Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/dkzzZ9vg6jU6AXK5OU9iY8I9ykI.roa
File:                     dkzzZ9vg6jU6AXK5OU9iY8I9ykI.roa (raw, json)
Hash identifier:          ijRj9mxyH3G2SpQWWTLe03U3wreMsJf6dX1fZWbxQGc=
Subject key identifier:   76:4C:F3:67:DB:E0:EA:35:3A:01:72:B9:39:4F:62:63:C2:3D:CA:42
Certificate issuer:       /CN=0d4885a8b5a4f6b4ac0e45d11838951e94e6ef3e
Certificate serial:       0182A76CB2E73015F4A7DBD8D0A8360E6D4D
Authority key identifier: 0D:48:85:A8:B5:A4:F6:B4:AC:0E:45:D1:18:38:95:1E:94:E6:EF:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUiFqLWk9rSsDkXRGDiVHpTm7z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/dkzzZ9vg6jU6AXK5OU9iY8I9ykI.roa
Signing time:             Tue 16 Aug 2022 16:11:34 +0000
ROA not before:           Tue 16 Aug 2022 16:11:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212609
IP address blocks:        193.189.137.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:a7:6c:b2:e7:30:15:f4:a7:db:d8:d0:a8:36:0e:6d:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4885a8b5a4f6b4ac0e45d11838951e94e6ef3e
        Validity
            Not Before: Aug 16 16:11:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=764cf367dbe0ea353a0172b9394f6263c23dca42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4c:d4:a3:32:e1:92:4e:4b:7c:01:10:bc:9f:
                    b7:c1:99:93:7b:2d:ae:11:fb:57:43:31:f2:38:3f:
                    13:92:1e:01:0a:fa:34:80:7f:27:ff:3c:b9:b4:a9:
                    ed:d2:a1:37:ca:85:9e:db:df:5c:48:90:c1:17:59:
                    a1:5a:7b:d4:e9:19:44:7f:c5:02:e1:55:4c:af:51:
                    eb:12:f7:02:bf:a7:37:2a:b2:32:77:39:2a:bc:20:
                    80:ec:9a:3d:24:74:49:81:db:91:6b:c2:0e:de:1d:
                    56:fa:6b:a8:df:de:34:6a:35:12:3b:43:94:3a:f3:
                    59:df:42:ba:cc:b5:fe:a7:e3:a5:5a:4e:5b:18:95:
                    da:6f:7d:ad:de:50:2a:26:cd:18:e9:93:1c:e3:28:
                    af:61:c6:16:12:db:c3:a1:be:a4:fd:43:9d:dc:5d:
                    a5:64:fd:ea:e9:94:ab:f3:e6:44:da:49:a8:a6:9e:
                    28:7e:2e:23:29:e0:4c:26:eb:df:a5:a0:35:ec:49:
                    21:86:8b:be:0d:75:42:f7:82:c2:a5:f2:88:d5:cf:
                    92:e8:b6:15:08:1b:23:2c:6d:7a:40:74:3d:a5:6f:
                    09:5b:df:84:ed:b5:07:9d:d4:a5:1d:2e:d3:5b:0f:
                    b5:5e:e8:dc:93:ba:18:f7:9d:3f:5e:a1:22:50:50:
                    0c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:4C:F3:67:DB:E0:EA:35:3A:01:72:B9:39:4F:62:63:C2:3D:CA:42
            X509v3 Authority Key Identifier:
                keyid:0D:48:85:A8:B5:A4:F6:B4:AC:0E:45:D1:18:38:95:1E:94:E6:EF:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUiFqLWk9rSsDkXRGDiVHpTm7z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/dkzzZ9vg6jU6AXK5OU9iY8I9ykI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/DUiFqLWk9rSsDkXRGDiVHpTm7z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.189.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:71:f3:6a:b8:80:a9:25:c9:87:15:51:4f:00:52:0f:3d:f2:
         ee:39:36:0e:2d:d0:fc:2f:3c:d6:2e:79:4c:a7:a6:be:29:bf:
         06:de:2c:35:b5:01:ad:af:11:7b:51:4c:5d:13:7c:c2:40:b3:
         33:00:0d:cf:6c:0b:6f:7b:1a:de:3f:59:65:c2:ef:05:34:c5:
         5c:b1:a4:97:9b:bf:68:e5:14:fa:09:ee:fb:52:dd:3d:d8:ab:
         15:36:c4:3c:84:6a:f5:77:f7:79:49:e8:a3:24:db:ab:3c:9f:
         fe:2a:9d:21:91:02:f0:b4:bf:bf:97:b4:aa:c9:64:6f:aa:8e:
         06:9d:10:71:50:a9:7f:b2:d5:2b:ab:91:24:19:49:46:eb:e2:
         a8:36:d6:51:4e:31:92:3a:b5:2a:b1:a9:ba:c8:a0:a5:37:41:
         a1:59:f8:2e:43:20:7c:c3:59:a7:d6:bb:d0:65:31:4b:1e:2d:
         00:49:5f:2a:20:64:eb:6d:c5:47:d7:8a:28:6d:c1:17:18:1e:
         90:d2:e1:90:1d:99:dd:bf:80:77:02:48:02:2e:a7:47:3e:aa:
         59:5f:fc:5e:5f:4d:af:14:aa:e7:c1:55:19:06:ae:d2:74:b3:
         4c:8e:ac:3a:dc:4c:f9:59:2f:16:d9:dd:7a:c5:d2:1a:25:c8:
         d5:86:27:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKnbLLnMBX0p9vY0Kg2Dm1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDg4NWE4YjVhNGY2YjRhYzBlNDVkMTE4Mzg5NTFlOTRl
NmVmM2UwHhcNMjIwODE2MTYxMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjRjZjM2N2RiZTBlYTM1M2EwMTcyYjkzOTRmNjI2M2MyM2RjYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0zUozLhkk5LfAEQvJ+3wZmTey2u
EftXQzHyOD8Tkh4BCvo0gH8n/zy5tKnt0qE3yoWe299cSJDBF1mhWnvU6RlEf8UC
4VVMr1HrEvcCv6c3KrIydzkqvCCA7Jo9JHRJgduRa8IO3h1W+muo3940ajUSO0OU
OvNZ30K6zLX+p+OlWk5bGJXab32t3lAqJs0Y6ZMc4yivYcYWEtvDob6k/UOd3F2l
ZP3q6ZSr8+ZE2kmopp4ofi4jKeBMJuvfpaA17Ekhhou+DXVC94LCpfKI1c+S6LYV
CBsjLG16QHQ9pW8JW9+E7bUHndSlHS7TWw+1Xujck7oY950/XqEiUFAMYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZM82fb4Oo1OgFyuTlPYmPCPcpCMB8GA1UdIwQY
MBaAFA1Ihai1pPa0rA5F0Rg4lR6U5u8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVpRnFMV2s5clNzRGtYUkdEaVZIcFRtN3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84ODVlNGEtOWMwOS00NjdlLTgwNGMt
ZDhmYjMzZjMwNDUyLzEvZGt6elo5dmc2alU2QVhLNU9VOWlZOEk5eWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84ODVlNGEtOWMwOS00NjdlLTgwNGMtZDhmYjMzZjMwNDUy
LzEvRFVpRnFMV2s5clNzRGtYUkdEaVZIcFRtN3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwb2JMA0G
CSqGSIb3DQEBCwUAA4IBAQCscfNquICpJcmHFVFPAFIPPfLuOTYOLdD8LzzWLnlM
p6a+Kb8G3iw1tQGtrxF7UUxdE3zCQLMzAA3PbAtvexreP1llwu8FNMVcsaSXm79o
5RT6Ce77Ut092KsVNsQ8hGr1d/d5SeijJNurPJ/+Kp0hkQLwtL+/l7SqyWRvqo4G
nRBxUKl/stUrq5EkGUlG6+KoNtZRTjGSOrUqsam6yKClN0GhWfguQyB8w1mn1rvQ
ZTFLHi0ASV8qIGTrbcVH14oobcEXGB6Q0uGQHZndv4B3AkgCLqdHPqpZX/xeX02v
FKrnwVUZBq7SdLNMjqw63Ez5WS8W2d16xdIaJcjVhifB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:33 2024 by rpki-client on console-fra.rpki-client.org