Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/lAUMXYbVLroqskvGrCmd3Jyxh8g.roa
File:                     lAUMXYbVLroqskvGrCmd3Jyxh8g.roa (raw, json)
Hash identifier:          deT9RfaROs7e/BE3HJLBfrhUVANkjUQ7cFplMDtSn5w=
Subject key identifier:   94:05:0C:5D:86:D5:2E:BA:2A:B2:4B:C6:AC:29:9D:DC:9C:B1:87:C8
Certificate issuer:       /CN=7373c1ff55403d4792346493f769f8d033bef02c
Certificate serial:       17EF5C1A
Authority key identifier: 73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/lAUMXYbVLroqskvGrCmd3Jyxh8g.roa
Signing time:             Sat 01 Jan 2022 03:55:02 +0000
ROA not before:           Sat 01 Jan 2022 03:55:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25098
IP address blocks:        193.201.70.0/23 maxlen: 23
                          213.230.192.0/18 maxlen: 32
                          2a01:70::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 401562650 (0x17ef5c1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7373c1ff55403d4792346493f769f8d033bef02c
        Validity
            Not Before: Jan  1 03:55:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=94050c5d86d52eba2ab24bc6ac299ddc9cb187c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:34:6c:c3:e0:18:44:f9:59:34:61:61:16:05:
                    79:12:ec:93:c9:03:7e:5a:08:fc:be:74:4a:e9:a9:
                    22:a5:0d:8d:08:6b:47:18:d3:33:dc:e4:a8:62:25:
                    42:4b:1d:18:7d:fc:f7:fa:97:df:3d:88:d6:60:88:
                    10:8d:ed:7d:5f:02:5b:9c:ee:4a:cc:28:ee:43:80:
                    25:4c:99:8b:f2:06:38:eb:96:ae:61:29:17:d1:bd:
                    25:4a:ab:5d:40:b6:ac:18:1a:62:a1:d2:e2:03:2f:
                    c5:cd:8a:d4:e8:39:4a:bf:96:3d:c8:96:53:37:9a:
                    94:6e:f4:dd:fc:34:3a:20:85:d6:3d:c8:5b:0e:51:
                    b2:ac:ba:75:9b:d2:bc:3e:bc:6e:52:50:f1:e6:f0:
                    0e:d6:76:98:b8:72:dc:1b:41:34:98:17:ba:30:ec:
                    55:f6:2c:17:e8:9d:5d:ea:eb:45:da:f2:49:7f:80:
                    a4:22:44:08:8a:ae:b9:a6:2e:31:0f:ef:46:9a:58:
                    48:07:2f:a9:ee:e0:de:57:83:f4:96:bd:42:e8:13:
                    53:ed:e9:e6:c6:9d:bf:65:a5:71:30:a6:83:88:e6:
                    5b:49:53:1e:f4:41:67:7d:ce:62:02:1d:42:fa:f8:
                    4a:f0:37:15:f7:9e:44:d4:20:b5:0d:0a:7a:34:f8:
                    7a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:05:0C:5D:86:D5:2E:BA:2A:B2:4B:C6:AC:29:9D:DC:9C:B1:87:C8
            X509v3 Authority Key Identifier:
                keyid:73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/lAUMXYbVLroqskvGrCmd3Jyxh8g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.201.70.0/23
                  213.230.192.0/18
                IPv6:
                  2a01:70::/32

