Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/1-kmCaH4qSb7oZtgiy1qswU5NtYI.roa
File:                     1-kmCaH4qSb7oZtgiy1qswU5NtYI.roa (raw, json)
Hash identifier:          WV8X+Ip6EQIULtlFzcAoFzYj3Y5qniFZ2/fL/0Ue0hQ=
Subject key identifier:   FA:49:82:68:7E:2A:49:BE:E8:66:D8:22:CB:5A:AC:C1:4E:4D:B5:82
Certificate issuer:       /CN=46a4b35c8e0256eaa2fbf751e6c01e5e909c0a1f
Certificate serial:       0183C6438346E2A148AE6382D9231C45962B
Authority key identifier: 46:A4:B3:5C:8E:02:56:EA:A2:FB:F7:51:E6:C0:1E:5E:90:9C:0A:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RqSzXI4CVuqi-_dR5sAeXpCcCh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/1-kmCaH4qSb7oZtgiy1qswU5NtYI.roa
Signing time:             Tue 11 Oct 2022 08:57:36 +0000
ROA not before:           Tue 11 Oct 2022 08:57:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209311
IP address blocks:        193.111.211.0/24 maxlen: 24
                          2a0a:8ac0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c6:43:83:46:e2:a1:48:ae:63:82:d9:23:1c:45:96:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46a4b35c8e0256eaa2fbf751e6c01e5e909c0a1f
        Validity
            Not Before: Oct 11 08:57:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa4982687e2a49bee866d822cb5aacc14e4db582
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:4d:5a:b4:52:4b:da:4a:0a:a4:7e:57:6d:2a:
                    3c:c6:46:95:29:5b:8a:aa:1b:55:ad:4c:4c:92:a8:
                    48:26:ed:cc:0b:51:b2:d5:10:7e:e1:7e:a1:78:00:
                    17:f8:5a:26:14:b9:f3:a5:aa:39:64:70:01:96:fd:
                    0b:cf:8d:b1:4b:bb:ae:f9:bb:5a:7b:f8:b7:50:a2:
                    73:fa:65:77:df:43:b0:9a:0a:c6:32:79:f2:ac:c0:
                    89:eb:33:29:58:34:f2:d1:72:08:b9:5d:bd:c5:52:
                    38:af:86:68:f5:5d:4d:7e:c5:d6:86:25:39:34:df:
                    68:d1:1d:ad:f4:45:4c:56:a2:ca:40:1b:ce:9b:f0:
                    e2:97:d1:cd:50:3a:2d:5a:67:87:b3:b3:e2:3b:61:
                    7f:15:f3:f3:11:bd:ef:e0:ba:c0:2f:c8:00:bc:d0:
                    23:3b:0a:de:55:1f:23:66:6c:e2:45:e3:fe:3c:8c:
                    63:9c:cf:d2:45:24:6a:27:98:26:bf:1a:b0:d6:d9:
                    9d:72:86:82:8a:e2:66:02:db:a6:21:8c:75:ef:cf:
                    e9:6c:68:d8:6a:a1:94:6a:fa:52:75:07:d6:70:19:
                    93:25:c1:a8:d6:db:1c:27:31:ec:7e:6e:ff:ec:cb:
                    c8:d8:51:a6:c3:64:5c:6a:48:b9:2a:4d:2f:17:d1:
                    83:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:49:82:68:7E:2A:49:BE:E8:66:D8:22:CB:5A:AC:C1:4E:4D:B5:82
            X509v3 Authority Key Identifier:
                keyid:46:A4:B3:5C:8E:02:56:EA:A2:FB:F7:51:E6:C0:1E:5E:90:9C:0A:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RqSzXI4CVuqi-_dR5sAeXpCcCh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/1-kmCaH4qSb7oZtgiy1qswU5NtYI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/RqSzXI4CVuqi-_dR5sAeXpCcCh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.111.211.0/24
