Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/f9OSP28sZ0SpqcPt57qaetUEAlQ.roa
File:                     f9OSP28sZ0SpqcPt57qaetUEAlQ.roa (raw, json)
Hash identifier:          VycYo/2kb9ZyBpyoZaUuHolkcjTVgrihjVc76rTq2XI=
Subject key identifier:   7F:D3:92:3F:6F:2C:67:44:A9:A9:C3:ED:E7:BA:9A:7A:D5:04:02:54
Certificate issuer:       /CN=c032495b89dce81b0c7f886ddfc3604bde06d8a6
Certificate serial:       0B9113E0
Authority key identifier: C0:32:49:5B:89:DC:E8:1B:0C:7F:88:6D:DF:C3:60:4B:DE:06:D8:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wDJJW4nc6BsMf4ht38NgS94G2KY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/f9OSP28sZ0SpqcPt57qaetUEAlQ.roa
Signing time:             Sat 01 Jan 2022 04:56:05 +0000
ROA not before:           Sat 01 Jan 2022 04:56:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41785
IP address blocks:        193.161.140.0/24 maxlen: 24
                          2a0c:9f40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 194057184 (0xb9113e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c032495b89dce81b0c7f886ddfc3604bde06d8a6
        Validity
            Not Before: Jan  1 04:56:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7fd3923f6f2c6744a9a9c3ede7ba9a7ad5040254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:36:02:3d:52:63:69:3b:ff:7a:d8:b0:eb:51:
                    e6:d9:08:f9:6f:88:e0:b4:ed:58:5d:7c:43:8a:99:
                    d3:0b:79:ca:19:47:ff:c4:a5:b2:19:da:20:f2:09:
                    aa:8e:98:f3:56:b4:1c:44:4e:8f:79:4e:00:bb:d5:
                    4a:f8:cc:34:4e:8c:6f:95:e1:f4:e1:ff:78:fe:f5:
                    46:53:5d:c4:74:39:9a:a0:33:3c:ad:b0:1b:57:88:
                    a3:8a:63:f2:9e:f7:e9:01:f2:e6:0d:06:49:88:1b:
                    e0:79:c6:56:66:9f:61:11:90:fb:ea:43:91:32:55:
                    a2:2c:fe:aa:83:1b:5d:ab:a5:1b:1f:66:d5:52:df:
                    74:8f:6e:a7:b3:e0:0f:02:f4:2f:d4:6e:45:cd:66:
                    13:46:77:2a:10:94:84:e8:a5:dc:ef:9c:42:4f:bc:
                    cb:c7:8a:1a:99:2c:0a:d7:1a:3b:20:cb:01:8b:8e:
                    fa:2b:d9:29:7b:7d:ae:81:07:ab:a9:85:41:c5:51:
                    6e:72:ac:eb:23:83:4e:14:41:59:94:25:66:03:80:
                    dc:2d:f8:c2:a6:69:fb:bb:90:cc:63:98:03:05:a5:
                    6d:df:39:a3:0b:b2:69:2d:9d:c1:54:fb:83:98:e7:
                    45:9c:6c:11:83:64:5a:bf:09:17:e2:b2:2f:f8:31:
                    c5:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:D3:92:3F:6F:2C:67:44:A9:A9:C3:ED:E7:BA:9A:7A:D5:04:02:54
            X509v3 Authority Key Identifier:
                keyid:C0:32:49:5B:89:DC:E8:1B:0C:7F:88:6D:DF:C3:60:4B:DE:06:D8:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wDJJW4nc6BsMf4ht38NgS94G2KY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/f9OSP28sZ0SpqcPt57qaetUEAlQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/wDJJW4nc6BsMf4ht38NgS94G2KY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.161.140.0/24
