Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/dlIihFDOGA3M_SR0IqYL-TUnlHM.roa
File:                     dlIihFDOGA3M_SR0IqYL-TUnlHM.roa (raw, json)
Hash identifier:          5uOGwHgwuhCFh9SzCsxOjhfDE970MUhra+42uF6DAY0=
Subject key identifier:   76:52:22:84:50:CE:18:0D:CC:FD:24:74:22:A6:0B:F9:35:27:94:73
Certificate issuer:       /CN=dfc2603437ef74117fa12272ec42c2527da800c7
Certificate serial:       9183FE
Authority key identifier: DF:C2:60:34:37:EF:74:11:7F:A1:22:72:EC:42:C2:52:7D:A8:00:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/38JgNDfvdBF_oSJy7ELCUn2oAMc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/dlIihFDOGA3M_SR0IqYL-TUnlHM.roa
Signing time:             Sat 01 Jan 2022 02:53:48 +0000
ROA not before:           Sat 01 Jan 2022 02:53:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198175
IP address blocks:        193.134.8.0/21 maxlen: 21
                          193.134.16.0/20 maxlen: 21
                          2a10:8240::/29 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9536510 (0x9183fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfc2603437ef74117fa12272ec42c2527da800c7
        Validity
            Not Before: Jan  1 02:53:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7652228450ce180dccfd247422a60bf935279473
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:7a:2d:8c:c8:fd:64:45:33:42:09:a7:70:88:
                    e1:fc:57:6d:e8:64:7f:bc:91:eb:9a:99:06:75:a3:
                    66:d0:07:b1:c8:01:db:ef:2c:82:72:b2:e0:19:b0:
                    26:63:b9:8b:4c:5b:aa:e0:04:ea:25:31:11:f7:b1:
                    3a:c5:a6:28:79:ce:f5:c2:ab:8a:39:2a:96:4d:6f:
                    76:82:e5:b0:e9:98:8c:c6:44:96:40:c3:ba:bc:01:
                    a7:da:0f:5d:d9:1f:ac:08:36:7d:02:9e:03:ba:aa:
                    18:19:d0:a4:7a:e5:4b:30:aa:98:97:9a:64:a1:21:
                    fd:58:bd:34:64:0f:99:b8:6e:4c:9b:c3:de:26:f3:
                    f1:a7:d9:7f:17:59:0a:ae:a3:6f:90:10:a9:60:fd:
                    40:40:da:cb:3e:cf:ce:c6:7f:a5:bf:16:a1:c5:7f:
                    51:51:88:f8:44:9e:cb:c4:54:76:05:ed:b0:9d:90:
                    d6:ae:f3:48:bd:1d:8f:d9:e9:c4:92:08:2a:d7:b5:
                    f7:a4:70:a9:e4:b7:2c:3b:57:05:a5:9c:d2:b5:b6:
                    d8:e1:3a:4a:ea:da:e5:1a:31:af:e8:d8:ca:ce:a3:
                    b1:76:7e:76:85:8d:ca:af:b6:62:21:3d:94:1e:4d:
                    cb:c1:0b:87:13:e1:97:98:23:97:22:4f:6d:ec:54:
                    00:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:52:22:84:50:CE:18:0D:CC:FD:24:74:22:A6:0B:F9:35:27:94:73
            X509v3 Authority Key Identifier:
                keyid:DF:C2:60:34:37:EF:74:11:7F:A1:22:72:EC:42:C2:52:7D:A8:00:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38JgNDfvdBF_oSJy7ELCUn2oAMc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/dlIihFDOGA3M_SR0IqYL-TUnlHM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/38JgNDfvdBF_oSJy7ELCUn2oAMc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.134.8.0-193.134.31.255
