Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d10813-fe61-4033-a433-5ee9b62246db/1/cvDfjb_JqscMikmINjHWoabVFiQ.roa
File:                     cvDfjb_JqscMikmINjHWoabVFiQ.roa (raw, json)
Hash identifier:          f0h6UON/5gYMBTWAJxqZkshGUWJsd4rHMnJa0TUQKuo=
Subject key identifier:   72:F0:DF:8D:BF:C9:AA:C7:0C:8A:49:88:36:31:D6:A1:A6:D5:16:24
Certificate issuer:       /CN=fbf380b6675b9ccd5f812e069fff175478fb38a4
Certificate serial:       022E46FD
Authority key identifier: FB:F3:80:B6:67:5B:9C:CD:5F:81:2E:06:9F:FF:17:54:78:FB:38:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-_OAtmdbnM1fgS4Gn_8XVHj7OKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/d10813-fe61-4033-a433-5ee9b62246db/1/cvDfjb_JqscMikmINjHWoabVFiQ.roa
Signing time:             Sat 01 Jan 2022 06:06:09 +0000
ROA not before:           Sat 01 Jan 2022 06:06:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57696
IP address blocks:        193.107.64.0/24 maxlen: 24
                          2a07:1780::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36587261 (0x22e46fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fbf380b6675b9ccd5f812e069fff175478fb38a4
        Validity
            Not Before: Jan  1 06:06:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72f0df8dbfc9aac70c8a49883631d6a1a6d51624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b0:c8:94:3a:ad:ed:a9:5b:59:59:6e:74:b2:
                    1f:2a:38:dd:c4:fe:b7:3a:22:25:9a:95:cd:a8:56:
                    47:ba:d1:20:ce:36:e1:3e:5d:51:30:38:fc:46:c4:
                    e7:88:a4:1f:60:5d:34:ee:9a:7c:66:2b:cf:38:c9:
                    9b:31:b8:9b:7c:d4:54:32:52:f3:27:c9:31:73:ab:
                    11:1c:d0:0b:fd:0f:7c:24:fc:74:03:0f:d0:17:59:
                    d3:08:0d:2e:74:2b:cf:ab:6c:2f:1c:fe:73:8c:f0:
                    2b:ce:cb:21:d1:7f:f6:a7:74:32:e2:bb:6a:1d:0d:
                    e8:ee:11:93:ca:01:ab:ad:4e:88:4c:01:dd:77:15:
                    32:10:77:6f:5c:f4:32:0e:fb:3f:49:2e:07:cb:80:
                    fd:39:50:b4:22:d8:10:14:d0:3a:b1:5d:8d:26:cc:
                    f3:c9:42:33:83:c8:b9:67:40:17:8d:b1:de:49:2a:
                    29:91:c9:97:c1:19:1f:5e:9e:f6:4c:33:f5:9e:92:
                    d2:ae:5a:53:15:ec:cb:2e:f6:77:00:99:ef:fb:45:
                    5f:d2:7d:d6:5a:6e:89:94:c7:50:11:f4:b0:cb:a0:
                    00:15:4a:63:1c:8d:1d:79:b5:63:30:72:9d:15:ab:
                    4b:65:01:14:37:d8:51:82:05:11:e9:a6:d8:2d:bf:
                    1a:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:F0:DF:8D:BF:C9:AA:C7:0C:8A:49:88:36:31:D6:A1:A6:D5:16:24
            X509v3 Authority Key Identifier:
                keyid:FB:F3:80:B6:67:5B:9C:CD:5F:81:2E:06:9F:FF:17:54:78:FB:38:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_OAtmdbnM1fgS4Gn_8XVHj7OKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d10813-fe61-4033-a433-5ee9b62246db/1/cvDfjb_JqscMikmINjHWoabVFiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d10813-fe61-4033-a433-5ee9b62246db/1/1-_OAtmdbnM1fgS4Gn_8XVHj7OKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.64.0/24
