Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/50f5ba-bdf4-4a71-a836-8b31e23382da/1/_DW43jqoYPwYR9rn-3f6_q0EGno.roa
File:                     _DW43jqoYPwYR9rn-3f6_q0EGno.roa (raw, json)
Hash identifier:          mVzBDTGA8KwWLe3pi/5sBn/mCmy4XxXW+wRRa5Uy2k8=
Subject key identifier:   FC:35:B8:DE:3A:A8:60:FC:18:47:DA:E7:FB:77:FA:FE:AD:04:1A:7A
Certificate issuer:       /CN=517d59438cc201dca2fc1ce7a68773bd71be0ebe
Certificate serial:       1634777B
Authority key identifier: 51:7D:59:43:8C:C2:01:DC:A2:FC:1C:E7:A6:87:73:BD:71:BE:0E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UX1ZQ4zCAdyi_BznpodzvXG-Dr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/50f5ba-bdf4-4a71-a836-8b31e23382da/1/_DW43jqoYPwYR9rn-3f6_q0EGno.roa
Signing time:             Sat 01 Jan 2022 05:05:44 +0000
ROA not before:           Sat 01 Jan 2022 05:05:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21385
IP address blocks:        193.108.19.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 372537211 (0x1634777b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=517d59438cc201dca2fc1ce7a68773bd71be0ebe
        Validity
            Not Before: Jan  1 05:05:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fc35b8de3aa860fc1847dae7fb77fafead041a7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:46:8c:c5:45:bc:89:a0:4b:59:3e:94:ee:5c:
                    37:94:e1:3a:8a:cd:c7:a5:10:56:ed:35:76:8f:f3:
                    f8:1c:18:be:ac:89:86:06:3d:5c:52:fd:90:a7:d2:
                    0c:32:bd:2d:cb:91:3e:d3:0f:18:da:49:a1:cd:b5:
                    cc:ef:41:23:ea:b0:34:d4:e8:fd:c8:4b:1a:6e:eb:
                    6a:bf:3b:35:e9:5c:d5:95:2c:e6:1a:aa:50:23:b5:
                    f9:31:19:41:3d:87:22:ed:9c:b9:1d:40:a0:0a:7f:
                    65:c4:4e:bb:1c:27:fa:19:8c:dd:72:9e:62:bf:38:
                    75:7f:b2:b2:12:8d:c8:e3:f0:90:5c:52:0c:11:e2:
                    60:18:af:45:b8:1b:4f:0a:de:34:de:65:95:22:c2:
                    49:b5:da:4c:99:c7:87:93:58:12:86:0c:2a:e8:df:
                    51:d1:28:18:23:b1:95:d4:3a:7d:9d:44:1e:cb:5a:
                    c9:a2:2f:e0:4d:5a:e5:84:be:ac:2a:5b:c9:4d:4d:
                    f5:eb:44:88:58:2a:df:d6:b2:ed:bc:40:ef:a2:93:
                    a8:f1:b4:bc:8d:66:ba:ec:56:db:22:07:f4:8e:d8:
                    42:d5:65:20:f2:64:f4:9e:3b:33:25:42:6f:59:8f:
                    bd:24:b2:57:f8:2a:53:da:c2:76:e5:0e:1c:68:79:
                    8c:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:35:B8:DE:3A:A8:60:FC:18:47:DA:E7:FB:77:FA:FE:AD:04:1A:7A
            X509v3 Authority Key Identifier:
