Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/acda5e-4d2d-4f86-a17b-5b493aa07268/1/A0PbdPeJg7DNqMSxltachSbEehs.roa
File:                     A0PbdPeJg7DNqMSxltachSbEehs.roa (raw, json)
Hash identifier:          EU+JxiJQQ+szAk0Rj54skvN9Lb/17IVkYSfNG9HH+Ig=
Subject key identifier:   03:43:DB:74:F7:89:83:B0:CD:A8:C4:B1:96:D6:9C:85:26:C4:7A:1B
Certificate issuer:       /CN=0bc71df16dd0b47cd0af971f14d1dca6d8206bb1
Certificate serial:       0184BDBAC4049B1A068C16E641EB4F810F14
Authority key identifier: 0B:C7:1D:F1:6D:D0:B4:7C:D0:AF:97:1F:14:D1:DC:A6:D8:20:6B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C8cd8W3QtHzQr5cfFNHcptgga7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/acda5e-4d2d-4f86-a17b-5b493aa07268/1/A0PbdPeJg7DNqMSxltachSbEehs.roa
Signing time:             Mon 28 Nov 2022 10:14:04 +0000
ROA not before:           Mon 28 Nov 2022 10:14:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31369
IP address blocks:        193.25.162.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:bd:ba:c4:04:9b:1a:06:8c:16:e6:41:eb:4f:81:0f:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bc71df16dd0b47cd0af971f14d1dca6d8206bb1
        Validity
            Not Before: Nov 28 10:14:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0343db74f78983b0cda8c4b196d69c8526c47a1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:93:26:b5:5f:ce:83:85:a8:ed:26:b8:d9:4e:
                    ad:fd:4b:2e:b9:e5:ac:d5:d1:f3:a0:68:f3:c8:24:
                    f8:0f:d7:bb:84:41:e7:13:ff:50:5f:a5:7a:e0:97:
                    2a:b0:e3:88:8b:cd:a7:71:ce:35:a0:8a:27:b0:a6:
                    8c:e8:01:7b:e2:0b:dd:14:7d:53:a6:9a:7b:ce:0d:
                    06:e5:2d:90:ed:e1:ce:d9:fa:e4:43:50:7d:5f:1b:
                    48:a9:3c:54:d8:8b:21:01:a5:04:49:99:59:c5:e0:
                    4f:9b:57:d3:d8:41:14:1c:32:49:6b:34:50:f0:1b:
                    76:a9:e2:6d:57:5c:13:31:4c:6e:3c:b9:8c:69:57:
                    82:88:ed:a5:f8:c1:cd:67:ee:82:5d:4a:7a:92:d3:
                    69:a2:dc:d7:8b:fa:3c:8d:4b:4b:37:4e:c4:35:a8:
                    a0:c7:12:3b:f9:4a:02:c8:b6:07:29:0f:22:48:f5:
                    13:64:cc:65:58:63:ac:b5:11:c8:df:4f:10:13:bd:
                    89:d0:3f:3f:ac:44:ba:25:d4:3d:06:5a:74:35:ff:
                    78:5f:bd:b6:ec:4b:b3:45:46:4c:b4:ee:33:48:6f:
                    b6:f9:ca:fc:4a:34:87:df:f3:22:05:83:38:92:96:
                    43:2c:8c:b9:f0:43:a9:1a:2f:f6:b8:a4:b7:9c:d5:
                    15:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:43:DB:74:F7:89:83:B0:CD:A8:C4:B1:96:D6:9C:85:26:C4:7A:1B
            X509v3 Authority Key Identifier:
                keyid:0B:C7:1D:F1:6D:D0:B4:7C:D0:AF:97:1F:14:D1:DC:A6:D8:20:6B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C8cd8W3QtHzQr5cfFNHcptgga7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/acda5e-4d2d-4f86-a17b-5b493aa07268/1/A0PbdPeJg7DNqMSxltachSbEehs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/acda5e-4d2d-4f86-a17b-5b493aa07268/1/C8cd8W3QtHzQr5cfFNHcptgga7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.25.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:e6:1b:e8:bf:81:6a:c4:f4:3e:b1:22:dd:7b:52:b1:c0:aa:
         1a:59:3f:ad:cf:e2:f8:82:13:96:6b:22:85:ff:f2:cc:4d:96:
         06:d1:e2:ff:93:34:7f:01:50:e6:8d:5b:50:14:47:e4:da:c9:
         8d:a5:26:de:ce:9a:83:76:b1:13:cb:ef:ad:e6:19:e6:d7:55:
         b1:b5:c6:22:6e:32:2c:93:f7:c9:97:5b:6f:72:c3:40:f0:22:
         17:ab:cc:20:43:91:5d:cd:c6:00:37:80:23:a4:57:af:4d:4c:
         82:d4:a5:ef:5f:92:33:4e:3b:40:73:3e:2c:01:c9:b2:1a:69:
         cc:d5:25:7d:27:0b:87:1c:a9:c9:ec:3d:3d:d5:ba:b3:b7:11:
         15:7d:80:9d:75:dc:2f:ec:90:1e:a5:12:66:91:76:26:c7:e0:
         06:44:29:e4:14:fa:7d:70:98:fe:ec:0b:25:01:eb:d8:13:48:
         26:8a:f7:e0:9e:6e:6e:14:ec:43:bd:ef:12:44:1c:1c:b3:e7:
         aa:80:b9:82:f5:a2:ca:4c:16:c1:41:df:61:f2:5b:e1:03:e9:
         cc:9a:4a:1c:d0:02:42:16:96:fa:50:53:f9:79:50:2b:58:13:
         a0:aa:6d:ef:78:39:63:43:e9:54:87:6b:27:6d:7f:0d:66:34:
         d9:ca:19:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS9usQEmxoGjBbmQetPgQ8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYzcxZGYxNmRkMGI0N2NkMGFmOTcxZjE0ZDFkY2E2ZDgy
MDZiYjEwHhcNMjIxMTI4MTAxNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQzZGI3NGY3ODk4M2IwY2RhOGM0YjE5NmQ2OWM4NTI2YzQ3YTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZMmtV/Og4Wo7Sa42U6t/UsuueWs
1dHzoGjzyCT4D9e7hEHnE/9QX6V64JcqsOOIi82ncc41oIonsKaM6AF74gvdFH1T
ppp7zg0G5S2Q7eHO2frkQ1B9XxtIqTxU2IshAaUESZlZxeBPm1fT2EEUHDJJazRQ
8Bt2qeJtV1wTMUxuPLmMaVeCiO2l+MHNZ+6CXUp6ktNpotzXi/o8jUtLN07ENaig
xxI7+UoCyLYHKQ8iSPUTZMxlWGOstRHI308QE72J0D8/rES6JdQ9Blp0Nf94X722
7EuzRUZMtO4zSG+2+cr8SjSH3/MiBYM4kpZDLIy58EOpGi/2uKS3nNUVGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAND23T3iYOwzajEsZbWnIUmxHobMB8GA1UdIwQY
MBaAFAvHHfFt0LR80K+XHxTR3KbYIGuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzhjZDhXM1F0SHpRcjVjZkZOSGNwdGdnYTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9hY2RhNWUtNGQyZC00Zjg2LWExN2It
NWI0OTNhYTA3MjY4LzEvQTBQYmRQZUpnN0ROcU1TeGx0YWNoU2JFZWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9hY2RhNWUtNGQyZC00Zjg2LWExN2ItNWI0OTNhYTA3MjY4
LzEvQzhjZDhXM1F0SHpRcjVjZkZOSGNwdGdnYTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRmiMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ5hvov4FqxPQ+sSLde1KxwKoaWT+tz+L4ghOWayKF
//LMTZYG0eL/kzR/AVDmjVtQFEfk2smNpSbezpqDdrETy++t5hnm11WxtcYibjIs
k/fJl1tvcsNA8CIXq8wgQ5FdzcYAN4AjpFevTUyC1KXvX5IzTjtAcz4sAcmyGmnM
1SV9JwuHHKnJ7D091bqztxEVfYCdddwv7JAepRJmkXYmx+AGRCnkFPp9cJj+7Asl
AevYE0gmivfgnm5uFOxDve8SRBwcs+eqgLmC9aLKTBbBQd9h8lvhA+nMmkoc0AJC
Fpb6UFP5eVArWBOgqm3veDljQ+lUh2snbX8NZjTZyhlA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:14 2024 by rpki-client on console-fra.rpki-client.org