Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/KxayalVFRpVDyH87FOeTv-zWLGU.roa
File:                     KxayalVFRpVDyH87FOeTv-zWLGU.roa (raw, json)
Hash identifier:          OhyEs9Xcp7b90L8FpN/dag/0IMa8babTEfAOO2khOko=
Subject key identifier:   2B:16:B2:6A:55:45:46:95:43:C8:7F:3B:14:E7:93:BF:EC:D6:2C:65
Certificate issuer:       /CN=e3154adb5a2ed999cf1db9c1271b2209dad3449e
Certificate serial:       04E12263
Authority key identifier: E3:15:4A:DB:5A:2E:D9:99:CF:1D:B9:C1:27:1B:22:09:DA:D3:44:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xVK21ou2ZnPHbnBJxsiCdrTRJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/KxayalVFRpVDyH87FOeTv-zWLGU.roa
Signing time:             Sat 01 Jan 2022 10:55:32 +0000
ROA not before:           Sat 01 Jan 2022 10:55:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34729
IP address blocks:        193.138.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 81863267 (0x4e12263)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3154adb5a2ed999cf1db9c1271b2209dad3449e
        Validity
            Not Before: Jan  1 10:55:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2b16b26a5545469543c87f3b14e793bfecd62c65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:5a:85:ac:1d:5c:1b:1d:8e:b8:2f:55:bd:f3:
                    3e:10:2c:60:2b:dd:b9:39:7c:3f:e6:b8:ab:80:4f:
                    b3:24:cc:ed:c8:99:1f:74:f4:e6:c8:ee:d5:f0:34:
                    13:91:cb:fa:dd:43:ca:9d:13:97:bb:c7:f6:db:bb:
                    de:52:ee:26:53:e4:47:9e:fc:d8:d9:bc:ae:35:4b:
                    e8:8c:a2:eb:92:e0:2b:72:93:74:06:ae:66:26:39:
                    85:81:92:1e:56:7c:d2:03:c1:e9:37:75:30:33:7f:
                    94:f8:58:2a:db:c7:59:24:9f:da:6e:60:3d:df:58:
                    26:0a:48:5a:c8:f8:7e:de:d4:dd:c9:d3:a0:b7:0e:
                    c4:6c:2b:27:1e:87:f1:89:d9:b8:49:00:45:fa:79:
                    8b:ff:be:da:ed:f3:56:4f:ff:7f:c3:b9:e3:1c:90:
                    f0:ac:b9:5b:4f:37:6a:7c:6d:17:8a:ce:8f:12:9a:
                    99:7b:84:4b:0b:09:30:fc:92:a6:a2:a2:1c:e2:5d:
                    03:52:70:1b:e3:5b:1d:92:85:f9:bd:52:13:44:71:
                    bf:fb:f3:fe:ea:58:d6:e3:34:13:32:ef:c7:54:74:
                    e1:67:dc:06:85:ae:53:3d:70:f9:2b:6c:cf:91:41:
                    d6:37:ba:a0:2a:70:05:c5:dc:d0:44:dd:42:f4:4b:
                    51:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:16:B2:6A:55:45:46:95:43:C8:7F:3B:14:E7:93:BF:EC:D6:2C:65
            X509v3 Authority Key Identifier:
                keyid:E3:15:4A:DB:5A:2E:D9:99:CF:1D:B9:C1:27:1B:22:09:DA:D3:44:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xVK21ou2ZnPHbnBJxsiCdrTRJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/KxayalVFRpVDyH87FOeTv-zWLGU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/4xVK21ou2ZnPHbnBJxsiCdrTRJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.138.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:f8:bf:c1:e1:2e:74:9f:21:b3:c5:b3:02:44:10:36:1d:2a:
         f1:37:b1:02:47:d7:37:d3:22:b1:cd:a6:1e:d9:84:14:32:b0:
         25:90:ae:28:7c:ab:b4:37:34:4c:4c:5a:33:a3:e1:08:e8:ac:
         62:21:a5:2a:44:4f:2a:2e:b1:12:66:00:49:10:a0:34:c1:13:
         4c:14:be:e3:3d:5d:74:c8:df:22:a7:92:04:c6:dd:37:6b:a0:
         53:54:c2:1c:f0:00:61:c5:09:53:d4:05:e5:8f:ea:74:77:35:
         0d:9f:e3:a7:46:81:0f:77:c3:75:4f:14:bb:38:d4:ee:63:dd:
         01:9e:c3:37:72:7a:b4:d0:d9:ec:4f:4b:0d:56:09:07:09:56:
         58:fd:bd:42:bb:9b:05:c3:51:6c:e6:81:8f:57:76:35:5e:df:
         e1:6d:29:2a:94:8d:e7:21:19:5f:e5:c9:61:8a:3a:85:ab:04:
         4d:6a:55:eb:f8:a8:bf:71:1e:d7:68:ef:c5:19:e5:b1:10:c0:
         58:ae:46:79:79:ce:20:48:85:f4:84:c6:2d:e4:4d:a8:70:17:
         ea:27:8c:31:70:6d:06:72:21:ee:6f:c8:ce:f5:1f:d1:39:fb:
         9f:71:a5:e3:69:42:cb:13:ab:13:6a:63:f9:37:73:90:3c:37:
         6a:a6:8e:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBOEiYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzE1NGFkYjVhMmVkOTk5Y2YxZGI5YzEyNzFiMjIwOWRhZDM0NDllMB4XDTIyMDEw
MTEwNTUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmIxNmIyNmE1NTQ1
NDY5NTQzYzg3ZjNiMTRlNzkzYmZlY2Q2MmM2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRahawdXBsdjrgvVb3zPhAsYCvduTl8P+a4q4BPsyTM7ciZ
H3T05sju1fA0E5HL+t1Dyp0Tl7vH9tu73lLuJlPkR5782Nm8rjVL6Iyi65LgK3KT
dAauZiY5hYGSHlZ80gPB6Td1MDN/lPhYKtvHWSSf2m5gPd9YJgpIWsj4ft7U3cnT
oLcOxGwrJx6H8YnZuEkARfp5i/++2u3zVk//f8O54xyQ8Ky5W083anxtF4rOjxKa
mXuESwsJMPySpqKiHOJdA1JwG+NbHZKF+b1SE0Rxv/vz/upY1uM0EzLvx1R04Wfc
BoWuUz1w+Stsz5FB1je6oCpwBcXc0ETdQvRLUeECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQrFrJqVUVGlUPIfzsU55O/7NYsZTAfBgNVHSMEGDAWgBTjFUrbWi7Zmc8d
ucEnGyIJ2tNEnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR4VksyMW91MlpuUEhibkJKeHNpQ2RyVFJKNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvMDE2N2ViLTBkMTYtNGNjMS04MDQ3LTE0MmZjYWNkN2E0OS8x
L0t4YXlhbFZGUnBWRHlIODdGT2VUdi16V0xHVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
MDE2N2ViLTBkMTYtNGNjMS04MDQ3LTE0MmZjYWNkN2E0OS8xLzR4VksyMW91Mlpu
UEhibkJKeHNpQ2RyVFJKNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGKCDANBgkqhkiG9w0BAQsFAAOC
AQEAnfi/weEudJ8hs8WzAkQQNh0q8TexAkfXN9Misc2mHtmEFDKwJZCuKHyrtDc0
TExaM6PhCOisYiGlKkRPKi6xEmYASRCgNMETTBS+4z1ddMjfIqeSBMbdN2ugU1TC
HPAAYcUJU9QF5Y/qdHc1DZ/jp0aBD3fDdU8UuzjU7mPdAZ7DN3J6tNDZ7E9LDVYJ
BwlWWP29QrubBcNRbOaBj1d2NV7f4W0pKpSN5yEZX+XJYYo6hasETWpV6/iov3Ee
12jvxRnlsRDAWK5GeXnOIEiF9ITGLeRNqHAX6ieMMXBtBnIh7m/IzvUf0Tn7n3Gl
42lCyxOrE2pj+TdzkDw3aqaORA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org