Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aY4c3fEi2e5o_wbwwz4xgLy9gQo.roa
File:                     aY4c3fEi2e5o_wbwwz4xgLy9gQo.roa (raw, json)
Hash identifier:          DRwnW844ySEkPKCO2zqmG++OBeur77neJ0NecSuDXbE=
Subject key identifier:   69:8E:1C:DD:F1:22:D9:EE:68:FF:06:F0:C3:3E:31:80:BC:BD:81:0A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018533C54F30D4DB4C2C40F34C276C8C535B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aY4c3fEi2e5o_wbwwz4xgLy9gQo.roa
Signing time:             Wed 21 Dec 2022 08:20:46 +0000
ROA not before:           Wed 21 Dec 2022 08:20:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60802
IP address blocks:        193.58.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:33:c5:4f:30:d4:db:4c:2c:40:f3:4c:27:6c:8c:53:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 21 08:20:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=698e1cddf122d9ee68ff06f0c33e3180bcbd810a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:7b:42:f2:07:b3:50:07:23:f4:21:59:0d:21:
                    39:da:13:f3:26:76:91:a3:3b:39:e4:f3:cc:22:87:
                    69:df:9f:2a:2e:05:fe:06:2c:01:15:68:63:7e:d4:
                    a0:a1:23:5c:28:cb:54:4c:7b:d8:3d:15:c3:6a:eb:
                    cf:fb:72:32:9e:85:85:b3:88:a5:68:9f:c0:aa:b8:
                    19:2d:09:e2:5c:91:d7:32:52:58:58:63:c5:5d:f3:
                    ef:ef:87:60:5a:02:82:ed:91:b5:f6:ef:aa:db:92:
                    c1:b1:2d:12:bc:b4:70:ea:b6:a8:b0:57:35:2e:6e:
                    05:c4:57:d3:01:0f:97:99:9a:1e:90:60:9f:cc:a0:
                    56:09:2a:c3:56:a8:67:9e:eb:29:73:de:4c:c0:08:
                    54:d4:42:d1:52:e9:cd:b9:d6:c7:3e:a3:1b:d0:05:
                    85:cf:28:21:fb:ae:31:74:f5:19:01:69:ad:6f:58:
                    46:1a:3c:69:d7:5a:6e:8b:c5:e1:88:ef:84:d5:1c:
                    06:dc:38:4d:60:c0:2b:31:ed:ce:3e:6e:2f:a4:34:
                    44:32:6b:77:6b:16:96:53:7f:99:4b:25:60:a8:b3:
                    a6:8b:c6:3d:63:56:db:cb:0e:86:3a:db:a3:f0:ab:
                    7d:d7:2a:6e:5d:45:8f:04:c0:22:c3:b4:6b:de:d4:
                    db:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:8E:1C:DD:F1:22:D9:EE:68:FF:06:F0:C3:3E:31:80:BC:BD:81:0A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aY4c3fEi2e5o_wbwwz4xgLy9gQo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.58.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:fa:c3:aa:50:d4:34:1a:fe:21:b3:81:8e:45:ec:1e:0b:3f:
         7e:61:53:0b:ac:34:96:49:6c:2d:67:e6:77:94:59:bb:01:24:
         80:e0:a2:de:35:7b:66:92:71:3a:b7:50:3c:81:dc:c3:48:f6:
         af:d4:f5:49:97:14:70:d3:27:e0:cb:4a:6c:47:f9:88:e0:cf:
         f6:65:b1:07:bb:2d:78:83:9e:58:9c:0f:94:36:8a:d4:c3:7d:
         94:b7:f9:84:49:ed:39:ed:a0:3e:a4:7b:76:4d:f7:64:74:69:
         96:5e:1d:12:27:bd:ae:67:34:de:b2:10:f1:59:4d:87:c5:50:
         60:e5:9e:9d:e3:d6:d8:ad:97:e8:62:cd:92:b5:2b:bc:6d:8c:
         4e:c3:2e:51:db:9c:88:1d:40:87:ff:1b:43:37:a3:f1:c3:65:
         01:1a:c6:73:85:39:ed:f2:86:b6:4e:70:c8:0e:72:c7:e4:dd:
         49:4f:67:79:82:29:87:c3:27:61:29:0c:03:b6:76:9a:e8:01:
         59:2c:5d:33:06:71:1a:f2:ba:c2:96:92:29:e3:ce:f4:23:bd:
         b6:b5:5d:02:ca:2c:ba:13:25:34:41:82:e8:b7:4f:03:08:4d:
         89:36:51:a9:f0:f6:a6:1e:9f:f6:97:01:2c:3a:b3:c3:f7:0c:
         21:af:60:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUzxU8w1NtMLEDzTCdsjFNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjIxMDgyMDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThlMWNkZGYxMjJkOWVlNjhmZjA2ZjBjMzNlMzE4MGJjYmQ4MTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3tC8gezUAcj9CFZDSE52hPzJnaR
ozs55PPMIodp358qLgX+BiwBFWhjftSgoSNcKMtUTHvYPRXDauvP+3IynoWFs4il
aJ/AqrgZLQniXJHXMlJYWGPFXfPv74dgWgKC7ZG19u+q25LBsS0SvLRw6raosFc1
Lm4FxFfTAQ+XmZoekGCfzKBWCSrDVqhnnuspc95MwAhU1ELRUunNudbHPqMb0AWF
zygh+64xdPUZAWmtb1hGGjxp11pui8XhiO+E1RwG3DhNYMArMe3OPm4vpDREMmt3
axaWU3+ZSyVgqLOmi8Y9Y1bbyw6GOtuj8Kt91ypuXUWPBMAiw7Rr3tTb7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmOHN3xItnuaP8G8MM+MYC8vYEKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYVk0YzNmRWkyZTVvX3did3d6NHhnTHk5Z1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTrvMA0G
CSqGSIb3DQEBCwUAA4IBAQCG+sOqUNQ0Gv4hs4GOReweCz9+YVMLrDSWSWwtZ+Z3
lFm7ASSA4KLeNXtmknE6t1A8gdzDSPav1PVJlxRw0yfgy0psR/mI4M/2ZbEHuy14
g55YnA+UNorUw32Ut/mESe057aA+pHt2TfdkdGmWXh0SJ72uZzTeshDxWU2HxVBg
5Z6d49bYrZfoYs2StSu8bYxOwy5R25yIHUCH/xtDN6Pxw2UBGsZzhTnt8oa2TnDI
DnLH5N1JT2d5gimHwydhKQwDtnaa6AFZLF0zBnEa8rrClpIp4870I722tV0Cyiy6
EyU0QYLot08DCE2JNlGp8PamHp/2lwEsOrPD9wwhr2Ar
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:07 2024 by rpki-client on console-ams.rpki-client.org