Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/q57fFc5WtLI3zPA6rhL4nogAySA.roa
File:                     q57fFc5WtLI3zPA6rhL4nogAySA.roa (raw, json)
Hash identifier:          KmTTdVNRPK1s+386/LoaHovzsE0FWqcNof5n4+7BWRA=
Subject key identifier:   AB:9E:DF:15:CE:56:B4:B2:37:CC:F0:3A:AE:12:F8:9E:88:00:C9:20
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       04C5E101
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/q57fFc5WtLI3zPA6rhL4nogAySA.roa
Signing time:             Thu 17 Feb 2022 13:43:39 +0000
ROA not before:           Thu 17 Feb 2022 13:43:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49392
IP address blocks:        193.233.232.0/22 maxlen: 22
                          193.233.48.0/24 maxlen: 24
                          193.233.85.0/24 maxlen: 24
                          193.233.212.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 80077057 (0x4c5e101)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Feb 17 13:43:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ab9edf15ce56b4b237ccf03aae12f89e8800c920
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:87:05:fa:2f:1d:6c:cf:4f:84:b0:12:b4:90:
                    11:2a:e7:36:ad:58:ee:d6:2a:88:69:0a:de:a2:2a:
                    e7:69:b6:4e:a5:c3:48:4e:8d:4e:aa:06:14:44:1a:
                    dd:95:cf:a7:75:fa:c0:07:9a:78:0e:70:72:86:16:
                    64:9a:6e:1e:77:77:b3:21:cf:f7:37:f6:4e:64:97:
                    be:b8:b6:a0:6b:2a:9e:d5:99:02:b3:28:5f:b3:23:
                    22:e0:86:87:37:a1:d2:47:2e:1c:16:13:29:84:4b:
                    e7:9e:48:38:6c:0c:b7:03:98:89:58:08:31:0d:0e:
                    04:39:1b:99:03:2d:dc:b7:da:93:b3:a6:6f:b4:fb:
                    30:21:9e:22:91:6d:18:7b:20:47:24:86:5e:ea:84:
                    94:2b:1b:c0:da:84:d1:1b:42:b0:68:e9:5e:77:d9:
                    ed:c2:f7:41:fd:0b:3f:34:b3:d3:97:03:4b:7b:b4:
                    8a:7a:8f:55:df:3e:20:56:05:0b:9e:d4:cb:8a:fe:
                    a2:05:4e:87:0e:4d:24:2f:f4:e9:fa:9d:77:08:39:
                    fc:e9:86:03:31:e0:57:11:31:9a:bf:d5:7f:05:d5:
                    0b:d8:81:1e:d4:13:34:e8:2d:da:d2:7b:d2:a8:db:
                    38:32:dd:0c:da:8a:28:3c:83:3d:e9:9f:fb:43:56:
                    56:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:9E:DF:15:CE:56:B4:B2:37:CC:F0:3A:AE:12:F8:9E:88:00:C9:20
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/q57fFc5WtLI3zPA6rhL4nogAySA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.48.0/24
                  193.233.85.0/24
                  193.233.212.0/22
                  193.233.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:0a:81:84:95:45:84:9c:f3:86:f8:8a:2f:38:5b:b9:86:47:
         1a:7e:de:64:09:f4:c1:1b:46:8e:73:05:14:c3:81:a3:0e:a8:
         0b:b4:c2:71:6b:3b:d6:23:67:a5:ae:df:f0:e9:aa:7d:e1:3b:
         2c:a7:f8:aa:e4:e5:28:69:01:74:c9:18:1e:31:4c:75:79:73:
         81:cb:c1:29:e4:6e:2e:85:f2:87:a1:a3:1f:6f:ea:3c:34:35:
         9a:da:5c:7a:b6:5c:36:90:b6:da:40:ed:83:50:ba:ba:e6:a6:
         e2:65:44:53:ce:c5:0e:d0:84:18:81:bc:f9:ff:33:4a:3d:b6:
         a3:9c:73:69:0d:49:e6:f6:0e:ab:4c:a4:86:e0:b9:95:35:0a:
         fe:92:25:c4:9b:fe:d3:de:b0:02:2a:f1:36:65:a3:d6:40:f5:
         8f:74:b0:90:ad:81:33:b3:57:62:ad:8c:dc:e3:f2:fd:3b:32:
         70:86:53:7b:82:fa:b9:c9:f7:83:b5:b0:86:8c:b7:f2:5d:c8:
         e4:a3:da:5d:fe:01:36:59:11:73:f8:d1:d2:5c:b2:88:43:b9:
         a0:dd:35:05:f9:60:c5:49:60:f1:c4:9d:84:1d:39:94:8f:c6:
         c2:d1:06:f5:3e:98:0b:f3:a2:bd:ba:90:8e:9e:a9:59:89:92:
         8a:26:6e:51
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBMXhATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDIx
NzEzNDMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI5ZWRmMTVjZTU2
YjRiMjM3Y2NmMDNhYWUxMmY4OWU4ODAwYzkyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSHBfovHWzPT4SwErSQESrnNq1Y7tYqiGkK3qIq52m2TqXD
SE6NTqoGFEQa3ZXPp3X6wAeaeA5wcoYWZJpuHnd3syHP9zf2TmSXvri2oGsqntWZ
ArMoX7MjIuCGhzeh0kcuHBYTKYRL555IOGwMtwOYiVgIMQ0OBDkbmQMt3Lfak7Om
b7T7MCGeIpFtGHsgRySGXuqElCsbwNqE0RtCsGjpXnfZ7cL3Qf0LPzSz05cDS3u0
inqPVd8+IFYFC57Uy4r+ogVOhw5NJC/06fqddwg5/OmGAzHgVxExmr/VfwXVC9iB
HtQTNOgt2tJ70qjbODLdDNqKKDyDPemf+0NWVo8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSrnt8Vzla0sjfM8DquEvieiADJIDAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L3E1N2ZGYzVXdExJM3pQQTZyaEw0bm9nQXlTQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMHpMAMEAMHpVQMEAsHp1AMEAsHp
6DANBgkqhkiG9w0BAQsFAAOCAQEAMgqBhJVFhJzzhviKLzhbuYZHGn7eZAn0wRtG
jnMFFMOBow6oC7TCcWs71iNnpa7f8OmqfeE7LKf4quTlKGkBdMkYHjFMdXlzgcvB
KeRuLoXyh6GjH2/qPDQ1mtpcerZcNpC22kDtg1C6uuam4mVEU87FDtCEGIG8+f8z
Sj22o5xzaQ1J5vYOq0ykhuC5lTUK/pIlxJv+096wAirxNmWj1kD1j3SwkK2BM7NX
Yq2M3OPy/TsycIZTe4L6ucn3g7Wwhoy38l3I5KPaXf4BNlkRc/jR0lyyiEO5oN01
BflgxUlg8cSdhB05lI/GwtEG9T6YC/OivbqQjp6pWYmSiiZuUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org