Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/taYwuNxFPgphyfsfC-rVz_U8JBc.roa
File:                     taYwuNxFPgphyfsfC-rVz_U8JBc.roa (raw, json)
Hash identifier:          7jDuMJGRMi0mFSrnWl8uQxxhZg1pAQBWWkRNpwRr588=
Subject key identifier:   B5:A6:30:B8:DC:45:3E:0A:61:C9:FB:1F:0B:EA:D5:CF:F5:3C:24:17
Certificate issuer:       /CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
Certificate serial:       0DD509A7
Authority key identifier: 98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/taYwuNxFPgphyfsfC-rVz_U8JBc.roa
Signing time:             Thu 10 Mar 2022 15:14:11 +0000
ROA not before:           Thu 10 Mar 2022 15:14:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212774
IP address blocks:        193.46.58.0/24 maxlen: 24
                          193.46.59.0/24 maxlen: 24
                          2001:67c:960::/48 maxlen: 48
                          2001:67c:478::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 232065447 (0xdd509a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
        Validity
            Not Before: Mar 10 15:14:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b5a630b8dc453e0a61c9fb1f0bead5cff53c2417
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d0:ec:a8:0c:c9:fb:85:98:7c:68:9c:2c:d2:
                    41:43:5b:62:68:5f:ec:ac:34:4c:a4:8d:fc:0f:de:
                    d7:9b:87:85:ef:53:f7:e9:dd:e8:ac:16:4f:33:e5:
                    c5:7d:fc:24:68:97:26:b2:bd:32:71:aa:c3:87:75:
                    85:80:d7:0d:da:7d:4c:fe:7b:68:bc:64:ac:9f:a5:
                    3f:4a:ab:6b:aa:d7:4a:ce:7d:eb:d8:7b:1f:b4:63:
                    ca:00:9d:a9:0c:3a:d3:91:49:c7:2a:c7:16:00:5c:
                    1e:a1:c2:37:61:e8:29:67:13:09:02:c8:b0:c2:7a:
                    fa:5f:5b:21:99:5a:34:89:96:23:99:54:e9:da:92:
                    b7:fa:6f:61:dd:33:bc:32:37:ad:34:bc:26:62:2b:
                    fb:11:c9:c1:04:36:ab:9f:d0:0a:d5:c0:76:61:19:
                    ac:d8:99:76:83:bd:1e:8f:82:1a:b9:f9:ea:2a:73:
                    e8:2f:19:ec:0b:a8:4c:2b:16:db:c8:fa:e1:81:09:
                    76:ce:50:76:8a:b2:e9:55:45:be:56:f4:7a:90:19:
                    98:4c:9b:b4:f6:60:46:a4:9e:d8:be:48:7d:da:df:
                    46:aa:dc:fb:ad:0d:2d:03:e7:ad:30:18:9a:41:57:
                    58:c2:71:dc:96:57:b2:83:ab:ac:59:79:a8:f4:cc:
                    07:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:A6:30:B8:DC:45:3E:0A:61:C9:FB:1F:0B:EA:D5:CF:F5:3C:24:17
            X509v3 Authority Key Identifier:
                keyid:98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/taYwuNxFPgphyfsfC-rVz_U8JBc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.46.58.0/23
                IPv6:
                  2001:67c:478::/48
