Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/MoqUatFybjZb_cMPDBu5O3hdKjA.roa
File:                     MoqUatFybjZb_cMPDBu5O3hdKjA.roa (raw, json)
Hash identifier:          Dn0koP4GtOUAX8wHmezWSqyxefdkGFx76a3Fq4I1a+o=
Subject key identifier:   32:8A:94:6A:D1:72:6E:36:5B:FD:C3:0F:0C:1B:B9:3B:78:5D:2A:30
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       01850C54AA11F81B87C1A72E218CF32894AB
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/MoqUatFybjZb_cMPDBu5O3hdKjA.roa
Signing time:             Tue 13 Dec 2022 16:32:33 +0000
ROA not before:           Tue 13 Dec 2022 16:32:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197890
IP address blocks:        193.239.197.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:0c:54:aa:11:f8:1b:87:c1:a7:2e:21:8c:f3:28:94:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Dec 13 16:32:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=328a946ad1726e365bfdc30f0c1bb93b785d2a30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:88:21:3d:22:f1:68:48:fd:dd:8b:a1:c4:95:
                    91:c3:af:71:4f:e9:e2:1d:39:33:79:35:90:d4:0f:
                    d4:8b:d2:5a:af:57:bc:c2:28:c4:2b:8f:f0:70:ab:
                    19:c1:84:e8:d3:ce:11:da:b2:f8:ba:d3:d0:44:d0:
                    7e:33:6e:e7:12:10:5a:42:86:ee:c9:5a:9b:99:e6:
                    51:28:b5:a5:98:c8:d1:51:b0:8c:87:b2:03:21:10:
                    c5:7d:3b:9b:a6:f2:79:c4:03:e5:0c:67:7f:5e:93:
                    70:ba:3f:73:64:73:05:97:4e:dd:51:1f:2f:7e:59:
                    36:a2:2c:9a:7c:79:2f:4f:93:92:92:4b:1e:a8:a0:
                    8f:a1:ec:70:bd:48:ba:49:2d:5b:b9:cf:19:5c:63:
                    0e:92:95:d9:76:bc:f9:05:f5:19:a9:e0:c4:09:97:
                    af:ec:2e:75:7e:80:4a:00:b2:b2:4a:27:9b:4f:a2:
                    d1:31:09:71:ee:ac:19:57:7d:73:9d:43:f0:ef:11:
                    5d:e0:85:2e:ad:b2:3c:02:d7:64:2b:69:71:fb:e6:
                    4a:f4:aa:8f:11:6d:86:a7:b4:8e:b7:52:bb:45:a8:
                    ea:fc:b1:e3:a7:e3:77:4c:7d:ad:fe:dc:e0:a9:cc:
                    0c:5c:50:10:6c:96:cc:1e:65:5a:6d:91:6c:4d:ac:
                    bd:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:8A:94:6A:D1:72:6E:36:5B:FD:C3:0F:0C:1B:B9:3B:78:5D:2A:30
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/MoqUatFybjZb_cMPDBu5O3hdKjA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.239.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:2d:56:8c:a5:2c:bb:3b:1d:51:29:63:02:6a:c7:d4:45:aa:
         ad:39:13:8c:31:04:a1:ce:f9:60:9c:73:56:6d:11:0e:c7:53:
         8f:5c:b7:ed:3d:10:cf:3a:04:dc:cb:3c:bd:d3:47:34:c7:52:
         ae:65:0f:30:3a:89:66:5b:6c:ce:5d:e6:2f:59:6a:bf:9e:b2:
         01:f8:e4:3a:a1:6e:ea:35:d4:26:0b:ff:42:ef:d2:51:4b:9f:
         44:28:74:3c:18:2a:d3:f0:d5:81:65:df:d5:35:5a:e3:6e:2d:
         1d:a4:3e:4a:d1:2d:fc:54:07:e1:ba:1c:28:c0:16:5c:d4:6c:
         c6:77:8c:49:46:c6:6b:c2:95:a6:49:47:86:29:28:5e:58:e5:
         a5:ad:da:8d:cf:c0:d6:c3:32:bd:65:47:e5:2a:a1:ef:07:8b:
         28:10:dd:b0:ae:e1:5b:36:87:ca:a9:b7:38:72:83:65:6b:88:
         39:b8:50:d7:d9:a0:8e:e6:54:eb:be:6a:fd:4d:c4:a2:28:64:
         e5:c5:6e:ee:d4:bb:55:49:c6:52:a7:b2:53:7c:1c:dc:f9:49:
         58:79:d2:45:ab:65:ac:30:7e:0c:60:09:d9:b8:ca:28:7c:55:
         13:68:62:39:18:ff:07:b2:69:3f:f4:b7:8b:2a:f0:53:cc:d1:
         45:d2:ac:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUMVKoR+BuHwacuIYzzKJSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjIxMjEzMTYzMjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjhhOTQ2YWQxNzI2ZTM2NWJmZGMzMGYwYzFiYjkzYjc4NWQyYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4ghPSLxaEj93YuhxJWRw69xT+ni
HTkzeTWQ1A/Ui9Jar1e8wijEK4/wcKsZwYTo084R2rL4utPQRNB+M27nEhBaQobu
yVqbmeZRKLWlmMjRUbCMh7IDIRDFfTubpvJ5xAPlDGd/XpNwuj9zZHMFl07dUR8v
flk2oiyafHkvT5OSkkseqKCPoexwvUi6SS1buc8ZXGMOkpXZdrz5BfUZqeDECZev
7C51foBKALKySiebT6LRMQlx7qwZV31znUPw7xFd4IUurbI8AtdkK2lx++ZK9KqP
EW2Gp7SOt1K7Rajq/LHjp+N3TH2t/tzgqcwMXFAQbJbMHmVabZFsTay94wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKKlGrRcm42W/3DDwwbuTt4XSowMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvTW9xVWF0RnlialpiX2NNUERCdTVPM2hkS2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwe/FMA0G
CSqGSIb3DQEBCwUAA4IBAQAlLVaMpSy7Ox1RKWMCasfURaqtOROMMQShzvlgnHNW
bREOx1OPXLftPRDPOgTcyzy900c0x1KuZQ8wOolmW2zOXeYvWWq/nrIB+OQ6oW7q
NdQmC/9C79JRS59EKHQ8GCrT8NWBZd/VNVrjbi0dpD5K0S38VAfhuhwowBZc1GzG
d4xJRsZrwpWmSUeGKSheWOWlrdqNz8DWwzK9ZUflKqHvB4soEN2wruFbNofKqbc4
coNla4g5uFDX2aCO5lTrvmr9TcSiKGTlxW7u1LtVScZSp7JTfBzc+UlYedJFq2Ws
MH4MYAnZuMoofFUTaGI5GP8Hsmk/9LeLKvBTzNFF0qxb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org