Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/e3335f-4114-4482-8e12-4256a46afeec/1/F0WN8WlhdE3XZww89nFJWEX_LoQ.roa
File:                     F0WN8WlhdE3XZww89nFJWEX_LoQ.roa (raw, json)
Hash identifier:          t7PYoKQwN5HLpH+ko7b4xCjMNexS+cREU4DBiVmA8xs=
Subject key identifier:   17:45:8D:F1:69:61:74:4D:D7:67:0C:3C:F6:71:49:58:45:FF:2E:84
Certificate issuer:       /CN=6764b9eeca258ae78c4d51321a8bdfef9a2b6a3c
Certificate serial:       0993738B
Authority key identifier: 67:64:B9:EE:CA:25:8A:E7:8C:4D:51:32:1A:8B:DF:EF:9A:2B:6A:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z2S57soliueMTVEyGovf75orajw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/e3335f-4114-4482-8e12-4256a46afeec/1/F0WN8WlhdE3XZww89nFJWEX_LoQ.roa
Signing time:             Sat 01 Jan 2022 00:52:39 +0000
ROA not before:           Sat 01 Jan 2022 00:52:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20912
IP address blocks:        193.36.109.0/24 maxlen: 24
                          193.36.108.0/24 maxlen: 24
                          193.36.108.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 160658315 (0x993738b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6764b9eeca258ae78c4d51321a8bdfef9a2b6a3c
        Validity
            Not Before: Jan  1 00:52:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=17458df16961744dd7670c3cf671495845ff2e84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ba:db:9c:f0:47:71:f6:16:c9:8d:f7:44:30:
                    59:75:51:cc:f6:8c:8a:5e:d8:c9:b4:34:24:0b:2c:
                    5e:02:81:d6:07:48:14:9e:87:cf:62:0e:a3:f6:72:
                    6d:be:1f:b1:b7:50:10:5e:01:4f:c4:72:7b:8a:6b:
                    a7:f3:1a:d2:37:6a:88:bf:96:be:e2:ab:89:f4:9c:
                    a5:08:b7:c1:df:75:16:53:64:20:dd:b1:71:f9:de:
                    df:e2:06:98:29:c8:63:b7:52:ef:58:24:8a:15:be:
                    f5:fe:af:9c:9e:4f:ad:83:2e:60:1d:e2:a4:24:a9:
                    8b:ca:5b:30:dd:04:61:40:e0:2a:96:d1:87:5c:a7:
                    f7:ab:72:98:31:49:b2:51:ec:62:43:ec:ab:96:4d:
                    e2:1e:9e:3a:6f:c9:0d:de:45:e1:76:5d:d1:b3:84:
                    10:da:98:b3:71:5d:45:1c:f3:c8:47:4b:c5:6f:d7:
                    07:95:c6:c1:1e:ac:22:24:78:cc:f0:c4:00:bd:40:
                    51:e4:26:c5:a8:13:58:e0:ea:d4:8b:f5:7f:d0:70:
                    f0:74:4d:42:90:90:6d:27:c3:91:54:c5:94:c2:29:
                    1a:23:67:34:8d:b0:3c:4b:c8:97:65:7d:d9:90:ba:
                    cd:52:13:35:85:12:09:11:08:66:97:6a:d8:11:ec:
                    64:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:45:8D:F1:69:61:74:4D:D7:67:0C:3C:F6:71:49:58:45:FF:2E:84
            X509v3 Authority Key Identifier:
