Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/nWbs03xTP04fwun4UZOtBs4-_SE.roa
File:                     nWbs03xTP04fwun4UZOtBs4-_SE.roa (raw, json)
Hash identifier:          LOsEqRj+QXnIRKftR7TemxOlN+sZXFAIHoq9oWp0cWg=
Subject key identifier:   9D:66:EC:D3:7C:53:3F:4E:1F:C2:E9:F8:51:93:AD:06:CE:3E:FD:21
Certificate issuer:       /CN=93b474d05571df3d44f63cca21b40b6e12c392d9
Certificate serial:       01C57C
Authority key identifier: 93:B4:74:D0:55:71:DF:3D:44:F6:3C:CA:21:B4:0B:6E:12:C3:92:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k7R00FVx3z1E9jzKIbQLbhLDktk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/nWbs03xTP04fwun4UZOtBs4-_SE.roa
Signing time:             Wed 27 Apr 2022 11:18:56 +0000
ROA not before:           Wed 27 Apr 2022 11:18:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33925
IP address blocks:        193.189.98.0/23 maxlen: 23
                          31.14.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116092 (0x1c57c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93b474d05571df3d44f63cca21b40b6e12c392d9
        Validity
            Not Before: Apr 27 11:18:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9d66ecd37c533f4e1fc2e9f85193ad06ce3efd21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e3:cf:34:93:e9:ab:94:93:9a:3e:e2:9c:29:
                    d1:85:c5:29:01:3d:44:51:50:1b:cd:eb:2d:0b:bc:
                    bf:16:1b:52:01:65:49:6b:c2:dc:8c:91:8d:39:fb:
                    35:fd:7a:70:2b:cb:3e:7d:b7:cf:10:8e:0e:d7:4f:
                    89:ed:d9:52:69:42:87:f5:ed:92:12:d2:de:aa:a4:
                    7b:aa:0b:28:94:43:e0:4f:19:c1:45:84:bf:5c:57:
                    c4:f4:41:04:1c:7d:aa:0a:ea:8d:d4:ee:2b:d0:5f:
                    51:7f:d6:a4:84:10:7e:89:39:b9:f4:b7:03:b9:35:
                    a3:3b:db:bd:b5:18:7b:bc:92:15:1b:e4:f8:84:fc:
                    96:ec:ab:5f:a1:62:78:a9:78:20:88:7f:e3:e1:08:
                    86:cc:bc:79:d1:64:bf:c3:07:12:18:b0:ac:f8:cb:
                    5a:be:7e:ca:e7:ec:b1:32:bd:25:71:32:03:7e:9f:
                    ad:a6:36:80:19:ef:75:d1:21:44:39:c5:7d:e7:09:
                    b6:bc:c4:db:62:c0:a8:dd:d2:e6:f8:5a:c0:3d:28:
                    25:16:e1:77:ed:b8:31:a9:7d:a0:8e:07:8c:a4:83:
                    95:1d:fc:7b:81:fe:a6:de:10:47:7e:93:4b:6d:08:
                    99:b7:a1:e2:76:6c:81:24:5a:0f:08:50:88:2f:2a:
                    7c:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:66:EC:D3:7C:53:3F:4E:1F:C2:E9:F8:51:93:AD:06:CE:3E:FD:21
            X509v3 Authority Key Identifier:
                keyid:93:B4:74:D0:55:71:DF:3D:44:F6:3C:CA:21:B4:0B:6E:12:C3:92:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7R00FVx3z1E9jzKIbQLbhLDktk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/nWbs03xTP04fwun4UZOtBs4-_SE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/k7R00FVx3z1E9jzKIbQLbhLDktk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.14.8.0/24
