Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/4roQd_fadEOGP5zkE1WJm1fa02I.roa
File:                     4roQd_fadEOGP5zkE1WJm1fa02I.roa (raw, json)
Hash identifier:          7Wr9c92V48YzrmHh2QNwD5DRkPLyHevA/sW3y5BHEb0=
Subject key identifier:   E2:BA:10:77:F7:DA:74:43:86:3F:9C:E4:13:55:89:9B:57:DA:D3:62
Certificate issuer:       /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial:       4194D39C
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/4roQd_fadEOGP5zkE1WJm1fa02I.roa
Signing time:             Sat 01 Jan 2022 11:54:58 +0000
ROA not before:           Sat 01 Jan 2022 11:54:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59676
IP address blocks:        193.105.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1100272540 (0x4194d39c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
        Validity
            Not Before: Jan  1 11:54:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2ba1077f7da7443863f9ce41355899b57dad362
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:89:9b:ea:04:b7:39:ce:be:d7:44:04:b3:1d:
                    59:fe:11:72:c9:cf:b5:41:4e:94:87:79:47:68:00:
                    89:f7:c4:37:a6:0f:44:a6:de:3d:d6:45:3e:4d:73:
                    a6:ef:1e:a9:90:67:4c:bd:98:56:27:ab:2d:e8:94:
                    c4:2e:74:72:11:74:48:04:6e:e5:e6:7e:ea:9e:09:
                    ce:b9:7a:b7:63:62:16:0f:4e:fa:1e:2e:20:31:19:
                    b6:ab:62:c1:43:68:bd:a2:ea:59:bd:bf:20:b3:08:
                    91:65:0d:fd:62:d0:17:71:51:45:92:6a:c5:5c:af:
                    04:5f:ef:f5:da:bd:80:79:ee:a8:7f:79:f0:e2:de:
                    01:07:36:9a:25:19:55:4e:8d:f3:2d:bc:4a:9b:8b:
                    ff:cc:2e:9c:ef:32:35:5d:61:cf:cb:ec:ab:6f:94:
                    2f:7e:ed:ac:3a:e4:1c:6a:c4:d8:df:ab:cb:56:10:
                    5b:c3:bb:dd:69:6b:3e:55:25:07:b2:b0:54:43:41:
                    da:0e:39:3a:bc:a5:97:57:24:64:4e:36:2d:24:37:
                    5e:b1:da:db:95:bb:40:37:f3:71:c9:4c:b2:fb:03:
                    23:7e:7f:11:fe:eb:2a:e8:a1:55:84:d3:ed:bf:d1:
                    a7:2d:6f:6b:d7:37:50:b5:de:f8:15:ef:cd:c4:bb:
                    c7:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:BA:10:77:F7:DA:74:43:86:3F:9C:E4:13:55:89:9B:57:DA:D3:62
            X509v3 Authority Key Identifier:
                keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/4roQd_fadEOGP5zkE1WJm1fa02I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.105.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:e8:b1:02:76:1d:c1:91:33:2b:47:04:95:cf:88:da:f3:58:
         ce:af:d2:80:5a:98:35:68:72:78:9f:ba:5d:2e:95:70:a0:59:
         7e:1a:38:92:09:66:75:35:8e:81:7d:ec:b9:6a:cd:59:66:50:
         5c:07:d4:8b:13:e9:1e:74:1e:de:06:38:c8:f0:de:44:f2:a2:
         b9:c9:12:5c:b5:af:5c:8d:99:e9:25:de:ce:fd:96:d5:86:a6:
         5d:55:f6:e5:95:4c:e6:9e:d0:00:f9:26:7c:ac:f1:31:c3:c8:
         75:37:a8:6a:d5:a9:6f:33:77:93:3d:2f:50:39:11:8e:6c:0f:
         1f:ce:38:f4:4d:97:e3:1a:61:7f:44:c1:61:5a:28:b3:27:0f:
         1e:55:07:5e:67:ea:00:ba:e2:a3:c6:85:8a:2a:b2:0e:17:95:
         32:9c:6f:5d:80:52:49:d4:d2:a7:e7:fd:a6:af:37:d2:0e:6b:
         30:1e:a8:3c:b5:0a:34:ae:6c:68:5f:67:3a:06:95:f1:28:cc:
         89:e2:ef:71:68:5a:61:8a:da:d7:02:33:85:5d:3d:c4:93:3e:
         52:18:33:2e:35:b8:94:a3:f0:56:1d:57:47:f2:37:e1:d9:fb:
         e1:86:7a:33:a5:f4:96:95:66:a4:bf:8f:14:6d:8c:ca:28:78:
         20:f4:a5:01
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQZTTnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGE5NmQwMmE4MjJmNDYyNTNjMmFlZTY4MDQ0MWQ1YWMyN2MzZGY1MB4XDTIyMDEw
MTExNTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJiYTEwNzdmN2Rh
NzQ0Mzg2M2Y5Y2U0MTM1NTg5OWI1N2RhZDM2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqJm+oEtznOvtdEBLMdWf4RcsnPtUFOlId5R2gAiffEN6YP
RKbePdZFPk1zpu8eqZBnTL2YVierLeiUxC50chF0SARu5eZ+6p4Jzrl6t2NiFg9O
+h4uIDEZtqtiwUNovaLqWb2/ILMIkWUN/WLQF3FRRZJqxVyvBF/v9dq9gHnuqH95
8OLeAQc2miUZVU6N8y28SpuL/8wunO8yNV1hz8vsq2+UL37trDrkHGrE2N+ry1YQ
W8O73WlrPlUlB7KwVENB2g45Oryll1ckZE42LSQ3XrHa25W7QDfzcclMsvsDI35/
Ef7rKuihVYTT7b/Rpy1va9c3ULXe+BXvzcS7x9MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTiuhB399p0Q4Y/nOQTVYmbV9rTYjAfBgNVHSMEGDAWgBS9qW0CqCL0YlPC
ruaARB1awnw99TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZhbHRBcWdpOUdKVHdxN21nRVFkV3NKOFBmVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvYTI3YjM5LTgwMTEtNDE0Mi04NmMyLWNmODNkNmU0MDU1OC8x
LzRyb1FkX2ZhZEVPR1A1emtFMVdKbTFmYTAySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
YTI3YjM5LTgwMTEtNDE0Mi04NmMyLWNmODNkNmU0MDU1OC8xL3ZhbHRBcWdpOUdK
VHdxN21nRVFkV3NKOFBmVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFpljANBgkqhkiG9w0BAQsFAAOC
AQEAVeixAnYdwZEzK0cElc+I2vNYzq/SgFqYNWhyeJ+6XS6VcKBZfho4kglmdTWO
gX3suWrNWWZQXAfUixPpHnQe3gY4yPDeRPKiuckSXLWvXI2Z6SXezv2W1YamXVX2
5ZVM5p7QAPkmfKzxMcPIdTeoatWpbzN3kz0vUDkRjmwPH8449E2X4xphf0TBYVoo
sycPHlUHXmfqALrio8aFiiqyDheVMpxvXYBSSdTSp+f9pq830g5rMB6oPLUKNK5s
aF9nOgaV8SjMieLvcWhaYYra1wIzhV09xJM+UhgzLjW4lKPwVh1XR/I34dn74YZ6
M6X0lpVmpL+PFG2Myih4IPSlAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:34 2024 by rpki-client on console-fra.rpki-client.org