Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/00fbb6-dea2-4c7b-afad-4acec647572d/1/R-aXlEH_E5yQQg3PVvpwLmm7V9w.roa
File:                     R-aXlEH_E5yQQg3PVvpwLmm7V9w.roa (raw, json)
Hash identifier:          ZG0LuaUefXR3wd4VQlu2oSRg+EVa3la6KzeabbfLy9w=
Subject key identifier:   47:E6:97:94:41:FF:13:9C:90:42:0D:CF:56:FA:70:2E:69:BB:57:DC
Certificate issuer:       /CN=021ab3dd22c333a79b6ff30aab7f2e036fc370aa
Certificate serial:       0206D648
Authority key identifier: 02:1A:B3:DD:22:C3:33:A7:9B:6F:F3:0A:AB:7F:2E:03:6F:C3:70:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ahqz3SLDM6ebb_MKq38uA2_DcKo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/00fbb6-dea2-4c7b-afad-4acec647572d/1/R-aXlEH_E5yQQg3PVvpwLmm7V9w.roa
Signing time:             Sat 01 Jan 2022 12:54:46 +0000
ROA not before:           Sat 01 Jan 2022 12:54:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197889
IP address blocks:        193.110.83.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34002504 (0x206d648)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=021ab3dd22c333a79b6ff30aab7f2e036fc370aa
        Validity
            Not Before: Jan  1 12:54:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=47e6979441ff139c90420dcf56fa702e69bb57dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:34:03:9f:f7:30:b3:35:01:2b:60:2f:da:10:
                    13:8d:25:72:a3:18:b0:26:28:53:b8:ac:a9:90:aa:
                    14:a5:cb:67:83:10:fa:26:de:7c:59:4d:0a:6e:25:
                    aa:82:25:72:bb:60:20:b0:1e:f3:85:1e:c4:a1:c3:
                    8c:67:7d:59:18:5f:37:96:b8:91:24:cc:6e:14:04:
                    95:58:72:1b:97:6a:c5:27:41:ae:af:88:95:92:a5:
                    c8:45:d1:89:7c:62:7d:6c:ad:a7:79:34:7e:13:f1:
                    76:a3:75:39:56:20:d6:c0:8d:a9:33:c3:00:85:02:
                    e9:c2:1c:da:02:c9:c7:cc:e4:67:7b:8c:ea:3e:75:
                    cb:d3:7a:55:de:44:4c:a1:27:7d:e0:c8:1f:db:2a:
                    6b:06:54:f8:6f:50:c4:fa:ed:12:57:dc:9b:dd:04:
                    81:db:02:49:ef:48:d0:fc:c7:22:6e:17:2c:5e:15:
                    62:e6:d4:6b:d1:cb:b8:67:cd:ac:83:38:33:f4:aa:
                    49:51:40:24:63:d4:78:99:79:dd:a7:df:70:10:ca:
                    55:d4:13:7e:4c:3e:cb:d3:18:e2:31:98:10:ec:ce:
                    de:26:3b:b4:51:cf:38:81:fd:ea:0f:1c:66:ce:18:
                    64:52:8d:86:51:6b:bd:8a:fa:30:16:7d:e1:af:cd:
                    50:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:E6:97:94:41:FF:13:9C:90:42:0D:CF:56:FA:70:2E:69:BB:57:DC
            X509v3 Authority Key Identifier:
                keyid:02:1A:B3:DD:22:C3:33:A7:9B:6F:F3:0A:AB:7F:2E:03:6F:C3:70:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ahqz3SLDM6ebb_MKq38uA2_DcKo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/00fbb6-dea2-4c7b-afad-4acec647572d/1/R-aXlEH_E5yQQg3PVvpwLmm7V9w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/00fbb6-dea2-4c7b-afad-4acec647572d/1/Ahqz3SLDM6ebb_MKq38uA2_DcKo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.110.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:fb:86:f8:4d:29:5c:07:a9:51:15:e6:e9:04:74:9a:7e:d1:
         ed:ab:fb:e6:1b:bc:a2:3f:f5:19:ff:54:7b:92:16:0d:3b:97:
         8e:fc:48:ac:df:15:a4:eb:18:a9:8e:3d:57:9c:de:9d:94:52:
         4c:40:6b:5a:3f:d5:8b:be:d6:79:30:97:5e:ab:c3:56:a4:a6:
         45:ff:da:7b:1c:a0:f9:a5:cb:fa:0b:c1:f0:60:e0:a5:ca:14:
         a9:67:7e:0f:4f:ca:db:95:0b:2b:7c:98:db:95:65:52:19:f8:
         b5:7a:16:6e:67:95:15:50:d0:32:e8:35:a0:a8:0f:c9:10:b0:
         7f:81:55:30:8d:64:40:fe:6f:ab:a2:e6:91:94:76:3c:24:c9:
         27:ca:92:7c:16:68:e0:11:4e:fc:c4:42:e6:47:ea:65:5d:d2:
         32:30:6d:32:e2:e7:81:5e:dd:82:7f:9a:d6:15:67:a2:9c:3d:
         a9:58:f3:62:96:91:16:b3:47:49:c9:32:9c:5c:1b:2e:40:c8:
         50:18:a0:79:ff:00:f1:12:ab:db:12:99:05:c4:8a:6e:ed:c6:
         68:16:b2:8c:19:60:69:8b:66:11:00:76:8a:4b:67:50:72:fb:
         a6:01:32:27:32:ae:8c:35:16:ef:83:ae:7e:81:96:8d:2b:69:
         7f:b0:25:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAgbWSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjFhYjNkZDIyYzMzM2E3OWI2ZmYzMGFhYjdmMmUwMzZmYzM3MGFhMB4XDTIyMDEw
MTEyNTQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdlNjk3OTQ0MWZm
MTM5YzkwNDIwZGNmNTZmYTcwMmU2OWJiNTdkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKo0A5/3MLM1AStgL9oQE40lcqMYsCYoU7isqZCqFKXLZ4MQ
+ibefFlNCm4lqoIlcrtgILAe84UexKHDjGd9WRhfN5a4kSTMbhQElVhyG5dqxSdB
rq+IlZKlyEXRiXxifWytp3k0fhPxdqN1OVYg1sCNqTPDAIUC6cIc2gLJx8zkZ3uM
6j51y9N6Vd5ETKEnfeDIH9sqawZU+G9QxPrtElfcm90EgdsCSe9I0PzHIm4XLF4V
YubUa9HLuGfNrIM4M/SqSVFAJGPUeJl53affcBDKVdQTfkw+y9MY4jGYEOzO3iY7
tFHPOIH96g8cZs4YZFKNhlFrvYr6MBZ94a/NUNcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRH5peUQf8TnJBCDc9W+nAuabtX3DAfBgNVHSMEGDAWgBQCGrPdIsMzp5tv
8wqrfy4Db8NwqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FocXozU0xETTZlYmJfTUtxMzh1QTJfRGNLby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvMDBmYmI2LWRlYTItNGM3Yi1hZmFkLTRhY2VjNjQ3NTcyZC8x
L1ItYVhsRUhfRTV5UVFnM1BWdnB3TG1tN1Y5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
MDBmYmI2LWRlYTItNGM3Yi1hZmFkLTRhY2VjNjQ3NTcyZC8xL0FocXozU0xETTZl
YmJfTUtxMzh1QTJfRGNLby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFuUzANBgkqhkiG9w0BAQsFAAOC
AQEAhPuG+E0pXAepURXm6QR0mn7R7av75hu8oj/1Gf9Ue5IWDTuXjvxIrN8VpOsY
qY49V5zenZRSTEBrWj/Vi77WeTCXXqvDVqSmRf/aexyg+aXL+gvB8GDgpcoUqWd+
D0/K25ULK3yY25VlUhn4tXoWbmeVFVDQMug1oKgPyRCwf4FVMI1kQP5vq6LmkZR2
PCTJJ8qSfBZo4BFO/MRC5kfqZV3SMjBtMuLngV7dgn+a1hVnopw9qVjzYpaRFrNH
SckynFwbLkDIUBigef8A8RKr2xKZBcSKbu3GaBayjBlgaYtmEQB2iktnUHL7pgEy
JzKujDUW74OufoGWjStpf7Aldw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:12 2024 by rpki-client on console-fra.rpki-client.org