Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/59TP2M4mezk3l27JtjZ5HnrxsvY.roa
File:                     59TP2M4mezk3l27JtjZ5HnrxsvY.roa (raw, json)
Hash identifier:          qD7hiV22Ii+ItI7bOBEUe30alWvbGrxCvbQb9PrnBIs=
Subject key identifier:   E7:D4:CF:D8:CE:26:7B:39:37:97:6E:C9:B6:36:79:1E:7A:F1:B2:F6
Certificate issuer:       /CN=17a6fa80b2d1c43ec9ea824e7e8395f79294e38a
Certificate serial:       0C3272EB
Authority key identifier: 17:A6:FA:80:B2:D1:C4:3E:C9:EA:82:4E:7E:83:95:F7:92:94:E3:8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F6b6gLLRxD7J6oJOfoOV95KU44o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/59TP2M4mezk3l27JtjZ5HnrxsvY.roa
Signing time:             Sat 01 Jan 2022 12:03:56 +0000
ROA not before:           Sat 01 Jan 2022 12:03:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3326
IP address blocks:        193.111.173.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 204632811 (0xc3272eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17a6fa80b2d1c43ec9ea824e7e8395f79294e38a
        Validity
            Not Before: Jan  1 12:03:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e7d4cfd8ce267b3937976ec9b636791e7af1b2f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:38:28:d7:b3:69:70:45:6d:a3:45:1b:86:2f:
                    04:a4:c9:24:f5:e7:23:b5:c9:fb:fa:be:81:40:c7:
                    81:27:a1:ad:5a:2d:bb:ef:d1:ce:a3:ee:8c:50:95:
                    ca:f8:aa:1a:f3:d8:09:6b:85:19:48:83:2c:5f:49:
                    59:6e:c1:27:e1:73:1f:69:d8:06:d6:c3:70:08:14:
                    bf:76:b7:e6:32:80:b8:7d:31:d1:2b:43:e8:86:88:
                    a1:19:ae:d3:3e:99:73:8c:7f:32:1c:c3:b3:09:17:
                    4a:51:3a:c8:b3:c5:4a:4e:0f:28:de:e3:6d:d5:28:
                    91:ed:7f:5f:58:03:13:36:9c:aa:dc:32:fd:b4:90:
                    61:b0:19:07:fa:f4:e6:5a:d7:5c:58:3c:d7:f8:f0:
                    2e:f5:2f:3e:13:b7:5c:37:f6:72:68:9e:0e:e5:a3:
                    01:8e:8a:fa:59:55:c7:87:1c:3b:e3:92:73:e6:4d:
                    a9:74:f7:a1:fa:f4:f2:57:30:f7:cf:fa:8f:94:0d:
                    f8:09:aa:58:2c:be:86:8b:0e:c0:c4:f4:b5:df:24:
                    d7:00:0f:f9:fa:b0:78:4e:76:15:99:c1:91:b4:a5:
                    04:c8:11:43:fa:50:e7:6c:94:2e:ce:1a:eb:84:8f:
                    33:27:7e:8d:57:31:61:da:7b:5c:a7:dc:0e:d8:31:
                    c5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:D4:CF:D8:CE:26:7B:39:37:97:6E:C9:B6:36:79:1E:7A:F1:B2:F6
            X509v3 Authority Key Identifier:
                keyid:17:A6:FA:80:B2:D1:C4:3E:C9:EA:82:4E:7E:83:95:F7:92:94:E3:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F6b6gLLRxD7J6oJOfoOV95KU44o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/59TP2M4mezk3l27JtjZ5HnrxsvY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/F6b6gLLRxD7J6oJOfoOV95KU44o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.111.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:c4:b4:22:4e:4d:83:e1:32:6c:5c:00:38:a0:ed:ae:dc:82:
         e3:48:69:c5:85:4e:c7:fc:a8:f6:f7:5a:fc:51:23:30:8c:35:
         64:7b:a3:98:a2:bf:1a:9b:4b:22:a6:e6:a2:13:4c:73:3b:06:
         12:dd:d2:a3:b1:b4:89:d0:15:f8:1f:e4:20:75:09:87:d3:1d:
         78:63:1b:6a:3d:af:68:da:88:14:df:cd:a3:5e:43:20:42:b2:
         b9:d5:df:39:d9:3e:05:e8:4b:64:40:46:b8:76:f2:c3:8f:c9:
         9a:81:e4:a1:9d:0a:f6:1c:38:eb:ad:54:d5:b7:83:cd:aa:4f:
         7f:b4:ba:d3:8b:7c:83:33:52:e6:56:cb:47:be:2d:51:ca:46:
         e2:59:57:72:09:1d:ee:ee:24:89:5d:12:59:50:e9:d4:3d:9c:
         42:59:76:db:6f:fb:74:e3:60:8f:4b:a0:85:3a:a6:f0:7f:45:
         12:62:89:52:a9:d4:d0:e7:bd:3f:f7:ab:eb:1f:be:71:7d:56:
         0e:3c:cb:d3:07:5a:7e:7d:56:09:ba:92:30:dc:c7:fe:95:eb:
         c3:11:24:d7:04:fd:81:ab:a2:a9:6c:f9:62:ea:f2:8e:24:0d:
         04:51:f5:e3:b5:72:81:1b:b1:f7:43:6c:b3:d1:06:11:90:d6:
         8f:f5:da:40
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDDJy6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2E2ZmE4MGIyZDFjNDNlYzllYTgyNGU3ZTgzOTVmNzkyOTRlMzhhMB4XDTIyMDEw
MTEyMDM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdkNGNmZDhjZTI2
N2IzOTM3OTc2ZWM5YjYzNjc5MWU3YWYxYjJmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJs4KNezaXBFbaNFG4YvBKTJJPXnI7XJ+/q+gUDHgSehrVot
u+/RzqPujFCVyviqGvPYCWuFGUiDLF9JWW7BJ+FzH2nYBtbDcAgUv3a35jKAuH0x
0StD6IaIoRmu0z6Zc4x/MhzDswkXSlE6yLPFSk4PKN7jbdUoke1/X1gDEzacqtwy
/bSQYbAZB/r05lrXXFg81/jwLvUvPhO3XDf2cmieDuWjAY6K+llVx4ccO+OSc+ZN
qXT3ofr08lcw98/6j5QN+AmqWCy+hosOwMT0td8k1wAP+fqweE52FZnBkbSlBMgR
Q/pQ52yULs4a64SPMyd+jVcxYdp7XKfcDtgxxTkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTn1M/YziZ7OTeXbsm2NnkeevGy9jAfBgNVHSMEGDAWgBQXpvqAstHEPsnq
gk5+g5X3kpTjijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y2YjZnTExSeEQ3SjZvSk9mb09WOTVLVTQ0by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYmJmZTQ4LWYxNGQtNDBkMS05ZjFhLWNiOWU0NWJiMGM2My8x
LzU5VFAyTTRtZXprM2wyN0p0alo1SG5yeHN2WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YmJmZTQ4LWYxNGQtNDBkMS05ZjFhLWNiOWU0NWJiMGM2My8xL0Y2YjZnTExSeEQ3
SjZvSk9mb09WOTVLVTQ0by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFvrTANBgkqhkiG9w0BAQsFAAOC
AQEAUcS0Ik5Ng+EybFwAOKDtrtyC40hpxYVOx/yo9vda/FEjMIw1ZHujmKK/GptL
IqbmohNMczsGEt3So7G0idAV+B/kIHUJh9MdeGMbaj2vaNqIFN/No15DIEKyudXf
Odk+BehLZEBGuHbyw4/JmoHkoZ0K9hw4661U1beDzapPf7S604t8gzNS5lbLR74t
UcpG4llXcgkd7u4kiV0SWVDp1D2cQll222/7dONgj0ughTqm8H9FEmKJUqnU0Oe9
P/er6x++cX1WDjzL0wdafn1WCbqSMNzH/pXrwxEk1wT9gauiqWz5YuryjiQNBFH1
47VygRux90Nss9EGEZDWj/XaQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:01 2024 by rpki-client on console-ams.rpki-client.org