Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/1-tUFtqSrX0c1YRyVp4k2j50V1VY.roa
File:                     1-tUFtqSrX0c1YRyVp4k2j50V1VY.roa (raw, json)
Hash identifier:          I/6u+phlgtEYGhmatPRj1zVAGZ7jQ7aq0UWKbtDTL/U=
Subject key identifier:   FA:D5:05:B6:A4:AB:5F:47:35:61:1C:95:A7:89:36:8F:9D:15:D5:56
Certificate issuer:       /CN=c340909aec320a8c2ee1cabce1302cbb7d4e0486
Certificate serial:       01856265515985C1C7DF75F8D3686ACBA617
Authority key identifier: C3:40:90:9A:EC:32:0A:8C:2E:E1:CA:BC:E1:30:2C:BB:7D:4E:04:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w0CQmuwyCowu4cq84TAsu31OBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/1-tUFtqSrX0c1YRyVp4k2j50V1VY.roa
Signing time:             Fri 30 Dec 2022 09:38:05 +0000
ROA not before:           Fri 30 Dec 2022 09:38:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204599
IP address blocks:        193.105.18.0/24 maxlen: 24
                          194.0.195.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:62:65:51:59:85:c1:c7:df:75:f8:d3:68:6a:cb:a6:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c340909aec320a8c2ee1cabce1302cbb7d4e0486
        Validity
            Not Before: Dec 30 09:38:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fad505b6a4ab5f4735611c95a789368f9d15d556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d3:0b:26:a8:43:e1:b8:2a:3e:58:19:77:bf:
                    e1:c0:67:e1:b0:7b:65:7f:6b:ba:6f:d8:34:db:0d:
                    a8:b3:1d:8d:0b:2d:2a:c8:4d:da:a6:35:2a:00:51:
                    3f:f6:9d:8c:5a:cb:da:b8:07:f2:95:d9:2e:62:1a:
                    97:a7:95:46:21:04:d5:0f:d0:ae:ae:6d:f6:c5:96:
                    fc:84:34:28:c8:8e:f2:96:d3:3a:ca:f4:ce:10:ed:
                    96:9f:28:54:f1:1c:00:66:7d:0c:39:44:28:74:ba:
                    cd:1b:65:92:e4:35:9a:aa:89:45:fa:55:d3:5a:98:
                    a1:9b:d0:3f:c9:66:ca:52:88:89:3a:ee:b2:54:44:
                    e8:39:dc:09:c3:74:25:5b:fb:18:9d:9e:bb:4b:21:
                    4e:7b:25:de:04:8f:b5:25:18:b8:ab:34:1b:83:e4:
                    57:07:b8:03:64:66:e8:81:bf:0f:d8:d5:c3:77:69:
                    bb:92:2f:5f:4c:fb:93:22:c3:f9:8a:89:f2:75:f5:
                    42:eb:44:80:51:35:36:f5:5b:99:7f:7b:64:c3:48:
                    52:cb:17:e9:fc:cb:70:14:50:a4:18:29:ca:a2:48:
                    5c:7f:ac:e3:de:b9:4c:a3:1d:b4:ee:44:b6:37:00:
                    5a:71:ce:67:1a:62:8f:0f:3f:7a:bd:6f:2b:d3:a3:
                    ab:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:D5:05:B6:A4:AB:5F:47:35:61:1C:95:A7:89:36:8F:9D:15:D5:56
            X509v3 Authority Key Identifier:
                keyid:C3:40:90:9A:EC:32:0A:8C:2E:E1:CA:BC:E1:30:2C:BB:7D:4E:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w0CQmuwyCowu4cq84TAsu31OBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/1-tUFtqSrX0c1YRyVp4k2j50V1VY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/w0CQmuwyCowu4cq84TAsu31OBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.105.18.0/24
