Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/aWfHLx1ydK-amIYgk4ei8FJE1Js.roa
File:                     aWfHLx1ydK-amIYgk4ei8FJE1Js.roa (raw, json)
Hash identifier:          Iefy9cykDZuqTuT1Uno7SLnUjneEaev2Tqds2Qf51i8=
Subject key identifier:   69:67:C7:2F:1D:72:74:AF:9A:98:86:20:93:87:A2:F0:52:44:D4:9B
Certificate issuer:       /CN=68bd10f1b14bbb2767ffdcaec4b4172880ba461a
Certificate serial:       01837995DECE753FD5508466072732422F05
Authority key identifier: 68:BD:10:F1:B1:4B:BB:27:67:FF:DC:AE:C4:B4:17:28:80:BA:46:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aL0Q8bFLuydn_9yuxLQXKIC6Rho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/aWfHLx1ydK-amIYgk4ei8FJE1Js.roa
Signing time:             Mon 26 Sep 2022 11:36:48 +0000
ROA not before:           Mon 26 Sep 2022 11:36:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        193.107.40.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:79:95:de:ce:75:3f:d5:50:84:66:07:27:32:42:2f:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68bd10f1b14bbb2767ffdcaec4b4172880ba461a
        Validity
            Not Before: Sep 26 11:36:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6967c72f1d7274af9a9886209387a2f05244d49b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:e2:9b:d2:a8:fd:ba:db:db:c2:7c:09:97:4f:
                    71:27:9c:b3:45:48:3f:3d:62:d6:61:08:9b:06:26:
                    da:d3:6c:35:43:29:5b:10:22:87:23:88:71:4d:39:
                    f8:fd:4b:6a:d9:b9:1c:9f:31:da:04:4a:25:26:1c:
                    ac:16:3a:5c:92:08:8a:32:48:08:77:d2:aa:e9:ac:
                    30:3d:87:a1:77:06:c2:de:d5:21:ab:15:47:13:90:
                    da:39:a3:1f:0d:0e:7a:f7:be:64:b4:9a:97:e3:6d:
                    0a:39:bf:39:83:0e:7f:3b:36:91:c3:c7:c0:97:c7:
                    3b:8f:0d:e1:50:26:ab:44:8b:1f:bf:40:46:03:f1:
                    0a:57:2b:0e:f7:d4:c4:2b:81:cf:45:e0:0d:19:b2:
                    b4:10:c8:dd:97:b0:a4:94:c4:c0:69:cf:85:25:a1:
                    2a:42:d8:1a:22:28:12:ec:6b:80:70:c5:aa:c1:20:
                    8e:08:29:01:a6:3f:18:23:0d:f8:29:b1:22:53:51:
                    15:55:38:7c:53:43:4b:3a:ec:d4:53:8e:31:a2:10:
                    10:03:67:6a:89:14:7f:4d:4b:80:46:62:53:9c:f6:
                    b1:40:b0:8b:ad:40:55:aa:c5:4b:9e:70:ac:02:63:
                    0d:d2:10:ba:ab:72:27:03:9e:f7:ed:d4:4b:86:23:
                    37:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:67:C7:2F:1D:72:74:AF:9A:98:86:20:93:87:A2:F0:52:44:D4:9B
            X509v3 Authority Key Identifier:
                keyid:68:BD:10:F1:B1:4B:BB:27:67:FF:DC:AE:C4:B4:17:28:80:BA:46:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL0Q8bFLuydn_9yuxLQXKIC6Rho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/aWfHLx1ydK-amIYgk4ei8FJE1Js.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/aL0Q8bFLuydn_9yuxLQXKIC6Rho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:71:38:66:9c:83:98:5d:ba:59:b4:ab:fc:81:c6:86:2b:cb:
