Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/501ea8-1839-47fe-aa44-1b417d5e1fbd/1/87U3STnsJPQxfRoYKC1mS8488nE.roa
File:                     87U3STnsJPQxfRoYKC1mS8488nE.roa (raw, json)
Hash identifier:          +/pE9pcGHl1TH7w+I6lr6LzuRNJ7cpIziHkHj2rYdHQ=
Subject key identifier:   F3:B5:37:49:39:EC:24:F4:31:7D:1A:18:28:2D:66:4B:CE:3C:F2:71
Certificate issuer:       /CN=f4db83adc76baff605700cca48cc4f6f8c529f66
Certificate serial:       E82866
Authority key identifier: F4:DB:83:AD:C7:6B:AF:F6:05:70:0C:CA:48:CC:4F:6F:8C:52:9F:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9NuDrcdrr_YFcAzKSMxPb4xSn2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/501ea8-1839-47fe-aa44-1b417d5e1fbd/1/87U3STnsJPQxfRoYKC1mS8488nE.roa
Signing time:             Sat 01 Jan 2022 13:01:40 +0000
ROA not before:           Sat 01 Jan 2022 13:01:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50572
IP address blocks:        193.19.146.0/24 maxlen: 24
                          2001:67c:2530::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15214694 (0xe82866)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4db83adc76baff605700cca48cc4f6f8c529f66
        Validity
            Not Before: Jan  1 13:01:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f3b5374939ec24f4317d1a18282d664bce3cf271
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:10:30:4a:41:91:7a:5c:db:f5:da:f1:17:ae:
                    b6:b2:54:fe:55:58:5c:8d:61:d5:ee:83:38:56:60:
                    30:e3:7e:24:40:cd:a3:35:68:50:89:86:34:9e:43:
                    e5:0b:c6:c9:06:99:44:e6:da:bf:7a:69:85:d6:15:
                    86:b7:4c:0f:3a:80:a1:b2:c7:c9:a2:98:f8:46:5a:
                    d5:5e:5e:40:18:08:a0:83:f7:11:86:89:4e:b1:80:
                    39:8d:93:10:bc:47:3f:8e:81:aa:29:d4:3d:f4:7e:
                    f4:77:dc:2c:b9:dc:2d:da:d0:c1:99:57:2f:a6:a6:
                    a6:6f:66:26:61:4d:a6:fc:e3:7f:8d:41:3b:ec:0b:
                    d9:ce:51:93:3d:79:de:9f:1b:48:2d:74:02:c2:81:
                    ae:79:f4:6c:ee:b5:9d:be:9a:e9:e0:c9:4f:a0:af:
                    42:c2:34:69:e3:af:a0:1c:b5:58:6f:4c:1f:8f:85:
                    00:d3:b1:ba:c9:18:69:2a:03:5f:87:0a:2b:83:b3:
                    bc:0f:91:3b:77:78:a1:98:fe:11:7d:a9:b8:8d:23:
                    9a:04:24:00:21:b5:b3:6f:f8:67:f1:34:c9:99:31:
                    04:f4:bd:90:3b:42:0e:70:e9:b7:67:31:1c:b3:58:
                    7a:ab:9f:6b:6f:6c:fb:70:2b:7a:aa:9e:e3:db:c6:
                    38:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:B5:37:49:39:EC:24:F4:31:7D:1A:18:28:2D:66:4B:CE:3C:F2:71
            X509v3 Authority Key Identifier:
                keyid:F4:DB:83:AD:C7:6B:AF:F6:05:70:0C:CA:48:CC:4F:6F:8C:52:9F:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NuDrcdrr_YFcAzKSMxPb4xSn2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/501ea8-1839-47fe-aa44-1b417d5e1fbd/1/87U3STnsJPQxfRoYKC1mS8488nE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/501ea8-1839-47fe-aa44-1b417d5e1fbd/1/9NuDrcdrr_YFcAzKSMxPb4xSn2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.19.146.0/24
