Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NzMNr8FYYJnwVznBzl-FEA-m7aw.roa
File:                     NzMNr8FYYJnwVznBzl-FEA-m7aw.roa (raw, json)
Hash identifier:          AD1iFQNXdluoeYEBGK3fBrBXP/ML25Wr7B5yZZCTbAY=
Subject key identifier:   37:33:0D:AF:C1:58:60:99:F0:57:39:C1:CE:5F:85:10:0F:A6:ED:AC
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       08143721
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NzMNr8FYYJnwVznBzl-FEA-m7aw.roa
Signing time:             Thu 31 Mar 2022 18:23:16 +0000
ROA not before:           Thu 31 Mar 2022 18:23:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        193.30.241.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 135542561 (0x8143721)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Mar 31 18:23:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=37330dafc1586099f05739c1ce5f85100fa6edac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:c5:0a:ed:c8:79:23:e2:ab:25:24:15:00:69:
                    5e:2f:d3:de:09:4c:69:d8:79:59:8e:78:57:30:e8:
                    27:02:35:94:f3:d0:ee:31:28:65:5e:eb:ce:0d:55:
                    e2:6c:7a:eb:d5:25:64:f1:7d:4c:1c:d1:30:61:7b:
                    76:9d:54:4e:7e:60:a1:61:0c:db:e4:bd:01:24:27:
                    f7:b6:56:34:dd:01:ba:2b:54:86:5f:89:cd:c7:4e:
                    c9:1e:fe:6b:e1:fd:ad:09:6c:bd:72:d2:5c:11:7b:
                    31:15:ac:ff:5d:af:fb:5a:a1:22:04:4c:37:1e:4f:
                    63:4e:d6:75:67:f2:89:e7:ab:48:eb:a0:48:b8:2d:
                    f6:bf:e6:57:6d:3f:7c:e1:37:e8:f0:9c:ff:aa:29:
                    79:3d:b7:87:6e:d4:ca:d8:3d:61:f6:58:5c:ba:5b:
                    c4:ef:09:c0:76:be:d0:6c:b2:d0:99:1b:6e:4c:c5:
                    30:5d:77:6b:3e:3b:1d:47:e8:c0:2f:09:52:e7:00:
                    7a:29:f7:1c:f0:e1:4b:53:fa:ba:77:e9:0c:ae:0e:
                    0c:8f:f8:11:06:2c:f9:fa:b2:71:b3:70:ba:74:8f:
                    ab:03:8b:d8:47:30:72:7b:83:1f:6a:3e:2f:55:ed:
                    7d:6c:47:e9:21:f1:8b:b2:ed:10:5f:75:90:83:06:
                    3b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:33:0D:AF:C1:58:60:99:F0:57:39:C1:CE:5F:85:10:0F:A6:ED:AC
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NzMNr8FYYJnwVznBzl-FEA-m7aw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.30.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:f6:8c:df:07:64:4b:f1:2c:b0:22:e1:dd:b1:da:3c:89:4a:
         41:2c:7c:41:b0:c4:27:94:5f:22:6b:b0:65:9a:ce:da:83:50:
         d9:0f:ab:6e:bf:1a:a4:e1:f5:08:70:90:a6:7c:8a:90:da:4c:
         81:6d:b3:1d:47:eb:e1:59:ed:ae:57:5a:e5:04:28:53:f6:22:
         74:5c:90:42:7a:50:b1:14:c7:aa:ad:87:11:fd:6c:b0:d6:23:
         d3:c2:c0:79:be:a9:86:4e:1f:01:13:9a:8e:97:df:9d:f8:50:
         cd:79:a0:15:82:3e:19:58:cb:f6:ff:f7:b3:1b:b3:4e:6f:9e:
         3c:b6:c3:ef:a6:a7:b1:6d:5d:81:44:87:54:c0:5e:c7:21:a9:
         d7:96:60:b6:2d:67:7a:1a:8e:a0:26:75:d1:fc:4c:32:e8:c7:
         8d:90:63:d3:31:39:44:5a:61:71:f3:3f:5b:14:ab:db:91:88:
         b5:39:cf:e6:5f:be:2d:fb:c9:1f:f7:d6:45:5f:72:de:bc:5e:
         d4:1b:4d:6c:09:d3:bc:58:5d:f8:25:cf:62:7c:39:61:e4:e7:
         ec:83:5c:0c:2a:a9:84:ad:ad:f2:3f:62:2b:4e:4c:0f:24:8e:
         50:7e:ac:29:d6:95:b1:7f:b0:3a:6b:3a:d1:e1:6f:58:d4:14:
         f7:72:2e:70
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECBQ3ITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDMz
MTE4MjMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzczMzBkYWZjMTU4
NjA5OWYwNTczOWMxY2U1Zjg1MTAwZmE2ZWRhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOvFCu3IeSPiqyUkFQBpXi/T3glMadh5WY54VzDoJwI1lPPQ
7jEoZV7rzg1V4mx669UlZPF9TBzRMGF7dp1UTn5goWEM2+S9ASQn97ZWNN0BuitU
hl+JzcdOyR7+a+H9rQlsvXLSXBF7MRWs/12v+1qhIgRMNx5PY07WdWfyieerSOug
SLgt9r/mV20/fOE36PCc/6opeT23h27Uytg9YfZYXLpbxO8JwHa+0Gyy0JkbbkzF
MF13az47HUfowC8JUucAein3HPDhS1P6unfpDK4ODI/4EQYs+fqycbNwunSPqwOL
2EcwcnuDH2o+L1XtfWxH6SHxi7LtEF91kIMGOzsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ3Mw2vwVhgmfBXOcHOX4UQD6btrDAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L056TU5yOEZZWUpud1Z6bkJ6bC1GRUEtbTdhdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEe8TANBgkqhkiG9w0BAQsFAAOC
AQEASPaM3wdkS/EssCLh3bHaPIlKQSx8QbDEJ5RfImuwZZrO2oNQ2Q+rbr8apOH1
CHCQpnyKkNpMgW2zHUfr4Vntrlda5QQoU/YidFyQQnpQsRTHqq2HEf1ssNYj08LA
eb6phk4fAROajpffnfhQzXmgFYI+GVjL9v/3sxuzTm+ePLbD76ansW1dgUSHVMBe
xyGp15Zgti1nehqOoCZ10fxMMujHjZBj0zE5RFphcfM/WxSr25GItTnP5l++LfvJ
H/fWRV9y3rxe1BtNbAnTvFhd+CXPYnw5YeTn7INcDCqphK2t8j9iK05MDySOUH6s
KdaVsX+wOms60eFvWNQU93IucA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org