Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/bff799-9e32-43be-85cd-824760714dfb/1/IBfVuzYWqASLDuODGwHuUoKh8aQ.roa
File:                     IBfVuzYWqASLDuODGwHuUoKh8aQ.roa (raw, json)
Hash identifier:          AVSE2b545liStHLFPZmiHJLTXbMR47DBbH13Vtxb+3c=
Subject key identifier:   20:17:D5:BB:36:16:A8:04:8B:0E:E3:83:1B:01:EE:52:82:A1:F1:A4
Certificate issuer:       /CN=e544e266d4eb9cc7ded292c12b06b1ca7bcea778
Certificate serial:       150861BF
Authority key identifier: E5:44:E2:66:D4:EB:9C:C7:DE:D2:92:C1:2B:06:B1:CA:7B:CE:A7:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5UTiZtTrnMfe0pLBKwaxynvOp3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/bff799-9e32-43be-85cd-824760714dfb/1/IBfVuzYWqASLDuODGwHuUoKh8aQ.roa
Signing time:             Sat 01 Jan 2022 09:59:47 +0000
ROA not before:           Sat 01 Jan 2022 09:59:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20813
IP address blocks:        193.108.160.0/23 maxlen: 23
                          194.24.226.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 352870847 (0x150861bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e544e266d4eb9cc7ded292c12b06b1ca7bcea778
        Validity
            Not Before: Jan  1 09:59:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2017d5bb3616a8048b0ee3831b01ee5282a1f1a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ba:44:f5:35:7f:ad:5d:b7:e5:e7:d4:64:11:
                    7d:73:6d:a8:b5:69:ab:b3:1f:43:6a:99:37:49:17:
                    3c:0e:7e:88:47:c2:1a:4e:25:69:8c:30:02:53:a6:
                    13:48:65:98:d3:aa:82:02:2f:98:f0:1f:1b:40:4c:
                    05:c0:cf:ec:14:f4:22:48:54:e1:f9:71:eb:85:b4:
                    0c:a6:a0:90:7d:58:a5:db:ad:d4:31:d1:18:3e:53:
                    6e:47:5c:20:48:81:0e:36:18:d7:01:ff:25:ed:f3:
                    2b:6e:14:d5:a6:b9:ee:b7:87:d6:17:b7:d9:9a:57:
                    48:b2:7a:b0:81:7a:ec:69:13:73:79:ca:13:ae:6c:
                    a2:de:c8:28:c4:20:1c:a7:a7:f3:14:23:76:22:e1:
                    d0:26:54:90:03:e3:b4:ac:d9:82:81:84:1f:ec:d8:
                    be:6e:50:8b:bd:aa:1c:8f:2f:90:b4:23:f4:61:b6:
                    97:68:0a:02:ae:56:66:e6:8a:a4:9c:d0:32:db:5c:
                    f9:94:27:fe:db:ef:bd:ae:34:ee:b8:e1:57:25:cc:
                    df:64:0e:ce:ec:18:0a:d0:ab:3b:c8:72:7a:0a:57:
                    38:5a:53:83:6b:f9:a2:65:61:30:4e:37:b4:c0:e7:
                    2a:fa:fc:43:9c:c4:31:0c:ee:3d:80:8a:ed:e2:28:
                    41:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:17:D5:BB:36:16:A8:04:8B:0E:E3:83:1B:01:EE:52:82:A1:F1:A4
            X509v3 Authority Key Identifier:
                keyid:E5:44:E2:66:D4:EB:9C:C7:DE:D2:92:C1:2B:06:B1:CA:7B:CE:A7:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UTiZtTrnMfe0pLBKwaxynvOp3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bff799-9e32-43be-85cd-824760714dfb/1/IBfVuzYWqASLDuODGwHuUoKh8aQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bff799-9e32-43be-85cd-824760714dfb/1/5UTiZtTrnMfe0pLBKwaxynvOp3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.160.0/23
