Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fB1j4PiZXJ7j86YY3XPflStSsnA.roa
File:                     fB1j4PiZXJ7j86YY3XPflStSsnA.roa (raw, json)
Hash identifier:          b3ZNE4tJbSLJGRcmQFjcujC++zWcPdmoGYr+hd1iPeY=
Subject key identifier:   7C:1D:63:E0:F8:99:5C:9E:E3:F3:A6:18:DD:73:DF:95:2B:52:B2:70
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       05376717
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fB1j4PiZXJ7j86YY3XPflStSsnA.roa
Signing time:             Thu 07 Apr 2022 18:27:45 +0000
ROA not before:           Thu 07 Apr 2022 18:27:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     174
IP address blocks:        193.233.228.0/22 maxlen: 22
                          193.233.136.0/22 maxlen: 22
                          193.233.140.0/22 maxlen: 22
                          193.233.248.0/24 maxlen: 24
                          193.233.82.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 87516951 (0x5376717)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Apr  7 18:27:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7c1d63e0f8995c9ee3f3a618dd73df952b52b270
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:02:14:4e:31:30:62:ca:2a:5e:d6:be:f9:9e:
                    d8:5d:f9:c8:d6:69:12:89:de:2e:e9:f4:23:27:7d:
                    2e:73:fa:26:1f:61:31:e3:fd:ad:c0:44:2e:39:3f:
                    83:dd:3b:df:ff:ec:8b:a4:2f:f8:30:36:ff:65:ed:
                    0f:12:95:bd:b9:32:2e:5d:a3:72:3d:64:ac:73:2a:
                    79:c5:ee:6f:2e:4b:25:96:46:9a:64:a8:51:4a:9e:
                    fa:8c:57:fb:50:48:ae:51:11:78:e5:dc:61:27:96:
                    9e:44:e8:37:1a:6f:c6:5a:50:0c:2e:a2:ea:ce:b4:
                    8f:5f:90:4f:c4:91:1c:77:8d:f1:2c:42:16:03:a5:
                    4e:a2:3f:1f:b2:2c:af:1c:38:68:c4:21:d3:83:f5:
                    cd:21:23:ac:0b:80:5f:d4:84:04:0d:d2:76:e5:ff:
                    f7:fe:ba:4b:d3:e7:7b:67:d0:86:24:57:6b:d6:03:
                    f2:43:75:df:9e:54:39:b2:01:e8:87:e2:c8:78:6c:
                    ec:49:20:4d:e9:83:e1:c5:8e:b4:1c:c5:cb:09:a3:
                    80:ce:47:76:c2:61:24:04:ab:56:58:3c:d7:8c:e0:
                    d5:07:a7:a7:36:d0:01:1a:bf:c4:4a:71:35:7f:e7:
                    aa:23:d2:e1:d2:56:fc:72:a0:4e:c4:0f:4e:36:11:
                    63:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:1D:63:E0:F8:99:5C:9E:E3:F3:A6:18:DD:73:DF:95:2B:52:B2:70
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fB1j4PiZXJ7j86YY3XPflStSsnA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.82.0/23
                  193.233.136.0/21
                  193.233.228.0/22
                  193.233.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:7c:9d:f5:02:ab:27:b2:f3:49:19:44:e7:24:c9:77:12:95:
         37:19:8d:b6:cf:f1:72:97:21:ad:e1:4e:89:03:ed:a9:bd:68:
         29:90:60:28:69:39:69:f0:8c:e8:09:ae:e9:31:a7:d4:49:bb:
         e0:a5:d0:74:9a:5f:99:3d:28:c9:e9:4b:e2:19:95:a3:a9:20:
         21:71:62:f2:cb:73:05:76:60:d1:16:90:4a:a6:ef:a2:3c:f1:
         21:61:ff:53:ee:56:d5:39:e8:49:d3:9c:0c:72:b5:1e:11:52:
         28:75:7a:2a:cf:04:fb:40:e0:f0:32:4d:35:55:bb:e4:8a:eb:
         b8:15:79:6d:bf:8b:a1:67:41:ae:0a:32:ac:e8:a7:47:4e:b5:
         49:b2:47:99:f6:ee:60:ad:5e:6c:47:29:fa:09:6e:37:f2:ea:
         fc:e7:2d:ed:7e:6d:b2:c2:a7:56:eb:6f:aa:49:55:c4:b3:47:
         8a:f0:81:21:fa:29:20:10:29:47:2c:84:5a:83:da:1f:ba:c7:
         91:ef:89:31:72:49:9c:5d:6f:00:30:4d:f4:42:9c:5c:59:c9:
         62:13:65:c7:2e:0c:ec:a0:15:c2:6f:9d:e9:27:42:38:51:bf:
         2d:01:12:9c:5d:fe:62:6e:1e:00:58:f4:f5:33:c3:42:6b:0b:
         55:f2:16:20
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBTdnFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDQw
NzE4Mjc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MxZDYzZTBmODk5
NWM5ZWUzZjNhNjE4ZGQ3M2RmOTUyYjUyYjI3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoCFE4xMGLKKl7Wvvme2F35yNZpEoneLun0Iyd9LnP6Jh9h
MeP9rcBELjk/g9073//si6Qv+DA2/2XtDxKVvbkyLl2jcj1krHMqecXuby5LJZZG
mmSoUUqe+oxX+1BIrlEReOXcYSeWnkToNxpvxlpQDC6i6s60j1+QT8SRHHeN8SxC
FgOlTqI/H7Isrxw4aMQh04P1zSEjrAuAX9SEBA3SduX/9/66S9Pne2fQhiRXa9YD
8kN1355UObIB6IfiyHhs7EkgTemD4cWOtBzFywmjgM5HdsJhJASrVlg814zg1Qen
pzbQARq/xEpxNX/nqiPS4dJW/HKgTsQPTjYRY6sCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR8HWPg+JlcnuPzphjdc9+VK1KycDAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L2ZCMWo0UGlaWEo3ajg2WVkzWFBmbFN0U3NuQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAcHpUgMEA8HpiAMEAsHp5AMEAMHp
+DANBgkqhkiG9w0BAQsFAAOCAQEAPHyd9QKrJ7LzSRlE5yTJdxKVNxmNts/xcpch
reFOiQPtqb1oKZBgKGk5afCM6Amu6TGn1Em74KXQdJpfmT0oyelL4hmVo6kgIXFi
8stzBXZg0RaQSqbvojzxIWH/U+5W1TnoSdOcDHK1HhFSKHV6Ks8E+0Dg8DJNNVW7
5IrruBV5bb+LoWdBrgoyrOinR061SbJHmfbuYK1ebEcp+gluN/Lq/Oct7X5tssKn
VutvqklVxLNHivCBIfopIBApRyyEWoPaH7rHke+JMXJJnF1vADBN9EKcXFnJYhNl
xy4M7KAVwm+d6SdCOFG/LQESnF3+Ym4eAFj09TPDQmsLVfIWIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org