Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/a94966-03e5-42ea-ac26-a8beb5657d76/1/PoDfWjdIYEae_KMJpnAYzCL39B8.roa
File:                     PoDfWjdIYEae_KMJpnAYzCL39B8.roa (raw, json)
Hash identifier:          mCnL4k4dqQpHILdNhf6o+PvDnXiFOzdvkJ3u9TIebtc=
Subject key identifier:   3E:80:DF:5A:37:48:60:46:9E:FC:A3:09:A6:70:18:CC:22:F7:F4:1F
Certificate issuer:       /CN=695c537d2656db4dd0c3c32fe981b3c771443e5b
Certificate serial:       012899
Authority key identifier: 69:5C:53:7D:26:56:DB:4D:D0:C3:C3:2F:E9:81:B3:C7:71:44:3E:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aVxTfSZW203Qw8Mv6YGzx3FEPls.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/a94966-03e5-42ea-ac26-a8beb5657d76/1/PoDfWjdIYEae_KMJpnAYzCL39B8.roa
Signing time:             Fri 08 Apr 2022 15:30:58 +0000
ROA not before:           Fri 08 Apr 2022 15:30:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31305
IP address blocks:        193.151.12.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75929 (0x12899)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=695c537d2656db4dd0c3c32fe981b3c771443e5b
        Validity
            Not Before: Apr  8 15:30:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3e80df5a374860469efca309a67018cc22f7f41f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:47:4d:1d:09:57:af:a4:32:ae:cc:2f:eb:22:
                    4a:64:e2:8b:f3:88:c1:10:b6:5b:ca:29:4a:f0:44:
                    00:f7:4f:54:15:d4:f5:4b:00:e5:0c:5a:25:23:ed:
                    1c:98:eb:65:4f:65:30:87:59:57:82:d2:c7:6a:4d:
                    6e:56:2a:36:cd:06:00:09:35:79:a4:82:75:17:05:
                    d8:fb:3f:14:43:b0:3d:6d:f4:ac:e2:e9:40:85:59:
                    d1:8f:77:d4:14:23:73:db:4e:87:03:ad:d3:68:38:
                    80:3f:35:59:79:2a:ef:50:2f:42:22:4f:ed:1c:c6:
                    37:db:58:2c:cf:cd:fe:69:0c:5d:89:14:7d:5a:92:
                    3a:4d:d1:2d:96:cc:f2:56:dc:8b:e3:a5:8a:74:39:
                    4d:94:1a:47:68:87:fa:f8:b2:f9:05:5a:e4:a2:ce:
                    42:e8:2f:77:63:26:ef:f5:c6:86:e4:ca:c6:7f:ae:
                    f5:cc:3a:16:f5:4c:8d:f7:3e:5e:7f:de:26:cc:c9:
                    10:76:ad:a5:cd:d7:5d:fc:ea:63:4a:6b:0c:ed:35:
                    5a:f7:6a:1d:12:33:61:16:f5:7f:87:23:f6:40:79:
                    39:ed:35:95:fc:e2:ff:02:c7:8c:ce:f6:7a:be:30:
                    48:cd:86:e7:36:88:98:0c:ce:1a:2f:db:0d:9d:8c:
                    27:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:80:DF:5A:37:48:60:46:9E:FC:A3:09:A6:70:18:CC:22:F7:F4:1F
            X509v3 Authority Key Identifier:
                keyid:69:5C:53:7D:26:56:DB:4D:D0:C3:C3:2F:E9:81:B3:C7:71:44:3E:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVxTfSZW203Qw8Mv6YGzx3FEPls.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/a94966-03e5-42ea-ac26-a8beb5657d76/1/PoDfWjdIYEae_KMJpnAYzCL39B8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/a94966-03e5-42ea-ac26-a8beb5657d76/1/aVxTfSZW203Qw8Mv6YGzx3FEPls.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.151.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:62:d5:af:a9:f8:19:12:47:eb:80:ec:a9:55:9c:c3:31:03:
         67:09:6f:b6:43:5f:77:6a:73:7e:0c:5f:95:67:a4:d8:30:21:
         95:1e:8f:9e:2c:72:6f:ae:91:20:77:90:48:f8:c0:f9:4d:fd:
         34:ca:28:64:c5:61:e0:dc:62:8d:01:a3:ee:72:04:66:86:e6:
         aa:e8:d3:a1:c2:d1:f0:7a:2d:81:f9:56:05:94:af:7e:bf:6c:
         18:29:2f:d5:76:86:17:3a:5b:ca:5c:1d:d2:dc:8f:b9:4e:92:
         69:0e:28:a8:ad:0e:48:ad:cd:95:b9:a6:ae:58:43:be:b7:1a:
         32:e9:de:8e:ed:73:7a:2c:7d:9b:fd:3c:5b:8b:17:45:ed:10:
         98:5a:8b:09:58:4e:81:94:d8:24:8a:1c:6b:b6:89:9f:f6:3b:
         61:ca:3e:07:87:88:16:12:c9:8e:e0:54:e4:34:53:1a:f6:a0:
         a7:37:9b:df:0e:37:d8:04:39:a6:85:b6:02:86:44:04:38:1d:
         b2:53:69:e3:99:0f:8f:f4:2d:9c:1d:b3:16:0a:b3:1f:0d:2a:
         2c:97:a0:ae:dd:2f:cf:93:67:d5:9d:31:ee:40:20:73:a0:98:
         5f:b6:80:c5:81:b2:82:56:d3:09:d3:18:92:a1:7e:94:e2:5d:
         b1:8a:f9:75
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDASiZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY5
NWM1MzdkMjY1NmRiNGRkMGMzYzMyZmU5ODFiM2M3NzE0NDNlNWIwHhcNMjIwNDA4
MTUzMDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzZTgwZGY1YTM3NDg2
MDQ2OWVmY2EzMDlhNjcwMThjYzIyZjdmNDFmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnkdNHQlXr6Qyrswv6yJKZOKL84jBELZbyilK8EQA909UFdT1
SwDlDFolI+0cmOtlT2Uwh1lXgtLHak1uVio2zQYACTV5pIJ1FwXY+z8UQ7A9bfSs
4ulAhVnRj3fUFCNz206HA63TaDiAPzVZeSrvUC9CIk/tHMY321gsz83+aQxdiRR9
WpI6TdEtlszyVtyL46WKdDlNlBpHaIf6+LL5BVrkos5C6C93Yybv9caG5MrGf671
zDoW9UyN9z5ef94mzMkQdq2lzddd/OpjSmsM7TVa92odEjNhFvV/hyP2QHk57TWV
/OL/AseMzvZ6vjBIzYbnNoiYDM4aL9sNnYwnZQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFD6A31o3SGBGnvyjCaZwGMwi9/QfMB8GA1UdIwQYMBaAFGlcU30mVttN0MPD
L+mBs8dxRD5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YVZ4VGZTWlcyMDNRdzhNdjZZR3p4M0ZFUGxzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xOS9hOTQ5NjYtMDNlNS00MmVhLWFjMjYtYThiZWI1NjU3ZDc2LzEv
UG9EZldqZElZRWFlX0tNSnBuQVl6Q0wzOUI4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9h
OTQ5NjYtMDNlNS00MmVhLWFjMjYtYThiZWI1NjU3ZDc2LzEvYVZ4VGZTWlcyMDNR
dzhNdjZZR3p4M0ZFUGxzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwZcMMA0GCSqGSIb3DQEBCwUAA4IB
AQB/YtWvqfgZEkfrgOypVZzDMQNnCW+2Q193anN+DF+VZ6TYMCGVHo+eLHJvrpEg
d5BI+MD5Tf00yihkxWHg3GKNAaPucgRmhuaq6NOhwtHwei2B+VYFlK9+v2wYKS/V
doYXOlvKXB3S3I+5TpJpDiiorQ5Irc2VuaauWEO+txoy6d6O7XN6LH2b/TxbixdF
7RCYWosJWE6BlNgkihxrtomf9jthyj4Hh4gWEsmO4FTkNFMa9qCnN5vfDjfYBDmm
hbYChkQEOB2yU2njmQ+P9C2cHbMWCrMfDSosl6Cu3S/Pk2fVnTHuQCBzoJhftoDF
gbKCVtMJ0xiSoX6U4l2xivl1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:04 2024 by rpki-client on console-fra.rpki-client.org