Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/T5rvLUuZF0rCHd8C8smmHfWavTo.roa
File:                     T5rvLUuZF0rCHd8C8smmHfWavTo.roa (raw, json)
Hash identifier:          0oUQe/4zATlO5O95yaQ14sS6y3S3kdUC+AJjHq3lr94=
Subject key identifier:   4F:9A:EF:2D:4B:99:17:4A:C2:1D:DF:02:F2:C9:A6:1D:F5:9A:BD:3A
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       0184E20A7A813CBBC6EA582031869FAB4C7E
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/T5rvLUuZF0rCHd8C8smmHfWavTo.roa
Signing time:             Mon 05 Dec 2022 11:27:28 +0000
ROA not before:           Mon 05 Dec 2022 11:27:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212609
IP address blocks:        188.191.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e2:0a:7a:81:3c:bb:c6:ea:58:20:31:86:9f:ab:4c:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Dec  5 11:27:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f9aef2d4b99174ac21ddf02f2c9a61df59abd3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:0b:45:b6:2a:0e:9c:f6:d4:f8:02:c8:e8:a1:
                    63:cc:4f:34:ff:08:74:a4:ec:c8:61:7e:8a:d6:8a:
                    f7:94:00:14:a3:09:b9:df:62:a7:e5:60:f3:a6:8c:
                    22:75:7c:2c:58:c6:d7:ab:3e:1b:be:9a:1b:14:e6:
                    81:00:5b:3b:d2:6d:e5:77:23:90:0b:97:b2:83:9c:
                    dd:81:a6:c5:b0:4e:e4:93:3f:5b:98:d6:6b:bc:85:
                    70:a5:c1:3c:84:01:6a:d8:7c:f2:7c:7c:a9:60:89:
                    88:f7:15:06:8d:25:46:3e:ae:54:27:1e:d2:9f:93:
                    ae:34:50:67:8e:3f:88:28:3b:0b:63:e9:3c:8c:72:
                    7f:53:71:ff:38:28:66:28:e2:99:a8:e7:bd:9e:f9:
                    1f:91:41:59:b4:b5:d2:f3:59:cd:09:77:7a:dd:c9:
                    4a:42:68:0c:4c:a2:93:a4:df:c2:d0:8b:74:8e:bb:
                    f6:a7:10:8b:7a:e0:51:db:af:8a:12:a7:9e:15:05:
                    ed:ac:71:3a:12:c9:88:8b:bf:53:e9:76:82:00:3a:
                    90:b3:19:62:d7:11:c8:2e:1e:b7:82:33:d0:e8:3d:
                    da:32:26:3a:e2:2b:ee:41:68:ce:87:de:d3:6b:0c:
                    a3:26:93:f2:57:a1:46:f7:b6:7b:ed:2c:ce:cf:54:
                    6b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:9A:EF:2D:4B:99:17:4A:C2:1D:DF:02:F2:C9:A6:1D:F5:9A:BD:3A
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/T5rvLUuZF0rCHd8C8smmHfWavTo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:93:99:dc:01:89:29:69:1b:ea:cf:f6:82:ca:19:af:ff:1f:
         a0:1c:b3:bd:6f:7e:51:c4:32:56:bf:09:61:40:a1:99:a9:d3:
         e7:0f:b6:f4:c6:7d:df:ad:39:32:73:07:ce:ed:f6:e0:cc:23:
         59:64:53:a3:31:92:a9:90:b1:47:83:1e:ab:25:5e:c8:2c:5c:
         a8:e3:ac:e9:18:51:c3:09:ef:dd:eb:4e:f2:a6:d6:2a:cb:91:
         36:d5:b1:5c:67:f0:e8:23:c8:df:ba:01:ca:8d:5d:87:7d:12:
         cb:74:11:9c:66:bd:3e:44:8e:8d:01:d8:21:c7:1b:36:78:80:
         1d:3d:d9:46:48:88:7e:de:9b:0e:f8:23:7b:15:9c:b0:9c:74:
         97:5a:27:7e:2a:05:91:45:21:76:84:9f:dd:60:bf:bf:cb:80:
         73:1a:c0:b4:55:05:09:38:68:e4:86:b9:12:44:dd:66:35:b9:
         27:4c:cb:0c:27:b2:ad:c6:ce:84:a3:59:b5:cd:18:0b:c3:e0:
         5e:af:6d:57:bf:39:95:c0:4c:f4:d4:f2:4f:7f:18:6a:63:dd:
         9e:8b:de:e0:4b:93:4c:ad:d1:d4:2d:35:bd:19:cc:ba:86:2d:
         0e:65:56:c2:2a:53:a5:64:5a:30:5a:bf:42:b0:d6:c4:2a:9c:
         e0:71:a6:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTiCnqBPLvG6lggMYafq0x+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMjA1MTEyNzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjlhZWYyZDRiOTkxNzRhYzIxZGRmMDJmMmM5YTYxZGY1OWFiZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQtFtioOnPbU+ALI6KFjzE80/wh0
pOzIYX6K1or3lAAUowm532Kn5WDzpowidXwsWMbXqz4bvpobFOaBAFs70m3ldyOQ
C5eyg5zdgabFsE7kkz9bmNZrvIVwpcE8hAFq2HzyfHypYImI9xUGjSVGPq5UJx7S
n5OuNFBnjj+IKDsLY+k8jHJ/U3H/OChmKOKZqOe9nvkfkUFZtLXS81nNCXd63clK
QmgMTKKTpN/C0It0jrv2pxCLeuBR26+KEqeeFQXtrHE6EsmIi79T6XaCADqQsxli
1xHILh63gjPQ6D3aMiY64ivuQWjOh97TawyjJpPyV6FG97Z77SzOz1RrowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+a7y1LmRdKwh3fAvLJph31mr06MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvVDVydkxVdVpGMHJDSGQ4QzhzbW1IZldhdlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9mMA0G
CSqGSIb3DQEBCwUAA4IBAQAok5ncAYkpaRvqz/aCyhmv/x+gHLO9b35RxDJWvwlh
QKGZqdPnD7b0xn3frTkycwfO7fbgzCNZZFOjMZKpkLFHgx6rJV7ILFyo46zpGFHD
Ce/d607yptYqy5E21bFcZ/DoI8jfugHKjV2HfRLLdBGcZr0+RI6NAdghxxs2eIAd
PdlGSIh+3psO+CN7FZywnHSXWid+KgWRRSF2hJ/dYL+/y4BzGsC0VQUJOGjkhrkS
RN1mNbknTMsMJ7Ktxs6Eo1m1zRgLw+Ber21XvzmVwEz01PJPfxhqY92ei97gS5NM
rdHULTW9Gcy6hi0OZVbCKlOlZFowWr9CsNbEKpzgcab4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org