    Signature Algorithm: sha256WithRSAEncryption
         24:01:5e:d0:36:6e:b2:f6:27:a8:fe:ef:ed:24:ca:07:31:3c:
         18:a3:08:7e:40:f9:38:81:4c:c5:d1:71:b2:74:7f:11:60:f9:
         6f:52:42:c7:e9:29:19:7e:4e:77:1d:0f:a5:d0:71:21:1d:86:
         74:d0:6f:de:62:18:e4:83:e9:e6:f5:3d:af:e3:27:6a:3e:ab:
         78:b1:e0:98:51:6d:38:9d:0a:97:dc:21:68:aa:d2:cf:22:6b:
         67:04:75:eb:d6:56:11:ab:45:79:17:64:34:54:ad:4d:8f:fe:
         7a:3a:03:91:37:75:e4:95:30:1d:9b:6c:3a:cc:23:c4:30:d8:
         42:2c:ae:87:45:46:dc:eb:d6:e0:f3:02:cc:dc:a0:01:a0:d0:
         c5:3a:2f:bd:a0:37:ae:5e:b1:2a:a7:50:a7:81:66:29:ad:55:
         6f:7a:28:7c:19:3d:75:76:4f:f4:3a:d3:6c:10:4b:7c:2b:81:
         4b:b8:76:5f:6a:a6:c9:8c:34:0e:bf:28:50:7e:97:d1:fd:21:
         c5:2d:8b:d6:61:e0:fa:51:11:c2:d9:2f:40:09:03:cb:6d:99:
         1d:b0:5f:c1:3c:8f:9e:d9:cf:f5:ae:8c:23:5e:18:a9:23:44:
         aa:b6:37:1a:2f:25:ee:87:2b:bb:c3:7d:ac:cb:25:7f:1b:91:
         d6:14:03:f4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEF+9cGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzczYzFmZjU1NDAzZDQ3OTIzNDY0OTNmNzY5ZjhkMDMzYmVmMDJjMB4XDTIyMDEw
MTAzNTUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQwNTBjNWQ4NmQ1
MmViYTJhYjI0YmM2YWMyOTlkZGM5Y2IxODdjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMU0bMPgGET5WTRhYRYFeRLsk8kDfloI/L50SumpIqUNjQhr
RxjTM9zkqGIlQksdGH389/qX3z2I1mCIEI3tfV8CW5zuSswo7kOAJUyZi/IGOOuW
rmEpF9G9JUqrXUC2rBgaYqHS4gMvxc2K1Og5Sr+WPciWUzealG703fw0OiCF1j3I
Ww5Rsqy6dZvSvD68blJQ8ebwDtZ2mLhy3BtBNJgXujDsVfYsF+idXerrRdrySX+A
pCJECIquuaYuMQ/vRppYSAcvqe7g3leD9Ja9QugTU+3p5sadv2WlcTCmg4jmW0lT
HvRBZ33OYgIdQvr4SvA3FfeeRNQgtQ0KejT4ehkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSUBQxdhtUuuiqyS8asKZ3cnLGHyDAfBgNVHSMEGDAWgBRzc8H/VUA9R5I0
ZJP3afjQM77wLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2MzUEJfMVZBUFVlU05HU1Q5Mm40MERPLThDdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvMWFmZjEwLWRkMjktNDM5Zi04ZDIzLWJjOWE1ZjY2MDVmYy8x
L2xBVU1YWWJWTHJvcXNrdkdyQ21kM0p5eGg4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
MWFmZjEwLWRkMjktNDM5Zi04ZDIzLWJjOWE1ZjY2MDVmYy8xL2MzUEJfMVZBUFVl
U05HU1Q5Mm40MERPLThDdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAcHJRgMEBtXmwDANBAIAAjAHAwUA
KgEAcDANBgkqhkiG9w0BAQsFAAOCAQEAJAFe0DZusvYnqP7v7STKBzE8GKMIfkD5
OIFMxdFxsnR/EWD5b1JCx+kpGX5Odx0PpdBxIR2GdNBv3mIY5IPp5vU9r+Mnaj6r
eLHgmFFtOJ0Kl9whaKrSzyJrZwR169ZWEatFeRdkNFStTY/+ejoDkTd15JUwHZts
OswjxDDYQiyuh0VG3OvW4PMCzNygAaDQxTovvaA3rl6xKqdQp4FmKa1Vb3oofBk9
dXZP9DrTbBBLfCuBS7h2X2qmyYw0Dr8oUH6X0f0hxS2L1mHg+lERwtkvQAkDy22Z
HbBfwTyPntnP9a6MI14YqSNEqrY3Gi8l7ocru8N9rMslfxuR1hQD9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:29 2024 by rpki-client on console-ams.rpki-client.org