                IPv6:
                  2a0c:9f40::/32

    Signature Algorithm: sha256WithRSAEncryption
         af:9b:f4:a4:c9:77:77:7d:9b:19:98:b6:a0:f5:79:19:7e:68:
         59:33:1f:22:e4:91:96:6b:cc:25:ad:1b:4d:35:24:66:4a:f0:
         e5:e5:ee:97:66:cf:01:e7:78:59:84:a6:d8:09:8f:1d:c2:40:
         e8:74:6e:32:7e:ce:5c:a5:0d:54:18:88:ba:01:2f:15:a0:e1:
         f6:3f:0d:73:e7:f2:45:98:1f:cb:8a:eb:47:4b:8d:c8:d9:a6:
         ed:09:4f:5b:28:13:9e:d9:95:0c:d0:37:8c:78:3e:e1:d8:d5:
         2a:07:f8:ac:88:7e:7a:71:24:40:68:b5:ca:80:9b:6c:df:02:
         fc:54:36:b4:f5:0e:b4:86:f0:d2:da:3b:9c:12:ed:06:08:f5:
         07:d9:48:61:c2:44:0d:e1:8c:c6:50:04:a5:0c:a7:03:35:7e:
         3b:32:17:7e:b9:46:95:74:98:f4:87:07:84:8c:6f:85:e4:b2:
         fe:34:ea:0b:ed:bf:3c:8a:2e:64:c2:44:ae:db:c1:be:55:cd:
         ce:7a:a8:55:7a:2b:18:be:88:42:e8:06:03:bd:2d:b1:14:1e:
         96:ac:20:34:17:2a:4c:48:48:de:34:ff:dc:fa:02:75:30:d6:
         f9:f8:cc:0f:d6:b6:21:6f:cd:9a:02:8f:98:a5:cc:24:9b:ef:
         92:b3:5a:a8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEC5ET4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDMyNDk1Yjg5ZGNlODFiMGM3Zjg4NmRkZmMzNjA0YmRlMDZkOGE2MB4XDTIyMDEw
MTA0NTYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZkMzkyM2Y2ZjJj
Njc0NGE5YTljM2VkZTdiYTlhN2FkNTA0MDI1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALo2Aj1SY2k7/3rYsOtR5tkI+W+I4LTtWF18Q4qZ0wt5yhlH
/8SlshnaIPIJqo6Y81a0HEROj3lOALvVSvjMNE6Mb5Xh9OH/eP71RlNdxHQ5mqAz
PK2wG1eIo4pj8p736QHy5g0GSYgb4HnGVmafYRGQ++pDkTJVoiz+qoMbXaulGx9m
1VLfdI9up7PgDwL0L9RuRc1mE0Z3KhCUhOil3O+cQk+8y8eKGpksCtcaOyDLAYuO
+ivZKXt9roEHq6mFQcVRbnKs6yODThRBWZQlZgOA3C34wqZp+7uQzGOYAwWlbd85
owuyaS2dwVT7g5jnRZxsEYNkWr8JF+KyL/gxxacCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR/05I/byxnRKmpw+3nupp61QQCVDAfBgNVHSMEGDAWgBTAMklbidzoGwx/
iG3fw2BL3gbYpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dESkpXNG5jNkJzTWY0aHQzOE5nUzk0RzJLWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvMTJkZDJjLTRkMGMtNDIwYS05OGE1LTAyZTY0MjJjNDE4MS8x
L2Y5T1NQMjhzWjBTcHFjUHQ1N3FhZXRVRUFsUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
MTJkZDJjLTRkMGMtNDIwYS05OGE1LTAyZTY0MjJjNDE4MS8xL3dESkpXNG5jNkJz
TWY0aHQzOE5nUzk0RzJLWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMGhjDANBAIAAjAHAwUAKgyfQDAN
BgkqhkiG9w0BAQsFAAOCAQEAr5v0pMl3d32bGZi2oPV5GX5oWTMfIuSRlmvMJa0b
TTUkZkrw5eXul2bPAed4WYSm2AmPHcJA6HRuMn7OXKUNVBiIugEvFaDh9j8Nc+fy
RZgfy4rrR0uNyNmm7QlPWygTntmVDNA3jHg+4djVKgf4rIh+enEkQGi1yoCbbN8C
/FQ2tPUOtIbw0to7nBLtBgj1B9lIYcJEDeGMxlAEpQynAzV+OzIXfrlGlXSY9IcH
hIxvheSy/jTqC+2/PIouZMJErtvBvlXNznqoVXorGL6IQugGA70tsRQelqwgNBcq
TEhI3jT/3PoCdTDW+fjMD9a2IW/NmgKPmKXMJJvvkrNaqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:24 2024 by rpki-client on console-fra.rpki-client.org