Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/9Rdi5cul1x94jR77fZ-KwIPbKgQ.roa
File:                     9Rdi5cul1x94jR77fZ-KwIPbKgQ.roa (raw, json)
Hash identifier:          uFzMxCQEfyTv6PL1zPdyLEHD9pDLUF/I0Hve8u6i5JU=
Subject key identifier:   F5:17:62:E5:CB:A5:D7:1F:78:8D:1E:FB:7D:9F:8A:C0:83:DB:2A:04
Certificate issuer:       /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
Certificate serial:       0F51
Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/9Rdi5cul1x94jR77fZ-KwIPbKgQ.roa
Signing time:             Tue 26 Apr 2022 15:16:17 +0000
ROA not before:           Tue 26 Apr 2022 15:16:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3303
IP address blocks:        193.247.128.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3921 (0xf51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471
        Validity
            Not Before: Apr 26 15:16:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f51762e5cba5d71f788d1efb7d9f8ac083db2a04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5b:0e:a4:86:ec:fd:18:cc:3d:aa:b3:11:2d:
                    83:19:2a:81:e3:73:d5:6c:02:8a:59:67:f7:44:f7:
                    c0:73:c9:79:ec:96:f2:aa:bc:f3:47:69:5f:b6:e8:
                    e0:87:3d:c2:9a:5e:7d:6a:cd:d4:67:b5:b5:01:7f:
                    a4:c5:8e:04:73:8f:f5:39:69:6c:98:b3:80:d9:01:
                    89:2b:46:0b:7e:83:e7:a9:1f:6f:e6:d5:5b:c2:eb:
                    20:34:b2:f3:f0:1b:2b:28:63:b6:8e:fd:52:ba:96:
                    32:03:7a:e4:d6:db:d2:47:03:03:37:62:e9:1b:77:
                    b9:e0:79:ea:0b:12:62:19:15:cc:be:59:f7:f6:50:
                    29:6d:02:f4:39:06:be:34:be:38:31:37:48:54:fd:
                    31:c4:b6:03:24:00:98:7d:7e:e9:b9:8e:7f:db:6c:
                    af:2e:67:71:da:34:b2:d8:af:04:9a:dd:c4:95:b1:
                    62:17:9d:03:9c:b3:47:b5:95:90:cc:69:85:9a:7a:
                    89:79:51:a7:e6:85:7a:b4:72:fa:6c:d1:3e:ea:a4:
                    13:21:07:b0:c1:96:d6:73:5c:99:ab:cc:19:97:08:
                    9e:b6:68:54:cb:49:a9:96:bd:67:ba:d8:d8:1b:58:
                    0c:29:d3:d7:a9:81:23:42:89:cb:4a:29:ab:d6:37:
                    e2:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:17:62:E5:CB:A5:D7:1F:78:8D:1E:FB:7D:9F:8A:C0:83:DB:2A:04
            X509v3 Authority Key Identifier:
                keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/9Rdi5cul1x94jR77fZ-KwIPbKgQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.247.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0f:51:80:5b:4f:97:6f:e3:35:fc:60:5a:ad:6f:b2:1c:e4:e6:
         65:72:73:ae:7b:5d:38:46:13:41:c7:28:e4:28:1f:2b:7c:dd:
         12:17:34:07:6b:d6:fa:21:68:2b:71:f5:2d:9d:a2:a4:29:cd:
         ce:d4:02:54:77:e1:17:60:8c:f9:e7:66:b0:54:14:70:d6:5a:
         36:af:fc:cf:de:4e:06:41:d7:3a:9f:78:41:21:2f:33:a1:27:
         69:00:a0:21:a6:26:5b:52:12:d9:3e:58:e5:71:93:00:62:4c:
         52:ea:67:64:b3:ef:77:7b:9d:b2:de:b7:2e:c5:53:3c:b2:d5:
         a0:f4:f6:43:59:88:55:07:05:b9:3e:23:9c:36:97:cc:9d:6e:
         d9:8a:e6:c0:49:20:8e:5e:7e:b9:00:ff:40:bd:10:7b:a7:38:
         33:c8:56:11:f8:be:64:0e:bd:5e:08:24:5b:3b:3b:b5:ce:f9:
         d9:f9:9f:77:07:1b:29:f8:9f:6e:f8:d2:87:c7:af:7b:0f:64:
         6f:06:7e:99:f9:d8:52:d7:e9:88:fc:c1:d3:bb:c6:a9:ec:8d:
         6f:75:84:d3:ff:cc:8b:33:56:d6:4f:2f:94:4f:a2:b8:bc:ea:
         78:e9:83:32:a5:6a:51:88:80:7e:20:57:32:bb:44:b0:ca:aa:
         02:60:a0:b7
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICD1EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM2E3
Y2I1OTJkN2U0ZWM3MWI2Nzg1NWQxZGZjNTVkOWQwNjcwNTQ3MTAeFw0yMjA0MjYx
NTE2MTdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGY1MTc2MmU1Y2JhNWQ3
MWY3ODhkMWVmYjdkOWY4YWMwODNkYjJhMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9Ww6khuz9GMw9qrMRLYMZKoHjc9VsAopZZ/dE98BzyXnslvKq
vPNHaV+26OCHPcKaXn1qzdRntbUBf6TFjgRzj/U5aWyYs4DZAYkrRgt+g+epH2/m
1VvC6yA0svPwGysoY7aO/VK6ljIDeuTW29JHAwM3Yukbd7ngeeoLEmIZFcy+Wff2
UCltAvQ5Br40vjgxN0hU/THEtgMkAJh9fum5jn/bbK8uZ3HaNLLYrwSa3cSVsWIX
nQOcs0e1lZDMaYWaeol5UafmhXq0cvps0T7qpBMhB7DBltZzXJmrzBmXCJ62aFTL
SamWvWe62NgbWAwp09epgSNCictKKavWN+JvAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQU9Rdi5cul1x94jR77fZ+KwIPbKgQwHwYDVR0jBBgwFoAUOny1ktfk7HG2eFXR
38VdnQZwVHEwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9P
bnkxa3RmazdIRzJlRlhSMzhWZG5RWndWSEUuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzIxL2NmNGFhNi0yOGNhLTRlNzEtOGFhYS0zY2M1OTI4OTg3ODkvMS85
UmRpNWN1bDF4OTRqUjc3ZlotS3dJUGJLZ1Eucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIxL2Nm
NGFhNi0yOGNhLTRlNzEtOGFhYS0zY2M1OTI4OTg3ODkvMS9Pbnkxa3RmazdIRzJl
RlhSMzhWZG5RWndWSEUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALB94AwDQYJKoZIhvcNAQELBQADggEB
AA9RgFtPl2/jNfxgWq1vshzk5mVyc657XThGE0HHKOQoHyt83RIXNAdr1vohaCtx
9S2doqQpzc7UAlR34RdgjPnnZrBUFHDWWjav/M/eTgZB1zqfeEEhLzOhJ2kAoCGm
JltSEtk+WOVxkwBiTFLqZ2Sz73d7nbLety7FUzyy1aD09kNZiFUHBbk+I5w2l8yd
btmK5sBJII5efrkA/0C9EHunODPIVhH4vmQOvV4IJFs7O7XO+dn5n3cHGyn4n274
0ofHr3sPZG8Gfpn52FLX6Yj8wdO7xqnsjW91hNP/zIszVtZPL5RPori86njpgzKl
alGIgH4gVzK7RLDKqgJgoLc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org