Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/6b60ed-0c46-4873-91fe-f5948c716e16/1/lo25fxkE6zM04k96l0jQindOP2M.roa
File:                     lo25fxkE6zM04k96l0jQindOP2M.roa (raw, json)
Hash identifier:          hlYd7gxQ4x0VEYkjtjL8KXHhrFmOkYwwNsAef8E6PEs=
Subject key identifier:   96:8D:B9:7F:19:04:EB:33:34:E2:4F:7A:97:48:D0:8A:77:4E:3F:63
Certificate issuer:       /CN=1adc0093c5af894cf520b5936e30b215090de9f8
Certificate serial:       31E896
Authority key identifier: 1A:DC:00:93:C5:AF:89:4C:F5:20:B5:93:6E:30:B2:15:09:0D:E9:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GtwAk8WviUz1ILWTbjCyFQkN6fg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/6b60ed-0c46-4873-91fe-f5948c716e16/1/lo25fxkE6zM04k96l0jQindOP2M.roa
Signing time:             Fri 04 Mar 2022 14:14:22 +0000
ROA not before:           Fri 04 Mar 2022 14:14:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62313
IP address blocks:        193.22.141.0/24 maxlen: 24
                          212.46.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3270806 (0x31e896)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1adc0093c5af894cf520b5936e30b215090de9f8
        Validity
            Not Before: Mar  4 14:14:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=968db97f1904eb3334e24f7a9748d08a774e3f63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:43:a3:59:d5:07:b9:27:78:eb:b2:26:8f:aa:
                    eb:f6:59:44:1b:66:b8:28:80:50:b5:79:69:d3:fb:
                    1e:6d:f0:dc:bf:ec:35:a5:60:00:a6:be:86:2b:df:
                    2e:41:01:e2:19:87:4a:0b:01:e8:83:29:95:0d:45:
                    2f:91:88:18:ee:21:f6:db:1b:de:41:b4:7c:ad:a9:
                    29:54:b1:9e:be:c5:59:ba:78:e5:bf:0f:4b:7b:1e:
                    4b:6e:76:d0:f5:49:79:14:9b:e8:7c:cb:57:a7:3a:
                    be:eb:17:36:a9:78:39:4e:22:1d:42:23:f6:05:47:
                    40:c2:78:6b:da:04:28:db:18:2b:cf:ee:a6:0a:16:
                    65:9f:c5:bf:a3:44:e8:b8:53:f1:9f:9a:8c:b8:6f:
                    c9:32:69:06:d5:0a:09:e2:72:a6:47:46:a2:ec:75:
                    17:ae:6c:0e:fa:9b:ba:72:3b:be:e2:fd:08:1b:7e:
                    86:e6:f9:89:4d:54:f3:d3:bc:97:fc:66:77:29:dc:
                    61:71:17:68:c2:a0:8e:be:8a:df:1b:ad:a6:7f:fe:
                    21:fd:59:9d:67:e0:23:0f:ce:fd:4a:0c:58:84:75:
                    2a:15:0e:38:80:41:6a:0c:e0:7c:e9:9f:43:c1:45:
                    61:cd:ab:54:29:19:dd:9d:75:04:12:77:7c:c6:c7:
                    72:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:8D:B9:7F:19:04:EB:33:34:E2:4F:7A:97:48:D0:8A:77:4E:3F:63
            X509v3 Authority Key Identifier:
                keyid:1A:DC:00:93:C5:AF:89:4C:F5:20:B5:93:6E:30:B2:15:09:0D:E9:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtwAk8WviUz1ILWTbjCyFQkN6fg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/6b60ed-0c46-4873-91fe-f5948c716e16/1/lo25fxkE6zM04k96l0jQindOP2M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/6b60ed-0c46-4873-91fe-f5948c716e16/1/GtwAk8WviUz1ILWTbjCyFQkN6fg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.22.141.0/24
