Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/KRzPKv6YyHFR4pRDlckswdxxA6g.roa
File:                     KRzPKv6YyHFR4pRDlckswdxxA6g.roa (raw, json)
Hash identifier:          2pez6SOX7WiqhYXxR6GSH5Afu24DHCw3ODB06huApaI=
Subject key identifier:   29:1C:CF:2A:FE:98:C8:71:51:E2:94:43:95:C9:2C:C1:DC:71:03:A8
Certificate issuer:       /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial:       14CDC3CF
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/KRzPKv6YyHFR4pRDlckswdxxA6g.roa
Signing time:             Sat 01 Jan 2022 05:51:56 +0000
ROA not before:           Sat 01 Jan 2022 05:51:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198343
IP address blocks:        176.103.186.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 349029327 (0x14cdc3cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
        Validity
            Not Before: Jan  1 05:51:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=291ccf2afe98c87151e2944395c92cc1dc7103a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:14:e8:49:74:12:f6:f0:4e:a2:e0:c9:6e:1f:
                    0a:81:a0:b6:6c:a1:48:8b:6d:f6:28:33:ce:f3:6f:
                    57:86:f2:6b:3d:c5:7c:3d:11:56:2e:d4:fc:e2:fe:
                    63:e9:2e:94:ce:23:f0:62:e2:09:f8:dc:de:76:0a:
                    74:d7:0c:60:2f:32:ce:0d:60:a4:79:68:e8:1c:e0:
                    9c:e1:54:49:c1:48:68:59:15:20:19:84:60:1f:41:
                    02:74:e5:7a:0a:37:11:6a:5f:af:ea:82:51:f5:13:
                    77:48:90:fc:b5:87:36:20:5d:8c:dc:be:01:52:bc:
                    7f:2b:b5:03:8e:2e:d4:9b:87:bd:93:25:75:0b:7d:
                    8f:2f:bb:3a:b2:11:4d:ab:86:16:f2:0c:65:e8:9c:
                    1c:29:33:73:71:64:d1:a5:f7:3d:1f:a8:fb:08:58:
                    e3:e9:44:4b:ea:6c:e1:44:39:ce:30:3f:a6:17:b0:
                    1d:f8:bd:bf:cb:33:21:49:c7:ed:a8:81:ef:2f:b9:
                    bf:c7:de:aa:97:41:98:3d:a2:d3:94:4d:9f:0d:84:
                    8c:67:3a:fb:eb:2e:58:4b:c9:3e:a8:51:09:9a:ef:
                    5b:3e:c5:e8:74:a2:45:9d:71:ed:35:93:13:5b:8b:
                    08:bb:c3:4a:e8:76:50:f1:0e:a0:d3:91:2a:75:0b:
                    0f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:1C:CF:2A:FE:98:C8:71:51:E2:94:43:95:C9:2C:C1:DC:71:03:A8
            X509v3 Authority Key Identifier:
                keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/KRzPKv6YyHFR4pRDlckswdxxA6g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.103.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:14:c5:33:40:d3:90:57:97:b9:c4:8c:83:f7:01:05:56:0d:
         ab:d0:bd:b6:13:f9:47:33:b8:1a:72:5b:55:e9:10:0b:28:9b:
         b1:2b:2e:70:3f:29:3d:d5:77:e9:81:ad:8d:bb:a3:55:67:55:
         f3:f0:ef:e4:a2:2d:c1:21:99:48:a9:b3:2c:da:c9:ff:20:4b:
         6d:c3:92:ed:ef:d3:75:a3:f3:44:fe:c8:d5:c6:ed:d0:ec:96:
         f0:86:b8:93:a5:a0:d0:ab:db:1b:57:b3:98:84:ad:79:a6:1f:
         95:7e:e6:c9:00:c3:e9:94:16:1f:03:9f:e1:d7:e4:20:94:d1:
         8c:0d:7a:74:1b:6c:c6:ab:c6:53:25:6a:f2:d2:08:1f:92:56:
         7c:76:e3:d7:14:77:73:6e:52:50:07:cf:05:d9:15:3a:51:b3:
         49:37:fa:12:5a:a9:82:8c:a4:c5:c0:7b:a0:53:29:11:d7:b6:
         93:3f:48:be:d0:d7:20:ce:c2:9d:e0:f5:bd:ab:a9:0d:79:d3:
         80:1d:94:6b:6f:7c:47:c1:1a:6a:50:6e:bb:df:89:42:de:3e:
         8f:ee:cd:6a:e5:6d:21:0f:7e:ea:ff:52:4b:a2:10:26:65:1d:
         1a:50:85:01:af:85:ea:b6:49:d5:b9:c5:93:00:93:15:6e:9b:
         84:dc:41:e1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFM3DzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGFkZDliNjcxZjdhMzZlYjIzNjdlMzRmZWU0YmNiMTNiOGY2NmNjMB4XDTIyMDEw
MTA1NTE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkxY2NmMmFmZTk4
Yzg3MTUxZTI5NDQzOTVjOTJjYzFkYzcxMDNhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8U6El0EvbwTqLgyW4fCoGgtmyhSItt9igzzvNvV4byaz3F
fD0RVi7U/OL+Y+kulM4j8GLiCfjc3nYKdNcMYC8yzg1gpHlo6BzgnOFUScFIaFkV
IBmEYB9BAnTlego3EWpfr+qCUfUTd0iQ/LWHNiBdjNy+AVK8fyu1A44u1JuHvZMl
dQt9jy+7OrIRTauGFvIMZeicHCkzc3Fk0aX3PR+o+whY4+lES+ps4UQ5zjA/phew
Hfi9v8szIUnH7aiB7y+5v8feqpdBmD2i05RNnw2EjGc6++suWEvJPqhRCZrvWz7F
6HSiRZ1x7TWTE1uLCLvDSuh2UPEOoNORKnULD1kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpHM8q/pjIcVHilEOVySzB3HEDqDAfBgNVHSMEGDAWgBSIrdm2cfejbrI2
fjT+5LyxO49mzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lLM1p0bkgzbzI2eU5uNDBfdVM4c1R1UFpzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvM2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8x
L0tSelBLdjZZeUhGUjRwUkRsY2tzd2R4eEE2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
M2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8xL2lLM1p0bkgzbzI2
eU5uNDBfdVM4c1R1UFpzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALBnujANBgkqhkiG9w0BAQsFAAOC
AQEAeRTFM0DTkFeXucSMg/cBBVYNq9C9thP5RzO4GnJbVekQCyibsSsucD8pPdV3
6YGtjbujVWdV8/Dv5KItwSGZSKmzLNrJ/yBLbcOS7e/TdaPzRP7I1cbt0OyW8Ia4
k6Wg0KvbG1ezmISteaYflX7myQDD6ZQWHwOf4dfkIJTRjA16dBtsxqvGUyVq8tII
H5JWfHbj1xR3c25SUAfPBdkVOlGzSTf6ElqpgoykxcB7oFMpEde2kz9IvtDXIM7C
neD1vaupDXnTgB2Ua298R8EaalBuu9+JQt4+j+7NauVtIQ9+6v9SS6IQJmUdGlCF
Aa+F6rZJ1bnFkwCTFW6bhNxB4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:06 2024 by rpki-client on console-ams.rpki-client.org