Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/1fcb59-405e-40c3-a630-c5d13e88e4de/1/bJAjWsQIxzZhzOaNl99YXA5d474.roa
File:                     bJAjWsQIxzZhzOaNl99YXA5d474.roa (raw, json)
Hash identifier:          EFwLBn0bOW8wwzMWaAJeM3pWrc2Sb3y2WOvfqkOWZ1s=
Subject key identifier:   6C:90:23:5A:C4:08:C7:36:61:CC:E6:8D:97:DF:58:5C:0E:5D:E3:BE
Certificate issuer:       /CN=ccd35790830ce7469a94c59b2e2ccbbf5e36d13f
Certificate serial:       01BDF0BD
Authority key identifier: CC:D3:57:90:83:0C:E7:46:9A:94:C5:9B:2E:2C:CB:BF:5E:36:D1:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zNNXkIMM50aalMWbLizLv1420T8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/1fcb59-405e-40c3-a630-c5d13e88e4de/1/bJAjWsQIxzZhzOaNl99YXA5d474.roa
Signing time:             Sat 01 Jan 2022 10:56:17 +0000
ROA not before:           Sat 01 Jan 2022 10:56:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        193.47.187.0/24 maxlen: 24
                          193.200.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29225149 (0x1bdf0bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccd35790830ce7469a94c59b2e2ccbbf5e36d13f
        Validity
            Not Before: Jan  1 10:56:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c90235ac408c73661cce68d97df585c0e5de3be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fc:3b:7b:3a:e9:01:61:03:03:19:19:2d:07:
                    fb:27:63:fe:83:c5:5d:e8:7e:db:8f:e6:de:28:91:
                    e3:5a:15:fd:0a:33:8c:00:39:6c:3b:72:e8:c1:32:
                    c8:2b:93:d9:bc:30:97:9e:bc:ea:58:18:bb:2d:7a:
                    e6:d8:3f:c4:8f:47:c8:94:04:41:e3:f5:6d:7d:cb:
                    ca:7a:85:27:be:f1:9a:e7:89:28:f6:46:7b:8f:4b:
                    74:d2:dc:9a:83:96:40:1a:e6:c6:03:81:ab:79:4b:
                    b8:92:22:96:fa:12:c1:31:a8:dc:d5:c1:95:7e:4d:
                    94:de:e4:1d:15:39:4e:74:2e:f1:d2:99:68:a5:c8:
                    1f:e2:84:b7:f3:65:28:dd:8e:09:c1:52:48:f5:c0:
                    2a:fd:66:17:82:90:85:22:f4:14:a8:74:36:f0:83:
                    24:7e:b7:23:9a:64:7c:18:e6:e7:91:0b:92:a4:47:
                    de:a2:af:f0:d4:9e:77:b6:a5:7c:0e:6e:a3:af:dd:
                    e2:ab:37:77:80:d7:d1:e5:20:15:c9:a0:eb:92:bd:
                    b1:29:dc:48:a7:1a:d9:39:c5:22:74:ca:6d:7d:68:
                    8e:b4:72:69:2d:6b:77:a8:92:d7:6b:45:15:e7:fd:
                    ea:08:a6:5f:11:26:c4:f1:7b:8d:7e:a1:68:9e:78:
                    fd:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:90:23:5A:C4:08:C7:36:61:CC:E6:8D:97:DF:58:5C:0E:5D:E3:BE
            X509v3 Authority Key Identifier:
                keyid:CC:D3:57:90:83:0C:E7:46:9A:94:C5:9B:2E:2C:CB:BF:5E:36:D1:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNNXkIMM50aalMWbLizLv1420T8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/1fcb59-405e-40c3-a630-c5d13e88e4de/1/bJAjWsQIxzZhzOaNl99YXA5d474.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/1fcb59-405e-40c3-a630-c5d13e88e4de/1/zNNXkIMM50aalMWbLizLv1420T8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.47.187.0/24