                  194.0.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:71:7a:d8:04:eb:0d:b2:58:e4:70:b3:41:fd:b2:00:1c:5a:
         3c:84:80:8c:b2:02:90:c9:95:8b:d7:31:dc:87:a2:bc:22:b3:
         b1:09:ac:52:69:b8:c8:ab:ca:63:aa:c6:e9:1a:df:8a:47:7a:
         86:4a:cf:32:62:3f:35:cf:94:69:61:55:f5:e7:dd:ff:3f:97:
         cd:53:de:54:62:bc:5c:e3:86:f8:58:09:a1:07:37:33:e1:dc:
         48:47:0a:3e:91:0b:1e:ce:18:e9:69:7b:4b:53:5c:3f:92:3e:
         8d:a8:51:37:af:69:98:cf:66:42:49:a3:11:4c:55:e2:dd:d4:
         a9:11:8d:7f:88:fc:b4:c2:03:02:ea:cb:8b:af:39:1f:e3:59:
         04:35:7e:43:ee:9f:4b:e4:e5:2b:c0:86:25:9b:77:82:17:9d:
         1c:2c:a3:9e:ed:aa:36:b6:bb:a4:94:c9:68:51:8a:2a:7d:b1:
         88:62:14:46:78:d4:a8:91:40:aa:1a:33:a9:33:49:ee:a5:f1:
         16:c0:47:6f:0a:2c:dd:76:f6:6b:6b:a6:f1:bb:bf:79:28:85:
         c6:43:c2:34:f7:6f:5c:02:cb:84:e4:bb:97:46:bc:0b:e0:f9:
         b3:d2:d3:30:2a:21:5a:b3:59:c9:b0:fc:5b:c2:d1:81:23:c2:
         ec:c8:70:d6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYViZVFZhcHH33X402hqy6YXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNDA5MDlhZWMzMjBhOGMyZWUxY2FiY2UxMzAyY2JiN2Q0
ZTA0ODYwHhcNMjIxMjMwMDkzODA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ1MDViNmE0YWI1ZjQ3MzU2MTFjOTVhNzg5MzY4ZjlkMTVkNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNMLJqhD4bgqPlgZd7/hwGfhsHtl
f2u6b9g02w2osx2NCy0qyE3apjUqAFE/9p2MWsvauAfyldkuYhqXp5VGIQTVD9Cu
rm32xZb8hDQoyI7yltM6yvTOEO2WnyhU8RwAZn0MOUQodLrNG2WS5DWaqolF+lXT
Wpihm9A/yWbKUoiJOu6yVEToOdwJw3QlW/sYnZ67SyFOeyXeBI+1JRi4qzQbg+RX
B7gDZGbogb8P2NXDd2m7ki9fTPuTIsP5ionydfVC60SAUTU29VuZf3tkw0hSyxfp
/MtwFFCkGCnKokhcf6zj3rlMox207kS2NwBacc5nGmKPDz96vW8r06OrYwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPrVBbakq19HNWEclaeJNo+dFdVWMB8GA1UdIwQY
MBaAFMNAkJrsMgqMLuHKvOEwLLt9TgSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzBDUW11d3lDb3d1NGNxODRUQXN1MzFPQklZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MGIyMDUtOGYyMS00NmY1LWEzZjYt
YmNhMGE4ZjJmNzhjLzEvMS10VUZ0cVNyWDBjMVlSeVZwNGsyajUwVjFWWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjgvNTBiMjA1LThmMjEtNDZmNS1hM2Y2LWJjYTBhOGYyZjc4
Yy8xL3cwQ1FtdXd5Q293dTRjcTg0VEFzdTMxT0JJWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMFpEgME
AMIAwzANBgkqhkiG9w0BAQsFAAOCAQEAEHF62ATrDbJY5HCzQf2yABxaPISAjLIC
kMmVi9cx3IeivCKzsQmsUmm4yKvKY6rG6Rrfikd6hkrPMmI/Nc+UaWFV9efd/z+X
zVPeVGK8XOOG+FgJoQc3M+HcSEcKPpELHs4Y6Wl7S1NcP5I+jahRN69pmM9mQkmj
EUxV4t3UqRGNf4j8tMIDAurLi685H+NZBDV+Q+6fS+TlK8CGJZt3ghedHCyjnu2q
Nra7pJTJaFGKKn2xiGIURnjUqJFAqhozqTNJ7qXxFsBHbwos3Xb2a2um8bu/eSiF
xkPCNPdvXALLhOS7l0a8C+D5s9LTMCohWrNZybD8W8LRgSPC7Mhw1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:25 2024 by rpki-client on console-ams.rpki-client.org