                  2001:67c:960::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:14:97:84:2c:74:48:9d:1c:24:a8:5a:1c:89:7e:0a:bb:65:
         05:f6:7f:38:a4:a3:af:05:3f:21:87:92:67:33:3b:fa:45:3f:
         c1:ee:db:81:e1:d4:c8:d0:83:bf:e9:fe:23:8b:07:7b:4c:6e:
         ea:b6:34:67:98:fc:20:d9:73:de:ca:d6:29:37:aa:78:0b:f6:
         93:56:7a:65:d6:f9:3a:df:81:c1:78:c7:3a:cb:77:a8:1f:4f:
         bc:af:3b:78:b7:b3:47:1c:cb:aa:2d:be:36:52:f6:57:1d:69:
         50:e0:c4:cc:fc:63:ca:00:c6:51:57:9e:c9:e7:b2:c6:24:d2:
         a6:90:eb:fc:fb:63:a6:5d:96:f7:cf:91:fd:3d:34:0a:9d:16:
         82:41:5c:cc:7e:34:fd:a5:b1:db:0c:cb:3c:09:f3:55:ad:75:
         8f:ab:ca:10:76:e3:8d:c3:1b:65:84:1c:bb:ed:94:a5:43:3e:
         ba:78:6f:82:5e:f8:d4:7c:c7:52:b6:11:93:60:65:d9:ef:47:
         a4:48:9b:40:37:5a:72:70:09:c6:a7:a1:91:2b:01:4a:51:a3:
         b8:60:75:50:fc:4e:0d:bc:cc:b7:1b:0f:7f:b0:0f:0e:b4:50:
         39:68:25:45:a1:a6:f0:4f:57:b8:28:2e:7d:03:c4:d2:4f:cd:
         2e:67:f1:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEDdUJpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODU0YmQ4YTg2M2EzMTg5NWNjNmNiOTIyZjMwMDhiM2YwOGFhZGFlMB4XDTIyMDMx
MDE1MTQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVhNjMwYjhkYzQ1
M2UwYTYxYzlmYjFmMGJlYWQ1Y2ZmNTNjMjQxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/Q7KgMyfuFmHxonCzSQUNbYmhf7Kw0TKSN/A/e15uHhe9T
9+nd6KwWTzPlxX38JGiXJrK9MnGqw4d1hYDXDdp9TP57aLxkrJ+lP0qra6rXSs59
69h7H7RjygCdqQw605FJxyrHFgBcHqHCN2HoKWcTCQLIsMJ6+l9bIZlaNImWI5lU
6dqSt/pvYd0zvDI3rTS8JmIr+xHJwQQ2q5/QCtXAdmEZrNiZdoO9Ho+CGrn56ipz
6C8Z7AuoTCsW28j64YEJds5Qdoqy6VVFvlb0epAZmEybtPZgRqSe2L5IfdrfRqrc
+60NLQPnrTAYmkFXWMJx3JZXsoOrrFl5qPTMBxECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBS1pjC43EU+CmHJ+x8L6tXP9TwkFzAfBgNVHSMEGDAWgBSYVL2KhjoxiVzG
y5IvMAiz8IqtrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21GUzlpb1k2TVlsY3hzdVNMekFJc19DS3JhNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvMmVkMTBjLTA0YjAtNDg2Ni05YjgyLWM1MjJiNzRkZGNmZC8x
L3RhWXd1TnhGUGdwaHlmc2ZDLXJWel9VOEpCYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
MmVkMTBjLTA0YjAtNDg2Ni05YjgyLWM1MjJiNzRkZGNmZC8xL21GUzlpb1k2TVls
Y3hzdVNMekFJc19DS3JhNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAcEuOjAYBAIAAjASAwcAIAEGfAR4
AwcAIAEGfAlgMA0GCSqGSIb3DQEBCwUAA4IBAQCiFJeELHRInRwkqFociX4Ku2UF
9n84pKOvBT8hh5JnMzv6RT/B7tuB4dTI0IO/6f4jiwd7TG7qtjRnmPwg2XPeytYp
N6p4C/aTVnpl1vk634HBeMc6y3eoH0+8rzt4t7NHHMuqLb42UvZXHWlQ4MTM/GPK
AMZRV57J57LGJNKmkOv8+2OmXZb3z5H9PTQKnRaCQVzMfjT9pbHbDMs8CfNVrXWP
q8oQduONwxtlhBy77ZSlQz66eG+CXvjUfMdSthGTYGXZ70ekSJtAN1pycAnGp6GR
KwFKUaO4YHVQ/E4NvMy3Gw9/sA8OtFA5aCVFoabwT1e4KC59A8TST80uZ/EZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:40 2024 by rpki-client on console-fra.rpki-client.org