                IPv6:
                  2a0a:8ac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         79:40:5f:93:63:a4:d8:81:9d:15:70:57:d0:d5:c2:e4:2d:fa:
         27:4d:d1:d6:97:c0:9c:cb:22:6e:9c:53:25:9f:89:b6:a9:df:
         c8:75:cb:65:ba:38:9b:ed:46:b4:f6:52:ee:1a:c9:65:f5:78:
         3d:4e:1f:4e:d1:64:f6:db:e7:dc:1e:27:07:50:a7:78:b1:0e:
         16:ed:c4:10:69:ce:cc:42:f8:ae:79:35:e6:88:e8:2d:2e:15:
         db:48:0e:e8:05:4d:3f:91:b7:81:25:cc:f8:b5:28:1a:ae:c3:
         90:c1:1f:18:fa:d7:ef:69:ee:b5:1e:b9:ca:31:65:d7:ea:87:
         61:4c:43:0c:15:a2:33:44:9d:14:4f:e1:5a:68:4a:aa:ff:ce:
         90:d2:48:04:9d:b8:fd:fe:c3:f8:c7:9a:f7:1c:e6:27:1e:04:
         47:8e:48:c1:ef:b6:a0:c6:fa:00:dd:b8:64:66:f6:da:f5:b7:
         3d:83:45:5b:32:04:70:2e:64:49:42:b9:7b:80:56:3d:fc:c0:
         39:be:5d:ad:d9:fe:d1:bb:13:b1:7d:4c:9c:fd:2b:b4:74:94:
         2f:fc:76:39:1f:e3:0a:09:b9:f1:7f:39:2b:49:96:a1:64:70:
         29:2c:d7:0e:9e:6c:ef:33:e9:b1:42:0c:f3:64:8b:c1:4b:46:
         43:1d:6e:53
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYPGQ4NG4qFIrmOC2SMcRZYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YTRiMzVjOGUwMjU2ZWFhMmZiZjc1MWU2YzAxZTVlOTA5
YzBhMWYwHhcNMjIxMDExMDg1NzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ5ODI2ODdlMmE0OWJlZTg2NmQ4MjJjYjVhYWNjMTRlNGRiNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk1atFJL2koKpH5XbSo8xkaVKVuK
qhtVrUxMkqhIJu3MC1Gy1RB+4X6heAAX+FomFLnzpao5ZHABlv0Lz42xS7uu+bta
e/i3UKJz+mV330OwmgrGMnnyrMCJ6zMpWDTy0XIIuV29xVI4r4Zo9V1NfsXWhiU5
NN9o0R2t9EVMVqLKQBvOm/Dil9HNUDotWmeHs7PiO2F/FfPzEb3v4LrAL8gAvNAj
OwreVR8jZmziReP+PIxjnM/SRSRqJ5gmvxqw1tmdcoaCiuJmAtumIYx178/pbGjY
aqGUavpSdQfWcBmTJcGo1tscJzHsfm7/7MvI2FGmw2Rcaki5Kk0vF9GDMQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPpJgmh+Kkm+6GbYIstarMFOTbWCMB8GA1UdIwQY
MBaAFEaks1yOAlbqovv3UebAHl6QnAofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnFTelhJNENWdXFpLV9kUjVzQWVYcENjQ2g4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xMTkxZDYtNTQyMy00MmNmLThmNmIt
MTE3ODg2ZWI3ZDY3LzEvMS1rbUNhSDRxU2I3b1p0Z2l5MXFzd1U1TnRZSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWIvMTE5MWQ2LTU0MjMtNDJjZi04ZjZiLTExNzg4NmViN2Q2
Ny8xL1JxU3pYSTRDVnVxaS1fZFI1c0FlWHBDY0NoOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMFv0zAN
BAIAAjAHAwUDKgqKwDANBgkqhkiG9w0BAQsFAAOCAQEAeUBfk2Ok2IGdFXBX0NXC
5C36J03R1pfAnMsibpxTJZ+JtqnfyHXLZbo4m+1GtPZS7hrJZfV4PU4fTtFk9tvn
3B4nB1CneLEOFu3EEGnOzEL4rnk15ojoLS4V20gO6AVNP5G3gSXM+LUoGq7DkMEf
GPrX72nutR65yjFl1+qHYUxDDBWiM0SdFE/hWmhKqv/OkNJIBJ24/f7D+Mea9xzm
Jx4ER45Iwe+2oMb6AN24ZGb22vW3PYNFWzIEcC5kSUK5e4BWPfzAOb5drdn+0bsT
sX1MnP0rtHSUL/x2OR/jCgm58X85K0mWoWRwKSzXDp5s7zPpsUIM82SLwUtGQx1u
Uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:44 2024 by rpki-client on console-ams.rpki-client.org