                IPv6:
                  2001:67c:2530::/48

    Signature Algorithm: sha256WithRSAEncryption
         92:10:72:a9:53:1d:c4:55:69:a0:a5:11:52:6b:da:51:d3:b9:
         76:de:c8:91:d1:e4:2f:66:59:71:0d:36:3d:6b:ce:32:80:f7:
         a8:87:d6:2a:6f:46:83:9c:75:41:8f:d1:82:56:b1:eb:39:03:
         08:ee:6c:b0:8e:33:0d:c9:73:58:da:bf:98:b4:a7:61:71:eb:
         a1:5f:9a:cc:45:ab:95:2a:65:84:cb:6e:9d:a8:0f:4d:ca:0d:
         ad:0c:7e:77:9e:48:a9:7a:72:79:2d:dc:86:fa:db:c8:70:d9:
         99:e8:11:a5:62:fa:ea:22:36:7d:45:9b:66:aa:53:0b:da:f7:
         30:e2:d8:2a:70:55:89:2d:9b:db:dc:f5:2e:f0:e1:b4:22:f2:
         b8:12:b6:39:64:45:95:10:ee:e1:d1:46:4e:6d:fb:c4:3a:8c:
         cc:d2:44:fc:63:24:06:51:72:ac:6b:8c:93:3b:89:b8:b1:f9:
         44:0b:12:39:c6:c0:89:1e:30:fc:62:c2:70:e0:03:93:54:98:
         bd:72:b2:dc:09:0f:af:96:11:c4:31:69:ee:e2:de:42:b2:05:
         6e:d8:bc:32:13:49:a3:1d:ec:1b:51:04:2b:a3:08:00:ba:53:
         81:31:7e:ee:46:f2:d0:65:89:ff:98:cc:f4:43:d6:13:f2:86:
         6d:20:5b:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAOgoZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGRiODNhZGM3NmJhZmY2MDU3MDBjY2E0OGNjNGY2ZjhjNTI5ZjY2MB4XDTIyMDEw
MTEzMDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNiNTM3NDkzOWVj
MjRmNDMxN2QxYTE4MjgyZDY2NGJjZTNjZjI3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkQMEpBkXpc2/Xa8ReutrJU/lVYXI1h1e6DOFZgMON+JEDN
ozVoUImGNJ5D5QvGyQaZRObav3pphdYVhrdMDzqAobLHyaKY+EZa1V5eQBgIoIP3
EYaJTrGAOY2TELxHP46BqinUPfR+9HfcLLncLdrQwZlXL6ampm9mJmFNpvzjf41B
O+wL2c5Rkz153p8bSC10AsKBrnn0bO61nb6a6eDJT6CvQsI0aeOvoBy1WG9MH4+F
ANOxuskYaSoDX4cKK4OzvA+RO3d4oZj+EX2puI0jmgQkACG1s2/4Z/E0yZkxBPS9
kDtCDnDpt2cxHLNYequfa29s+3Areqqe49vGODMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTztTdJOewk9DF9GhgoLWZLzjzycTAfBgNVHSMEGDAWgBT024Otx2uv9gVw
DMpIzE9vjFKfZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlOdURyY2Rycl9ZRmNBektTTXhQYjR4U24yWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvNTAxZWE4LTE4MzktNDdmZS1hYTQ0LTFiNDE3ZDVlMWZiZC8x
Lzg3VTNTVG5zSlBReGZSb1lLQzFtUzg0ODhuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
NTAxZWE4LTE4MzktNDdmZS1hYTQ0LTFiNDE3ZDVlMWZiZC8xLzlOdURyY2Rycl9Z
RmNBektTTXhQYjR4U24yWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMETkjAPBAIAAjAJAwcAIAEGfCUw
MA0GCSqGSIb3DQEBCwUAA4IBAQCSEHKpUx3EVWmgpRFSa9pR07l23siR0eQvZllx
DTY9a84ygPeoh9Yqb0aDnHVBj9GCVrHrOQMI7mywjjMNyXNY2r+YtKdhceuhX5rM
RauVKmWEy26dqA9Nyg2tDH53nkipenJ5LdyG+tvIcNmZ6BGlYvrqIjZ9RZtmqlML
2vcw4tgqcFWJLZvb3PUu8OG0IvK4ErY5ZEWVEO7h0UZObfvEOozM0kT8YyQGUXKs
a4yTO4m4sflECxI5xsCJHjD8YsJw4AOTVJi9crLcCQ+vlhHEMWnu4t5CsgVu2Lwy
E0mjHewbUQQrowgAulOBMX7uRvLQZYn/mMz0Q9YT8oZtIFte
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:23 2024 by rpki-client on console-ams.rpki-client.org