    ff:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:50:23:06:5E:87:3C:C8:B3:78:92:EF:0C:19:FC:51:BC:D3:4F:55
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/aVAjBl6HPMizeJLvDBn8UbzTT1U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.5.0/24
                  193.233.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:64:f1:46:97:d9:35:93:0c:9a:53:d8:63:91:d1:07:23:98:
         60:e0:f4:d8:98:cc:12:31:91:07:f1:97:e8:25:26:b2:28:bd:
         df:25:13:ce:36:e7:1a:1f:cb:f7:5e:97:40:b8:8a:0b:c0:cf:
         db:e6:bd:0f:34:c7:c1:ff:cf:b2:55:2c:7b:c0:16:18:a8:ab:
         9f:39:8a:26:e7:7f:bc:85:43:e7:ab:26:4e:13:52:2d:bf:3e:
         05:25:4a:ad:6c:67:f5:72:ea:a6:59:dc:12:fb:bf:53:c0:33:
         46:c8:83:3f:b8:22:a1:a7:2a:78:4e:d3:76:02:f4:2d:12:f4:
         53:7a:d3:d4:a0:3a:3a:58:85:9c:a1:19:62:9e:ee:31:03:51:
         96:de:33:05:fa:f5:c7:ec:45:11:a5:11:e7:9b:47:a4:d3:c0:
         d8:df:74:27:be:9d:fb:b6:ae:c6:fd:8e:b6:b9:f1:e3:97:9b:
         9c:d8:5d:8e:1d:7b:e9:3e:cb:f5:8a:05:ea:28:97:f8:96:db:
         8b:52:f3:27:8f:55:1c:20:88:d6:75:3c:62:07:b4:69:6c:fd:
         ee:4f:b9:04:83:82:65:01:7b:2c:eb:72:f1:9a:4b:6b:c9:17:
         97:fc:77:bf:2f:0f:bb:0a:f1:7e:31:83:b6:0b:a0:77:23:f8:
         e5:4a:83:34
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBDaq2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEw
MTEyMDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk1MDIzMDY1ZTg3
M2NjOGIzNzg5MmVmMGMxOWZjNTFiY2QzNGY1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOSL1Rg5RwUga7NpV/Ru4gQQthU3UdHE+5GWv9Dw4V6qiR+5
QdTsxogHLjcGn5wD/DmlqZt+5NCch0SWIdbd1M6FDupyyL1G1Kf/ao/KuePGoasm
qTnPihqW2vQuJRmx6lbMKu5Ss4+C3XW73kLocJOokCKiiSHwJSnlz1OFSplLrjAy
3f6N+kMoAmVBYPV+g+sFXgpTFUP4UJPyTjrJ5uRWdg4BLo6o7YIXUV+wmQG9Vgm3
KUNbe0XrG/8aZieK/NVbXPbmz8qiG7ry/WJp101qZ+sTF8IG0qGtQedCNoo1iS8X
boCMXnk10w2Okv7vrBRYMdHq8V4x2/GJp9lq//UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRpUCMGXoc8yLN4ku8MGfxRvNNPVTAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L2FWQWpCbDZIUE1pemVKTHZEQm44VWJ6VFQxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMHpBQMEAMHpBzANBgkqhkiG9w0B
AQsFAAOCAQEAfWTxRpfZNZMMmlPYY5HRByOYYOD02JjMEjGRB/GX6CUmsii93yUT
zjbnGh/L916XQLiKC8DP2+a9DzTHwf/PslUse8AWGKirnzmKJud/vIVD56smThNS
Lb8+BSVKrWxn9XLqplncEvu/U8AzRsiDP7gioacqeE7TdgL0LRL0U3rT1KA6OliF
nKEZYp7uMQNRlt4zBfr1x+xFEaUR55tHpNPA2N90J76d+7auxv2Otrnx45ebnNhd
jh176T7L9YoF6iiX+Jbbi1LzJ49VHCCI1nU8Yge0aWz97k+5BIOCZQF7LOty8ZpL
a8kXl/x3vy8PuwrxfjGDtgugdyP45UqDNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org