                IPv6:
                  2a10:8240::/29

    Signature Algorithm: sha256WithRSAEncryption
         a4:79:ae:92:1e:2b:1e:bb:7e:39:73:4b:20:29:7f:b6:71:0e:
         75:8c:69:ee:77:87:d9:51:84:5d:a7:9b:48:af:04:d7:a9:e8:
         4c:01:3c:f0:74:1c:b9:6e:d5:e6:02:75:dc:54:73:64:f9:b8:
         d5:ff:ae:59:5e:d4:aa:41:9c:c7:e7:39:6a:8d:99:56:77:7d:
         ae:ee:48:fc:29:36:16:6e:e2:2b:ed:a9:c6:b4:50:41:f4:28:
         ef:00:fb:d8:fc:1a:0d:0e:cd:b8:3b:8c:29:6c:45:9d:48:95:
         64:49:cb:65:02:47:f8:e3:8a:49:cb:73:ef:81:86:56:d4:0e:
         dc:2c:94:f1:b4:d9:0f:2a:84:85:11:37:4f:a0:09:b1:40:4d:
         ad:7f:3c:9b:9c:5d:8c:65:a5:06:a9:eb:9d:24:86:15:69:30:
         9d:e2:28:2b:22:4f:76:5b:16:0c:93:a2:c1:19:80:cb:a1:e4:
         d1:62:fe:5d:b5:58:c5:b3:f1:28:1a:65:b5:9e:d0:39:b1:8c:
         3b:c5:31:cf:f4:67:7d:94:59:cf:dc:35:6e:0c:24:83:fb:ec:
         5a:e0:e4:f8:14:64:c8:13:14:6a:39:4d:89:be:1f:44:21:49:
         8c:0c:a7:6f:1d:7f:32:c1:2e:bd:aa:e5:fa:e3:04:cd:b3:c2:
         ba:c6:30:6a
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEAJGD/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmMyNjAzNDM3ZWY3NDExN2ZhMTIyNzJlYzQyYzI1MjdkYTgwMGM3MB4XDTIyMDEw
MTAyNTM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY1MjIyODQ1MGNl
MTgwZGNjZmQyNDc0MjJhNjBiZjkzNTI3OTQ3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANt6LYzI/WRFM0IJp3CI4fxXbehkf7yR65qZBnWjZtAHscgB
2+8sgnKy4BmwJmO5i0xbquAE6iUxEfexOsWmKHnO9cKrijkqlk1vdoLlsOmYjMZE
lkDDurwBp9oPXdkfrAg2fQKeA7qqGBnQpHrlSzCqmJeaZKEh/Vi9NGQPmbhuTJvD
3ibz8afZfxdZCq6jb5AQqWD9QEDayz7PzsZ/pb8WocV/UVGI+ESey8RUdgXtsJ2Q
1q7zSL0dj9npxJIIKte196RwqeS3LDtXBaWc0rW22OE6Sura5Roxr+jYys6jsXZ+
doWNyq+2YiE9lB5Ny8ELhxPhl5gjlyJPbexUAMECAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBR2UiKEUM4YDcz9JHQipgv5NSeUczAfBgNVHSMEGDAWgBTfwmA0N+90EX+h
InLsQsJSfagAxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM4SmdORGZ2ZEJGX29TSnk3RUxDVW4yb0FNYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvYjU1ZTQwLWQ4YmUtNDhkOS1iZDU1LWM4MzAwNzMyNzQ0OS8x
L2RsSWloRkRPR0EzTV9TUjBJcVlMLVRVbmxITS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
YjU1ZTQwLWQ4YmUtNDhkOS1iZDU1LWM4MzAwNzMyNzQ0OS8xLzM4SmdORGZ2ZEJG
X29TSnk3RUxDVW4yb0FNYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQDwYYIAwQFwYYAMA0EAgACMAcD
BQMqEIJAMA0GCSqGSIb3DQEBCwUAA4IBAQCkea6SHiseu345c0sgKX+2cQ51jGnu
d4fZUYRdp5tIrwTXqehMATzwdBy5btXmAnXcVHNk+bjV/65ZXtSqQZzH5zlqjZlW
d32u7kj8KTYWbuIr7anGtFBB9CjvAPvY/BoNDs24O4wpbEWdSJVkSctlAkf444pJ
y3PvgYZW1A7cLJTxtNkPKoSFETdPoAmxQE2tfzybnF2MZaUGqeudJIYVaTCd4igr
Ik92WxYMk6LBGYDLoeTRYv5dtVjFs/EoGmW1ntA5sYw7xTHP9Gd9lFnP3DVuDCSD
++xa4OT4FGTIExRqOU2Jvh9EIUmMDKdvHX8ywS69quX64wTNs8K6xjBq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:47 2024 by rpki-client on console-fra.rpki-client.org