Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/283fee-2c36-4e70-bbe4-07e36efc5e42/1/1gY3T6Sl4cMjZx_1qZKygZzF8Dw.roa
File:                     1gY3T6Sl4cMjZx_1qZKygZzF8Dw.roa (raw, json)
Hash identifier:          7g9QdMBQiH2rPlTECvtoz1lY7s6Sce9iJizFsP+rNiA=
Subject key identifier:   D6:06:37:4F:A4:A5:E1:C3:23:67:1F:F5:A9:92:B2:81:9C:C5:F0:3C
Certificate issuer:       /CN=846af54e6558cfc86252946e4692ab92777c0e10
Certificate serial:       0301D4EA
Authority key identifier: 84:6A:F5:4E:65:58:CF:C8:62:52:94:6E:46:92:AB:92:77:7C:0E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hGr1TmVYz8hiUpRuRpKrknd8DhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/283fee-2c36-4e70-bbe4-07e36efc5e42/1/1gY3T6Sl4cMjZx_1qZKygZzF8Dw.roa
Signing time:             Sat 01 Jan 2022 04:53:15 +0000
ROA not before:           Sat 01 Jan 2022 04:53:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198380
IP address blocks:        193.24.43.0/24 maxlen: 24
                          193.24.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50451690 (0x301d4ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=846af54e6558cfc86252946e4692ab92777c0e10
        Validity
            Not Before: Jan  1 04:53:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d606374fa4a5e1c323671ff5a992b2819cc5f03c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e9:df:1b:13:ec:f3:4e:65:4a:20:cf:02:95:
                    ad:4d:db:46:39:0a:4f:e1:a3:0a:83:a6:02:b9:68:
                    ea:db:9a:50:fb:f4:06:5e:e9:04:ae:a1:88:e0:72:
                    e6:c7:d4:9c:38:bd:37:15:6e:b1:94:dd:b0:45:5a:
                    b9:83:6b:73:33:3c:87:4b:0d:89:ec:c9:8b:e9:90:
                    14:47:7f:d0:0a:f4:8c:c5:56:f4:cf:f0:e0:a0:9f:
                    31:e7:c8:85:3b:ed:39:90:96:aa:f0:c6:bb:74:1a:
                    ae:e5:2d:e9:66:ec:52:bb:b0:d8:ce:74:c5:ee:8a:
                    15:df:ad:35:f7:66:2c:8e:1d:ab:12:8c:29:88:1d:
                    a0:67:fc:ad:56:ba:01:5f:4e:c0:ac:35:0f:54:40:
                    92:2c:ab:fe:0b:6c:20:85:29:39:19:31:d0:e1:13:
                    cb:ce:ae:53:61:89:3e:35:bc:14:6d:ef:15:ac:7e:
                    23:86:36:5f:66:63:c2:3d:c5:fe:74:2f:b4:a5:98:
                    66:45:5a:59:98:3a:e5:84:d6:28:ea:bc:c5:8a:b9:
                    54:53:ec:8c:b3:4f:06:82:b4:7f:48:f3:71:36:f7:
                    3c:7f:77:09:52:8e:15:14:33:a2:22:e6:13:e1:a5:
                    89:f3:4a:f1:47:3f:7f:b2:1b:ae:cd:f9:75:18:71:
                    e2:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:06:37:4F:A4:A5:E1:C3:23:67:1F:F5:A9:92:B2:81:9C:C5:F0:3C
            X509v3 Authority Key Identifier:
                keyid:84:6A:F5:4E:65:58:CF:C8:62:52:94:6E:46:92:AB:92:77:7C:0E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGr1TmVYz8hiUpRuRpKrknd8DhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/283fee-2c36-4e70-bbe4-07e36efc5e42/1/1gY3T6Sl4cMjZx_1qZKygZzF8Dw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/283fee-2c36-4e70-bbe4-07e36efc5e42/1/hGr1TmVYz8hiUpRuRpKrknd8DhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.24.40.0/24
