Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/7mH_N_K9Ng2ohJrKB_GttkD8akU.roa
File:                     7mH_N_K9Ng2ohJrKB_GttkD8akU.roa (raw, json)
Hash identifier:          v3tJqa/P5juvw1DKmZSzyxJ6l9ji/sJWzcLR/U6DcI0=
Subject key identifier:   EE:61:FF:37:F2:BD:36:0D:A8:84:9A:CA:07:F1:AD:B6:40:FC:6A:45
Certificate issuer:       /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial:       38DC0F
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/7mH_N_K9Ng2ohJrKB_GttkD8akU.roa
Signing time:             Thu 31 Mar 2022 20:22:02 +0000
ROA not before:           Thu 31 Mar 2022 20:22:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     45036
IP address blocks:        193.53.40.0/24 maxlen: 24
                          2a12:a4c2::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3726351 (0x38dc0f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
        Validity
            Not Before: Mar 31 20:22:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ee61ff37f2bd360da8849aca07f1adb640fc6a45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:d0:65:41:f6:dd:59:cb:6c:4e:2b:68:8e:fb:
                    93:3a:fa:17:1d:16:f5:03:c5:3b:bd:ca:f7:76:0b:
                    7b:4f:c4:cc:4f:62:25:bb:16:f6:4b:98:ac:7b:86:
                    3a:8f:cc:b0:2a:19:de:56:3c:a3:e2:54:3d:59:ed:
                    e2:6b:dd:47:5c:cc:52:e3:97:5a:d1:76:86:a1:b2:
                    53:a6:70:ae:c7:11:ec:5a:58:fc:fe:63:82:34:64:
                    a5:cb:40:ee:fb:df:99:fb:99:0a:c2:13:a5:3b:48:
                    2c:a6:0b:9d:c9:42:b5:08:fe:2d:55:95:a9:70:cf:
                    58:73:d1:91:ed:63:67:da:fa:b2:e0:eb:64:ea:55:
                    4b:de:0b:98:f9:2c:ca:ae:fa:1f:d6:38:6d:05:5d:
                    4a:b1:54:52:b3:34:46:02:04:de:b7:3e:ad:d0:de:
                    45:13:2b:25:91:35:4b:8a:ee:86:14:7a:85:45:70:
                    d1:5c:c5:75:ff:d3:b4:9b:76:85:48:70:fc:94:84:
                    0c:d4:65:5e:e5:84:af:4f:99:87:3a:17:d4:4b:1c:
                    c1:db:dc:f3:dd:b9:09:b9:54:1a:59:74:1a:06:3b:
                    5e:27:c6:d7:f7:d6:1b:9a:84:04:d3:e0:e1:85:e8:
                    5d:53:99:65:a9:de:43:02:ee:21:34:fd:f8:57:5f:
                    19:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:61:FF:37:F2:BD:36:0D:A8:84:9A:CA:07:F1:AD:B6:40:FC:6A:45
            X509v3 Authority Key Identifier:
                keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/7mH_N_K9Ng2ohJrKB_GttkD8akU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.53.40.0/24
                IPv6:
                  2a12:a4c2::/32

    Signature Algorithm: sha256WithRSAEncryption
         83:dd:39:18:f8:7f:08:96:04:d7:ce:65:db:02:e9:3b:4e:47:
         87:62:ff:f7:17:ee:85:59:7a:f0:d9:b6:20:e2:3e:84:b1:76:
         96:ee:3f:61:20:1c:3b:66:11:40:16:ea:4f:ce:a4:59:1d:91:
         28:c6:1b:c0:72:9c:68:44:12:3e:f7:d3:92:67:57:80:c1:30:
         45:2f:89:dd:b0:1d:b8:11:09:e6:8a:59:30:0e:01:d5:07:c3:
         b8:d7:cf:9c:7e:bf:67:41:29:6e:c4:e9:a8:9a:5c:b5:58:f1:
         c7:56:e9:a0:0f:9b:3d:dc:0f:12:d7:31:b0:9c:aa:fc:64:c5:
         2e:5c:55:10:6c:ec:b0:a1:e4:85:1e:f8:96:f2:c7:bd:ec:e3:
         a6:61:09:18:a0:38:ba:cf:e1:84:2f:fc:b5:39:9d:f7:d4:b5:
         8b:2b:a1:52:33:da:da:01:35:ed:65:2f:fa:ac:52:10:91:4f:
         b0:af:20:69:8c:40:6e:d0:fb:83:a4:15:8c:37:34:ba:06:1b:
         93:e1:fb:1f:7b:55:2e:35:cd:63:f2:5f:3d:b9:87:9b:c8:4d:
         f2:82:78:9d:ac:62:27:b2:1c:c5:eb:2f:8b:e2:68:52:bb:e5:
         b9:fb:1a:e6:db:6f:03:d9:2b:87:1b:57:d1:cf:1e:e4:be:cc:
         5c:ec:1a:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDONwPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0NDg4NzgwHhcNMjIwMzMx
MjAyMjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlZTYxZmYzN2YyYmQz
NjBkYTg4NDlhY2EwN2YxYWRiNjQwZmM2YTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAytBlQfbdWctsTitojvuTOvoXHRb1A8U7vcr3dgt7T8TMT2Il
uxb2S5ise4Y6j8ywKhneVjyj4lQ9We3ia91HXMxS45da0XaGobJTpnCuxxHsWlj8
/mOCNGSly0Du+9+Z+5kKwhOlO0gspgudyUK1CP4tVZWpcM9Yc9GR7WNn2vqy4Otk
6lVL3guY+SzKrvof1jhtBV1KsVRSszRGAgTetz6t0N5FEyslkTVLiu6GFHqFRXDR
XMV1/9O0m3aFSHD8lIQM1GVe5YSvT5mHOhfUSxzB29zz3bkJuVQaWXQaBjteJ8bX
99YbmoQE0+DhhehdU5llqd5DAu4hNP34V18Z0wIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFO5h/zfyvTYNqISaygfxrbZA/GpFMB8GA1UdIwQYMBaAFKf9P4kzXc+Chmay
j62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEv
N21IX05fSzlOZzJvaEpyS0JfR3R0a0Q4YWtVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8z
ODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEvcF8wX2lUTmR6NEtH
WnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTUoMA0EAgACMAcDBQAqEqTCMA0G
CSqGSIb3DQEBCwUAA4IBAQCD3TkY+H8IlgTXzmXbAuk7TkeHYv/3F+6FWXrw2bYg
4j6EsXaW7j9hIBw7ZhFAFupPzqRZHZEoxhvAcpxoRBI+99OSZ1eAwTBFL4ndsB24
EQnmilkwDgHVB8O418+cfr9nQSluxOmomly1WPHHVumgD5s93A8S1zGwnKr8ZMUu
XFUQbOywoeSFHviW8se97OOmYQkYoDi6z+GEL/y1OZ331LWLK6FSM9raATXtZS/6
rFIQkU+wryBpjEBu0PuDpBWMNzS6BhuT4fsfe1UuNc1j8l89uYebyE3ygnidrGIn
shzF6y+L4mhSu+W5+xrm228D2SuHG1fRzx7kvsxc7Bqi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:21 2024 by rpki-client on console-fra.rpki-client.org