Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/0b5860-cd57-4183-b9ae-e84785894838/1/APjMNqw2qYkqql5IeVvjkoDkP9g.roa
File:                     APjMNqw2qYkqql5IeVvjkoDkP9g.roa (raw, json)
Hash identifier:          Kl2jvi5BJPwyE6by7yBVwugYsb6aQcVDZIAphOd2lqc=
Subject key identifier:   00:F8:CC:36:AC:36:A9:89:2A:AA:5E:48:79:5B:E3:92:80:E4:3F:D8
Certificate issuer:       /CN=ad0dc108b60f47b0d9772808e5fcc381eaa81c78
Certificate serial:       0185624E11B4D4C5BF3C16F8BBD4F794F144
Authority key identifier: AD:0D:C1:08:B6:0F:47:B0:D9:77:28:08:E5:FC:C3:81:EA:A8:1C:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ3BCLYPR7DZdygI5fzDgeqoHHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/0b5860-cd57-4183-b9ae-e84785894838/1/APjMNqw2qYkqql5IeVvjkoDkP9g.roa
Signing time:             Fri 30 Dec 2022 09:12:41 +0000
ROA not before:           Fri 30 Dec 2022 09:12:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43365
IP address blocks:        193.228.154.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:62:4e:11:b4:d4:c5:bf:3c:16:f8:bb:d4:f7:94:f1:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0dc108b60f47b0d9772808e5fcc381eaa81c78
        Validity
            Not Before: Dec 30 09:12:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=00f8cc36ac36a9892aaa5e48795be39280e43fd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:68:65:75:32:d1:56:bf:9c:9f:00:6d:fd:17:
                    24:46:ca:c9:81:d5:b0:13:6c:73:22:ef:f1:a0:e5:
                    cc:b1:8a:50:3f:8d:53:78:37:2a:92:73:ad:67:7b:
                    ab:9e:25:02:bc:7d:1f:93:bf:8a:e5:a0:0e:c2:93:
                    00:ef:57:e5:6e:06:7f:be:ae:39:e3:44:e5:d8:a9:
                    f8:92:b2:d4:53:86:db:20:90:eb:b5:c9:42:7c:34:
                    c3:7f:63:e4:96:c3:53:d1:54:b3:b6:12:28:ff:df:
                    9f:08:ca:be:c4:17:a4:0a:53:ac:41:c9:09:88:1e:
                    ad:29:86:d1:bc:6e:f3:7d:64:b1:84:82:bb:58:53:
                    05:70:23:c8:b3:e2:e0:88:84:b2:b6:6b:9b:a6:87:
                    61:3e:17:4f:ac:3f:85:4b:f7:4c:04:1a:1d:c1:f9:
                    d1:c3:5c:db:06:0b:31:7d:ee:19:7c:27:8e:55:81:
                    56:e7:d0:a9:36:30:d9:02:d5:bf:d1:d9:5f:bd:15:
                    b0:64:bd:d1:d6:5f:1d:af:c8:f4:53:79:dc:c1:20:
                    af:f5:4a:fc:72:5b:b3:bc:1f:4e:40:5f:09:96:9a:
                    f1:76:a9:79:15:4e:2f:5f:5b:03:bc:7e:8e:25:16:
                    13:87:21:a3:05:6a:65:f3:71:19:62:6e:68:79:31:
                    f4:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:F8:CC:36:AC:36:A9:89:2A:AA:5E:48:79:5B:E3:92:80:E4:3F:D8
            X509v3 Authority Key Identifier:
                keyid:AD:0D:C1:08:B6:0F:47:B0:D9:77:28:08:E5:FC:C3:81:EA:A8:1C:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ3BCLYPR7DZdygI5fzDgeqoHHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5860-cd57-4183-b9ae-e84785894838/1/APjMNqw2qYkqql5IeVvjkoDkP9g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5860-cd57-4183-b9ae-e84785894838/1/rQ3BCLYPR7DZdygI5fzDgeqoHHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.228.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:14:21:e3:db:6f:13:8b:6c:33:5d:6d:d9:ac:c2:cd:de:72:
         08:67:d7:8a:a4:21:fd:6b:2b:26:ff:e4:1b:27:34:ca:c6:f5:
         64:c2:0b:37:b4:2b:d0:53:b9:86:f8:41:d4:7f:35:7d:8c:6d:
         eb:db:50:1c:03:00:9a:5a:5d:7e:6c:e2:e1:a9:a5:67:e2:91:
         98:4e:c6:3b:89:0c:6d:4a:ae:de:fb:83:51:c4:57:89:14:a7:
         d3:ab:f4:1b:62:63:dc:fb:d5:bb:4e:29:a0:b6:32:5a:d7:9f:
         17:5a:a2:7a:ea:87:07:b7:c3:58:c9:dc:c7:86:fe:ff:c0:74:
         d8:34:00:f0:d5:40:09:60:e7:6a:56:ad:ec:30:d5:9d:8b:cf:
         23:7c:6a:95:08:bc:40:59:4f:ad:7f:68:00:78:27:44:96:bd:
         fe:fc:d7:15:7c:ef:87:66:7a:33:28:a7:9c:9d:9e:b5:4f:9f:
         1e:ee:89:f8:80:72:c9:6b:a3:c3:26:03:0a:e8:dc:8b:bb:6d:
         79:92:1c:e9:1b:59:2a:c5:9a:46:14:cf:06:af:50:d9:76:a5:
         18:f5:dd:d2:2a:5c:9e:f2:c1:0e:35:6d:42:ed:fb:1d:32:1c:
         3f:7d:4f:cc:4a:39:81:f0:e7:82:a1:c9:21:e2:68:cc:6b:d1:
         56:2d:9e:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYViThG01MW/PBb4u9T3lPFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRjMTA4YjYwZjQ3YjBkOTc3MjgwOGU1ZmNjMzgxZWFh
ODFjNzgwHhcNMjIxMjMwMDkxMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGY4Y2MzNmFjMzZhOTg5MmFhYTVlNDg3OTViZTM5MjgwZTQzZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGhldTLRVr+cnwBt/RckRsrJgdWw
E2xzIu/xoOXMsYpQP41TeDcqknOtZ3urniUCvH0fk7+K5aAOwpMA71flbgZ/vq45
40Tl2Kn4krLUU4bbIJDrtclCfDTDf2PklsNT0VSzthIo/9+fCMq+xBekClOsQckJ
iB6tKYbRvG7zfWSxhIK7WFMFcCPIs+LgiISytmubpodhPhdPrD+FS/dMBBodwfnR
w1zbBgsxfe4ZfCeOVYFW59CpNjDZAtW/0dlfvRWwZL3R1l8dr8j0U3ncwSCv9Ur8
cluzvB9OQF8Jlprxdql5FU4vX1sDvH6OJRYThyGjBWpl83EZYm5oeTH0ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAD4zDasNqmJKqpeSHlb45KA5D/YMB8GA1UdIwQY
MBaAFK0NwQi2D0ew2XcoCOX8w4HqqBx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEzQkNMWVBSN0RaZHlnSTVmekRnZXFvSEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wYjU4NjAtY2Q1Ny00MTgzLWI5YWUt
ZTg0Nzg1ODk0ODM4LzEvQVBqTU5xdzJxWWtxcWw1SWVWdmprb0RrUDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wYjU4NjAtY2Q1Ny00MTgzLWI5YWUtZTg0Nzg1ODk0ODM4
LzEvclEzQkNMWVBSN0RaZHlnSTVmekRnZXFvSEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAweSaMA0G
CSqGSIb3DQEBCwUAA4IBAQCFFCHj228Ti2wzXW3ZrMLN3nIIZ9eKpCH9aysm/+Qb
JzTKxvVkwgs3tCvQU7mG+EHUfzV9jG3r21AcAwCaWl1+bOLhqaVn4pGYTsY7iQxt
Sq7e+4NRxFeJFKfTq/QbYmPc+9W7TimgtjJa158XWqJ66ocHt8NYydzHhv7/wHTY
NADw1UAJYOdqVq3sMNWdi88jfGqVCLxAWU+tf2gAeCdElr3+/NcVfO+HZnozKKec
nZ61T58e7on4gHLJa6PDJgMK6NyLu215khzpG1kqxZpGFM8Gr1DZdqUY9d3SKlye
8sEONW1C7fsdMhw/fU/MSjmB8OeCockh4mjMa9FWLZ7g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:13 2024 by rpki-client on console-ams.rpki-client.org