                  193.24.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:26:8a:ce:a0:7f:c2:71:fb:3c:7c:48:90:5e:f1:86:e8:66:
         74:ac:49:05:73:96:69:a3:07:2f:6b:03:9a:3f:bb:6d:35:d4:
         09:3c:8d:c3:54:3a:61:8b:cb:52:a4:dc:42:10:5d:d3:bc:7b:
         66:2a:5f:bb:53:4e:aa:30:69:d7:61:23:fb:c3:47:9e:71:1a:
         83:4d:e4:94:06:41:43:7f:1b:5e:03:ca:ee:e9:fd:e5:e3:e3:
         70:46:a6:8c:b7:f5:88:a1:2f:42:8b:17:8b:f8:55:f6:61:52:
         86:4f:18:14:07:fb:77:f5:e1:5b:d3:38:ea:6f:7b:02:30:19:
         5c:4c:69:03:ba:b9:eb:e4:8f:ac:be:2b:41:21:28:05:06:b5:
         61:ba:48:df:ba:82:77:f8:98:be:a9:b2:42:4c:63:a5:1b:67:
         fc:85:b6:7a:7c:12:f2:78:37:17:d8:e4:9c:7b:10:c4:ef:2f:
         c3:ff:51:41:10:23:08:85:26:90:4a:e3:4e:02:99:72:5d:2c:
         4d:d3:ba:73:24:27:de:28:bc:fe:b3:08:92:3b:79:8e:3d:5c:
         10:68:ae:a3:97:fb:94:a6:d5:02:6f:ca:c3:f6:46:b2:bb:d8:
         90:4a:cb:10:61:56:80:35:91:79:04:77:ec:a9:37:da:c0:d7:
         de:18:7a:4f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAwHU6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDZhZjU0ZTY1NThjZmM4NjI1Mjk0NmU0NjkyYWI5Mjc3N2MwZTEwMB4XDTIyMDEw
MTA0NTMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDYwNjM3NGZhNGE1
ZTFjMzIzNjcxZmY1YTk5MmIyODE5Y2M1ZjAzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbp3xsT7PNOZUogzwKVrU3bRjkKT+GjCoOmArlo6tuaUPv0
Bl7pBK6hiOBy5sfUnDi9NxVusZTdsEVauYNrczM8h0sNiezJi+mQFEd/0Ar0jMVW
9M/w4KCfMefIhTvtOZCWqvDGu3QaruUt6WbsUruw2M50xe6KFd+tNfdmLI4dqxKM
KYgdoGf8rVa6AV9OwKw1D1RAkiyr/gtsIIUpORkx0OETy86uU2GJPjW8FG3vFax+
I4Y2X2Zjwj3F/nQvtKWYZkVaWZg65YTWKOq8xYq5VFPsjLNPBoK0f0jzcTb3PH93
CVKOFRQzoiLmE+GlifNK8Uc/f7Ibrs35dRhx4l8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTWBjdPpKXhwyNnH/WpkrKBnMXwPDAfBgNVHSMEGDAWgBSEavVOZVjPyGJS
lG5GkquSd3wOEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hHcjFUbVZZejhoaVVwUnVScEtya25kOERoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMjgzZmVlLTJjMzYtNGU3MC1iYmU0LTA3ZTM2ZWZjNWU0Mi8x
LzFnWTNUNlNsNGNNalp4XzFxWkt5Z1p6RjhEdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MjgzZmVlLTJjMzYtNGU3MC1iYmU0LTA3ZTM2ZWZjNWU0Mi8xL2hHcjFUbVZZejho
aVVwUnVScEtya25kOERoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMEYKAMEAMEYKzANBgkqhkiG9w0B
AQsFAAOCAQEAsSaKzqB/wnH7PHxIkF7xhuhmdKxJBXOWaaMHL2sDmj+7bTXUCTyN
w1Q6YYvLUqTcQhBd07x7Zipfu1NOqjBp12Ej+8NHnnEag03klAZBQ38bXgPK7un9
5ePjcEamjLf1iKEvQosXi/hV9mFShk8YFAf7d/XhW9M46m97AjAZXExpA7q56+SP
rL4rQSEoBQa1YbpI37qCd/iYvqmyQkxjpRtn/IW2enwS8ng3F9jknHsQxO8vw/9R
QRAjCIUmkErjTgKZcl0sTdO6cyQn3ii8/rMIkjt5jj1cEGiuo5f7lKbVAm/Kw/ZG
srvYkErLEGFWgDWReQR37Kk32sDX3hh6Tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org