Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/vHTis8Bv6Y70UY3e97TrMx5usoQ.roa
File:                     vHTis8Bv6Y70UY3e97TrMx5usoQ.roa (raw, json)
Hash identifier:          NZTW4J2VbWqlfc3eUzdCf+qwjMSrCxgm9QKsdbreGk0=
Subject key identifier:   BC:74:E2:B3:C0:6F:E9:8E:F4:51:8D:DE:F7:B4:EB:33:1E:6E:B2:84
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       2B0CD608
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/vHTis8Bv6Y70UY3e97TrMx5usoQ.roa
Signing time:             Sat 01 Jan 2022 13:58:06 +0000
ROA not before:           Sat 01 Jan 2022 13:58:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202133
IP address blocks:        193.192.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 722261512 (0x2b0cd608)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 13:58:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bc74e2b3c06fe98ef4518ddef7b4eb331e6eb284
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a6:bf:6a:d4:42:e7:71:6c:4c:36:a5:4e:dd:
                    61:58:a7:a4:13:ef:11:e2:bf:68:b7:97:f5:78:1a:
                    cd:b6:21:df:96:8c:cd:fa:78:32:99:f3:3c:ca:80:
                    68:33:1b:6c:4f:34:a2:c0:10:5e:b4:ee:a6:d8:b1:
                    e8:6d:45:2b:81:5f:3c:90:cf:e0:42:f6:c5:b2:29:
                    9b:e5:4d:42:e2:a9:c4:fc:f6:6a:4f:7f:1f:b1:60:
                    a3:f7:ec:26:d7:ed:e1:75:9b:ac:f9:34:55:3a:5f:
                    41:f6:15:2d:13:41:14:23:55:7b:76:4a:4b:bb:cf:
                    b3:54:34:d8:fd:e2:ef:99:7f:3c:05:f8:81:d2:42:
                    0b:10:d5:d1:a9:7d:1f:0f:93:4d:dc:be:86:7b:c4:
                    8c:7c:f2:a9:18:5d:36:87:ad:2b:b1:b5:70:60:42:
                    05:18:b0:18:80:33:a1:d1:12:d4:05:86:e0:be:b3:
                    82:b4:19:ab:3b:b1:dc:40:99:1e:91:81:b1:e0:90:
                    9a:52:61:64:34:c0:97:49:7b:db:0c:fd:d1:e7:37:
                    e8:a6:f7:60:ea:30:2c:5c:07:af:e4:4c:14:4e:a8:
                    97:0b:a3:cf:f8:fe:e1:f5:1b:28:f6:78:04:63:da:
                    0a:dc:1a:37:e2:e8:7e:19:fb:e0:23:8e:56:43:23:
                    7c:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:74:E2:B3:C0:6F:E9:8E:F4:51:8D:DE:F7:B4:EB:33:1E:6E:B2:84
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/vHTis8Bv6Y70UY3e97TrMx5usoQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.192.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:f0:b1:f1:bf:24:c3:19:55:9d:84:ff:fc:35:ce:c9:29:82:
         bc:45:2e:ea:9c:d8:f1:7d:b7:6e:e4:c9:41:3c:59:fa:d1:de:
         fd:47:0f:ee:a1:d2:00:48:61:53:63:aa:db:1b:9e:91:af:7d:
         c2:4a:5b:96:59:24:eb:23:15:b4:88:b9:f8:6c:af:91:82:47:
         ac:fc:b0:08:fa:fd:ed:31:3c:bb:ee:14:8b:68:a1:56:6f:7b:
         83:21:cf:2a:ba:54:7f:b0:cb:99:11:4a:0f:49:88:ab:0a:ae:
         14:f7:f1:88:8b:21:a9:2e:28:0b:a8:9a:7c:9a:d9:a5:a4:9f:
         86:89:6c:e8:e6:3f:4e:7e:26:52:4c:11:bf:c5:d3:c2:3b:66:
         9e:97:27:2a:e6:1e:85:f0:3f:59:f6:09:1a:3b:0e:55:0d:37:
         ee:62:9f:71:9e:46:48:94:42:57:29:27:7d:5c:d7:2d:7e:8b:
         30:bd:cd:25:4a:e6:f5:88:d3:52:c9:fe:51:11:8a:bb:a0:f3:
         b2:61:86:98:30:07:e1:d3:41:e5:b3:ed:35:0c:f7:0d:57:ee:
         42:4f:d1:58:39:ed:34:04:c3:2e:14:d5:7c:70:fe:b1:94:7e:
         8c:0a:dd:0a:1f:5a:ad:42:19:e2:2a:97:69:82:e9:f5:6f:1f:
         7b:8e:93:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKwzWCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmM3NGUyYjNjMDZm
ZTk4ZWY0NTE4ZGRlZjdiNGViMzMxZTZlYjI4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIymv2rUQudxbEw2pU7dYVinpBPvEeK/aLeX9XgazbYh35aM
zfp4MpnzPMqAaDMbbE80osAQXrTuptix6G1FK4FfPJDP4EL2xbIpm+VNQuKpxPz2
ak9/H7Fgo/fsJtft4XWbrPk0VTpfQfYVLRNBFCNVe3ZKS7vPs1Q02P3i75l/PAX4
gdJCCxDV0al9Hw+TTdy+hnvEjHzyqRhdNoetK7G1cGBCBRiwGIAzodES1AWG4L6z
grQZqzux3ECZHpGBseCQmlJhZDTAl0l72wz90ec36Kb3YOowLFwHr+RMFE6olwuj
z/j+4fUbKPZ4BGPaCtwaN+Lofhn74COOVkMjfEECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS8dOKzwG/pjvRRjd73tOszHm6yhDAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L3ZIVGlzOEJ2Nlk3MFVZM2U5N1RyTXg1dXNvUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHAqzANBgkqhkiG9w0BAQsFAAOC
AQEAffCx8b8kwxlVnYT//DXOySmCvEUu6pzY8X23buTJQTxZ+tHe/UcP7qHSAEhh
U2Oq2xueka99wkpbllkk6yMVtIi5+GyvkYJHrPywCPr97TE8u+4Ui2ihVm97gyHP
KrpUf7DLmRFKD0mIqwquFPfxiIshqS4oC6iafJrZpaSfhols6OY/Tn4mUkwRv8XT
wjtmnpcnKuYehfA/WfYJGjsOVQ037mKfcZ5GSJRCVyknfVzXLX6LML3NJUrm9YjT
Usn+URGKu6DzsmGGmDAH4dNB5bPtNQz3DVfuQk/RWDntNATDLhTVfHD+sZR+jArd
Ch9arUIZ4iqXaYLp9W8fe46T3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org