                  193.200.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:f2:c1:f7:60:29:2f:f3:62:b0:1b:66:e9:77:2e:88:a6:6d:
         dd:a3:25:29:ed:48:5c:9f:59:d0:41:a5:2f:97:69:6d:0d:b3:
         05:e2:d9:5b:51:f6:5b:df:92:59:67:36:41:f8:8f:9f:80:77:
         d7:94:c0:99:25:69:f1:4a:6d:d5:63:a6:27:15:83:2b:ed:1b:
         65:3e:e0:ec:cb:b2:45:cb:a5:63:dd:70:cc:be:2f:1f:70:50:
         d8:f6:7e:a4:a6:36:1c:be:28:b0:90:ca:0b:f7:92:d6:41:30:
         4b:17:26:fc:c8:cc:a1:2a:9c:af:2f:b7:e9:2b:3b:f6:6f:2c:
         ac:50:56:05:8f:04:74:66:b2:a7:0b:83:98:f4:db:d0:89:5b:
         bd:2e:45:f3:32:c2:a2:06:49:84:1e:35:e6:29:8d:cc:b4:1e:
         6f:38:db:79:c4:aa:db:7f:c0:10:b7:ee:d5:fb:27:cc:37:f8:
         3e:15:2c:58:9a:ee:15:90:5a:e7:d9:d2:52:e2:2b:ac:7a:a4:
         b2:66:87:d5:2c:21:83:6b:aa:43:c6:ec:66:22:b6:00:ba:5a:
         3a:cf:d4:f7:1f:29:3a:d1:a8:9c:dc:ef:66:31:32:ef:a8:59:
         53:1c:65:76:57:6e:c6:86:18:07:af:63:b2:26:bb:24:e5:8e:
         4a:eb:3f:4c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAb3wvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2QzNTc5MDgzMGNlNzQ2OWE5NGM1OWIyZTJjY2JiZjVlMzZkMTNmMB4XDTIyMDEw
MTEwNTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM5MDIzNWFjNDA4
YzczNjYxY2NlNjhkOTdkZjU4NWMwZTVkZTNiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALL8O3s66QFhAwMZGS0H+ydj/oPFXeh+24/m3iiR41oV/Qoz
jAA5bDty6MEyyCuT2bwwl5686lgYuy165tg/xI9HyJQEQeP1bX3LynqFJ77xmueJ
KPZGe49LdNLcmoOWQBrmxgOBq3lLuJIilvoSwTGo3NXBlX5NlN7kHRU5TnQu8dKZ
aKXIH+KEt/NlKN2OCcFSSPXAKv1mF4KQhSL0FKh0NvCDJH63I5pkfBjm55ELkqRH
3qKv8NSed7alfA5uo6/d4qs3d4DX0eUgFcmg65K9sSncSKca2TnFInTKbX1ojrRy
aS1rd6iS12tFFef96gimXxEmxPF7jX6haJ54/R0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRskCNaxAjHNmHM5o2X31hcDl3jvjAfBgNVHSMEGDAWgBTM01eQgwznRpqU
xZsuLMu/XjbRPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOTlhrSU1NNTBhYWxNV2JMaXpMdjE0MjBUOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvMWZjYjU5LTQwNWUtNDBjMy1hNjMwLWM1ZDEzZTg4ZTRkZS8x
L2JKQWpXc1FJeHpaaHpPYU5sOTlZWEE1ZDQ3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
MWZjYjU5LTQwNWUtNDBjMy1hNjMwLWM1ZDEzZTg4ZTRkZS8xL3pOTlhrSU1NNTBh
YWxNV2JMaXpMdjE0MjBUOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMEvuwMEAMHInDANBgkqhkiG9w0B
AQsFAAOCAQEAIvLB92ApL/NisBtm6XcuiKZt3aMlKe1IXJ9Z0EGlL5dpbQ2zBeLZ
W1H2W9+SWWc2QfiPn4B315TAmSVp8Upt1WOmJxWDK+0bZT7g7MuyRculY91wzL4v
H3BQ2PZ+pKY2HL4osJDKC/eS1kEwSxcm/MjMoSqcry+36Ss79m8srFBWBY8EdGay
pwuDmPTb0IlbvS5F8zLCogZJhB415imNzLQebzjbecSq23/AELfu1fsnzDf4PhUs
WJruFZBa59nSUuIrrHqksmaH1Swhg2uqQ8bsZiK2ALpaOs/U9x8pOtGonNzvZjEy
76hZUxxldlduxoYYB69jsia7JOWOSus/TA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:40 2023 by rpki-client on console-fra.rpki-client.org