                keyid:67:64:B9:EE:CA:25:8A:E7:8C:4D:51:32:1A:8B:DF:EF:9A:2B:6A:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2S57soliueMTVEyGovf75orajw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/e3335f-4114-4482-8e12-4256a46afeec/1/F0WN8WlhdE3XZww89nFJWEX_LoQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/e3335f-4114-4482-8e12-4256a46afeec/1/Z2S57soliueMTVEyGovf75orajw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.36.108.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:06:35:dc:2f:03:3b:b5:b5:ae:51:f7:68:31:8d:d7:e6:c4:
         49:bd:6a:30:cb:9b:d4:5e:f3:40:3b:9c:1f:6f:bb:31:ef:d5:
         32:20:25:f5:02:e5:5a:00:c3:01:13:93:34:ab:39:11:b2:3b:
         b7:94:05:e5:75:f4:05:e6:5f:68:8e:50:0a:95:54:74:9c:4a:
         74:07:9d:90:e7:99:90:58:61:ad:1f:e4:ba:d6:76:12:23:cb:
         71:0f:02:0f:d9:1b:04:87:50:c1:f1:b4:2d:2f:8e:4f:00:ad:
         11:82:99:66:6f:3b:68:9a:9a:3d:0b:1b:65:0f:0b:ba:bd:fe:
         05:29:4f:74:80:63:62:37:7a:eb:28:75:6c:ba:b0:2e:e6:64:
         5e:7a:f6:25:23:12:48:e0:d4:71:6f:e7:d6:e0:5e:44:54:59:
         27:07:bb:22:03:83:8f:f3:c6:7b:e7:f4:be:e3:20:f5:f1:c7:
         15:e5:fe:f5:eb:44:0b:17:5f:b6:f0:d9:e4:9f:97:bf:51:da:
         69:e0:83:bb:35:35:fc:dc:e5:b0:4c:e4:66:96:24:e0:d8:64:
         c3:47:48:5a:58:f0:80:d5:8c:ec:71:5e:e4:b3:e7:1e:00:65:
         63:fe:c9:a9:fd:11:db:6e:62:e3:8d:6b:9a:70:65:a2:94:b2:
         89:23:f9:f0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECZNzizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzY0YjllZWNhMjU4YWU3OGM0ZDUxMzIxYThiZGZlZjlhMmI2YTNjMB4XDTIyMDEw
MTAwNTIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTc0NThkZjE2OTYx
NzQ0ZGQ3NjcwYzNjZjY3MTQ5NTg0NWZmMmU4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALC625zwR3H2FsmN90QwWXVRzPaMil7YybQ0JAssXgKB1gdI
FJ6Hz2IOo/Zybb4fsbdQEF4BT8Rye4prp/Ma0jdqiL+WvuKrifScpQi3wd91FlNk
IN2xcfne3+IGmCnIY7dS71gkihW+9f6vnJ5PrYMuYB3ipCSpi8pbMN0EYUDgKpbR
h1yn96tymDFJslHsYkPsq5ZN4h6eOm/JDd5F4XZd0bOEENqYs3FdRRzzyEdLxW/X
B5XGwR6sIiR4zPDEAL1AUeQmxagTWODq1Iv1f9Bw8HRNQpCQbSfDkVTFlMIpGiNn
NI2wPEvIl2V92ZC6zVITNYUSCREIZpdq2BHsZEkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQXRY3xaWF0TddnDDz2cUlYRf8uhDAfBgNVHSMEGDAWgBRnZLnuyiWK54xN
UTIai9/vmitqPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1oyUzU3c29saXVlTVRWRXlHb3ZmNzVvcmFqdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvZTMzMzVmLTQxMTQtNDQ4Mi04ZTEyLTQyNTZhNDZhZmVlYy8x
L0YwV044V2xoZEUzWFp3dzg5bkZKV0VYX0xvUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
ZTMzMzVmLTQxMTQtNDQ4Mi04ZTEyLTQyNTZhNDZhZmVlYy8xL1oyUzU3c29saXVl
TVRWRXlHb3ZmNzVvcmFqdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcEkbDANBgkqhkiG9w0BAQsFAAOC
AQEAEAY13C8DO7W1rlH3aDGN1+bESb1qMMub1F7zQDucH2+7Me/VMiAl9QLlWgDD
AROTNKs5EbI7t5QF5XX0BeZfaI5QCpVUdJxKdAedkOeZkFhhrR/kutZ2EiPLcQ8C
D9kbBIdQwfG0LS+OTwCtEYKZZm87aJqaPQsbZQ8Lur3+BSlPdIBjYjd66yh1bLqw
LuZkXnr2JSMSSODUcW/n1uBeRFRZJwe7IgODj/PGe+f0vuMg9fHHFeX+9etECxdf
tvDZ5J+Xv1HaaeCDuzU1/NzlsEzkZpYk4Nhkw0dIWljwgNWM7HFe5LPnHgBlY/7J
qf0R225i441rmnBlopSyiSP58A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:32 2024 by rpki-client on console-fra.rpki-client.org