Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d379db-d90e-43b9-a214-18e36bddc21c/1/v9bE4C77zg48Gw364CbUtISr6ko.roa
File:                     v9bE4C77zg48Gw364CbUtISr6ko.roa (raw, json)
Hash identifier:          2WY+0uw1xLZ9H/9lHJVysmSY5NBTYbXT8lqT4763QVU=
Subject key identifier:   BF:D6:C4:E0:2E:FB:CE:0E:3C:1B:0D:FA:E0:26:D4:B4:84:AB:EA:4A
Certificate issuer:       /CN=9e7fa4d71ff61ddd752a56e5e9ca31697a952b34
Certificate serial:       0928A5C5
Authority key identifier: 9E:7F:A4:D7:1F:F6:1D:DD:75:2A:56:E5:E9:CA:31:69:7A:95:2B:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nn-k1x_2Hd11Klbl6coxaXqVKzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/d379db-d90e-43b9-a214-18e36bddc21c/1/v9bE4C77zg48Gw364CbUtISr6ko.roa
Signing time:             Sat 01 Jan 2022 03:54:39 +0000
ROA not before:           Sat 01 Jan 2022 03:54:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20795
IP address blocks:        193.109.96.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153658821 (0x928a5c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e7fa4d71ff61ddd752a56e5e9ca31697a952b34
        Validity
            Not Before: Jan  1 03:54:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bfd6c4e02efbce0e3c1b0dfae026d4b484abea4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d9:f9:8b:85:e6:43:39:de:12:92:42:a4:5e:
                    cd:77:0e:39:7b:b4:29:79:94:1e:27:97:80:e5:4e:
                    75:9a:15:08:ff:1d:d3:d1:dc:85:b6:2d:a7:e9:77:
                    ef:af:98:97:6e:9f:72:9a:7b:b0:20:b0:16:db:3f:
                    94:84:f4:74:73:e4:5a:aa:60:57:ce:ae:0b:1b:2c:
                    6e:5c:f9:ce:c9:3e:c9:95:df:48:8f:d0:1e:c8:a2:
                    f5:4c:f5:8d:60:8b:9b:69:96:57:0e:ee:ba:8b:6e:
                    c4:fb:cb:dc:1c:6b:4d:01:79:62:a7:22:eb:92:56:
                    0d:c4:f6:1e:58:30:b4:35:c4:b0:75:ed:bb:19:ea:
                    cc:38:98:80:e5:37:e9:7c:7d:cf:37:b4:16:60:80:
                    7a:6d:55:ef:09:66:01:0d:0e:59:25:b7:a8:47:6a:
                    d3:57:b8:0d:22:5f:d2:70:08:04:f2:f3:99:e4:04:
                    9c:0a:be:3c:3e:91:ed:35:60:8d:55:22:72:ad:6a:
                    9f:0c:2d:21:e8:d6:c6:e8:37:c0:ea:01:4a:57:c3:
                    93:d2:30:34:93:9c:82:c3:3e:30:e4:17:04:96:55:
                    5d:60:a7:0b:8e:b0:f2:8a:56:a2:42:f0:58:48:61:
                    4e:5f:bb:5b:58:4b:56:e0:46:b4:a3:8e:65:b4:86:
                    1f:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:D6:C4:E0:2E:FB:CE:0E:3C:1B:0D:FA:E0:26:D4:B4:84:AB:EA:4A
            X509v3 Authority Key Identifier:
                keyid:9E:7F:A4:D7:1F:F6:1D:DD:75:2A:56:E5:E9:CA:31:69:7A:95:2B:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nn-k1x_2Hd11Klbl6coxaXqVKzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d379db-d90e-43b9-a214-18e36bddc21c/1/v9bE4C77zg48Gw364CbUtISr6ko.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d379db-d90e-43b9-a214-18e36bddc21c/1/nn-k1x_2Hd11Klbl6coxaXqVKzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.109.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:77:a2:88:e9:d0:c7:34:32:ef:27:5f:0a:75:ce:c2:f1:08:
         5d:03:b3:fa:dc:09:2f:8a:90:4b:c8:40:51:a0:35:0d:94:8b:
         a2:1f:36:40:7e:1f:eb:56:44:b4:1c:ab:d3:aa:2c:f1:dc:3c:
         02:2d:ab:90:ed:7a:20:ec:a9:03:87:36:b1:4d:d7:17:6a:c6:
         90:8b:77:dc:89:91:ec:c2:29:97:b6:f3:61:b8:fa:74:86:04:
         d1:5d:97:ad:1c:f2:23:81:5f:55:dd:2a:1b:18:fd:a6:16:29:
         2d:7b:ab:e9:e2:a8:58:66:64:79:31:6b:e7:a4:d6:7c:c8:1e:
         6d:d4:dc:54:7a:29:0b:2d:0f:18:27:16:c7:67:01:e3:b5:5d:
         8d:ff:23:c6:27:9c:3b:a5:7f:51:65:27:a0:c9:e0:4d:57:6f:
         9d:61:b6:52:0e:5f:fb:ca:fa:92:31:82:28:c8:35:52:33:38:
         c3:f0:85:6b:4a:dd:15:52:d4:8a:b1:12:71:00:ac:3a:3c:dc:
         2c:ed:41:fd:43:9e:14:53:9f:fc:db:12:e9:33:e6:32:30:01:
         e3:30:af:17:e6:68:71:6d:77:22:bf:df:6e:42:d0:f6:19:14:
         57:07:90:21:a7:62:a2:38:26:4b:86:46:42:cd:66:03:c2:a7:
         68:ca:ef:9f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECSilxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTdmYTRkNzFmZjYxZGRkNzUyYTU2ZTVlOWNhMzE2OTdhOTUyYjM0MB4XDTIyMDEw
MTAzNTQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZkNmM0ZTAyZWZi
Y2UwZTNjMWIwZGZhZTAyNmQ0YjQ4NGFiZWE0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPZ+YuF5kM53hKSQqRezXcOOXu0KXmUHieXgOVOdZoVCP8d
09HchbYtp+l376+Yl26fcpp7sCCwFts/lIT0dHPkWqpgV86uCxssblz5zsk+yZXf
SI/QHsii9Uz1jWCLm2mWVw7uuotuxPvL3BxrTQF5Yqci65JWDcT2HlgwtDXEsHXt
uxnqzDiYgOU36Xx9zze0FmCAem1V7wlmAQ0OWSW3qEdq01e4DSJf0nAIBPLzmeQE
nAq+PD6R7TVgjVUicq1qnwwtIejWxug3wOoBSlfDk9IwNJOcgsM+MOQXBJZVXWCn
C46w8opWokLwWEhhTl+7W1hLVuBGtKOOZbSGH1sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/1sTgLvvODjwbDfrgJtS0hKvqSjAfBgNVHSMEGDAWgBSef6TXH/Yd3XUq
VuXpyjFpepUrNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25uLWsxeF8ySGQxMUtsYmw2Y294YVhxVkt6US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvZDM3OWRiLWQ5MGUtNDNiOS1hMjE0LTE4ZTM2YmRkYzIxYy8x
L3Y5YkU0Qzc3emc0OEd3MzY0Q2JVdElTcjZrby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
ZDM3OWRiLWQ5MGUtNDNiOS1hMjE0LTE4ZTM2YmRkYzIxYy8xL25uLWsxeF8ySGQx
MUtsYmw2Y294YVhxVkt6US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsFtYDANBgkqhkiG9w0BAQsFAAOC
AQEAn3eiiOnQxzQy7ydfCnXOwvEIXQOz+twJL4qQS8hAUaA1DZSLoh82QH4f61ZE
tByr06os8dw8Ai2rkO16IOypA4c2sU3XF2rGkIt33ImR7MIpl7bzYbj6dIYE0V2X
rRzyI4FfVd0qGxj9phYpLXur6eKoWGZkeTFr56TWfMgebdTcVHopCy0PGCcWx2cB
47Vdjf8jxiecO6V/UWUnoMngTVdvnWG2Ug5f+8r6kjGCKMg1UjM4w/CFa0rdFVLU
irEScQCsOjzcLO1B/UOeFFOf/NsS6TPmMjAB4zCvF+ZocW13Ir/fbkLQ9hkUVweQ
IadiojgmS4ZGQs1mA8KnaMrvnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:39 2024 by rpki-client on console-fra.rpki-client.org