Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/7LCfYMhGmfdkRlYRIwQhlMqA6As.roa
File:                     7LCfYMhGmfdkRlYRIwQhlMqA6As.roa (raw, json)
Hash identifier:          uNsRrNtR+lL3BVdew0AQOpHyTAmmBSmWIOkQtLvcTAg=
Subject key identifier:   EC:B0:9F:60:C8:46:99:F7:64:46:56:11:23:04:21:94:CA:80:E8:0B
Certificate issuer:       /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial:       377BAD76
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/7LCfYMhGmfdkRlYRIwQhlMqA6As.roa
Signing time:             Mon 07 Feb 2022 10:29:05 +0000
ROA not before:           Mon 07 Feb 2022 10:29:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2834
IP address blocks:        193.10.132.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 930852214 (0x377bad76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
        Validity
            Not Before: Feb  7 10:29:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ecb09f60c84699f76446561123042194ca80e80b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:fd:a0:a5:54:a4:e5:49:bf:6e:33:c6:fd:0f:
                    ea:67:53:f6:de:58:19:87:48:ba:4b:de:b0:3f:11:
                    b8:a7:8f:31:02:e9:e6:e1:ec:4c:4b:b1:dd:4d:02:
                    b2:cc:86:5e:aa:fd:94:04:e8:18:73:d9:35:b8:f2:
                    e6:ad:7d:ab:f4:ac:6c:bd:27:f1:d2:d4:47:71:85:
                    64:27:7d:a2:47:9f:cc:5e:d0:8c:05:d4:be:2d:45:
                    20:b1:36:25:e2:4a:3a:35:59:04:38:41:24:6b:cf:
                    a3:fd:a2:db:28:39:08:d4:9f:93:d0:0c:b9:73:5c:
                    63:cc:6b:6c:af:55:48:f2:14:18:94:04:af:e3:1e:
                    af:63:b4:d5:a6:a2:22:df:b5:02:18:45:db:b2:d9:
                    f1:ca:20:fb:c7:27:e1:e7:87:7a:45:5f:f9:d2:9b:
                    d2:bf:fa:85:d3:a4:99:3d:4b:f4:44:1e:2e:e7:6e:
                    f9:20:2b:1e:af:4c:e0:36:c0:0e:0f:ef:5f:5c:6c:
                    ac:84:a2:52:d8:93:4d:db:cd:3f:2f:c3:af:82:80:
                    e3:d9:00:a5:09:c3:94:f8:d4:4f:bf:c4:eb:78:41:
                    9b:0a:d9:bb:57:1d:a3:d6:af:67:1d:16:22:ec:16:
                    6b:09:26:1a:ef:f1:f7:1a:0e:29:50:e2:1d:44:7a:
                    a5:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:B0:9F:60:C8:46:99:F7:64:46:56:11:23:04:21:94:CA:80:E8:0B
            X509v3 Authority Key Identifier:
                keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/7LCfYMhGmfdkRlYRIwQhlMqA6As.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.10.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:f0:e5:52:e8:df:98:36:bb:5e:d9:41:d3:b6:70:dd:9d:c5:
         f5:09:55:ab:51:f5:89:92:46:6a:f7:8b:3f:ed:10:c3:a0:cf:
         b9:72:35:16:e4:fa:da:b1:e8:6e:10:d7:03:b9:15:f3:ea:07:
         d7:83:7d:d1:73:3e:f7:4c:d5:92:c3:07:75:6c:0b:b0:db:de:
         44:49:c5:36:38:ba:a5:d9:a4:d8:5e:e4:13:a3:07:b9:df:5b:
         af:51:b6:22:15:8d:41:4b:dc:1a:db:8c:f0:d0:54:2f:37:dd:
         8f:96:09:4e:29:d2:ff:23:93:df:22:7a:f0:37:bd:d8:b0:8b:
         54:b5:ff:a9:e3:82:ab:88:4d:56:47:c8:35:37:d5:56:e2:46:
         ed:a9:a8:83:bd:1c:40:93:95:d5:17:e1:87:48:16:ac:02:2b:
         b8:60:a9:1a:c2:0a:c7:d2:f0:2a:59:85:16:39:22:32:f3:1c:
         b1:9a:73:55:82:2d:d7:8e:88:c7:6f:e1:b0:42:6a:53:09:e0:
         f5:47:3d:fc:e2:25:34:35:c4:d9:ee:cb:9c:96:6f:9a:5e:86:
         9e:44:ce:ec:05:a2:ee:af:a0:ca:62:3e:b7:ff:f3:ea:05:b4:
         0f:c2:e4:12:97:4c:de:db:96:98:fe:12:be:bb:ae:ca:f0:a7:
         ec:49:a6:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN3utdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODAxZjIzY2U4MjFjMjY0ZDY3NzI3NTM2ZWMxODM1Mzc1OTRjNWYyMB4XDTIyMDIw
NzEwMjkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNiMDlmNjBjODQ2
OTlmNzY0NDY1NjExMjMwNDIxOTRjYTgwZTgwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALP9oKVUpOVJv24zxv0P6mdT9t5YGYdIukvesD8RuKePMQLp
5uHsTEux3U0CssyGXqr9lAToGHPZNbjy5q19q/SsbL0n8dLUR3GFZCd9okefzF7Q
jAXUvi1FILE2JeJKOjVZBDhBJGvPo/2i2yg5CNSfk9AMuXNcY8xrbK9VSPIUGJQE
r+Mer2O01aaiIt+1AhhF27LZ8cog+8cn4eeHekVf+dKb0r/6hdOkmT1L9EQeLudu
+SArHq9M4DbADg/vX1xsrISiUtiTTdvNPy/Dr4KA49kApQnDlPjUT7/E63hBmwrZ
u1cdo9avZx0WIuwWawkmGu/x9xoOKVDiHUR6pQUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTssJ9gyEaZ92RGVhEjBCGUyoDoCzAfBgNVHSMEGDAWgBToAfI86CHCZNZ3
J1NuwYNTdZTF8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZBSHlQT2dod21UV2R5ZFRic0dEVTNXVXhmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8x
LzdMQ2ZZTWhHbWZka1JsWVJJd1FobE1xQTZBcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
ZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8xLzZBSHlQT2dod21U
V2R5ZFRic0dEVTNXVXhmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsEKhDANBgkqhkiG9w0BAQsFAAOC
AQEAavDlUujfmDa7XtlB07Zw3Z3F9QlVq1H1iZJGaveLP+0Qw6DPuXI1FuT62rHo
bhDXA7kV8+oH14N90XM+90zVksMHdWwLsNveREnFNji6pdmk2F7kE6MHud9br1G2
IhWNQUvcGtuM8NBULzfdj5YJTinS/yOT3yJ68De92LCLVLX/qeOCq4hNVkfINTfV
VuJG7amog70cQJOV1Rfhh0gWrAIruGCpGsIKx9LwKlmFFjkiMvMcsZpzVYIt146I
x2/hsEJqUwng9Uc9/OIlNDXE2e7LnJZvml6GnkTO7AWi7q+gymI+t//z6gW0D8Lk
EpdM3tuWmP4SvruuyvCn7Emm2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:00 2024 by rpki-client on console-ams.rpki-client.org