Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kLrGKbTFaSqtThik_8_ezKESqb0.roa
File:                     kLrGKbTFaSqtThik_8_ezKESqb0.roa (raw, json)
Hash identifier:          nfPGXFMZp2AbSgdwFZpvFuxY0KINj/Vyjv1A6yI+iss=
Subject key identifier:   90:BA:C6:29:B4:C5:69:2A:AD:4E:18:A4:FF:CF:DE:CC:A1:12:A9:BD
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       05F434F4
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kLrGKbTFaSqtThik_8_ezKESqb0.roa
Signing time:             Thu 16 Jun 2022 15:42:45 +0000
ROA not before:           Thu 16 Jun 2022 15:42:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207713
IP address blocks:        193.233.17.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99890420 (0x5f434f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jun 16 15:42:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=90bac629b4c5692aad4e18a4ffcfdecca112a9bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:84:c0:4e:3d:26:28:a8:94:79:97:51:dd:75:
                    b4:a9:21:21:56:47:07:2a:0e:bd:06:6a:62:8b:0e:
                    ba:a9:99:d1:73:bb:4b:aa:e6:40:91:b0:27:95:68:
                    0a:78:35:dc:aa:ac:04:49:7d:eb:7f:db:16:03:c1:
                    8d:a1:39:53:91:be:86:c9:ef:42:96:55:73:8a:89:
                    d4:55:c1:cf:ef:4e:31:1d:7f:47:60:a0:a5:ce:8e:
                    bd:9f:7c:2e:e7:e4:d1:9b:9b:c2:17:b2:9a:c6:ac:
                    f3:50:9f:0d:3e:41:b0:89:54:39:4d:be:4b:57:dd:
                    f8:12:4f:b3:92:09:b3:4c:03:f3:84:1e:65:e9:1b:
                    6a:73:4c:47:c8:78:17:1d:13:22:18:8a:45:9b:18:
                    97:64:c9:00:bb:4d:02:06:f4:03:bc:0d:ec:61:ad:
                    ad:f5:18:8a:c9:1c:4a:54:ee:68:30:71:9a:a2:81:
                    39:f5:89:6d:d4:6b:55:43:c3:34:28:62:f2:80:40:
                    82:2a:b5:2f:15:1a:c7:27:01:38:5a:11:03:e3:a0:
                    20:67:bb:e2:72:f4:1c:10:23:15:4b:0b:16:77:5a:
                    e6:88:73:e8:d9:fb:b1:9d:5b:d8:83:f5:7b:1a:22:
                    92:7a:e6:42:2c:1d:ba:91:83:97:e5:83:77:9b:85:
                    10:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:BA:C6:29:B4:C5:69:2A:AD:4E:18:A4:FF:CF:DE:CC:A1:12:A9:BD
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kLrGKbTFaSqtThik_8_ezKESqb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:cd:a5:a0:10:6c:dc:70:ea:84:22:c1:90:68:2b:8e:9b:bb:
         2f:21:23:40:dc:51:3d:3f:45:b9:60:94:3b:26:46:80:e0:50:
         a0:ea:54:c9:43:7f:f5:08:e3:af:46:52:ba:4c:d2:14:8c:b8:
         d6:21:93:79:c3:59:df:a4:57:cf:88:4c:05:3f:bb:ac:c3:c9:
         fa:17:57:25:bf:5b:8f:80:9b:cf:84:51:5d:6b:e6:8a:f1:69:
         06:23:f1:29:33:70:f0:be:17:d6:19:cd:e0:4c:2e:b6:07:e4:
         af:18:57:20:12:4d:f1:33:47:14:77:ff:93:9a:b3:66:c9:8f:
         c8:16:e5:4d:03:63:4e:ee:b3:be:e2:55:c9:e6:8c:a9:f3:e7:
         65:40:a6:d7:52:1b:7e:c6:b9:22:4e:6d:19:ec:dd:0c:55:c0:
         a0:6f:c1:f5:9d:6e:a8:20:b8:89:28:e2:11:66:3e:ae:32:99:
         38:85:ec:0d:18:b9:de:f8:9b:70:cc:44:cb:84:c4:cd:51:ac:
         81:28:db:45:eb:8b:ef:32:41:5f:6c:df:9e:63:bb:b8:bc:65:
         94:2b:5b:da:75:0d:73:93:65:be:b3:62:b3:79:90:1b:c4:95:
         d3:b9:45:cb:58:c5:67:d6:50:a9:aa:a4:c6:2c:30:63:37:67:
         70:a2:f7:8a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBfQ09DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDYx
NjE1NDI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBiYWM2MjliNGM1
NjkyYWFkNGUxOGE0ZmZjZmRlY2NhMTEyYTliZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSEwE49JiiolHmXUd11tKkhIVZHByoOvQZqYosOuqmZ0XO7
S6rmQJGwJ5VoCng13KqsBEl963/bFgPBjaE5U5G+hsnvQpZVc4qJ1FXBz+9OMR1/
R2Cgpc6OvZ98Lufk0Zubwheymsas81CfDT5BsIlUOU2+S1fd+BJPs5IJs0wD84Qe
ZekbanNMR8h4Fx0TIhiKRZsYl2TJALtNAgb0A7wN7GGtrfUYiskcSlTuaDBxmqKB
OfWJbdRrVUPDNChi8oBAgiq1LxUaxycBOFoRA+OgIGe74nL0HBAjFUsLFnda5ohz
6Nn7sZ1b2IP1exoiknrmQiwdupGDl+WDd5uFEM0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSQusYptMVpKq1OGKT/z97MoRKpvTAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L2tMckdLYlRGYVNxdFRoaWtfOF9lektFU3FiMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHpETANBgkqhkiG9w0BAQsFAAOC
AQEAUc2loBBs3HDqhCLBkGgrjpu7LyEjQNxRPT9FuWCUOyZGgOBQoOpUyUN/9Qjj
r0ZSukzSFIy41iGTecNZ36RXz4hMBT+7rMPJ+hdXJb9bj4Cbz4RRXWvmivFpBiPx
KTNw8L4X1hnN4EwutgfkrxhXIBJN8TNHFHf/k5qzZsmPyBblTQNjTu6zvuJVyeaM
qfPnZUCm11Ibfsa5Ik5tGezdDFXAoG/B9Z1uqCC4iSjiEWY+rjKZOIXsDRi53vib
cMxEy4TEzVGsgSjbReuL7zJBX2zfnmO7uLxllCtb2nUNc5NlvrNis3mQG8SV07lF
y1jFZ9ZQqaqkxiwwYzdncKL3ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org