Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/EgBcy51-S4pklGie6tGSL0CvGak.roa
File:                     EgBcy51-S4pklGie6tGSL0CvGak.roa (raw, json)
Hash identifier:          TRiNSgqLEeUSXCK75XlyGmYmV1J+HDjRa+nqHRM1jY4=
Subject key identifier:   12:00:5C:CB:9D:7E:4B:8A:64:94:68:9E:EA:D1:92:2F:40:AF:19:A9
Certificate issuer:       /CN=fb1157e81b7c9e43360a1cb50a31401175921808
Certificate serial:       01F7E2CA
Authority key identifier: FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/EgBcy51-S4pklGie6tGSL0CvGak.roa
Signing time:             Fri 11 Mar 2022 07:23:58 +0000
ROA not before:           Fri 11 Mar 2022 07:23:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398465
IP address blocks:        193.108.104.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33022666 (0x1f7e2ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb1157e81b7c9e43360a1cb50a31401175921808
        Validity
            Not Before: Mar 11 07:23:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=12005ccb9d7e4b8a6494689eead1922f40af19a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e5:14:c1:ad:a6:db:3c:8a:f7:cd:da:99:9b:
                    88:df:f3:dc:8d:92:bc:ef:db:6c:e8:a5:7b:8b:38:
                    64:16:68:2d:7b:da:29:6f:7a:73:4a:36:9d:be:b3:
                    c8:f4:36:0d:7e:31:86:25:cb:19:27:7f:05:d6:0a:
                    39:4d:51:ad:ca:cb:47:57:b6:37:ca:fd:cc:67:43:
                    5c:2f:f2:51:28:76:0f:22:50:8a:3c:7b:29:27:cb:
                    1a:b0:93:84:59:25:7e:d2:f2:d6:84:86:41:1c:d8:
                    87:b1:01:62:f1:ad:41:e0:cb:8a:9c:34:8b:08:9f:
                    4d:8c:82:2a:86:60:bc:00:09:5f:69:b3:cc:85:1c:
                    bd:0a:15:35:60:c4:8c:f1:06:bb:d8:af:1d:dd:bd:
                    8b:0a:7c:ad:69:ff:ae:2a:ca:6a:9f:25:4d:80:d7:
                    56:7c:37:de:4b:74:5c:b4:2f:68:bc:12:a3:44:81:
                    a6:d9:fd:70:80:2a:9c:31:b5:60:31:7d:a5:78:b8:
                    69:09:f4:95:09:7b:ff:be:fa:2c:89:ae:89:93:66:
                    9c:25:47:f0:01:39:f5:fa:7e:ed:10:37:08:6a:6d:
                    c9:68:a6:1d:26:79:3f:82:d7:f3:64:17:a2:a4:8d:
                    f4:e9:bc:d5:cd:2b:8e:13:7b:b0:a4:15:4f:68:f9:
                    5c:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:00:5C:CB:9D:7E:4B:8A:64:94:68:9E:EA:D1:92:2F:40:AF:19:A9
            X509v3 Authority Key Identifier:
                keyid:FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/EgBcy51-S4pklGie6tGSL0CvGak.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d6:4b:f5:26:2e:2e:f0:2d:e1:08:6e:c5:0f:18:07:88:42:42:
         5e:7b:76:34:d4:c1:42:bb:2b:bb:72:f6:d0:35:5a:95:1a:b3:
         87:e3:27:37:a9:fc:32:27:b3:2a:a0:03:83:62:17:71:1a:36:
         80:9e:29:18:fe:5f:06:f8:fd:6a:4b:4a:e7:86:fa:f8:ee:76:
         63:1a:5e:82:b6:c6:78:97:57:83:cf:09:68:3c:3b:3d:48:ea:
         8d:5d:f6:a6:73:0f:80:78:ed:f4:64:3e:4c:f6:ba:aa:64:c9:
         40:ff:9d:b4:4f:60:d5:40:33:14:32:85:df:65:89:13:09:57:
         78:96:54:f4:b9:2d:c7:0e:69:54:1f:02:27:cf:b9:c4:87:e9:
         fa:9c:96:80:53:24:1c:06:a1:bb:47:26:9f:56:40:ea:1b:07:
         f1:53:35:c2:1d:e9:03:6f:d7:9a:44:5c:34:a4:f6:2e:28:d0:
         46:34:fa:5b:4b:b5:36:65:65:61:95:88:3c:47:7d:a1:52:94:
         fc:76:9a:e6:e8:c8:f6:80:20:d8:df:54:e1:99:a1:23:e9:4c:
         f2:d2:a2:33:12:98:83:98:43:8c:83:64:c0:a8:fe:3f:35:c0:
         d7:12:4a:be:bc:dc:63:fc:7d:5d:bd:58:7f:a1:c0:84:bd:f8:
         9c:05:e2:08
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAffiyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjExNTdlODFiN2M5ZTQzMzYwYTFjYjUwYTMxNDAxMTc1OTIxODA4MB4XDTIyMDMx
MTA3MjM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTIwMDVjY2I5ZDdl
NGI4YTY0OTQ2ODllZWFkMTkyMmY0MGFmMTlhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/lFMGtpts8ivfN2pmbiN/z3I2SvO/bbOile4s4ZBZoLXva
KW96c0o2nb6zyPQ2DX4xhiXLGSd/BdYKOU1RrcrLR1e2N8r9zGdDXC/yUSh2DyJQ
ijx7KSfLGrCThFklftLy1oSGQRzYh7EBYvGtQeDLipw0iwifTYyCKoZgvAAJX2mz
zIUcvQoVNWDEjPEGu9ivHd29iwp8rWn/rirKap8lTYDXVnw33kt0XLQvaLwSo0SB
ptn9cIAqnDG1YDF9pXi4aQn0lQl7/776LImuiZNmnCVH8AE59fp+7RA3CGptyWim
HSZ5P4LX82QXoqSN9Om81c0rjhN7sKQVT2j5XEMCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQSAFzLnX5LimSUaJ7q0ZIvQK8ZqTAfBgNVHSMEGDAWgBT7EVfoG3yeQzYK
HLUKMUARdZIYCDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteEZYNkJ0OG5rTTJDaHkxQ2pGQUVYV1NHQWcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzU0LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMv
MS9FZ0JjeTUxLVM0cGtsR2llNnRHU0wwQ3ZHYWsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0
LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMvMS8xLXhGWDZCdDhu
a00yQ2h5MUNqRkFFWFdTR0FnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwWxoMA0GCSqGSIb3DQEBCwUA
A4IBAQDWS/UmLi7wLeEIbsUPGAeIQkJee3Y01MFCuyu7cvbQNVqVGrOH4yc3qfwy
J7MqoAODYhdxGjaAnikY/l8G+P1qS0rnhvr47nZjGl6CtsZ4l1eDzwloPDs9SOqN
Xfamcw+AeO30ZD5M9rqqZMlA/520T2DVQDMUMoXfZYkTCVd4llT0uS3HDmlUHwIn
z7nEh+n6nJaAUyQcBqG7RyafVkDqGwfxUzXCHekDb9eaRFw0pPYuKNBGNPpbS7U2
ZWVhlYg8R32hUpT8dprm6Mj2gCDY31ThmaEj6Uzy0qIzEpiDmEOMg2TAqP4/NcDX
Ekq+vNxj/H1dvVh/ocCEvficBeII
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:29 2023 by rpki-client on console-fra.rpki-client.org