Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/9ec134-f04f-4423-8be5-7f5e1759f84e/1/ZNvBuq530A4I2jWVB0Anw7Z8XVo.roa
File:                     ZNvBuq530A4I2jWVB0Anw7Z8XVo.roa (raw, json)
Hash identifier:          TZYt7Bj+N4+8mbwNbQOIloproSzOQRll/nu794fESlo=
Subject key identifier:   64:DB:C1:BA:AE:77:D0:0E:08:DA:35:95:07:40:27:C3:B6:7C:5D:5A
Certificate issuer:       /CN=771072920d8c9a2b40eb3a045f1f2a6e334a4496
Certificate serial:       0B606D60
Authority key identifier: 77:10:72:92:0D:8C:9A:2B:40:EB:3A:04:5F:1F:2A:6E:33:4A:44:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dxBykg2MmitA6zoEXx8qbjNKRJY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/9ec134-f04f-4423-8be5-7f5e1759f84e/1/ZNvBuq530A4I2jWVB0Anw7Z8XVo.roa
Signing time:             Sat 01 Jan 2022 03:57:55 +0000
ROA not before:           Sat 01 Jan 2022 03:57:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24961
IP address blocks:        193.189.114.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 190868832 (0xb606d60)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=771072920d8c9a2b40eb3a045f1f2a6e334a4496
        Validity
            Not Before: Jan  1 03:57:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=64dbc1baae77d00e08da3595074027c3b67c5d5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:86:fd:fb:e5:f8:b6:78:4d:5a:c7:52:60:30:
                    00:5b:fd:ef:58:d6:78:52:de:a7:52:92:18:41:f5:
                    e4:20:87:54:bf:6b:30:b7:d0:1a:6c:64:03:92:bb:
                    bb:4b:50:8d:6a:85:45:a0:a5:1e:de:f0:24:79:b4:
                    4a:e2:ad:f3:f7:10:a9:29:26:0f:95:66:26:95:93:
                    72:a0:8b:90:e7:ea:0b:12:9f:6f:1c:1e:fd:c8:53:
                    85:79:14:90:9a:d1:76:c2:80:bf:14:93:87:cb:e1:
                    1b:79:10:ad:d7:c0:22:3e:d0:12:b9:0b:0e:1f:94:
                    6e:dd:ec:5a:cb:1b:7b:27:8d:7f:ef:ba:de:f4:61:
                    a6:81:88:68:bf:41:78:e6:cb:f1:9b:63:46:e2:6b:
                    c8:41:00:50:21:4a:6a:40:82:47:1d:65:70:61:a8:
                    fb:2a:45:1c:b8:5c:82:7a:f7:b9:4e:97:07:0b:37:
                    ce:d2:f1:99:4a:b5:7b:de:1b:e3:04:c4:88:2d:2b:
                    39:8a:4d:92:e0:20:ff:3b:e6:18:82:c4:fd:bb:88:
                    b3:9b:30:51:d6:27:36:12:18:f3:86:20:fb:a6:89:
                    9a:93:56:72:66:0d:48:a6:78:d1:36:59:13:31:0b:
                    71:7a:5b:6c:e5:cb:7a:be:39:d6:72:69:81:90:fd:
                    56:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:DB:C1:BA:AE:77:D0:0E:08:DA:35:95:07:40:27:C3:B6:7C:5D:5A
            X509v3 Authority Key Identifier:
                keyid:77:10:72:92:0D:8C:9A:2B:40:EB:3A:04:5F:1F:2A:6E:33:4A:44:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dxBykg2MmitA6zoEXx8qbjNKRJY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/9ec134-f04f-4423-8be5-7f5e1759f84e/1/ZNvBuq530A4I2jWVB0Anw7Z8XVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/9ec134-f04f-4423-8be5-7f5e1759f84e/1/dxBykg2MmitA6zoEXx8qbjNKRJY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.189.114.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:70:39:68:b9:b8:47:05:b4:4d:a2:df:5a:40:ea:a1:da:11:
         6a:0c:d8:51:7e:c3:6d:97:d6:9b:f6:be:5b:ee:5d:88:05:da:
         d6:f0:24:fd:66:e6:bf:a6:9b:f8:0f:8a:9c:74:5f:1e:b3:01:
         64:d2:76:3e:a6:5f:6b:c6:2e:0a:16:ac:7d:9c:5e:22:41:cf:
         81:d1:b8:15:b7:ee:af:9d:64:fa:e8:e7:18:7c:29:07:5a:03:
         bd:de:a3:3b:ad:15:da:97:de:c6:c2:e5:65:9e:c7:57:91:b4:
         5d:27:e2:ad:85:17:78:ca:93:e9:3c:c1:9a:d5:e0:4f:6d:1d:
         55:b6:99:4b:85:5a:ef:03:87:89:e2:52:55:f8:28:56:c4:9c:
         22:67:11:04:fa:34:4b:28:d6:12:0b:0c:7e:0b:d6:19:67:c2:
         8c:c2:43:3b:09:e9:17:0c:2f:3f:1d:cc:2b:a2:5a:ec:ea:2e:
         87:00:dd:b3:1b:4f:5f:ee:b0:fd:9e:03:4e:0d:49:30:07:a6:
         d2:a6:ad:b4:d1:fb:04:60:66:bf:dd:97:d1:b7:f4:06:2d:0a:
         84:b2:bc:ce:1b:72:a6:75:5b:78:d0:0f:eb:11:fa:a9:23:7c:
         ab:27:ab:b5:fa:f4:4d:69:78:f1:81:8e:db:71:0d:39:41:08:
         77:d7:87:49
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC2BtYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NzEwNzI5MjBkOGM5YTJiNDBlYjNhMDQ1ZjFmMmE2ZTMzNGE0NDk2MB4XDTIyMDEw
MTAzNTc1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjRkYmMxYmFhZTc3
ZDAwZTA4ZGEzNTk1MDc0MDI3YzNiNjdjNWQ1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWG/fvl+LZ4TVrHUmAwAFv971jWeFLep1KSGEH15CCHVL9r
MLfQGmxkA5K7u0tQjWqFRaClHt7wJHm0SuKt8/cQqSkmD5VmJpWTcqCLkOfqCxKf
bxwe/chThXkUkJrRdsKAvxSTh8vhG3kQrdfAIj7QErkLDh+Ubt3sWssbeyeNf++6
3vRhpoGIaL9BeObL8ZtjRuJryEEAUCFKakCCRx1lcGGo+ypFHLhcgnr3uU6XBws3
ztLxmUq1e94b4wTEiC0rOYpNkuAg/zvmGILE/buIs5swUdYnNhIY84Yg+6aJmpNW
cmYNSKZ40TZZEzELcXpbbOXLer451nJpgZD9VskCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRk28G6rnfQDgjaNZUHQCfDtnxdWjAfBgNVHSMEGDAWgBR3EHKSDYyaK0Dr
OgRfHypuM0pEljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2R4QnlrZzJNbWl0QTZ6b0VYeDhxYmpOS1JKWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvOWVjMTM0LWYwNGYtNDQyMy04YmU1LTdmNWUxNzU5Zjg0ZS8x
L1pOdkJ1cTUzMEE0STJqV1ZCMEFudzdaOFhWby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
OWVjMTM0LWYwNGYtNDQyMy04YmU1LTdmNWUxNzU5Zjg0ZS8xL2R4QnlrZzJNbWl0
QTZ6b0VYeDhxYmpOS1JKWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcG9cjANBgkqhkiG9w0BAQsFAAOC
AQEAkHA5aLm4RwW0TaLfWkDqodoRagzYUX7DbZfWm/a+W+5diAXa1vAk/Wbmv6ab
+A+KnHRfHrMBZNJ2PqZfa8YuChasfZxeIkHPgdG4Fbfur51k+ujnGHwpB1oDvd6j
O60V2pfexsLlZZ7HV5G0XSfirYUXeMqT6TzBmtXgT20dVbaZS4Va7wOHieJSVfgo
VsScImcRBPo0SyjWEgsMfgvWGWfCjMJDOwnpFwwvPx3MK6Ja7OouhwDdsxtPX+6w
/Z4DTg1JMAem0qattNH7BGBmv92X0bf0Bi0KhLK8zhtypnVbeNAP6xH6qSN8qyer
tfr0TWl48YGO23ENOUEId9eHSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:39 2024 by rpki-client on console-ams.rpki-client.org