                  212.46.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:56:24:93:7b:79:6d:c6:81:1a:02:61:87:97:b9:44:70:dd:
         5d:e5:10:2f:89:fc:2e:04:e0:56:e7:f0:74:db:c5:24:2a:8d:
         1d:b4:35:af:bc:6c:d5:75:1a:8f:ff:e9:06:d5:9e:e1:42:e5:
         1b:25:e9:cb:d3:da:a4:77:5d:69:e3:75:f2:1d:ae:a4:25:e5:
         04:5a:7b:74:d4:aa:97:58:59:9f:a7:49:cc:1c:c6:1e:4a:04:
         90:da:42:a4:bf:28:73:18:15:bd:9c:5d:83:9f:51:f2:ed:d5:
         95:ff:8d:a4:69:79:b3:90:0c:b9:a8:f9:5d:ad:08:4e:ec:03:
         9b:45:0d:d5:c1:ee:70:cf:2a:ee:a9:00:7d:7f:02:c3:78:9e:
         9e:ae:1e:4a:e4:a2:7a:d5:14:bb:b1:d6:9d:81:07:a2:d4:1d:
         4c:73:fd:e4:f0:19:18:e5:16:3a:62:2a:71:e2:97:d0:76:69:
         ac:77:31:c1:74:97:4d:60:78:b9:f9:1a:2f:fa:42:8d:cc:dc:
         90:2c:aa:fb:80:49:26:75:e3:1b:e0:6e:2b:b2:1d:e3:ef:61:
         ff:22:05:74:e4:f1:0c:7b:06:3b:bc:e4:17:57:ca:2f:ae:51:
         c5:e3:af:3b:03:88:32:29:07:02:71:a2:fd:2a:68:71:42:d4:
         4e:67:f5:da
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDMeiWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFh
ZGMwMDkzYzVhZjg5NGNmNTIwYjU5MzZlMzBiMjE1MDkwZGU5ZjgwHhcNMjIwMzA0
MTQxNDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NjhkYjk3ZjE5MDRl
YjMzMzRlMjRmN2E5NzQ4ZDA4YTc3NGUzZjYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA30OjWdUHuSd467Imj6rr9llEG2a4KIBQtXlp0/sebfDcv+w1
pWAApr6GK98uQQHiGYdKCwHogymVDUUvkYgY7iH22xveQbR8rakpVLGevsVZunjl
vw9Lex5LbnbQ9Ul5FJvofMtXpzq+6xc2qXg5TiIdQiP2BUdAwnhr2gQo2xgrz+6m
ChZln8W/o0TouFPxn5qMuG/JMmkG1QoJ4nKmR0ai7HUXrmwO+pu6cju+4v0IG36G
5vmJTVTz07yX/GZ3KdxhcRdowqCOvorfG62mf/4h/VmdZ+AjD879SgxYhHUqFQ44
gEFqDOB86Z9DwUVhzatUKRndnXUEEnd8xsdylQIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFJaNuX8ZBOszNOJPepdI0Ip3Tj9jMB8GA1UdIwQYMBaAFBrcAJPFr4lM9SC1
k24wshUJDen4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
R3R3QWs4V3ZpVXoxSUxXVGJqQ3lGUWtONmZnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xOC82YjYwZWQtMGM0Ni00ODczLTkxZmUtZjU5NDhjNzE2ZTE2LzEv
bG8yNWZ4a0U2ek0wNGs5NmwwalFpbmRPUDJNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC82
YjYwZWQtMGM0Ni00ODczLTkxZmUtZjU5NDhjNzE2ZTE2LzEvR3R3QWs4V3ZpVXox
SUxXVGJqQ3lGUWtONmZnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRaNAwQA1C4zMA0GCSqGSIb3DQEB
CwUAA4IBAQB+ViSTe3ltxoEaAmGHl7lEcN1d5RAvifwuBOBW5/B028UkKo0dtDWv
vGzVdRqP/+kG1Z7hQuUbJenL09qkd11p43XyHa6kJeUEWnt01KqXWFmfp0nMHMYe
SgSQ2kKkvyhzGBW9nF2Dn1Hy7dWV/42kaXmzkAy5qPldrQhO7AObRQ3Vwe5wzyru
qQB9fwLDeJ6erh5K5KJ61RS7sdadgQei1B1Mc/3k8BkY5RY6Yipx4pfQdmmsdzHB
dJdNYHi5+Rov+kKNzNyQLKr7gEkmdeMb4G4rsh3j72H/IgV05PEMewY7vOQXV8ov
rlHF4687A4gyKQcCcaL9KmhxQtROZ/Xa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:44 2024 by rpki-client on console-ams.rpki-client.org