Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/71a400-4ede-45f1-b55b-8109d4089828/1/a2VSAdUd-EB-Adw5ez3JMNEBBEc.roa
File:                     a2VSAdUd-EB-Adw5ez3JMNEBBEc.roa (raw, json)
Hash identifier:          unMxoOCiym+yF5MDRslU3YwWwt4qvtaPRrVRDsKLObU=
Subject key identifier:   6B:65:52:01:D5:1D:F8:40:7E:01:DC:39:7B:3D:C9:30:D1:01:04:47
Certificate issuer:       /CN=b090d40bfcd5a4a30875160ecc6f9fe53c05a6e6
Certificate serial:       17997EF9
Authority key identifier: B0:90:D4:0B:FC:D5:A4:A3:08:75:16:0E:CC:6F:9F:E5:3C:05:A6:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sJDUC_zVpKMIdRYOzG-f5TwFpuY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/71a400-4ede-45f1-b55b-8109d4089828/1/a2VSAdUd-EB-Adw5ez3JMNEBBEc.roa
Signing time:             Sat 01 Jan 2022 06:56:24 +0000
ROA not before:           Sat 01 Jan 2022 06:56:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12502
IP address blocks:        193.105.105.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 395935481 (0x17997ef9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b090d40bfcd5a4a30875160ecc6f9fe53c05a6e6
        Validity
            Not Before: Jan  1 06:56:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b655201d51df8407e01dc397b3dc930d1010447
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ea:9c:8e:42:e5:fd:59:36:07:9e:77:9b:fa:
                    a4:b7:1b:d1:84:d1:d8:4d:10:d0:81:45:cf:5c:08:
                    b5:d0:c7:67:e9:3d:cb:bc:ee:fb:d1:98:25:0d:bd:
                    a6:15:14:82:56:20:2c:ed:6f:1f:5c:f9:44:9d:9a:
                    95:e9:32:40:54:90:c4:43:24:2b:49:65:76:33:9f:
                    c7:cd:1f:2a:66:1a:a8:db:a4:dc:23:57:3c:68:25:
                    9f:d1:e9:0d:75:f7:f7:3d:6c:e9:8e:eb:12:6e:70:
                    e3:1f:e7:4b:76:fe:ad:77:6f:94:da:6d:4b:ce:a4:
                    84:1a:4c:6b:44:db:0f:b0:61:16:46:c1:06:83:86:
                    2d:d4:3d:97:5b:bc:2c:c4:9d:35:4f:f8:31:c0:62:
                    74:83:58:48:da:54:58:5e:a2:a9:55:38:d9:50:8d:
                    8a:ae:00:88:55:20:31:22:80:53:8e:af:81:66:4d:
                    95:0f:b3:89:8d:14:73:a2:bb:c5:d0:83:1a:cc:de:
                    ba:ba:13:6a:77:54:48:1f:b6:52:59:3e:3b:cf:07:
                    c3:32:ec:13:fe:0f:7f:29:1b:41:d2:95:27:c9:31:
                    80:96:53:57:7b:ce:ef:23:49:a4:d9:b3:72:c7:74:
                    68:27:46:0e:a9:df:17:00:5a:3a:e3:a6:fc:ef:69:
                    b7:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:65:52:01:D5:1D:F8:40:7E:01:DC:39:7B:3D:C9:30:D1:01:04:47
            X509v3 Authority Key Identifier:
                keyid:B0:90:D4:0B:FC:D5:A4:A3:08:75:16:0E:CC:6F:9F:E5:3C:05:A6:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sJDUC_zVpKMIdRYOzG-f5TwFpuY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/71a400-4ede-45f1-b55b-8109d4089828/1/a2VSAdUd-EB-Adw5ez3JMNEBBEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/71a400-4ede-45f1-b55b-8109d4089828/1/sJDUC_zVpKMIdRYOzG-f5TwFpuY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.105.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:fc:90:59:85:14:f0:a6:c4:28:91:c8:15:53:09:47:1c:3d:
         da:1d:73:d1:c0:93:55:dc:94:f6:ac:f8:ed:8e:02:b3:f2:af:
         27:a2:d8:e8:d9:23:a5:e2:e7:33:98:c8:7f:83:7f:fd:73:8b:
         16:44:1f:42:63:f6:0a:9d:38:03:e5:d7:ce:3b:54:67:1f:d6:
         08:15:68:75:b1:b1:a4:2c:c0:e4:d2:6c:46:5a:08:69:a1:71:
         9b:00:99:43:22:c4:28:90:68:82:38:67:fb:dd:ee:dd:2a:d3:
         f3:6c:45:8d:3d:cd:9e:80:48:b9:75:bb:6a:bb:b1:60:2b:be:
         cb:12:13:79:79:e5:17:a0:6b:9f:bf:ed:23:2a:f4:1b:bf:eb:
         86:d8:b1:ce:c8:07:2b:88:45:97:cb:3b:cf:c3:3c:b9:d9:38:
         97:ee:20:31:f4:38:3f:d1:81:62:f3:cd:52:ce:54:f2:ed:64:
         f0:1f:08:9f:86:25:4a:e9:75:a3:09:8c:ee:a4:fc:12:67:e2:
         dc:d8:57:a2:0b:74:e4:58:97:be:95:81:6e:40:27:49:89:ec:
         0f:8b:db:0d:35:11:3e:09:f5:45:e5:db:df:ec:05:ea:bd:df:
         4c:e8:a8:21:0b:34:a0:f6:ea:30:ca:ab:a8:c6:c8:33:42:b8:
         94:d0:f0:0f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF5l++TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDkwZDQwYmZjZDVhNGEzMDg3NTE2MGVjYzZmOWZlNTNjMDVhNmU2MB4XDTIyMDEw
MTA2NTYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI2NTUyMDFkNTFk
Zjg0MDdlMDFkYzM5N2IzZGM5MzBkMTAxMDQ0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7qnI5C5f1ZNgeed5v6pLcb0YTR2E0Q0IFFz1wItdDHZ+k9
y7zu+9GYJQ29phUUglYgLO1vH1z5RJ2alekyQFSQxEMkK0lldjOfx80fKmYaqNuk
3CNXPGgln9HpDXX39z1s6Y7rEm5w4x/nS3b+rXdvlNptS86khBpMa0TbD7BhFkbB
BoOGLdQ9l1u8LMSdNU/4McBidINYSNpUWF6iqVU42VCNiq4AiFUgMSKAU46vgWZN
lQ+ziY0Uc6K7xdCDGszeuroTandUSB+2Ulk+O88HwzLsE/4PfykbQdKVJ8kxgJZT
V3vO7yNJpNmzcsd0aCdGDqnfFwBaOuOm/O9pt4cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRrZVIB1R34QH4B3Dl7Pckw0QEERzAfBgNVHSMEGDAWgBSwkNQL/NWkowh1
Fg7Mb5/lPAWm5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NKRFVDX3pWcEtNSWRSWU96Ry1mNVR3RnB1WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvNzFhNDAwLTRlZGUtNDVmMS1iNTViLTgxMDlkNDA4OTgyOC8x
L2EyVlNBZFVkLUVCLUFkdzVlejNKTU5FQkJFYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
NzFhNDAwLTRlZGUtNDVmMS1iNTViLTgxMDlkNDA4OTgyOC8xL3NKRFVDX3pWcEtN
SWRSWU96Ry1mNVR3RnB1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFpaTANBgkqhkiG9w0BAQsFAAOC
AQEAa/yQWYUU8KbEKJHIFVMJRxw92h1z0cCTVdyU9qz47Y4Cs/KvJ6LY6NkjpeLn
M5jIf4N//XOLFkQfQmP2Cp04A+XXzjtUZx/WCBVodbGxpCzA5NJsRloIaaFxmwCZ
QyLEKJBogjhn+93u3SrT82xFjT3NnoBIuXW7aruxYCu+yxITeXnlF6Brn7/tIyr0
G7/rhtixzsgHK4hFl8s7z8M8udk4l+4gMfQ4P9GBYvPNUs5U8u1k8B8In4YlSul1
owmM7qT8Emfi3NhXogt05FiXvpWBbkAnSYnsD4vbDTURPgn1ReXb3+wF6r3fTOio
IQs0oPbqMMqrqMbIM0K4lNDwDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:21 2024 by rpki-client on console-fra.rpki-client.org