Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/098583-36ce-4692-9dc3-9d988a600757/1/pSUo8gmE_pB7uyXMXByR9TUqf9I.roa
File:                     pSUo8gmE_pB7uyXMXByR9TUqf9I.roa (raw, json)
Hash identifier:          eJ0/+965xBfzs7ZSmffUf7jM7XvnovkKWEZhNymjMsU=
Subject key identifier:   A5:25:28:F2:09:84:FE:90:7B:BB:25:CC:5C:1C:91:F5:35:2A:7F:D2
Certificate issuer:       /CN=88ed0c0901c69e5c5d8f51a675d055982f91d2a7
Certificate serial:       BF89D6
Authority key identifier: 88:ED:0C:09:01:C6:9E:5C:5D:8F:51:A6:75:D0:55:98:2F:91:D2:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iO0MCQHGnlxdj1GmddBVmC-R0qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/098583-36ce-4692-9dc3-9d988a600757/1/pSUo8gmE_pB7uyXMXByR9TUqf9I.roa
Signing time:             Sat 01 Jan 2022 00:50:14 +0000
ROA not before:           Sat 01 Jan 2022 00:50:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        193.151.92.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12552662 (0xbf89d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88ed0c0901c69e5c5d8f51a675d055982f91d2a7
        Validity
            Not Before: Jan  1 00:50:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a52528f20984fe907bbb25cc5c1c91f5352a7fd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:69:28:11:45:9d:c5:f7:47:77:c2:d4:1d:10:
                    61:01:c4:94:a1:98:66:17:24:5c:b8:c5:4b:a2:3d:
                    29:96:36:5e:fe:ad:5d:42:25:8c:63:79:e1:11:4d:
                    e8:04:2f:a4:6a:29:f1:64:35:af:61:c9:22:c2:c9:
                    9e:cc:65:7c:3f:35:54:e3:86:eb:98:0e:36:cb:00:
                    6f:a4:cd:34:bd:a4:dd:64:c9:82:ef:d9:b3:7e:bd:
                    5b:13:b0:51:7b:f0:74:53:af:de:5a:0f:17:6c:f8:
                    57:d0:fc:48:02:14:22:d0:3b:87:04:b3:34:8c:99:
                    60:d5:cb:07:99:4b:ec:d6:7c:2d:c0:2a:da:39:e9:
                    e2:3a:61:81:85:f8:68:eb:f2:06:37:3d:f7:6c:09:
                    dd:38:24:f0:ef:31:55:87:49:3c:1f:07:89:b0:54:
                    d9:bf:e4:be:84:33:2e:10:f3:7d:ea:52:58:7e:b4:
                    78:15:ce:98:b9:ad:a8:a9:da:75:ff:61:65:b3:fb:
                    02:b6:7d:58:72:45:73:8a:31:6f:c6:c1:d2:47:b6:
                    6c:18:a6:c4:14:7b:30:95:98:86:2a:18:2f:32:6d:
                    2c:45:b4:5f:e4:ca:3d:22:e7:be:37:b0:e9:a5:fe:
                    b4:69:7d:e6:62:96:71:67:dc:0a:db:17:a9:9a:df:
                    83:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:25:28:F2:09:84:FE:90:7B:BB:25:CC:5C:1C:91:F5:35:2A:7F:D2
            X509v3 Authority Key Identifier:
                keyid:88:ED:0C:09:01:C6:9E:5C:5D:8F:51:A6:75:D0:55:98:2F:91:D2:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iO0MCQHGnlxdj1GmddBVmC-R0qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/098583-36ce-4692-9dc3-9d988a600757/1/pSUo8gmE_pB7uyXMXByR9TUqf9I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/098583-36ce-4692-9dc3-9d988a600757/1/iO0MCQHGnlxdj1GmddBVmC-R0qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.151.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:50:28:26:97:98:40:80:83:37:51:d3:44:4a:67:48:02:20:
         b9:dd:2f:db:cd:01:47:aa:ac:66:56:64:a8:c6:1b:37:e8:e4:
         2f:c3:b8:2c:79:59:4d:2a:b5:2d:dd:87:4f:09:39:17:0f:96:
         9a:45:71:ae:60:db:82:7e:d2:56:d4:4f:a9:94:f2:17:24:92:
         a9:bb:dd:11:18:29:0d:c6:90:42:26:00:b5:35:33:a4:19:78:
         aa:cd:83:a0:02:02:86:72:9f:55:f8:8b:7c:13:28:87:be:39:
         b5:eb:df:d3:64:d2:89:14:0c:28:85:24:33:c0:39:dd:ef:3d:
         6b:88:d3:d9:a7:ab:81:4d:2b:4d:d4:80:3c:ef:26:a0:de:03:
         97:b5:50:7b:41:71:cc:71:68:cf:91:5d:2b:be:44:88:83:fb:
         25:17:ba:6d:99:8e:e4:11:a2:05:16:4d:ce:dd:8e:65:2e:cf:
         e8:ed:21:f4:64:ab:f3:8d:77:48:ca:8a:14:b2:3b:85:b4:fb:
         89:6d:6a:04:c3:b1:50:6e:25:b8:bd:ea:1b:aa:7c:4c:3e:82:
         5a:5c:a0:a1:5d:ce:3f:92:e4:21:af:76:10:cf:b4:78:88:90:
         5a:74:a7:e9:08:3a:21:73:04:75:7c:46:4f:88:d9:80:85:05:
         06:81:bf:d4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAL+J1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGVkMGMwOTAxYzY5ZTVjNWQ4ZjUxYTY3NWQwNTU5ODJmOTFkMmE3MB4XDTIyMDEw
MTAwNTAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUyNTI4ZjIwOTg0
ZmU5MDdiYmIyNWNjNWMxYzkxZjUzNTJhN2ZkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO9pKBFFncX3R3fC1B0QYQHElKGYZhckXLjFS6I9KZY2Xv6t
XUIljGN54RFN6AQvpGop8WQ1r2HJIsLJnsxlfD81VOOG65gONssAb6TNNL2k3WTJ
gu/Zs369WxOwUXvwdFOv3loPF2z4V9D8SAIUItA7hwSzNIyZYNXLB5lL7NZ8LcAq
2jnp4jphgYX4aOvyBjc992wJ3Tgk8O8xVYdJPB8HibBU2b/kvoQzLhDzfepSWH60
eBXOmLmtqKnadf9hZbP7ArZ9WHJFc4oxb8bB0ke2bBimxBR7MJWYhioYLzJtLEW0
X+TKPSLnvjew6aX+tGl95mKWcWfcCtsXqZrfg6ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSlJSjyCYT+kHu7JcxcHJH1NSp/0jAfBgNVHSMEGDAWgBSI7QwJAcaeXF2P
UaZ10FWYL5HSpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lPME1DUUhHbmx4ZGoxR21kZEJWbUMtUjBxYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvMDk4NTgzLTM2Y2UtNDY5Mi05ZGMzLTlkOTg4YTYwMDc1Ny8x
L3BTVW84Z21FX3BCN3V5WE1YQnlSOVRVcWY5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
MDk4NTgzLTM2Y2UtNDY5Mi05ZGMzLTlkOTg4YTYwMDc1Ny8xL2lPME1DUUhHbmx4
ZGoxR21kZEJWbUMtUjBxYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGXXDANBgkqhkiG9w0BAQsFAAOC
AQEAOFAoJpeYQICDN1HTREpnSAIgud0v280BR6qsZlZkqMYbN+jkL8O4LHlZTSq1
Ld2HTwk5Fw+WmkVxrmDbgn7SVtRPqZTyFySSqbvdERgpDcaQQiYAtTUzpBl4qs2D
oAIChnKfVfiLfBMoh745tevf02TSiRQMKIUkM8A53e89a4jT2aergU0rTdSAPO8m
oN4Dl7VQe0FxzHFoz5FdK75EiIP7JRe6bZmO5BGiBRZNzt2OZS7P6O0h9GSr8413
SMqKFLI7hbT7iW1qBMOxUG4luL3qG6p8TD6CWlygoV3OP5LkIa92EM+0eIiQWnSn
6Qg6IXMEdXxGT4jZgIUFBoG/1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:28 2024 by rpki-client on console-ams.rpki-client.org