                IPv6:
                  2a07:1780::/29

    Signature Algorithm: sha256WithRSAEncryption
         96:c4:8d:e0:74:ac:16:0a:59:40:8d:a4:d5:c8:fe:ef:64:1c:
         30:51:67:43:b3:74:85:ee:c1:85:44:cd:06:1e:39:d8:92:29:
         2f:a4:d4:5c:93:8d:7e:15:74:ab:73:f8:da:a3:c7:7d:6c:9c:
         b5:a3:cd:a2:fe:de:82:9a:8e:b5:45:b3:e3:f5:ff:eb:94:fe:
         cd:2d:d1:0d:52:94:ec:24:3c:e1:e8:3a:59:34:2e:fd:2c:52:
         08:78:f7:4e:21:36:2e:80:d4:b8:29:61:c7:71:d2:94:ac:5c:
         37:9d:2b:e5:ba:ab:58:04:0b:49:2a:4e:f1:ec:ad:a2:6d:24:
         39:2e:d8:94:c3:3d:64:9d:83:0f:ba:58:f6:f1:0c:a3:7a:d2:
         73:f3:ea:16:c2:8a:c8:bb:5e:66:fc:39:c1:c4:79:f8:50:46:
         ab:b7:ea:ec:9f:89:25:06:7b:72:5a:19:b4:ab:a6:73:ae:21:
         9e:f7:ed:c2:df:17:d9:84:cb:f4:b6:4e:da:a9:c4:41:7f:fd:
         6a:80:1c:d9:10:ba:aa:e7:34:ee:33:5a:ab:c4:a2:88:ca:1c:
         b0:ea:55:a2:3c:96:b8:38:26:96:76:28:12:a3:ab:f9:d9:3a:
         54:9b:52:ea:7c:f3:82:a7:53:a0:93:7d:e4:dd:f8:5c:2a:f8:
         c6:99:2b:8c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAi5G/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmYzODBiNjY3NWI5Y2NkNWY4MTJlMDY5ZmZmMTc1NDc4ZmIzOGE0MB4XDTIyMDEw
MTA2MDYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJmMGRmOGRiZmM5
YWFjNzBjOGE0OTg4MzYzMWQ2YTFhNmQ1MTYyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKwyJQ6re2pW1lZbnSyHyo43cT+tzoiJZqVzahWR7rRIM42
4T5dUTA4/EbE54ikH2BdNO6afGYrzzjJmzG4m3zUVDJS8yfJMXOrERzQC/0PfCT8
dAMP0BdZ0wgNLnQrz6tsLxz+c4zwK87LIdF/9qd0MuK7ah0N6O4Rk8oBq61OiEwB
3XcVMhB3b1z0Mg77P0kuB8uA/TlQtCLYEBTQOrFdjSbM88lCM4PIuWdAF42x3kkq
KZHJl8EZH16e9kwz9Z6S0q5aUxXsyy72dwCZ7/tFX9J91lpuiZTHUBH0sMugABVK
YxyNHXm1YzBynRWrS2UBFDfYUYIFEemm2C2/GjcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRy8N+Nv8mqxwyKSYg2MdahptUWJDAfBgNVHSMEGDAWgBT784C2Z1uczV+B
Lgaf/xdUePs4pDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX09BdG1kYm5NMWZnUzRHbl84WFZIajdPS1EuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzZjL2QxMDgxMy1mZTYxLTQwMzMtYTQzMy01ZWU5YjYyMjQ2ZGIv
MS9jdkRmamJfSnFzY01pa21JTmpIV29hYlZGaVEucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZj
L2QxMDgxMy1mZTYxLTQwMzMtYTQzMy01ZWU5YjYyMjQ2ZGIvMS8xLV9PQXRtZGJu
TTFmZ1M0R25fOFhWSGo3T0tRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWtAMA0EAgACMAcDBQMqBxeA
MA0GCSqGSIb3DQEBCwUAA4IBAQCWxI3gdKwWCllAjaTVyP7vZBwwUWdDs3SF7sGF
RM0GHjnYkikvpNRck41+FXSrc/jao8d9bJy1o82i/t6Cmo61RbPj9f/rlP7NLdEN
UpTsJDzh6DpZNC79LFIIePdOITYugNS4KWHHcdKUrFw3nSvluqtYBAtJKk7x7K2i
bSQ5LtiUwz1knYMPulj28QyjetJz8+oWworIu15m/DnBxHn4UEart+rsn4klBnty
Whm0q6ZzriGe9+3C3xfZhMv0tk7aqcRBf/1qgBzZELqq5zTuM1qrxKKIyhyw6lWi
PJa4OCaWdigSo6v52TpUm1LqfPOCp1Ogk33k3fhcKvjGmSuM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:34 2024 by rpki-client on console-ams.rpki-client.org