Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gAim1mz9IsAVQhYj8rOO69yZPTk.roa
File:                     gAim1mz9IsAVQhYj8rOO69yZPTk.roa (raw, json)
Hash identifier:          G9yhl5h0X1P0IUAMbx9TEUjWB0wX88vtmY7lnADClbk=
Subject key identifier:   80:08:A6:D6:6C:FD:22:C0:15:42:16:23:F2:B3:8E:EB:DC:99:3D:39
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0183554ECB58BF309E2A77B3BF4100282F7A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gAim1mz9IsAVQhYj8rOO69yZPTk.roa
Signing time:             Mon 19 Sep 2022 10:32:50 +0000
ROA not before:           Mon 19 Sep 2022 10:32:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43444
IP address blocks:        193.233.128.0/22 maxlen: 22
                          193.233.220.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:55:4e:cb:58:bf:30:9e:2a:77:b3:bf:41:00:28:2f:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Sep 19 10:32:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8008a6d66cfd22c015421623f2b38eebdc993d39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:52:5a:f1:1c:e3:92:0b:4d:76:ef:27:57:31:
                    23:8b:98:e2:cf:47:1c:1e:7f:eb:4a:16:47:79:3a:
                    18:b5:40:e5:51:78:80:2e:78:f7:f2:c2:56:99:1d:
                    8e:a9:d0:71:c9:65:d1:31:1f:ff:5e:ba:99:af:d9:
                    96:79:69:7f:76:57:3b:0d:85:48:e4:b7:fe:9e:b0:
                    b9:80:6d:e2:30:df:c2:46:95:c9:d2:c9:bc:46:b8:
                    ee:4e:a6:63:62:99:83:23:8f:c8:4a:09:e6:93:66:
                    d4:7c:a9:ed:6c:ff:a1:fb:ae:a8:d2:93:5b:da:82:
                    00:ef:71:8e:a1:03:f1:e8:90:1b:a4:a0:12:51:fe:
                    ae:fb:71:99:66:9d:f4:6c:e4:ad:f9:f7:21:b8:f5:
                    d6:f7:d0:4d:b9:ef:fe:2a:a6:bd:9b:91:aa:cd:a9:
                    af:04:8b:06:ec:f0:6d:36:e1:46:f5:15:d9:6b:55:
                    af:00:f5:bb:c1:56:76:1c:96:de:22:53:2e:6f:cd:
                    41:4d:c9:02:d4:e8:b9:ee:54:9f:64:30:5c:0c:41:
                    70:a5:b3:1a:eb:d4:68:35:6a:49:0c:6e:25:33:92:
                    a4:8d:59:b7:2d:58:74:b0:8c:71:f0:79:ec:06:b0:
                    f0:50:46:07:bd:0f:44:f2:b7:a1:0c:b4:6c:11:82:
                    28:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:08:A6:D6:6C:FD:22:C0:15:42:16:23:F2:B3:8E:EB:DC:99:3D:39
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gAim1mz9IsAVQhYj8rOO69yZPTk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.128.0/22
                  193.233.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         71:d2:8a:ed:26:67:39:d6:f7:53:83:b8:69:43:7e:c0:73:41:
         34:23:c3:93:72:95:68:ec:5b:9c:1e:cd:41:ab:61:f1:5a:08:
         50:2e:0d:6f:71:a2:74:39:74:88:57:04:93:f2:dc:f8:2d:e3:
         9b:2f:6b:2e:02:0c:96:a2:f8:df:bb:f5:b7:42:78:7f:18:d9:
         4b:b2:15:e4:70:4e:12:64:31:63:6f:d0:a8:2d:3e:80:7f:3e:
         29:5c:bb:4f:de:21:a2:44:d5:59:93:49:5c:07:86:e6:be:8f:
         62:f9:9a:de:25:47:b3:4a:12:56:45:60:b7:c9:b5:d4:24:1f:
         5c:83:2e:72:04:37:a4:db:92:40:e8:06:5f:ef:ad:c8:07:0a:
         75:74:a4:12:52:55:47:5e:2b:47:59:5e:f0:c1:dd:1b:1c:78:
         61:bf:fb:8a:52:50:73:79:ff:16:bc:d9:0e:fc:86:e7:f4:b5:
         cc:32:db:7b:9e:0d:06:f0:19:1c:5a:7a:9e:4d:fa:9d:3c:23:
         39:f3:88:6e:98:66:3e:a7:2c:bd:98:62:4f:09:86:f8:48:28:
         59:43:a8:fc:3b:4a:4a:cf:80:57:8e:9b:a4:49:09:11:14:39:
         66:c9:6f:4c:f9:b8:e6:cf:e4:38:5d:72:ad:27:c4:a0:a8:37:
         df:a3:69:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNVTstYvzCeKnezv0EAKC96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIwOTE5MTAzMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDA4YTZkNjZjZmQyMmMwMTU0MjE2MjNmMmIzOGVlYmRjOTkzZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVJa8RzjkgtNdu8nVzEji5jiz0cc
Hn/rShZHeToYtUDlUXiALnj38sJWmR2OqdBxyWXRMR//XrqZr9mWeWl/dlc7DYVI
5Lf+nrC5gG3iMN/CRpXJ0sm8RrjuTqZjYpmDI4/ISgnmk2bUfKntbP+h+66o0pNb
2oIA73GOoQPx6JAbpKASUf6u+3GZZp30bOSt+fchuPXW99BNue/+Kqa9m5Gqzamv
BIsG7PBtNuFG9RXZa1WvAPW7wVZ2HJbeIlMub81BTckC1Oi57lSfZDBcDEFwpbMa
69RoNWpJDG4lM5KkjVm3LVh0sIxx8HnsBrDwUEYHvQ9E8rehDLRsEYIouwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIAIptZs/SLAFUIWI/KzjuvcmT05MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZ0FpbTFtejlJc0FWUWhZajhyT082OXlaUFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwemAAwQB
wencMA0GCSqGSIb3DQEBCwUAA4IBAQBx0ortJmc51vdTg7hpQ37Ac0E0I8OTcpVo
7FucHs1Bq2HxWghQLg1vcaJ0OXSIVwST8tz4LeObL2suAgyWovjfu/W3Qnh/GNlL
shXkcE4SZDFjb9CoLT6Afz4pXLtP3iGiRNVZk0lcB4bmvo9i+ZreJUezShJWRWC3
ybXUJB9cgy5yBDek25JA6AZf763IBwp1dKQSUlVHXitHWV7wwd0bHHhhv/uKUlBz
ef8WvNkO/Ibn9LXMMtt7ng0G8BkcWnqeTfqdPCM584humGY+pyy9mGJPCYb4SChZ
Q6j8O0pKz4BXjpukSQkRFDlmyW9M+bjmz+Q4XXKtJ8SgqDffo2m4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org