                  193.189.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:57:60:5d:b5:cd:fb:04:32:19:43:6f:d7:fb:fb:0d:a5:62:
         5a:20:a7:9a:fe:5b:75:1a:0a:c5:21:70:66:d7:f7:ad:ce:c3:
         ef:5d:e4:58:d7:a5:cc:98:9e:0d:c4:81:01:29:6f:26:e1:fd:
         40:51:be:7b:db:cd:86:61:df:c9:ed:96:ce:fb:b4:8e:be:93:
         9f:75:d8:6c:98:1b:4c:8c:23:d6:66:2c:ad:36:13:e6:29:49:
         91:32:65:c5:f8:66:7e:a2:18:f3:43:96:4f:14:8e:be:4b:2c:
         a8:94:ab:d8:e0:b3:2b:c2:18:0f:6e:c0:15:fb:97:18:5f:90:
         38:cd:cb:ae:00:38:0f:e3:4f:3d:07:32:b8:ee:89:a7:f8:b0:
         4d:54:0f:a5:78:cc:64:eb:4b:ff:52:33:d2:fb:1e:b0:c8:68:
         d1:4d:c8:7d:dd:d3:ed:ef:2c:cc:84:08:01:37:82:00:6b:74:
         c2:13:10:31:a7:0c:cc:7c:46:11:27:84:9b:ca:00:a8:de:4e:
         b4:e4:29:e2:05:5f:16:27:97:d4:26:8f:e0:1e:32:f6:37:02:
         5e:cf:c7:39:b4:ee:f0:cf:7b:8c:a8:8d:82:25:86:9c:7d:ea:
         df:7c:4e:fb:f5:f5:d4:58:9b:91:c3:de:5e:61:5d:be:62:37:
         81:d3:d2:6d
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAcV8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkz
YjQ3NGQwNTU3MWRmM2Q0NGY2M2NjYTIxYjQwYjZlMTJjMzkyZDkwHhcNMjIwNDI3
MTExODU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ZDY2ZWNkMzdjNTMz
ZjRlMWZjMmU5Zjg1MTkzYWQwNmNlM2VmZDIxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwOPPNJPpq5STmj7inCnRhcUpAT1EUVAbzestC7y/FhtSAWVJ
a8LcjJGNOfs1/XpwK8s+fbfPEI4O10+J7dlSaUKH9e2SEtLeqqR7qgsolEPgTxnB
RYS/XFfE9EEEHH2qCuqN1O4r0F9Rf9akhBB+iTm59LcDuTWjO9u9tRh7vJIVG+T4
hPyW7KtfoWJ4qXggiH/j4QiGzLx50WS/wwcSGLCs+Mtavn7K5+yxMr0lcTIDfp+t
pjaAGe910SFEOcV95wm2vMTbYsCo3dLm+FrAPSglFuF37bgxqX2gjgeMpIOVHfx7
gf6m3hBHfpNLbQiZt6HidmyBJFoPCFCILyp8wwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFJ1m7NN8Uz9OH8Lp+FGTrQbOPv0hMB8GA1UdIwQYMBaAFJO0dNBVcd89RPY8
yiG0C24Sw5LZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
azdSMDBGVngzejFFOWp6S0liUUxiaExEa3RrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80MC84ZGE2MjQtMzFjNS00NTA5LWJjNWEtMjA0OWY2YWJmZDlkLzEv
bldiczAzeFRQMDRmd3VuNFVaT3RCczQtX1NFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84
ZGE2MjQtMzFjNS00NTA5LWJjNWEtMjA0OWY2YWJmZDlkLzEvazdSMDBGVngzejFF
OWp6S0liUUxiaExEa3RrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw4IAwQBwb1iMA0GCSqGSIb3DQEB
CwUAA4IBAQBNV2Bdtc37BDIZQ2/X+/sNpWJaIKea/lt1GgrFIXBm1/etzsPvXeRY
16XMmJ4NxIEBKW8m4f1AUb57282GYd/J7ZbO+7SOvpOfddhsmBtMjCPWZiytNhPm
KUmRMmXF+GZ+ohjzQ5ZPFI6+SyyolKvY4LMrwhgPbsAV+5cYX5A4zcuuADgP4089
BzK47omn+LBNVA+leMxk60v/UjPS+x6wyGjRTch93dPt7yzMhAgBN4IAa3TCExAx
pwzMfEYRJ4SbygCo3k605CniBV8WJ5fUJo/gHjL2NwJez8c5tO7wz3uMqI2CJYac
ferffE779fXUWJuRw95eYV2+YjeB09Jt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:04 2024 by rpki-client on console-ams.rpki-client.org