Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/A_Aqofpwy31zFt2gCQi0lZwFejU.roa
File:                     A_Aqofpwy31zFt2gCQi0lZwFejU.roa (raw, json)
Hash identifier:          /0wYRJn/JkPg1cG0iM9H+lkoknymYrb3syXOY8xLpkQ=
Subject key identifier:   03:F0:2A:A1:FA:70:CB:7D:73:16:DD:A0:09:08:B4:95:9C:05:7A:35
Certificate issuer:       /CN=7139bc5cef3aeadf32613f7d959ec8e40a742918
Certificate serial:       CB5A
Authority key identifier: 71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/A_Aqofpwy31zFt2gCQi0lZwFejU.roa
Signing time:             Thu 09 Jun 2022 13:36:02 +0000
ROA not before:           Thu 09 Jun 2022 13:36:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211450
IP address blocks:        193.36.90.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52058 (0xcb5a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7139bc5cef3aeadf32613f7d959ec8e40a742918
        Validity
            Not Before: Jun  9 13:36:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=03f02aa1fa70cb7d7316dda00908b4959c057a35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:e2:54:3b:d3:5f:78:cf:14:67:d1:a2:02:56:
                    79:2f:95:89:fe:d1:ba:ee:fc:db:0b:d6:0f:2d:02:
                    ff:61:61:e9:24:80:c3:84:b7:0a:4e:f4:eb:c1:00:
                    93:b9:96:24:b6:19:f2:5c:f0:f6:21:59:f6:74:7f:
                    3b:76:a7:71:b3:bb:97:b4:d3:db:f0:c7:1c:a4:25:
                    b0:95:e0:81:af:97:06:99:43:8f:d0:62:ad:dc:bf:
                    3e:9a:08:87:42:15:1c:55:56:d4:9f:0c:4b:1a:84:
                    44:96:f8:06:80:a1:1e:ec:d3:f8:d7:dc:95:01:5c:
                    3c:40:96:b5:f7:91:07:28:78:03:92:00:fb:b2:71:
                    cf:e1:9a:f0:74:26:2b:f4:04:99:0c:6c:51:f3:cf:
                    6d:d3:cd:7a:04:59:86:d2:af:91:6a:52:5c:90:61:
                    38:eb:64:36:90:e5:da:25:a8:21:e3:85:a3:e4:c1:
                    d9:31:65:8f:7a:63:6f:13:0b:87:7f:b8:53:6d:72:
                    24:ec:a4:35:21:74:7d:cc:df:dd:7d:96:c4:58:23:
                    d7:37:04:8e:55:e8:4d:ee:4c:04:ff:be:b9:54:68:
                    ad:b7:60:01:fb:66:db:5a:1d:57:a4:50:96:7f:2e:
                    ad:cb:8d:82:1e:c4:05:e4:32:38:9f:8f:5f:7e:74:
                    2e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:F0:2A:A1:FA:70:CB:7D:73:16:DD:A0:09:08:B4:95:9C:05:7A:35
            X509v3 Authority Key Identifier:
                keyid:71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/A_Aqofpwy31zFt2gCQi0lZwFejU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/cTm8XO866t8yYT99lZ7I5Ap0KRg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.36.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:04:f6:2c:e9:0e:d3:82:5d:8f:ec:a9:23:92:81:02:a0:ad:
         3b:d4:c3:b2:46:9b:6a:22:70:15:94:d5:1e:81:70:da:5b:01:
         0a:f4:f1:9c:6a:37:f6:17:22:83:47:97:d1:12:ba:92:7e:72:
         4e:ca:7c:40:cf:76:e9:df:71:b9:d2:45:8e:bc:c1:ee:4a:7a:
         26:a1:d9:3f:03:22:50:1c:75:a0:95:3d:a6:45:ad:f1:c3:47:
         90:60:85:99:cb:3d:29:1a:4c:07:6d:34:87:35:e8:7f:d6:de:
         02:e4:e4:3a:a9:29:49:e3:fb:77:cd:d7:2b:ad:90:02:bb:11:
         c0:d2:58:e9:58:7c:f9:9d:db:b2:e0:e4:85:05:c5:47:fa:36:
         bf:e7:15:6b:69:0c:98:14:9b:23:cc:b5:d3:1f:22:45:ba:f7:
         4e:6c:02:5c:ff:a5:7e:24:f3:1d:e2:f2:ee:71:9e:77:47:31:
         83:f6:ca:d5:c8:b4:c9:7d:e9:f0:f1:92:cd:22:ad:55:81:31:
         43:8c:ff:b4:e0:16:16:2d:82:5f:45:94:0d:8d:0b:f4:f5:43:
         e0:de:1d:dc:91:33:29:9d:34:4e:68:6e:66:e5:46:47:99:67:
         e7:ec:f5:ce:dc:40:23:7a:fc:ef:98:55:9a:e5:51:6a:05:8f:
         0c:8b:4d:64
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAMtaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcx
MzliYzVjZWYzYWVhZGYzMjYxM2Y3ZDk1OWVjOGU0MGE3NDI5MTgwHhcNMjIwNjA5
MTMzNjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwM2YwMmFhMWZhNzBj
YjdkNzMxNmRkYTAwOTA4YjQ5NTljMDU3YTM1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5OJUO9NfeM8UZ9GiAlZ5L5WJ/tG67vzbC9YPLQL/YWHpJIDD
hLcKTvTrwQCTuZYkthnyXPD2IVn2dH87dqdxs7uXtNPb8MccpCWwleCBr5cGmUOP
0GKt3L8+mgiHQhUcVVbUnwxLGoRElvgGgKEe7NP419yVAVw8QJa195EHKHgDkgD7
snHP4ZrwdCYr9ASZDGxR889t0816BFmG0q+RalJckGE462Q2kOXaJagh44Wj5MHZ
MWWPemNvEwuHf7hTbXIk7KQ1IXR9zN/dfZbEWCPXNwSOVehN7kwE/765VGitt2AB
+2bbWh1XpFCWfy6ty42CHsQF5DI4n49ffnQuJQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFAPwKqH6cMt9cxbdoAkItJWcBXo1MB8GA1UdIwQYMBaAFHE5vFzvOurfMmE/
fZWeyOQKdCkYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Y1RtOFhPODY2dDh5WVQ5OWxaN0k1QXAwS1JnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80ZC9jYWU2NTItYTIxOC00MmY2LTk3YWYtNzk0YjI4ZWIxNmM1LzEv
QV9BcW9mcHd5MzF6RnQyZ0NRaTBsWndGZWpVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9j
YWU2NTItYTIxOC00MmY2LTk3YWYtNzk0YjI4ZWIxNmM1LzEvY1RtOFhPODY2dDh5
WVQ5OWxaN0k1QXAwS1JnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSRaMA0GCSqGSIb3DQEBCwUAA4IB
AQCGBPYs6Q7Tgl2P7KkjkoECoK071MOyRptqInAVlNUegXDaWwEK9PGcajf2FyKD
R5fRErqSfnJOynxAz3bp33G50kWOvMHuSnomodk/AyJQHHWglT2mRa3xw0eQYIWZ
yz0pGkwHbTSHNeh/1t4C5OQ6qSlJ4/t3zdcrrZACuxHA0ljpWHz5nduy4OSFBcVH
+ja/5xVraQyYFJsjzLXTHyJFuvdObAJc/6V+JPMd4vLucZ53RzGD9srVyLTJfenw
8ZLNIq1VgTFDjP+04BYWLYJfRZQNjQv09UPg3h3ckTMpnTROaG5m5UZHmWfn7PXO
3EAjevzvmFWa5VFqBY8Mi01k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:06 2024 by rpki-client on console-ams.rpki-client.org