Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/t0ZfJzhHxVtRm8ATf-jn96zY9Mo.roa
File:                     t0ZfJzhHxVtRm8ATf-jn96zY9Mo.roa (raw, json)
Hash identifier:          j/t9iDqs1ZTV00CGVQx5vSEaZdHOctq2+u8iNPuglJ8=
Subject key identifier:   B7:46:5F:27:38:47:C5:5B:51:9B:C0:13:7F:E8:E7:F7:AC:D8:F4:CA
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0183E04BB364AF54030D44FF77EC9C434089
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/t0ZfJzhHxVtRm8ATf-jn96zY9Mo.roa
Signing time:             Sun 16 Oct 2022 10:16:41 +0000
ROA not before:           Sun 16 Oct 2022 10:16:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60912
IP address blocks:        193.233.132.0/22 maxlen: 22
                          193.233.236.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:e0:4b:b3:64:af:54:03:0d:44:ff:77:ec:9c:43:40:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Oct 16 10:16:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b7465f273847c55b519bc0137fe8e7f7acd8f4ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:80:80:f1:8e:a4:af:dc:27:cd:f4:e3:80:a6:
                    f9:52:ff:91:6b:ca:a2:4a:ec:27:59:e8:3a:2a:03:
                    d9:d5:62:37:35:b3:09:05:2a:26:bc:d5:1b:0a:c7:
                    00:64:31:40:79:df:7b:cf:23:bd:92:34:d4:23:cf:
                    b6:0a:27:59:ac:2d:3f:f4:36:99:54:60:b7:b7:5d:
                    ba:8f:95:1e:84:80:41:5b:f3:75:ec:78:5c:f2:9a:
                    e1:5e:04:5f:3e:5c:a9:62:52:a6:6b:aa:c5:db:65:
                    35:1b:ef:23:c0:53:78:dd:82:b2:59:7c:1b:83:36:
                    e3:16:cd:31:ec:49:19:c1:15:26:c4:0e:23:08:45:
                    aa:3b:b9:18:4d:23:9c:c2:24:7b:54:69:d2:87:8b:
                    f8:bb:b2:1d:fe:e0:c2:35:65:b5:85:af:bb:ba:86:
                    39:a9:54:6a:1b:d6:7e:23:22:7d:81:8c:3a:a3:36:
                    c1:8d:35:61:e6:89:65:50:8a:36:e8:6e:1b:d4:c1:
                    ca:40:ab:2b:fb:1f:a3:73:a2:d3:ab:b0:30:71:75:
                    5a:41:65:24:8f:5f:08:9f:30:14:f2:3e:38:8c:d5:
                    ca:2f:c4:d5:89:65:7a:74:1c:99:bd:93:b4:b3:ae:
                    69:a8:b0:45:3f:3c:96:1e:42:f0:6f:01:a9:e1:bb:
                    1a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:46:5F:27:38:47:C5:5B:51:9B:C0:13:7F:E8:E7:F7:AC:D8:F4:CA
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/t0ZfJzhHxVtRm8ATf-jn96zY9Mo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.132.0/22
                  193.233.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:b7:2c:c5:9a:bc:02:0a:b1:91:45:94:7a:66:4a:5f:bb:85:
         b7:3b:6b:65:25:62:ff:0d:6d:cf:6f:12:82:be:d2:de:67:31:
         e4:03:26:95:ff:1f:fa:21:15:cc:a4:32:95:34:ca:ff:ed:f9:
         13:40:f0:db:0a:cd:79:aa:33:a2:30:e0:f3:50:42:4d:ad:ad:
         63:b0:c5:a4:7f:ca:2d:3e:ba:60:86:b1:6c:43:ac:1e:48:3c:
         71:ad:d4:b0:ed:84:f7:cd:25:71:87:22:73:3c:a4:91:19:44:
         3a:74:22:ab:21:ed:a9:bb:3d:44:d4:7c:fe:91:8c:d2:50:d2:
         e9:96:83:3a:e4:4b:29:dd:86:0b:b7:01:1f:44:1e:a2:c1:d7:
         3a:ed:0c:aa:39:6d:ad:e1:6b:47:01:a5:e3:47:f2:fc:83:e3:
         35:46:46:d5:56:90:30:3c:e6:85:9c:58:5b:83:16:82:ad:82:
         10:dc:eb:9a:b5:84:06:34:62:46:67:12:19:8e:52:07:48:50:
         e3:3c:ba:7c:ab:15:50:2a:fd:0e:98:d5:99:4d:33:b4:3c:9e:
         43:13:53:34:4c:f6:f1:49:6c:64:51:16:04:a0:c5:70:0b:1f:
         76:ec:8d:71:aa:c3:ac:a7:2b:23:7e:05:f6:a1:28:77:d3:b7:
         45:f9:50:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPgS7Nkr1QDDUT/d+ycQ0CJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMDE2MTAxNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQ2NWYyNzM4NDdjNTViNTE5YmMwMTM3ZmU4ZTdmN2FjZDhmNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmICA8Y6kr9wnzfTjgKb5Uv+Ra8qi
SuwnWeg6KgPZ1WI3NbMJBSomvNUbCscAZDFAed97zyO9kjTUI8+2CidZrC0/9DaZ
VGC3t126j5UehIBBW/N17Hhc8prhXgRfPlypYlKma6rF22U1G+8jwFN43YKyWXwb
gzbjFs0x7EkZwRUmxA4jCEWqO7kYTSOcwiR7VGnSh4v4u7Id/uDCNWW1ha+7uoY5
qVRqG9Z+IyJ9gYw6ozbBjTVh5ollUIo26G4b1MHKQKsr+x+jc6LTq7AwcXVaQWUk
j18InzAU8j44jNXKL8TViWV6dByZvZO0s65pqLBFPzyWHkLwbwGp4bsaLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLdGXyc4R8VbUZvAE3/o5/es2PTKMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdDBaZkp6aEh4VnRSbThBVGYtam45NnpZOU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwemEAwQC
wensMA0GCSqGSIb3DQEBCwUAA4IBAQANtyzFmrwCCrGRRZR6Zkpfu4W3O2tlJWL/
DW3PbxKCvtLeZzHkAyaV/x/6IRXMpDKVNMr/7fkTQPDbCs15qjOiMODzUEJNra1j
sMWkf8otPrpghrFsQ6weSDxxrdSw7YT3zSVxhyJzPKSRGUQ6dCKrIe2puz1E1Hz+
kYzSUNLploM65Esp3YYLtwEfRB6iwdc67QyqOW2t4WtHAaXjR/L8g+M1RkbVVpAw
POaFnFhbgxaCrYIQ3OuatYQGNGJGZxIZjlIHSFDjPLp8qxVQKv0OmNWZTTO0PJ5D
E1M0TPbxSWxkURYEoMVwCx927I1xqsOspysjfgX2oSh307dF+VDq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:40 2024 by rpki-client on console-fra.rpki-client.org