Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/p7O4wuENxkh0Gnk2-hOWwWVUtrw.roa
File:                     p7O4wuENxkh0Gnk2-hOWwWVUtrw.roa (raw, json)
Hash identifier:          r/CQJr64XlqI8kqqfB3PMo8klkZ8vOJIR4ynal7klo4=
Subject key identifier:   A7:B3:B8:C2:E1:0D:C6:48:74:1A:79:36:FA:13:96:C1:65:54:B6:BC
Certificate issuer:       /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial:       37168373
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/p7O4wuENxkh0Gnk2-hOWwWVUtrw.roa
Signing time:             Sat 01 Jan 2022 11:59:54 +0000
ROA not before:           Sat 01 Jan 2022 11:59:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1257
IP address blocks:        193.10.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 924222323 (0x37168373)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
        Validity
            Not Before: Jan  1 11:59:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a7b3b8c2e10dc648741a7936fa1396c16554b6bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:af:ba:75:e8:b0:8e:7f:b2:51:cb:32:5c:b2:
                    88:a3:a9:f6:09:63:91:70:40:b9:eb:8a:fc:c1:d9:
                    96:92:41:5f:e9:37:18:1c:62:6b:0a:ce:81:47:06:
                    df:fe:49:3a:8d:03:e9:81:69:61:9e:d8:a1:81:77:
                    30:af:58:c2:20:e9:11:20:63:91:b4:f1:80:eb:82:
                    95:04:a1:f9:06:46:a4:fa:90:c6:0f:0e:68:20:68:
                    aa:68:cc:17:fe:45:74:82:c7:02:72:1c:c1:57:ee:
                    8c:e8:54:ce:26:e3:d4:99:f8:18:c0:8c:87:6c:9a:
                    ec:13:cc:02:10:35:67:12:15:0f:6a:0e:1e:53:eb:
                    03:d3:e3:14:e8:a5:14:db:a4:e0:8a:18:49:c8:70:
                    33:5a:41:fd:1c:6e:1b:5d:0d:48:c4:77:84:04:f7:
                    b4:99:62:27:f9:d5:c9:ba:4a:27:79:b9:31:32:75:
                    a4:11:35:a0:5b:f7:28:df:7e:ba:b1:04:c3:a8:f0:
                    f9:d2:4d:e7:c9:67:c8:7b:a9:79:be:86:83:66:43:
                    71:75:0e:e7:3d:03:cc:ab:95:ca:29:ac:9e:79:47:
                    55:0a:ec:16:d4:33:87:6f:70:52:8b:ab:6f:b1:e1:
                    44:53:13:37:33:c2:5f:4f:dd:b2:93:58:a5:42:66:
                    27:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:B3:B8:C2:E1:0D:C6:48:74:1A:79:36:FA:13:96:C1:65:54:B6:BC
            X509v3 Authority Key Identifier:
                keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/p7O4wuENxkh0Gnk2-hOWwWVUtrw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.10.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:3b:e1:df:3b:1e:11:91:a5:d5:ec:8f:56:25:36:d7:19:bc:
         b0:0b:80:23:e0:9e:30:58:dc:eb:22:4a:5a:bc:95:6f:c3:22:
         9a:ab:80:70:d7:c5:37:44:c3:ba:a4:ed:cd:79:b1:32:b9:d0:
         fd:52:82:5f:b9:b0:6c:32:12:c6:e6:b0:b1:03:d5:0a:2d:a7:
         15:66:69:1c:2b:36:54:84:26:fd:c8:44:25:f0:9e:06:b9:5d:
         e6:2d:90:b1:17:ed:a9:c6:60:4f:04:68:4a:95:e6:a3:34:1e:
         5c:0e:5c:78:e4:52:1e:1c:f6:a3:bc:0c:5c:81:d6:9a:ed:89:
         93:cb:50:9f:6d:dc:2f:82:22:f7:9b:54:2a:4e:7d:8d:92:d7:
         ac:d0:93:0f:f8:8d:68:98:ef:06:11:50:3e:e9:eb:3f:78:33:
         37:2b:38:8e:1d:4a:e4:a7:d3:88:43:8b:8f:a8:a9:d3:0f:e2:
         6f:31:1b:de:35:c5:34:95:fa:b2:c3:f7:43:81:10:7f:be:87:
         37:0e:13:fc:44:76:05:c1:46:2f:4e:f5:89:a1:cf:f0:36:77:
         dc:19:36:4e:a6:42:4c:d5:05:2a:af:3a:e0:92:e2:c5:ca:e9:
         ba:e1:b4:d5:de:33:ba:a7:89:27:e1:da:f4:37:0b:e6:99:5e:
         d7:3c:44:08
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENxaDczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODAxZjIzY2U4MjFjMjY0ZDY3NzI3NTM2ZWMxODM1Mzc1OTRjNWYyMB4XDTIyMDEw
MTExNTk1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTdiM2I4YzJlMTBk
YzY0ODc0MWE3OTM2ZmExMzk2YzE2NTU0YjZiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJivunXosI5/slHLMlyyiKOp9gljkXBAueuK/MHZlpJBX+k3
GBxiawrOgUcG3/5JOo0D6YFpYZ7YoYF3MK9YwiDpESBjkbTxgOuClQSh+QZGpPqQ
xg8OaCBoqmjMF/5FdILHAnIcwVfujOhUzibj1Jn4GMCMh2ya7BPMAhA1ZxIVD2oO
HlPrA9PjFOilFNuk4IoYSchwM1pB/RxuG10NSMR3hAT3tJliJ/nVybpKJ3m5MTJ1
pBE1oFv3KN9+urEEw6jw+dJN58lnyHupeb6Gg2ZDcXUO5z0DzKuVyimsnnlHVQrs
FtQzh29wUourb7HhRFMTNzPCX0/dspNYpUJmJwMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSns7jC4Q3GSHQaeTb6E5bBZVS2vDAfBgNVHSMEGDAWgBToAfI86CHCZNZ3
J1NuwYNTdZTF8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZBSHlQT2dod21UV2R5ZFRic0dEVTNXVXhmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8x
L3A3TzR3dUVOeGtoMEduazItaE9Xd1dWVXRydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
ZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8xLzZBSHlQT2dod21U
V2R5ZFRic0dEVTNXVXhmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEKkDANBgkqhkiG9w0BAQsFAAOC
AQEAmjvh3zseEZGl1eyPViU21xm8sAuAI+CeMFjc6yJKWryVb8MimquAcNfFN0TD
uqTtzXmxMrnQ/VKCX7mwbDISxuawsQPVCi2nFWZpHCs2VIQm/chEJfCeBrld5i2Q
sRftqcZgTwRoSpXmozQeXA5ceORSHhz2o7wMXIHWmu2Jk8tQn23cL4Ii95tUKk59
jZLXrNCTD/iNaJjvBhFQPunrP3gzNys4jh1K5KfTiEOLj6ip0w/ibzEb3jXFNJX6
ssP3Q4EQf76HNw4T/ER2BcFGL071iaHP8DZ33Bk2TqZCTNUFKq864JLixcrpuuG0
1d4zuqeJJ+Ha9DcL5ple1zxECA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:00 2024 by rpki-client on console-ams.rpki-client.org