Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/AjbMl4puGtHCwLZaX9p9Rr6r5t8.roa
File:                     AjbMl4puGtHCwLZaX9p9Rr6r5t8.roa (raw, json)
Hash identifier:          tcqdDyIDAEBxSwwFUcffU/SdiZ+KLMCnoXGgsAGMV60=
Subject key identifier:   02:36:CC:97:8A:6E:1A:D1:C2:C0:B6:5A:5F:DA:7D:46:BE:AB:E6:DF
Certificate issuer:       /CN=0d4885a8b5a4f6b4ac0e45d11838951e94e6ef3e
Certificate serial:       01828CC914801D7FE7BE806DBADCEADBF593
Authority key identifier: 0D:48:85:A8:B5:A4:F6:B4:AC:0E:45:D1:18:38:95:1E:94:E6:EF:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUiFqLWk9rSsDkXRGDiVHpTm7z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/AjbMl4puGtHCwLZaX9p9Rr6r5t8.roa
Signing time:             Thu 11 Aug 2022 12:02:44 +0000
ROA not before:           Thu 11 Aug 2022 12:02:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        193.189.137.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8c:c9:14:80:1d:7f:e7:be:80:6d:ba:dc:ea:db:f5:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4885a8b5a4f6b4ac0e45d11838951e94e6ef3e
        Validity
            Not Before: Aug 11 12:02:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0236cc978a6e1ad1c2c0b65a5fda7d46beabe6df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:59:58:23:ab:1e:67:45:01:54:a1:f8:9b:e2:
                    6f:9a:20:72:f8:f6:3a:ef:4d:4e:0d:bc:69:60:96:
                    ea:7f:19:a8:a9:6d:c9:4c:89:08:fc:08:c0:cf:9c:
                    a5:8f:69:14:f0:9f:77:a0:62:f2:a3:16:39:85:cb:
                    d3:50:a2:39:41:b1:bf:eb:ce:75:33:fd:e4:0d:25:
                    26:b9:bf:13:2e:b2:34:a7:ba:b9:37:85:b7:db:24:
                    96:a1:36:4b:3d:7a:9f:c3:54:4b:b2:6d:3a:b3:bb:
                    e9:46:17:8f:8d:75:ed:76:29:da:02:7d:43:bb:c3:
                    e4:21:7b:2a:07:15:01:8e:88:a4:2d:68:d7:c1:c7:
                    f6:4f:cf:9f:81:dc:62:b4:2b:a7:7e:e6:5c:59:3c:
                    31:2d:d7:98:65:83:de:f9:ae:0a:a4:8a:ca:42:96:
                    5f:0e:dd:50:8b:d7:ff:80:64:ee:82:c0:15:6e:62:
                    d5:18:7a:0b:3e:42:9f:07:3f:ee:7f:67:70:f4:1c:
                    a6:e7:6a:da:e8:3e:6c:57:18:1e:2e:a8:08:d2:a9:
                    8f:63:9f:00:7e:79:6d:87:cb:75:cf:31:43:7a:43:
                    25:8c:3a:db:96:01:4c:fe:d1:75:43:2a:1a:c0:c2:
                    0a:37:3a:64:5e:30:5d:39:c4:fe:3b:1a:f3:92:10:
                    74:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:36:CC:97:8A:6E:1A:D1:C2:C0:B6:5A:5F:DA:7D:46:BE:AB:E6:DF
            X509v3 Authority Key Identifier:
                keyid:0D:48:85:A8:B5:A4:F6:B4:AC:0E:45:D1:18:38:95:1E:94:E6:EF:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUiFqLWk9rSsDkXRGDiVHpTm7z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/AjbMl4puGtHCwLZaX9p9Rr6r5t8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/DUiFqLWk9rSsDkXRGDiVHpTm7z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.189.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:0a:a3:07:7d:4b:a3:c9:82:5a:c5:59:1a:57:48:47:62:b7:
         c7:14:51:a9:ba:43:f9:96:03:32:d6:70:3f:00:19:7b:f1:f4:
         75:94:dc:4a:9b:bb:e0:4d:66:47:63:e4:63:97:4f:09:87:6d:
         b9:db:74:5d:a9:d6:4c:5d:40:f5:20:78:64:9b:73:5d:81:a4:
         98:c2:3d:d9:e1:f8:24:88:63:ed:97:a4:de:2a:00:c0:d6:ac:
         c1:b2:78:cc:d2:b1:4c:9e:89:4a:b8:07:e5:df:9f:4f:ff:fe:
         a5:e0:6b:1b:a2:fc:ea:20:e7:95:4e:76:b2:25:f1:88:b0:98:
         72:c5:ef:3f:6a:6d:fd:9f:50:6d:5c:20:41:88:b9:00:8a:d1:
         f4:42:68:fb:b7:be:54:a0:b0:02:52:06:08:fa:a3:31:1d:1f:
         a3:6d:3e:d4:c2:f6:15:4e:65:41:24:4f:9e:be:4e:42:2c:af:
         a5:e4:c4:e1:04:89:7a:ea:6b:02:ff:98:28:72:d9:4e:c9:17:
         df:22:bb:a8:52:9c:2b:5f:4c:27:db:dc:c6:7c:50:88:61:38:
         e7:2e:31:18:9e:88:04:71:70:75:51:0a:54:3f:00:04:8b:ae:
         8c:8f:31:04:84:cd:1a:5d:f9:20:a0:8f:8b:d8:52:0f:95:a4:
         cd:1b:58:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKMyRSAHX/nvoBtutzq2/WTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDg4NWE4YjVhNGY2YjRhYzBlNDVkMTE4Mzg5NTFlOTRl
NmVmM2UwHhcNMjIwODExMTIwMjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjM2Y2M5NzhhNmUxYWQxYzJjMGI2NWE1ZmRhN2Q0NmJlYWJlNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVlYI6seZ0UBVKH4m+JvmiBy+PY6
701ODbxpYJbqfxmoqW3JTIkI/AjAz5ylj2kU8J93oGLyoxY5hcvTUKI5QbG/6851
M/3kDSUmub8TLrI0p7q5N4W32ySWoTZLPXqfw1RLsm06s7vpRhePjXXtdinaAn1D
u8PkIXsqBxUBjoikLWjXwcf2T8+fgdxitCunfuZcWTwxLdeYZYPe+a4KpIrKQpZf
Dt1Qi9f/gGTugsAVbmLVGHoLPkKfBz/uf2dw9Bym52ra6D5sVxgeLqgI0qmPY58A
fnlth8t1zzFDekMljDrblgFM/tF1QyoawMIKNzpkXjBdOcT+OxrzkhB0JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAI2zJeKbhrRwsC2Wl/afUa+q+bfMB8GA1UdIwQY
MBaAFA1Ihai1pPa0rA5F0Rg4lR6U5u8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVpRnFMV2s5clNzRGtYUkdEaVZIcFRtN3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84ODVlNGEtOWMwOS00NjdlLTgwNGMt
ZDhmYjMzZjMwNDUyLzEvQWpiTWw0cHVHdEhDd0xaYVg5cDlScjZyNXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84ODVlNGEtOWMwOS00NjdlLTgwNGMtZDhmYjMzZjMwNDUy
LzEvRFVpRnFMV2s5clNzRGtYUkdEaVZIcFRtN3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwb2JMA0G
CSqGSIb3DQEBCwUAA4IBAQBoCqMHfUujyYJaxVkaV0hHYrfHFFGpukP5lgMy1nA/
ABl78fR1lNxKm7vgTWZHY+Rjl08Jh22523RdqdZMXUD1IHhkm3NdgaSYwj3Z4fgk
iGPtl6TeKgDA1qzBsnjM0rFMnolKuAfl359P//6l4GsbovzqIOeVTnayJfGIsJhy
xe8/am39n1BtXCBBiLkAitH0Qmj7t75UoLACUgYI+qMxHR+jbT7UwvYVTmVBJE+e
vk5CLK+l5MThBIl66msC/5goctlOyRffIruoUpwrX0wn29zGfFCIYTjnLjEYnogE
cXB1UQpUPwAEi66MjzEEhM0aXfkgoI+L2FIPlaTNG1hp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:33 2024 by rpki-client on console-fra.rpki-client.org