Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/NaJjly5wXygOOpL-d73Q6_CJUeA.roa
File:                     NaJjly5wXygOOpL-d73Q6_CJUeA.roa (raw, json)
Hash identifier:          8YVIUQ20AKf5NMG87OPqapEDRJWeCtgve1nnj2sRw4k=
Subject key identifier:   35:A2:63:97:2E:70:5F:28:0E:3A:92:FE:77:BD:D0:EB:F0:89:51:E0
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       5CF2C7
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/NaJjly5wXygOOpL-d73Q6_CJUeA.roa
Signing time:             Mon 03 Jan 2022 13:49:15 +0000
ROA not before:           Mon 03 Jan 2022 13:49:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212396
IP address blocks:        193.110.160.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6091463 (0x5cf2c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Jan  3 13:49:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=35a263972e705f280e3a92fe77bdd0ebf08951e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:58:4d:84:19:c7:05:dc:3f:b6:e5:26:4e:09:
                    51:3c:98:d7:bf:8c:00:61:a7:c2:ec:aa:62:3b:78:
                    95:2c:e5:1b:7c:e1:2b:bd:81:4a:b8:83:5e:88:eb:
                    70:eb:c6:f4:73:d6:97:b3:34:17:af:d5:c0:a4:d1:
                    c3:34:35:9c:1f:39:1d:84:01:e0:1d:a8:90:f5:d6:
                    76:7a:e3:99:6e:5e:2a:23:18:23:9c:a5:cf:e5:b5:
                    10:b4:11:2e:d5:e6:f4:15:c4:28:5b:6f:b1:65:ad:
                    67:47:2b:f1:c8:52:40:4b:d7:c3:2d:1b:5f:81:ac:
                    c8:ab:4e:d9:c2:fd:34:5d:68:12:60:b3:25:c5:d1:
                    99:c4:85:30:88:d3:8d:d9:8c:43:b6:47:39:98:a9:
                    1c:c2:e3:3c:18:0c:e6:01:58:11:1c:21:80:57:c1:
                    c6:20:45:92:ff:a1:5e:30:fa:1b:82:dd:32:04:14:
                    ec:83:95:eb:58:a4:ed:1f:17:65:90:5f:45:7c:51:
                    c6:3c:b6:c5:b4:a3:14:5e:6c:ef:1a:8b:35:f6:46:
                    fd:84:e5:94:9e:8d:58:7b:28:90:f1:3f:38:c9:34:
                    59:bd:88:10:52:f1:a8:08:43:c1:10:a8:d9:20:77:
                    de:9a:1c:ba:6a:b3:88:a1:85:16:ea:53:ba:3b:61:
                    6c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:A2:63:97:2E:70:5F:28:0E:3A:92:FE:77:BD:D0:EB:F0:89:51:E0
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/NaJjly5wXygOOpL-d73Q6_CJUeA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.110.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:31:40:1d:0d:44:8c:aa:28:60:4d:80:c0:a2:30:96:7a:6b:
         48:3a:0e:fa:67:95:1b:fe:41:cc:81:b0:12:ce:5a:52:99:cd:
         e6:9f:5f:67:48:a0:0b:76:4e:ea:08:87:ac:ae:d1:ff:81:8e:
         5d:34:24:f2:7b:3a:85:a3:35:40:0e:4b:ee:ca:e4:18:95:af:
         05:c4:4e:43:01:33:63:22:da:3f:38:b7:1b:67:44:72:84:58:
         5d:c1:80:7e:81:79:20:3c:b7:fd:0c:bd:a5:a0:ec:55:8b:9b:
         a3:0f:17:d4:b6:dc:8c:9b:a4:d4:f9:39:a3:ec:e7:8d:6a:5e:
         79:4b:6b:0d:60:66:c2:d0:c7:a5:68:1f:96:1d:22:21:16:dc:
         5d:b8:4f:9f:50:d0:5c:dc:0c:d6:26:51:cb:72:a1:0e:f8:07:
         2a:62:e9:c5:2a:32:d5:f8:bd:29:95:a1:fa:84:77:25:75:fd:
         1c:d0:33:a9:28:12:7b:a4:7a:f7:e4:c2:74:1a:8d:7d:16:38:
         0c:50:a3:95:78:06:81:92:c5:c8:80:34:e8:60:63:0a:c2:22:
         7e:a2:c8:b4:f8:4c:03:d4:d0:6f:49:d0:d2:c1:fe:b4:bf:d2:
         a0:eb:bd:ae:e8:98:25:ec:bc:c0:b8:0e:13:3e:60:a8:22:1e:
         83:0e:2b:7c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDXPLHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBk
Mjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVlNzM2NjQwHhcNMjIwMTAz
MTM0OTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNWEyNjM5NzJlNzA1
ZjI4MGUzYTkyZmU3N2JkZDBlYmYwODk1MWUwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0lhNhBnHBdw/tuUmTglRPJjXv4wAYafC7KpiO3iVLOUbfOEr
vYFKuINeiOtw68b0c9aXszQXr9XApNHDNDWcHzkdhAHgHaiQ9dZ2euOZbl4qIxgj
nKXP5bUQtBEu1eb0FcQoW2+xZa1nRyvxyFJAS9fDLRtfgazIq07Zwv00XWgSYLMl
xdGZxIUwiNON2YxDtkc5mKkcwuM8GAzmAVgRHCGAV8HGIEWS/6FeMPobgt0yBBTs
g5XrWKTtHxdlkF9FfFHGPLbFtKMUXmzvGos19kb9hOWUno1YeyiQ8T84yTRZvYgQ
UvGoCEPBEKjZIHfemhy6arOIoYUW6lO6O2FsVQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDWiY5cucF8oDjqS/ne90OvwiVHgMB8GA1UdIwQYMBaAFA0pmQQsXiAGvVrr
egXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEv
TmFKamx5NXdYeWdPT3BMLWQ3M1E2X0NKVWVBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8y
YzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEvRFNtWkJDeGVJQWE5
V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW6gMA0GCSqGSIb3DQEBCwUAA4IB
AQBWMUAdDUSMqihgTYDAojCWemtIOg76Z5Ub/kHMgbASzlpSmc3mn19nSKALdk7q
CIesrtH/gY5dNCTyezqFozVADkvuyuQYla8FxE5DATNjIto/OLcbZ0RyhFhdwYB+
gXkgPLf9DL2loOxVi5ujDxfUttyMm6TU+Tmj7OeNal55S2sNYGbC0MelaB+WHSIh
FtxduE+fUNBc3AzWJlHLcqEO+AcqYunFKjLV+L0plaH6hHcldf0c0DOpKBJ7pHr3
5MJ0Go19FjgMUKOVeAaBksXIgDToYGMKwiJ+osi0+EwD1NBvSdDSwf60v9Kg672u
6Jgl7LzAuA4TPmCoIh6DDit8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org