Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/b9iMd18bx9YPmNVTLN2ILCm27PU.roa
File:                     b9iMd18bx9YPmNVTLN2ILCm27PU.roa (raw, json)
Hash identifier:          fYSIIvjLRMekZ6Ausltew9uozrBD5IqSFlUDuzkzK+o=
Subject key identifier:   6F:D8:8C:77:5F:1B:C7:D6:0F:98:D5:53:2C:DD:88:2C:29:B6:EC:F5
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       0182CF060A477CDF84E6933ED821053F1A44
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/b9iMd18bx9YPmNVTLN2ILCm27PU.roa
Signing time:             Wed 24 Aug 2022 08:44:15 +0000
ROA not before:           Wed 24 Aug 2022 08:44:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        193.36.208.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:cf:06:0a:47:7c:df:84:e6:93:3e:d8:21:05:3f:1a:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Aug 24 08:44:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6fd88c775f1bc7d60f98d5532cdd882c29b6ecf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:0f:57:28:ca:dd:aa:ae:b3:f8:27:bf:4f:31:
                    46:40:6c:b9:ce:01:82:f4:86:64:aa:bf:75:90:db:
                    c4:dc:6e:92:12:c3:5c:90:ba:64:aa:b5:6a:dd:fe:
                    84:e2:cc:41:f1:17:d7:cd:7d:a2:2f:b8:eb:7a:68:
                    84:12:1d:38:8a:a8:59:87:f2:39:28:c8:d7:37:8f:
                    92:75:47:eb:a2:fa:b4:53:84:25:ab:73:74:a3:c0:
                    40:17:cc:13:29:51:be:4a:c1:bd:42:54:36:27:da:
                    f4:73:a1:82:a2:2b:64:10:01:d0:c7:2e:df:bd:07:
                    0a:f4:9d:c1:b0:c7:f1:65:6b:e1:a4:c6:f4:61:2f:
                    81:72:4d:73:91:f8:02:b9:57:8b:8b:74:e5:e6:b2:
                    dd:54:6c:1d:51:b2:49:3d:80:ef:fe:af:ff:6e:43:
                    de:f6:9c:47:80:c8:98:ee:e6:b9:5a:9b:c2:a9:fb:
                    e3:87:54:d5:32:77:e8:65:0b:47:f2:c2:77:70:8e:
                    86:7d:c6:8a:dc:04:a8:08:6e:44:b7:f3:3d:22:c4:
                    18:20:9f:18:df:ec:31:fc:7e:e7:54:1f:23:86:4d:
                    76:7c:4f:8a:37:aa:c8:16:0e:44:60:46:10:e2:ba:
                    65:14:b7:d8:46:85:60:0d:90:8e:f9:0d:8c:de:76:
                    86:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:D8:8C:77:5F:1B:C7:D6:0F:98:D5:53:2C:DD:88:2C:29:B6:EC:F5
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/b9iMd18bx9YPmNVTLN2ILCm27PU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.36.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         40:17:7a:ee:4c:c1:5b:20:cb:6b:c9:de:86:a8:19:9e:92:e9:
         7f:83:db:e4:d9:29:93:79:dd:5e:aa:a0:c9:54:10:f9:a5:d4:
         c7:5d:c4:43:2d:7c:79:1c:74:38:a1:83:7b:a3:43:22:b4:c9:
         82:cc:65:d6:8b:d0:14:9d:58:6a:b8:6e:c1:86:2b:a5:b6:2f:
         1d:f7:88:d0:13:f4:1a:f2:4b:b9:e8:ae:7a:3a:4a:7c:52:da:
         c0:a2:39:27:a1:a7:bb:5a:ba:d9:37:07:85:99:70:fa:ad:5b:
         03:f9:d0:2e:55:61:9d:ca:19:06:55:a1:83:90:65:f0:ce:2e:
         23:22:a2:4f:40:1b:ea:2a:e0:24:5c:f1:ff:1c:17:0e:4a:aa:
         d4:f7:0b:dc:b7:a7:86:6a:de:bd:ec:1b:cf:66:97:92:55:8b:
         10:09:f3:8d:77:a2:c7:ba:23:48:53:ec:4f:fe:8e:24:04:29:
         e2:58:ae:8c:d6:88:53:4a:09:03:6b:64:97:d6:8d:d3:10:01:
         52:dd:8f:4c:50:fc:1c:bb:78:ac:cd:10:cb:c3:dc:46:95:d9:
         b1:a4:1b:c1:6f:eb:89:b3:0c:6c:46:07:52:30:67:72:eb:34:
         9a:d7:c7:10:a0:8c:22:67:a8:c3:ac:b0:1b:96:e4:f7:76:ca:
         ff:8c:29:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLPBgpHfN+E5pM+2CEFPxpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwODI0MDg0NDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQ4OGM3NzVmMWJjN2Q2MGY5OGQ1NTMyY2RkODgyYzI5YjZlY2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA9XKMrdqq6z+Ce/TzFGQGy5zgGC
9IZkqr91kNvE3G6SEsNckLpkqrVq3f6E4sxB8RfXzX2iL7jremiEEh04iqhZh/I5
KMjXN4+SdUfrovq0U4Qlq3N0o8BAF8wTKVG+SsG9QlQ2J9r0c6GCoitkEAHQxy7f
vQcK9J3BsMfxZWvhpMb0YS+Bck1zkfgCuVeLi3Tl5rLdVGwdUbJJPYDv/q//bkPe
9pxHgMiY7ua5WpvCqfvjh1TVMnfoZQtH8sJ3cI6GfcaK3ASoCG5Et/M9IsQYIJ8Y
3+wx/H7nVB8jhk12fE+KN6rIFg5EYEYQ4rplFLfYRoVgDZCO+Q2M3naGqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/YjHdfG8fWD5jVUyzdiCwptuz1MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvYjlpTWQxOGJ4OVlQbU5WVExOMklMQ20yN1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwSTQMA0G
CSqGSIb3DQEBCwUAA4IBAQBAF3ruTMFbIMtryd6GqBmekul/g9vk2SmTed1eqqDJ
VBD5pdTHXcRDLXx5HHQ4oYN7o0MitMmCzGXWi9AUnVhquG7Bhiulti8d94jQE/Qa
8ku56K56Okp8UtrAojknoae7WrrZNweFmXD6rVsD+dAuVWGdyhkGVaGDkGXwzi4j
IqJPQBvqKuAkXPH/HBcOSqrU9wvct6eGat697BvPZpeSVYsQCfONd6LHuiNIU+xP
/o4kBCniWK6M1ohTSgkDa2SX1o3TEAFS3Y9MUPwcu3iszRDLw9xGldmxpBvBb+uJ
swxsRgdSMGdy6zSa18cQoIwiZ6jDrLAbluT3dsr/jCn8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org