         27:ed:00:40:a0:87:cc:dc:2b:41:a5:9f:ad:6f:52:55:6c:b8:
         3a:50:4e:9b:ec:88:62:61:60:67:1d:49:12:34:47:a2:99:52:
         3f:4f:5b:ac:10:e9:be:c2:cc:87:7f:1e:84:d3:4f:b0:1d:c1:
         f8:11:15:c1:32:4a:5b:98:f3:37:32:1f:ed:67:9f:80:db:9a:
         7d:36:91:15:45:96:81:e7:3a:36:06:1b:eb:a6:43:7d:fd:d6:
         7a:30:cf:62:3b:ad:af:8b:49:7f:c4:8e:ec:32:b7:50:ba:bd:
         dd:15:34:4b:d3:6c:a6:5e:f3:a6:64:be:20:ac:f7:77:fb:80:
         a4:94:58:30:36:e1:2a:1d:e9:1a:f3:c0:d6:dc:ab:24:aa:71:
         55:b8:c8:c6:9c:53:32:d9:b4:b5:9b:eb:d1:be:a8:62:55:22:
         5b:ce:d4:f2:7a:b2:a0:df:95:d9:d7:fb:30:c9:3f:9e:29:37:
         00:05:ee:a1:12:9d:f6:c8:46:47:94:37:d5:f6:d6:19:3e:13:
         29:ee:4b:4c:cd:74:d5:2e:dd:4a:01:dc:68:49:54:d2:99:ea:
         f3:bf:41:69:9c:c6:24:58:67:09:1a:db:ca:57:f8:3c:94:ae:
         d1:9b:9e:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN5ld7OdT/VUIRmBycyQi8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmQxMGYxYjE0YmJiMjc2N2ZmZGNhZWM0YjQxNzI4ODBi
YTQ2MWEwHhcNMjIwOTI2MTEzNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY3YzcyZjFkNzI3NGFmOWE5ODg2MjA5Mzg3YTJmMDUyNDRkNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuKb0qj9utvbwnwJl09xJ5yzRUg/
PWLWYQibBiba02w1QylbECKHI4hxTTn4/Utq2bkcnzHaBEolJhysFjpckgiKMkgI
d9Kq6awwPYehdwbC3tUhqxVHE5DaOaMfDQ56975ktJqX420KOb85gw5/OzaRw8fA
l8c7jw3hUCarRIsfv0BGA/EKVysO99TEK4HPReANGbK0EMjdl7CklMTAac+FJaEq
QtgaIigS7GuAcMWqwSCOCCkBpj8YIw34KbEiU1EVVTh8U0NLOuzUU44xohAQA2dq
iRR/TUuARmJTnPaxQLCLrUBVqsVLnnCsAmMN0hC6q3InA5737dRLhiM3QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGlnxy8dcnSvmpiGIJOHovBSRNSbMB8GA1UdIwQY
MBaAFGi9EPGxS7snZ//crsS0FyiAukYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUwwUThiRkx1eWRuXzl5dXhMUVhLSUM2UmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hZGU4NTYtODk2MC00YTI5LTg5NTYt
OWZlN2Q5MjhkOWJlLzEvYVdmSEx4MXlkSy1hbUlZZ2s0ZWk4RkpFMUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hZGU4NTYtODk2MC00YTI5LTg5NTYtOWZlN2Q5MjhkOWJl
LzEvYUwwUThiRkx1eWRuXzl5dXhMUVhLSUM2UmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWsoMA0G
CSqGSIb3DQEBCwUAA4IBAQBxcThmnIOYXbpZtKv8gcaGK8sn7QBAoIfM3CtBpZ+t
b1JVbLg6UE6b7IhiYWBnHUkSNEeimVI/T1usEOm+wsyHfx6E00+wHcH4ERXBMkpb
mPM3Mh/tZ5+A25p9NpEVRZaB5zo2BhvrpkN9/dZ6MM9iO62vi0l/xI7sMrdQur3d
FTRL02ymXvOmZL4grPd3+4CklFgwNuEqHeka88DW3KskqnFVuMjGnFMy2bS1m+vR
vqhiVSJbztTyerKg35XZ1/swyT+eKTcABe6hEp32yEZHlDfV9tYZPhMp7ktMzXTV
Lt1KAdxoSVTSmerzv0FpnMYkWGcJGtvKV/g8lK7Rm56z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:04 2024 by rpki-client on console-fra.rpki-client.org