Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xiojWte_Qdw6XE187aQR6Uq-e2w.roa
File:                     xiojWte_Qdw6XE187aQR6Uq-e2w.roa (raw, json)
Hash identifier:          F24ZnkdlfY1gnubpNLftyBkoo0vydOfp0iHGm7dDaaY=
Subject key identifier:   C6:2A:23:5A:D7:BF:41:DC:3A:5C:4D:7C:ED:A4:11:E9:4A:BE:7B:6C
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       053BF016
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xiojWte_Qdw6XE187aQR6Uq-e2w.roa
Signing time:             Sat 09 Apr 2022 13:51:11 +0000
ROA not before:           Sat 09 Apr 2022 13:51:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        193.233.198.0/23 maxlen: 23
                          193.233.201.0/24 maxlen: 24
                          193.233.96.0/22 maxlen: 22
                          193.233.104.0/22 maxlen: 22
                          193.233.216.0/22 maxlen: 24
                          193.233.108.0/23 maxlen: 24
                          193.233.110.0/23 maxlen: 24
                          193.233.118.0/23 maxlen: 24
                          193.233.116.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 87814166 (0x53bf016)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Apr  9 13:51:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c62a235ad7bf41dc3a5c4d7ceda411e94abe7b6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:c2:15:aa:d5:94:21:30:32:c1:fd:25:85:0f:
                    28:0d:83:df:ed:f2:bd:09:95:a1:9b:48:db:53:5c:
                    a7:60:b1:3f:e2:73:cd:80:6e:58:b8:fa:d0:af:d0:
                    5a:e5:2c:e5:62:1e:e5:db:13:5a:9a:78:37:02:b5:
                    5f:70:d6:62:1a:14:f2:67:40:d6:e0:f9:73:3d:49:
                    a5:75:3d:82:a8:9a:73:cf:55:e6:f4:f6:64:ae:52:
                    ac:b4:fa:b0:48:2b:31:53:fc:94:44:4b:de:82:15:
                    ba:01:8a:d1:ac:8e:52:95:1f:da:56:4e:c6:d0:27:
                    8e:27:ad:fb:20:b4:33:23:f2:e8:0a:16:be:b9:f5:
                    ef:8a:ff:b1:41:70:e8:6b:c1:55:20:29:34:6b:4f:
                    f1:2c:1a:9a:ae:25:ec:50:1c:b5:64:78:95:b8:00:
                    99:bd:e0:f0:91:42:b8:9c:3d:64:88:c9:18:5d:42:
                    da:79:12:d7:4a:80:66:1b:10:7f:6b:fc:67:51:89:
                    12:6b:f2:ee:d6:5a:3d:93:33:8c:59:b6:11:dc:f8:
                    03:83:3f:39:b3:70:6e:72:08:d2:80:29:5d:52:e5:
                    99:48:2e:65:8a:83:bc:c9:13:ad:1b:64:39:d1:dc:
                    0e:ea:25:95:81:de:34:b3:f2:20:6e:d2:2c:cb:21:
                    53:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:2A:23:5A:D7:BF:41:DC:3A:5C:4D:7C:ED:A4:11:E9:4A:BE:7B:6C
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xiojWte_Qdw6XE187aQR6Uq-e2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.96.0/22
                  193.233.104.0/21
                  193.233.116.0/22
                  193.233.198.0/23
                  193.233.201.0/24
                  193.233.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:df:25:5c:61:cf:94:3a:7c:1b:c0:20:d2:de:6b:81:fc:9a:
         16:07:e0:0b:7c:ac:6e:9f:92:87:8a:49:d4:6a:12:e8:a1:a3:
         0c:20:f1:25:56:aa:d5:c1:ee:34:4f:bf:72:4b:d2:3e:b5:4f:
         aa:ff:20:5d:aa:ee:0f:f1:95:71:32:9d:d9:28:c4:28:4f:c0:
         71:8d:e5:e1:7e:9e:97:24:6e:81:06:54:31:31:5b:b8:dc:08:
         9f:ee:d0:19:82:21:06:93:d9:07:84:81:7e:cf:83:b4:7e:59:
         b2:32:fe:0d:24:96:93:be:74:48:e7:5c:31:97:b2:2f:b6:3a:
         9c:16:78:cc:59:97:64:0b:4a:27:25:7b:9b:5e:2b:76:d2:79:
         38:14:bb:81:1c:2e:3c:ff:d4:35:02:2d:cf:25:eb:91:b2:2f:
         c5:03:d0:28:12:e1:54:3a:a5:83:9c:91:3e:a4:23:ac:e5:95:
         bf:27:04:33:23:c5:1d:19:8a:6d:42:ca:bb:a0:3a:1d:e3:c0:
         37:d6:bb:0c:8e:00:e2:4b:d2:d0:fa:6d:de:fb:d5:62:6b:e8:
         b7:e0:1b:75:00:0c:4b:41:95:d7:c0:7b:9d:cc:6d:a6:a6:86:
         a0:f6:d4:6b:ce:af:02:ea:4b:21:2e:cb:3a:c6:da:ed:08:2a:
         22:9a:c5:03
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBTvwFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDQw
OTEzNTExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYyYTIzNWFkN2Jm
NDFkYzNhNWM0ZDdjZWRhNDExZTk0YWJlN2I2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPCFarVlCEwMsH9JYUPKA2D3+3yvQmVoZtI21Ncp2CxP+Jz
zYBuWLj60K/QWuUs5WIe5dsTWpp4NwK1X3DWYhoU8mdA1uD5cz1JpXU9gqiac89V
5vT2ZK5SrLT6sEgrMVP8lERL3oIVugGK0ayOUpUf2lZOxtAnjiet+yC0MyPy6AoW
vrn174r/sUFw6GvBVSApNGtP8Swamq4l7FActWR4lbgAmb3g8JFCuJw9ZIjJGF1C
2nkS10qAZhsQf2v8Z1GJEmvy7tZaPZMzjFm2Edz4A4M/ObNwbnII0oApXVLlmUgu
ZYqDvMkTrRtkOdHcDuollYHeNLPyIG7SLMshU4sCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTGKiNa179B3DpcTXztpBHpSr57bDAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L3hpb2pXdGVfUWR3NlhFMTg3YVFSNlVxLWUydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAsHpYAMEA8HpaAMEAsHpdAMEAcHp
xgMEAMHpyQMEAsHp2DANBgkqhkiG9w0BAQsFAAOCAQEAh98lXGHPlDp8G8Ag0t5r
gfyaFgfgC3ysbp+Sh4pJ1GoS6KGjDCDxJVaq1cHuNE+/ckvSPrVPqv8gXaruD/GV
cTKd2SjEKE/AcY3l4X6elyRugQZUMTFbuNwIn+7QGYIhBpPZB4SBfs+DtH5ZsjL+
DSSWk750SOdcMZeyL7Y6nBZ4zFmXZAtKJyV7m14rdtJ5OBS7gRwuPP/UNQItzyXr
kbIvxQPQKBLhVDqlg5yRPqQjrOWVvycEMyPFHRmKbULKu6A6HePAN9a7DI4A4kvS
0Ppt3vvVYmvot+AbdQAMS0GV18B7ncxtpqaGoPbUa86vAupLIS7LOsba7QgqIprF
Aw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:33 2024 by rpki-client on console-ams.rpki-client.org