Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/zgMTne5oMBQSjB4711oK30BjX4E.roa
File:                     zgMTne5oMBQSjB4711oK30BjX4E.roa (raw, json)
Hash identifier:          2dc3oOjckJOHWb6TsHwm2co9HMjrYin6aP2qIBQRGFs=
Subject key identifier:   CE:03:13:9D:EE:68:30:14:12:8C:1E:3B:D7:5A:0A:DF:40:63:5F:81
Certificate issuer:       /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial:       3276C3A4
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/zgMTne5oMBQSjB4711oK30BjX4E.roa
Signing time:             Sat 01 Jan 2022 09:53:31 +0000
ROA not before:           Sat 01 Jan 2022 09:53:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35163
IP address blocks:        193.17.124.0/22 maxlen: 22
                          193.17.120.0/21 maxlen: 22
                          193.17.96.0/21 maxlen: 24
                          193.17.104.0/21 maxlen: 24
                          193.17.112.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 846644132 (0x3276c3a4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
        Validity
            Not Before: Jan  1 09:53:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ce03139dee683014128c1e3bd75a0adf40635f81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:90:ac:c0:3e:5a:13:41:39:10:23:71:0f:d3:
                    c7:ea:b6:2e:50:05:ed:62:bb:b6:39:6a:34:2b:e4:
                    e3:be:a1:61:a3:32:dc:35:43:b9:99:ff:c1:db:71:
                    d0:47:28:7b:98:ea:e9:67:7a:07:35:6b:4e:80:03:
                    2c:cd:7a:b9:a0:97:e7:21:6c:e3:e6:81:9c:2b:e3:
                    81:64:04:47:ca:9e:f7:47:15:05:a3:be:68:a0:ad:
                    d2:14:8f:b3:4e:fe:c3:8f:df:57:c4:27:e0:94:38:
                    9d:9a:3b:2c:10:c4:b0:7e:ee:13:87:14:cd:21:27:
                    1e:3d:f6:b1:d1:2b:7a:d7:93:5a:f5:ff:8d:75:a6:
                    57:30:49:bc:b9:ae:ee:48:cb:2b:1c:b2:35:e2:47:
                    84:a1:ad:2b:c9:10:5b:a8:d8:ed:39:c2:d3:b5:42:
                    85:c8:9b:a9:65:b9:5b:15:d0:2d:03:4a:9f:10:0b:
                    97:e1:51:59:9b:ef:e9:4c:87:8f:b7:0d:ca:86:24:
                    6e:1a:ce:9e:86:af:64:32:12:fd:ed:cd:bf:4d:fa:
                    29:d3:76:95:50:49:12:2e:e7:09:c1:37:f6:f4:49:
                    10:2a:78:55:4a:65:f6:f6:9d:2b:2e:a5:c4:8f:7e:
                    aa:5f:e2:b2:ba:54:22:91:dc:95:2b:20:f9:7a:ca:
                    a5:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:03:13:9D:EE:68:30:14:12:8C:1E:3B:D7:5A:0A:DF:40:63:5F:81
            X509v3 Authority Key Identifier:
                keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/zgMTne5oMBQSjB4711oK30BjX4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.17.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         90:50:95:11:05:0a:fa:b6:87:f5:62:3b:14:7e:f6:cd:6c:5a:
         0f:d9:f5:2a:13:84:c0:ff:a0:63:17:ff:68:b1:e5:fe:0b:57:
         ab:9c:90:63:51:3f:02:ec:df:b0:53:db:70:69:3e:87:74:35:
         66:85:c0:03:89:3a:e1:36:2e:bf:06:57:d4:96:ec:36:a3:de:
         ad:6e:25:aa:5f:e2:36:48:f7:c8:3a:a8:43:7f:a8:35:35:2e:
         7f:94:fa:21:09:aa:f8:01:ea:27:30:db:df:d0:29:47:fc:09:
         d8:7d:82:be:cc:7c:b3:44:39:0a:29:67:e8:e9:be:f4:8b:59:
         10:d8:6c:80:56:4e:2b:72:32:0e:4a:48:e2:74:6a:2d:5b:e0:
         85:76:81:4f:fe:3d:5e:e4:22:f6:38:ca:b5:ab:30:b5:0e:56:
         b2:7f:04:78:24:1c:71:f7:90:08:b3:76:f9:dd:5d:23:6e:a9:
         05:21:d0:3a:8d:33:00:28:9e:0e:7e:05:0b:4f:65:bf:c8:ba:
         d2:86:1f:ba:76:d3:62:4f:9b:f2:f0:41:8f:00:5e:a4:02:21:
         0a:a9:b2:20:8c:ad:4b:e5:26:75:44:6a:95:b1:67:96:7a:82:
         6f:56:8f:44:57:a2:3b:94:8a:66:b0:cc:33:88:dd:07:6e:c5:
         4a:9d:38:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMnbDpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTIwYTBjZTAxM2UyZDUyYTZmZjM1NGEyNzA4OTRiYjk5OGU0NTQ3MB4XDTIyMDEw
MTA5NTMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2UwMzEzOWRlZTY4
MzAxNDEyOGMxZTNiZDc1YTBhZGY0MDYzNWY4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIyQrMA+WhNBORAjcQ/Tx+q2LlAF7WK7tjlqNCvk476hYaMy
3DVDuZn/wdtx0Ecoe5jq6Wd6BzVrToADLM16uaCX5yFs4+aBnCvjgWQER8qe90cV
BaO+aKCt0hSPs07+w4/fV8Qn4JQ4nZo7LBDEsH7uE4cUzSEnHj32sdEreteTWvX/
jXWmVzBJvLmu7kjLKxyyNeJHhKGtK8kQW6jY7TnC07VChcibqWW5WxXQLQNKnxAL
l+FRWZvv6UyHj7cNyoYkbhrOnoavZDIS/e3Nv036KdN2lVBJEi7nCcE39vRJECp4
VUpl9vadKy6lxI9+ql/isrpUIpHclSsg+XrKpf8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTOAxOd7mgwFBKMHjvXWgrfQGNfgTAfBgNVHSMEGDAWgBQRIKDOAT4tUqb/
NUonCJS7mY5FRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VTQ2d6Z0UtTFZLbV96VktKd2lVdTVtT1JVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvNDIxNDk4LTI4ZDMtNDM3Ni1iNjI1LTMxYWYzZTI5NDY3MS8x
L3pnTVRuZTVvTUJRU2pCNDcxMW9LMzBCalg0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
NDIxNDk4LTI4ZDMtNDM3Ni1iNjI1LTMxYWYzZTI5NDY3MS8xL0VTQ2d6Z0UtTFZL
bV96VktKd2lVdTVtT1JVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcERYDANBgkqhkiG9w0BAQsFAAOC
AQEAkFCVEQUK+raH9WI7FH72zWxaD9n1KhOEwP+gYxf/aLHl/gtXq5yQY1E/Auzf
sFPbcGk+h3Q1ZoXAA4k64TYuvwZX1JbsNqPerW4lql/iNkj3yDqoQ3+oNTUuf5T6
IQmq+AHqJzDb39ApR/wJ2H2Cvsx8s0Q5Ciln6Om+9ItZENhsgFZOK3IyDkpI4nRq
LVvghXaBT/49XuQi9jjKtaswtQ5Wsn8EeCQccfeQCLN2+d1dI26pBSHQOo0zACie
Dn4FC09lv8i60oYfunbTYk+b8vBBjwBepAIhCqmyIIytS+UmdURqlbFnlnqCb1aP
RFeiO5SKZrDMM4jdB27FSp04jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:54 2024 by rpki-client on console-ams.rpki-client.org