Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/YtC0HyZoXAaag2Rl4ArgQDQf0dU.roa
File:                     YtC0HyZoXAaag2Rl4ArgQDQf0dU.roa (raw, json)
Hash identifier:          MHGpLSszSHzBFdBWXBquYkOzEQrSpgEdxoeyWcGicgQ=
Subject key identifier:   62:D0:B4:1F:26:68:5C:06:9A:83:64:65:E0:0A:E0:40:34:1F:D1:D5
Certificate issuer:       /CN=11e5af4c72869209539b1194597b03fa3a4a554a
Certificate serial:       A9D9EA
Authority key identifier: 11:E5:AF:4C:72:86:92:09:53:9B:11:94:59:7B:03:FA:3A:4A:55:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EeWvTHKGkglTmxGUWXsD-jpKVUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/YtC0HyZoXAaag2Rl4ArgQDQf0dU.roa
Signing time:             Sat 01 Jan 2022 00:52:58 +0000
ROA not before:           Sat 01 Jan 2022 00:52:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        193.3.160.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11131370 (0xa9d9ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11e5af4c72869209539b1194597b03fa3a4a554a
        Validity
            Not Before: Jan  1 00:52:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62d0b41f26685c069a836465e00ae040341fd1d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:75:a5:2b:ca:07:13:42:97:08:d9:b9:7c:d8:
                    0b:59:21:c0:cd:22:3e:4e:ae:3b:f0:84:51:6a:8f:
                    59:d8:60:15:fd:02:01:ca:35:d0:a4:28:e0:08:ae:
                    d2:dc:07:99:86:b1:3c:e1:6f:2a:3d:a8:b9:51:b4:
                    ce:1d:99:3a:39:ce:d2:c0:c8:c9:f4:cd:7c:5f:17:
                    ec:58:d6:ca:33:e6:76:13:04:e1:8c:b8:1b:b7:b6:
                    f4:a9:6c:30:6e:ed:55:80:a4:c2:af:0e:da:e3:38:
                    6b:df:02:1b:4e:e9:71:f5:3a:e9:64:37:4d:6a:2e:
                    51:9d:17:51:d3:22:90:98:67:b9:46:59:a9:38:ad:
                    79:6a:89:3d:95:94:33:2b:a2:0e:fb:a7:c7:44:16:
                    75:4e:5e:93:eb:6a:06:89:b6:bf:d0:93:a3:bd:47:
                    ad:8e:4d:db:75:96:f3:86:03:de:4d:d8:38:ea:aa:
                    17:10:c9:9a:21:6d:aa:0d:9d:b6:65:84:83:9d:5b:
                    80:c4:31:5e:a7:17:26:5f:2a:85:d2:f8:0f:76:a0:
                    13:c2:09:39:cd:82:45:4a:3e:06:64:08:71:fa:57:
                    b9:db:a3:dd:67:b1:79:fb:62:76:f1:4e:71:d7:54:
                    8b:07:0f:dc:ee:01:76:1b:86:f4:9b:96:f7:07:80:
                    05:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:D0:B4:1F:26:68:5C:06:9A:83:64:65:E0:0A:E0:40:34:1F:D1:D5
            X509v3 Authority Key Identifier:
                keyid:11:E5:AF:4C:72:86:92:09:53:9B:11:94:59:7B:03:FA:3A:4A:55:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EeWvTHKGkglTmxGUWXsD-jpKVUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/YtC0HyZoXAaag2Rl4ArgQDQf0dU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/EeWvTHKGkglTmxGUWXsD-jpKVUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:e9:64:70:f8:3b:54:4e:e3:f0:ea:82:d3:b2:b6:8b:32:34:
