Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/_6hRLnn4DB9srMGvKErejNGm9Oc.roa
File:                     _6hRLnn4DB9srMGvKErejNGm9Oc.roa (raw, json)
Hash identifier:          gP1ahonD8r1oLOl07uUTvojamL6P2vyEIpgiczkI9Ls=
Subject key identifier:   FF:A8:51:2E:79:F8:0C:1F:6C:AC:C1:AF:28:4A:DE:8C:D1:A6:F4:E7
Certificate issuer:       /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Certificate serial:       02C149F3
Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/_6hRLnn4DB9srMGvKErejNGm9Oc.roa
Signing time:             Sat 01 Jan 2022 14:57:18 +0000
ROA not before:           Sat 01 Jan 2022 14:57:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39566
IP address blocks:        193.93.88.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46221811 (0x2c149f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
        Validity
            Not Before: Jan  1 14:57:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ffa8512e79f80c1f6cacc1af284ade8cd1a6f4e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:79:f3:dc:8d:86:a5:b8:08:73:fc:b7:10:2c:
                    2b:51:89:24:47:0d:fc:41:5d:1b:0f:e5:92:e8:35:
                    72:1e:1b:cd:dc:fb:79:2f:35:1a:77:92:c1:86:4b:
                    ff:97:2e:f8:ae:44:db:83:f7:0a:82:af:78:5f:79:
                    91:ac:d9:5e:32:c0:9b:49:e4:90:7c:c4:1f:4a:6a:
                    39:8c:b6:fa:04:33:e1:6e:14:97:03:00:e9:da:25:
                    5c:d5:15:fb:c1:67:39:73:5b:74:3a:26:39:56:6e:
                    e3:4c:f9:cc:49:c3:66:8b:1a:4d:0a:64:e9:18:60:
                    5a:7a:af:7b:09:15:a1:b5:8a:c7:e3:63:7b:ce:80:
                    7d:26:68:bc:1a:6f:78:b1:0d:c1:a0:36:58:3f:8c:
                    08:58:da:e0:da:f1:fa:38:a4:02:61:4e:c5:b9:69:
                    f3:04:1d:60:d8:01:54:16:46:ab:e6:fa:ab:e1:1b:
                    c0:ec:ad:f7:a6:ab:94:4f:76:96:ce:b4:9a:57:60:
                    63:e0:39:6c:ad:8e:32:d0:f2:1d:7c:a4:10:6e:9e:
                    fe:f3:f1:2d:dd:6d:9b:ff:1a:d9:4f:b2:7a:7f:a2:
                    5d:26:49:a9:04:76:63:7f:25:e0:99:e3:cf:65:78:
                    cc:f9:5a:12:98:5c:39:3c:f9:dd:b0:ea:ae:b6:79:
                    4e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:A8:51:2E:79:F8:0C:1F:6C:AC:C1:AF:28:4A:DE:8C:D1:A6:F4:E7
            X509v3 Authority Key Identifier:
                keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/_6hRLnn4DB9srMGvKErejNGm9Oc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.93.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         41:84:f0:bb:a8:a0:ae:0f:41:7c:bb:31:42:24:b1:1c:62:ff:
         0c:a0:91:34:09:3f:40:47:3e:42:df:3a:93:73:03:b6:75:c9:
         a4:38:d2:00:53:5d:a8:08:77:53:50:ff:3f:f8:19:45:c8:6a:
         b8:35:4e:4a:23:ab:8c:0d:a8:58:43:ac:a9:12:ec:6b:ed:c2:
         c5:65:2b:76:14:e7:e9:19:af:da:ea:bf:77:22:9b:b6:e5:01:
         b8:97:8f:33:84:08:03:de:7b:f7:0d:9f:ef:60:63:c3:5c:59:
         d7:e0:24:6c:a7:cf:ef:ec:72:2d:08:47:89:35:57:70:03:2f:
         dd:88:51:ac:8a:8b:f0:f1:84:43:64:25:35:0b:04:10:7a:73:
         00:38:3e:4a:c8:6f:d9:d9:65:5d:70:56:da:9c:af:92:30:a0:
         d3:09:dc:5a:14:6b:32:af:53:c1:35:b4:27:e7:93:5c:34:45:
         4f:f0:b9:8b:30:e8:74:1d:7a:74:a0:fb:91:69:f0:71:7d:9c:
         08:33:45:9d:77:b1:9e:50:bd:87:04:13:8b:dd:f8:d4:3a:d0:
         13:9b:38:20:14:ac:55:7d:62:4e:a5:9a:0a:03:d3:8c:0d:a0:
         37:e7:1d:35:4f:71:56:0b:ef:ca:3a:61:83:b8:2b:0d:2a:8a:
         9d:06:4f:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAsFJ8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWYxOWYwNWNjZjIyMjEzOTg0NjljMGJlOGRkYzA0Y2UxNGUxMzVhMB4XDTIyMDEw
MTE0NTcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZhODUxMmU3OWY4
MGMxZjZjYWNjMWFmMjg0YWRlOGNkMWE2ZjRlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN5589yNhqW4CHP8txAsK1GJJEcN/EFdGw/lkug1ch4bzdz7
eS81GneSwYZL/5cu+K5E24P3CoKveF95kazZXjLAm0nkkHzEH0pqOYy2+gQz4W4U
lwMA6dolXNUV+8FnOXNbdDomOVZu40z5zEnDZosaTQpk6RhgWnqvewkVobWKx+Nj
e86AfSZovBpveLENwaA2WD+MCFja4Nrx+jikAmFOxblp8wQdYNgBVBZGq+b6q+Eb
wOyt96arlE92ls60mldgY+A5bK2OMtDyHXykEG6e/vPxLd1tm/8a2U+yen+iXSZJ
qQR2Y38l4Jnjz2V4zPlaEphcOTz53bDqrrZ5TvECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT/qFEuefgMH2yswa8oSt6M0ab05zAfBgNVHSMEGDAWgBTZ8Z8FzPIiE5hG
nAvo3cBM4U4TWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJmR2ZCY3p5SWhPWVJwd0w2TjNBVE9GT0Uxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvNmUzMjQ2LWZiYTYtNGUxZC04MDg5LTRmZjMzMzM4MzYxZS8x
L182aFJMbm40REI5c3JNR3ZLRXJlak5HbTlPYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
NmUzMjQ2LWZiYTYtNGUxZC04MDg5LTRmZjMzMzM4MzYxZS8xLzJmR2ZCY3p5SWhP
WVJwd0w2TjNBVE9GT0Uxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsFdWDANBgkqhkiG9w0BAQsFAAOC
AQEAQYTwu6igrg9BfLsxQiSxHGL/DKCRNAk/QEc+Qt86k3MDtnXJpDjSAFNdqAh3
U1D/P/gZRchquDVOSiOrjA2oWEOsqRLsa+3CxWUrdhTn6Rmv2uq/dyKbtuUBuJeP
M4QIA9579w2f72Bjw1xZ1+AkbKfP7+xyLQhHiTVXcAMv3YhRrIqL8PGEQ2QlNQsE
EHpzADg+Sshv2dllXXBW2pyvkjCg0wncWhRrMq9TwTW0J+eTXDRFT/C5izDodB16
dKD7kWnwcX2cCDNFnXexnlC9hwQTi9341DrQE5s4IBSsVX1iTqWaCgPTjA2gN+cd
NU9xVgvvyjphg7grDSqKnQZPng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:32 2024 by rpki-client on console-ams.rpki-client.org