Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/lfqWqzRT7NAFbopwkNofykQdlpY.roa
File:                     lfqWqzRT7NAFbopwkNofykQdlpY.roa (raw, json)
Hash identifier:          asPDy+Gt/DVRv+i/vAyankATZOW06hRFo6up+MpoYVI=
Subject key identifier:   95:FA:96:AB:34:53:EC:D0:05:6E:8A:70:90:DA:1F:CA:44:1D:96:96
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0183C166778E267E3C4DF2E4CAAE2465AD13
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/lfqWqzRT7NAFbopwkNofykQdlpY.roa
Signing time:             Mon 10 Oct 2022 10:17:41 +0000
ROA not before:           Mon 10 Oct 2022 10:17:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207713
IP address blocks:        193.233.17.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c1:66:77:8e:26:7e:3c:4d:f2:e4:ca:ae:24:65:ad:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Oct 10 10:17:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=95fa96ab3453ecd0056e8a7090da1fca441d9696
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:0c:68:8d:b4:d3:77:aa:2b:04:38:b6:a9:4e:
                    13:7f:f1:d7:01:c3:89:13:5a:8a:38:c9:36:63:98:
                    d0:fe:64:35:f6:04:d3:3e:48:29:e5:ba:22:f0:02:
                    7b:6d:b8:d1:d6:e8:c6:41:44:68:0b:0d:f6:1a:c2:
                    9c:31:4f:5a:86:b2:74:06:ab:cd:e3:d4:75:1b:2b:
                    c9:95:aa:2a:9e:64:60:13:f4:f8:8f:6a:87:83:13:
                    f8:f9:95:65:33:80:e8:bb:e5:1a:3f:1b:64:26:6a:
                    3b:c9:c4:81:6b:cb:3f:b0:81:9b:c0:b1:4d:c3:23:
                    a6:15:34:16:e9:ba:da:ab:f1:4d:17:30:33:e9:2f:
                    2a:61:d1:7b:37:51:f2:47:3d:ab:3d:f8:1e:82:5a:
                    ce:ff:44:4f:49:d9:fc:46:99:f3:6a:d4:a3:ad:b9:
                    8c:68:1e:d4:58:aa:3c:4a:71:31:19:77:fd:72:ef:
                    49:5c:c9:d3:ec:f8:b7:2b:ab:91:a9:c3:e5:77:4e:
                    00:a5:7b:d1:17:cf:bf:83:e7:75:bf:f8:5c:f4:57:
                    fb:00:cd:04:95:c1:ca:d8:b1:95:d8:3c:06:25:fa:
                    e3:88:80:b6:9f:3e:8e:a0:e7:76:fa:d0:3b:1d:53:
                    24:fb:fe:04:46:ea:a1:76:7e:ef:b8:49:55:d3:d5:
                    bc:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:FA:96:AB:34:53:EC:D0:05:6E:8A:70:90:DA:1F:CA:44:1D:96:96
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/lfqWqzRT7NAFbopwkNofykQdlpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:95:3c:b6:19:f6:9e:05:36:9b:bb:7c:f3:db:79:71:b2:fd:
         78:64:f3:2b:c2:45:28:2c:c5:42:f0:e5:1a:3b:8e:d0:67:c8:
         d8:3d:d5:51:db:72:ce:f6:41:03:40:19:72:93:4a:b2:37:3a:
         35:e4:e8:e6:8d:d8:47:76:5a:16:6c:94:47:d6:5d:02:1c:b5:
         44:fb:41:c9:45:24:26:99:27:c0:fa:98:18:29:29:4b:ec:71:
         eb:ea:33:b8:9d:51:41:65:7a:42:94:0f:74:94:d0:d8:3d:d6:
         4b:e1:a6:f3:b9:08:53:8c:a0:57:a2:52:d9:91:31:bf:aa:58:
         7f:6e:4a:4e:3a:fc:56:e0:3a:d7:4c:04:33:44:8d:4f:80:be:
         d4:96:20:32:d6:bc:41:48:4f:9a:2d:1f:79:84:a6:ea:9f:62:
         ba:15:9b:08:57:53:ab:38:f8:48:18:a6:4a:a7:2c:08:da:9c:
         86:a4:63:53:7a:95:31:1f:69:d5:c2:ad:66:c3:b4:a2:35:20:
         cb:20:c4:44:d1:9e:0d:e4:51:85:6a:8c:89:82:4f:66:38:53:
         c8:59:fd:bc:10:ee:ab:62:99:e6:91:0c:d3:2b:b2:b3:d4:91:
         a1:83:c9:fe:cb:4a:58:32:5b:bb:40:92:93:df:f0:fb:6c:96:
         d7:75:af:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPBZneOJn48TfLkyq4kZa0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMDEwMTAxNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWZhOTZhYjM0NTNlY2QwMDU2ZThhNzA5MGRhMWZjYTQ0MWQ5Njk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwxojbTTd6orBDi2qU4Tf/HXAcOJ
E1qKOMk2Y5jQ/mQ19gTTPkgp5boi8AJ7bbjR1ujGQURoCw32GsKcMU9ahrJ0BqvN
49R1GyvJlaoqnmRgE/T4j2qHgxP4+ZVlM4Dou+UaPxtkJmo7ycSBa8s/sIGbwLFN
wyOmFTQW6braq/FNFzAz6S8qYdF7N1HyRz2rPfgeglrO/0RPSdn8RpnzatSjrbmM
aB7UWKo8SnExGXf9cu9JXMnT7Pi3K6uRqcPld04ApXvRF8+/g+d1v/hc9Ff7AM0E
lcHK2LGV2DwGJfrjiIC2nz6OoOd2+tA7HVMk+/4ERuqhdn7vuElV09W81QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJX6lqs0U+zQBW6KcJDaH8pEHZaWMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbGZxV3F6UlQ3TkFGYm9wd2tOb2Z5a1FkbHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwekRMA0G
CSqGSIb3DQEBCwUAA4IBAQBalTy2GfaeBTabu3zz23lxsv14ZPMrwkUoLMVC8OUa
O47QZ8jYPdVR23LO9kEDQBlyk0qyNzo15OjmjdhHdloWbJRH1l0CHLVE+0HJRSQm
mSfA+pgYKSlL7HHr6jO4nVFBZXpClA90lNDYPdZL4abzuQhTjKBXolLZkTG/qlh/
bkpOOvxW4DrXTAQzRI1PgL7UliAy1rxBSE+aLR95hKbqn2K6FZsIV1OrOPhIGKZK
pywI2pyGpGNTepUxH2nVwq1mw7SiNSDLIMRE0Z4N5FGFaoyJgk9mOFPIWf28EO6r
YpnmkQzTK7Kz1JGhg8n+y0pYMlu7QJKT3/D7bJbXda9f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org