         ba:55:5e:24:77:d7:22:d5:f3:33:b9:96:3f:c8:29:58:6c:65:
         38:9b:0d:ab:cc:80:07:2a:fa:f0:a2:63:11:60:09:67:b3:01:
         6d:6f:26:b7:5c:d6:d6:d1:4b:54:ec:4f:61:c7:16:fe:a8:75:
         db:c1:74:9b:6c:15:02:1b:fc:2c:22:4c:d2:28:98:85:aa:ef:
         3c:51:65:3f:7b:50:d8:c3:d1:ac:3d:55:85:a9:1a:55:17:f9:
         10:c0:fa:7e:a5:d6:41:cd:dc:84:4f:97:43:7d:61:b1:5f:f4:
         62:3f:ff:81:86:7b:ef:4d:d7:21:8c:74:7e:cc:a9:b0:31:ee:
         c8:30:9b:b8:09:d1:66:17:ae:a2:09:19:96:4e:d4:df:27:2d:
         ee:a0:c4:ee:b4:1e:d1:9d:4d:9b:2d:a5:73:cb:58:3d:ad:5d:
         a6:9f:81:42:91:c7:22:c7:23:60:5f:5c:b0:fa:e9:c0:9a:7b:
         77:a1:85:ba:a6:98:24:b8:3f:95:da:b4:0e:a5:ff:19:e3:97:
         ee:11:36:0e:d4:30:46:ef:c9:4b:29:a1:50:3e:4f:de:62:5b:
         c7:9d:93:e3:8d:a5:25:4b:2c:b2:d0:52:81:89:7d:6d:8d:b9:
         20:60:f5:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKnZ6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWU1YWY0YzcyODY5MjA5NTM5YjExOTQ1OTdiMDNmYTNhNGE1NTRhMB4XDTIyMDEw
MTAwNTI1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJkMGI0MWYyNjY4
NWMwNjlhODM2NDY1ZTAwYWUwNDAzNDFmZDFkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANh1pSvKBxNClwjZuXzYC1khwM0iPk6uO/CEUWqPWdhgFf0C
Aco10KQo4Aiu0twHmYaxPOFvKj2ouVG0zh2ZOjnO0sDIyfTNfF8X7FjWyjPmdhME
4Yy4G7e29KlsMG7tVYCkwq8O2uM4a98CG07pcfU66WQ3TWouUZ0XUdMikJhnuUZZ
qTiteWqJPZWUMyuiDvunx0QWdU5ek+tqBom2v9CTo71HrY5N23WW84YD3k3YOOqq
FxDJmiFtqg2dtmWEg51bgMQxXqcXJl8qhdL4D3agE8IJOc2CRUo+BmQIcfpXuduj
3WexeftidvFOcddUiwcP3O4BdhuG9JuW9weABR0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRi0LQfJmhcBpqDZGXgCuBANB/R1TAfBgNVHSMEGDAWgBQR5a9McoaSCVOb
EZRZewP6OkpVSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VlV3ZUSEtHa2dsVG14R1VXWHNELWpwS1ZVby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvMDRkNzA4LWZlZWEtNGU5Ni05NGExLWY0MjhiOTk1NGFiMi8x
L1l0QzBIeVpvWEFhYWcyUmw0QXJnUURRZjBkVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
MDRkNzA4LWZlZWEtNGU5Ni05NGExLWY0MjhiOTk1NGFiMi8xL0VlV3ZUSEtHa2ds
VG14R1VXWHNELWpwS1ZVby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEDoDANBgkqhkiG9w0BAQsFAAOC
AQEALOlkcPg7VE7j8OqC07K2izI0ulVeJHfXItXzM7mWP8gpWGxlOJsNq8yAByr6
8KJjEWAJZ7MBbW8mt1zW1tFLVOxPYccW/qh128F0m2wVAhv8LCJM0iiYharvPFFl
P3tQ2MPRrD1VhakaVRf5EMD6fqXWQc3chE+XQ31hsV/0Yj//gYZ7703XIYx0fsyp
sDHuyDCbuAnRZheuogkZlk7U3yct7qDE7rQe0Z1Nmy2lc8tYPa1dpp+BQpHHIscj
YF9csPrpwJp7d6GFuqaYJLg/ldq0DqX/GeOX7hE2DtQwRu/JSymhUD5P3mJbx52T
442lJUssstBSgYl9bY25IGD1aA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:56 2024 by rpki-client on console-fra.rpki-client.org