Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/59fc26-f8dd-4f5e-bca2-225d8adfe8bb/1/0a8bVdEtpDeKTOa16t3v9uYfK78.roa
File:                     0a8bVdEtpDeKTOa16t3v9uYfK78.roa (raw, json)
Hash identifier:          YRF0hd4gqjjHCwwEzWSEb5yB0PvJw1n+HBW0cxW6AJY=
Subject key identifier:   D1:AF:1B:55:D1:2D:A4:37:8A:4C:E6:B5:EA:DD:EF:F6:E6:1F:2B:BF
Certificate issuer:       /CN=d50051613d3cc6b3eb81d5bb400ae0d4e2412c80
Certificate serial:       018562422A53A0D9BD83EAA2F49BF1F79CFB
Authority key identifier: D5:00:51:61:3D:3C:C6:B3:EB:81:D5:BB:40:0A:E0:D4:E2:41:2C:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1QBRYT08xrPrgdW7QArg1OJBLIA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/59fc26-f8dd-4f5e-bca2-225d8adfe8bb/1/0a8bVdEtpDeKTOa16t3v9uYfK78.roa
Signing time:             Fri 30 Dec 2022 08:59:41 +0000
ROA not before:           Fri 30 Dec 2022 08:59:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48026
IP address blocks:        193.42.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:62:42:2a:53:a0:d9:bd:83:ea:a2:f4:9b:f1:f7:9c:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d50051613d3cc6b3eb81d5bb400ae0d4e2412c80
        Validity
            Not Before: Dec 30 08:59:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1af1b55d12da4378a4ce6b5eaddeff6e61f2bbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:eb:5a:e5:2a:3a:45:fa:cc:f4:a4:1f:3c:4a:
                    59:f1:19:61:62:6b:15:69:09:f0:64:b9:d7:8e:70:
                    bf:2e:0b:5a:56:71:67:aa:68:24:17:21:52:f9:42:
                    b2:74:17:9b:d6:df:7a:b2:c9:56:32:0e:b3:21:c7:
                    ca:af:fe:03:35:3d:64:de:8d:cc:70:28:ac:2b:48:
                    b1:d0:31:2e:94:45:ad:eb:d2:fa:77:2c:15:e8:51:
                    42:68:9b:fd:9f:74:82:5b:1f:55:fd:62:94:48:ed:
                    2e:01:c8:25:e3:2d:f3:d3:48:e6:63:73:42:cf:ba:
                    9b:32:e2:54:25:27:4e:7f:8c:c1:6c:c9:a2:d5:47:
                    4c:3f:4f:7b:51:ac:e5:55:27:24:cb:c7:4b:ad:a3:
                    98:35:2f:a5:27:ab:6c:e9:26:0f:45:e5:62:48:d7:
                    cc:51:bb:58:6c:4b:2b:9d:fd:14:32:1d:76:a2:69:
                    b0:23:05:71:88:33:c5:cf:b8:4c:cf:bf:f4:5f:39:
                    07:81:97:8f:23:8a:30:33:4e:b6:73:d3:bc:45:7a:
                    f1:c8:7d:fb:23:45:c7:25:bd:92:d1:eb:63:c9:53:
                    85:b2:86:af:c2:3b:bf:16:d6:9e:a2:5b:05:78:11:
                    e2:67:4a:f8:c3:cb:3a:50:e4:7f:8f:32:d4:c5:f0:
                    9c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:AF:1B:55:D1:2D:A4:37:8A:4C:E6:B5:EA:DD:EF:F6:E6:1F:2B:BF
            X509v3 Authority Key Identifier:
                keyid:D5:00:51:61:3D:3C:C6:B3:EB:81:D5:BB:40:0A:E0:D4:E2:41:2C:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QBRYT08xrPrgdW7QArg1OJBLIA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/59fc26-f8dd-4f5e-bca2-225d8adfe8bb/1/0a8bVdEtpDeKTOa16t3v9uYfK78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/59fc26-f8dd-4f5e-bca2-225d8adfe8bb/1/1QBRYT08xrPrgdW7QArg1OJBLIA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.42.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:05:ba:8b:2d:fe:87:6b:57:92:04:d8:83:c2:c6:de:e4:52:
         bb:1e:77:c5:5e:e5:a6:ad:f7:17:b9:ae:68:e9:1a:b3:fd:47:
         b2:a4:12:33:d3:5d:06:c9:e0:5c:1f:82:d4:78:22:8f:7b:97:
         09:b6:c3:bf:34:12:d9:20:f8:5c:45:07:89:56:60:00:f7:58:
         c1:e0:dd:79:0c:cb:c4:90:7a:d9:8e:c6:93:d9:cb:c4:92:3e:
         45:f4:4b:cb:be:37:bc:34:76:6d:d9:e0:4b:96:71:10:14:9a:
         96:18:53:21:42:85:0c:44:d3:41:f4:e3:34:96:d1:5a:70:e7:
         0e:9e:30:6f:70:8a:67:76:d5:ca:42:18:e2:88:68:6b:fb:9c:
         31:32:0f:a8:de:88:83:dd:f7:91:81:b0:5a:69:65:31:6b:cb:
         10:00:b8:8b:d8:ae:8e:54:08:df:ac:5c:66:91:fa:8c:9f:a0:
         5a:bb:3c:0f:7d:55:30:81:6e:71:6a:5e:5f:87:f4:39:be:62:
         7b:f0:cb:9d:11:48:b9:08:27:d5:95:d8:8d:f2:d4:51:12:52:
         b1:f5:9b:a7:9f:aa:36:6b:30:49:b5:0c:d3:70:17:c7:c8:ef:
         59:23:6b:16:a7:82:59:12:b1:4b:1d:2f:a5:ee:e8:b1:c4:9d:
         d3:b2:55:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYViQipToNm9g+qi9Jvx95z7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDA1MTYxM2QzY2M2YjNlYjgxZDViYjQwMGFlMGQ0ZTI0
MTJjODAwHhcNMjIxMjMwMDg1OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWFmMWI1NWQxMmRhNDM3OGE0Y2U2YjVlYWRkZWZmNmU2MWYyYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+ta5So6RfrM9KQfPEpZ8RlhYmsV
aQnwZLnXjnC/LgtaVnFnqmgkFyFS+UKydBeb1t96sslWMg6zIcfKr/4DNT1k3o3M
cCisK0ix0DEulEWt69L6dywV6FFCaJv9n3SCWx9V/WKUSO0uAcgl4y3z00jmY3NC
z7qbMuJUJSdOf4zBbMmi1UdMP097UazlVScky8dLraOYNS+lJ6ts6SYPReViSNfM
UbtYbEsrnf0UMh12ommwIwVxiDPFz7hMz7/0XzkHgZePI4owM062c9O8RXrxyH37
I0XHJb2S0etjyVOFsoavwju/FtaeolsFeBHiZ0r4w8s6UOR/jzLUxfCcmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGvG1XRLaQ3ikzmterd7/bmHyu/MB8GA1UdIwQY
MBaAFNUAUWE9PMaz64HVu0AK4NTiQSyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFCUllUMDh4clByZ2RXN1FBcmcxT0pCTElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC81OWZjMjYtZjhkZC00ZjVlLWJjYTIt
MjI1ZDhhZGZlOGJiLzEvMGE4YlZkRXRwRGVLVE9hMTZ0M3Y5dVlmSzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC81OWZjMjYtZjhkZC00ZjVlLWJjYTItMjI1ZDhhZGZlOGJi
LzEvMVFCUllUMDh4clByZ2RXN1FBcmcxT0pCTElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSqWMA0G
CSqGSIb3DQEBCwUAA4IBAQBsBbqLLf6Ha1eSBNiDwsbe5FK7HnfFXuWmrfcXua5o
6Rqz/UeypBIz010GyeBcH4LUeCKPe5cJtsO/NBLZIPhcRQeJVmAA91jB4N15DMvE
kHrZjsaT2cvEkj5F9EvLvje8NHZt2eBLlnEQFJqWGFMhQoUMRNNB9OM0ltFacOcO
njBvcIpndtXKQhjiiGhr+5wxMg+o3oiD3feRgbBaaWUxa8sQALiL2K6OVAjfrFxm
kfqMn6BauzwPfVUwgW5xal5fh/Q5vmJ78MudEUi5CCfVldiN8tRRElKx9Zunn6o2
azBJtQzTcBfHyO9ZI2sWp4JZErFLHS+l7uixxJ3TslWd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:41 2024 by rpki-client on console-ams.rpki-client.org