                  194.24.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7e:12:1f:8f:c5:53:9a:d4:7a:90:c4:54:ed:48:ce:90:06:13:
         06:5d:88:6b:0c:ba:e2:a6:46:7f:6d:7b:7a:a3:6d:b2:49:95:
         ab:9f:d2:f2:fb:08:f8:4c:4d:ea:19:2c:71:5b:04:43:d9:64:
         9a:ad:63:ef:95:51:25:60:61:ca:30:74:bf:f6:ec:2a:2b:18:
         c5:ef:7d:0c:85:4b:f4:43:63:d5:0b:78:95:da:04:09:07:7c:
         af:81:a4:c9:a9:78:c2:1c:00:23:bd:b3:24:41:39:e2:86:05:
         0b:0e:6f:76:61:45:77:e0:b7:f7:b0:a5:03:4c:04:6a:8f:c0:
         b4:b7:39:42:c4:98:4b:0e:d5:bf:fc:96:1d:07:ea:5b:8e:83:
         a3:ac:ed:b4:04:a6:6d:81:c8:e4:12:9e:d5:c0:57:e8:d5:2f:
         9b:38:da:90:05:98:22:54:0a:be:32:20:7b:ed:df:04:60:26:
         77:d4:34:05:2b:b2:e6:47:74:d0:40:a6:bc:34:2d:9b:99:63:
         96:3d:99:ad:02:36:82:79:77:6d:f5:f6:4c:ed:23:9f:65:b3:
         17:1d:a9:ad:1a:4d:59:a7:09:a9:9a:98:69:0c:64:a4:5a:3b:
         94:01:5d:04:c7:d6:97:1c:98:d7:02:73:60:61:98:01:54:dd:
         00:84:99:26
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFQhhvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTQ0ZTI2NmQ0ZWI5Y2M3ZGVkMjkyYzEyYjA2YjFjYTdiY2VhNzc4MB4XDTIyMDEw
MTA5NTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjAxN2Q1YmIzNjE2
YTgwNDhiMGVlMzgzMWIwMWVlNTI4MmExZjFhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALO6RPU1f61dt+Xn1GQRfXNtqLVpq7MfQ2qZN0kXPA5+iEfC
Gk4laYwwAlOmE0hlmNOqggIvmPAfG0BMBcDP7BT0IkhU4flx64W0DKagkH1Ypdut
1DHRGD5TbkdcIEiBDjYY1wH/Je3zK24U1aa57reH1he32ZpXSLJ6sIF67GkTc3nK
E65sot7IKMQgHKen8xQjdiLh0CZUkAPjtKzZgoGEH+zYvm5Qi72qHI8vkLQj9GG2
l2gKAq5WZuaKpJzQMttc+ZQn/tvvva407rjhVyXM32QOzuwYCtCrO8hyegpXOFpT
g2v5omVhME43tMDnKvr8Q5zEMQzuPYCK7eIoQdkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQgF9W7NhaoBIsO44MbAe5SgqHxpDAfBgNVHSMEGDAWgBTlROJm1Oucx97S
ksErBrHKe86neDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVVVGladFRybk1mZTBwTEJLd2F4eW52T3AzZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvYmZmNzk5LTllMzItNDNiZS04NWNkLTgyNDc2MDcxNGRmYi8x
L0lCZlZ1ellXcUFTTER1T0RHd0h1VW9LaDhhUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
YmZmNzk5LTllMzItNDNiZS04NWNkLTgyNDc2MDcxNGRmYi8xLzVVVGladFRybk1m
ZTBwTEJLd2F4eW52T3AzZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcFsoAMEAcIY4jANBgkqhkiG9w0B
AQsFAAOCAQEAfhIfj8VTmtR6kMRU7UjOkAYTBl2Iawy64qZGf217eqNtskmVq5/S
8vsI+ExN6hkscVsEQ9lkmq1j75VRJWBhyjB0v/bsKisYxe99DIVL9ENj1Qt4ldoE
CQd8r4Gkyal4whwAI72zJEE54oYFCw5vdmFFd+C397ClA0wEao/AtLc5QsSYSw7V
v/yWHQfqW46Do6zttASmbYHI5BKe1cBX6NUvmzjakAWYIlQKvjIge+3fBGAmd9Q0
BSuy5kd00ECmvDQtm5ljlj2ZrQI2gnl3bfX2TO0jn2WzFx2prRpNWacJqZqYaQxk
pFo7lAFdBMfWlxyY1wJzYGGYAVTdAISZJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:01 2024 by rpki-client on console-fra.rpki-client.org