                keyid:51:7D:59:43:8C:C2:01:DC:A2:FC:1C:E7:A6:87:73:BD:71:BE:0E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UX1ZQ4zCAdyi_BznpodzvXG-Dr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/50f5ba-bdf4-4a71-a836-8b31e23382da/1/_DW43jqoYPwYR9rn-3f6_q0EGno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/50f5ba-bdf4-4a71-a836-8b31e23382da/1/UX1ZQ4zCAdyi_BznpodzvXG-Dr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:42:c7:ff:64:be:45:23:95:f0:86:19:21:5a:72:b4:a4:bb:
         9d:72:dc:73:bd:e6:61:4e:34:d2:0b:04:1b:cd:6d:66:1a:5a:
         8c:63:41:12:50:37:70:b4:23:81:c6:67:ee:31:3f:8f:e4:1d:
         6f:b9:82:44:75:71:09:9a:16:04:78:58:e9:c1:f0:78:98:26:
         23:e4:65:93:95:53:92:73:0c:ab:04:35:82:77:1b:bf:ad:d4:
         12:33:2d:21:72:03:9d:b9:60:82:ae:4b:bc:d9:89:34:f9:81:
         da:74:70:44:7e:81:ee:50:b8:70:ef:02:f8:54:a5:08:fe:69:
         8c:c0:63:62:5a:1d:92:43:24:61:55:19:8e:a0:86:9a:44:e8:
         37:d1:97:35:95:2d:f7:63:0d:00:3a:22:6d:dc:50:04:f4:1c:
         1d:ed:dd:dc:04:af:b8:46:2a:85:23:69:f8:4d:34:24:7d:83:
         fc:bd:4f:46:1f:a7:b4:9c:6a:f6:92:ec:b9:43:91:50:0c:98:
         85:39:59:14:26:d7:6e:8d:e0:78:43:12:4e:89:12:16:06:d3:
         3f:26:67:dd:bc:68:a6:ea:6a:2c:28:d2:3d:5b:6f:0e:d5:81:
         3f:31:2b:f3:e5:de:90:ad:93:0e:bf:56:c6:27:ae:51:5f:f0:
         67:d9:3b:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFjR3ezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MTdkNTk0MzhjYzIwMWRjYTJmYzFjZTdhNjg3NzNiZDcxYmUwZWJlMB4XDTIyMDEw
MTA1MDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMzNWI4ZGUzYWE4
NjBmYzE4NDdkYWU3ZmI3N2ZhZmVhZDA0MWE3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1GjMVFvImgS1k+lO5cN5ThOorNx6UQVu01do/z+BwYvqyJ
hgY9XFL9kKfSDDK9LcuRPtMPGNpJoc21zO9BI+qwNNTo/chLGm7rar87Nelc1ZUs
5hqqUCO1+TEZQT2HIu2cuR1AoAp/ZcROuxwn+hmM3XKeYr84dX+yshKNyOPwkFxS
DBHiYBivRbgbTwreNN5llSLCSbXaTJnHh5NYEoYMKujfUdEoGCOxldQ6fZ1EHsta
yaIv4E1a5YS+rCpbyU1N9etEiFgq39ay7bxA76KTqPG0vI1muuxW2yIH9I7YQtVl
IPJk9J47MyVCb1mPvSSyV/gqU9rCduUOHGh5jMkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT8NbjeOqhg/BhH2uf7d/r+rQQaejAfBgNVHSMEGDAWgBRRfVlDjMIB3KL8
HOemh3O9cb4OvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VYMVpRNHpDQWR5aV9Cem5wb2R6dlhHLURyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvNTBmNWJhLWJkZjQtNGE3MS1hODM2LThiMzFlMjMzODJkYS8x
L19EVzQzanFvWVB3WVI5cm4tM2Y2X3EwRUduby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
NTBmNWJhLWJkZjQtNGE3MS1hODM2LThiMzFlMjMzODJkYS8xL1VYMVpRNHpDQWR5
aV9Cem5wb2R6dlhHLURyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFsEzANBgkqhkiG9w0BAQsFAAOC
AQEAJkLH/2S+RSOV8IYZIVpytKS7nXLcc73mYU400gsEG81tZhpajGNBElA3cLQj
gcZn7jE/j+Qdb7mCRHVxCZoWBHhY6cHweJgmI+Rlk5VTknMMqwQ1gncbv63UEjMt
IXIDnblggq5LvNmJNPmB2nRwRH6B7lC4cO8C+FSlCP5pjMBjYlodkkMkYVUZjqCG
mkToN9GXNZUt92MNADoibdxQBPQcHe3d3ASvuEYqhSNp+E00JH2D/L1PRh+ntJxq
9pLsuUORUAyYhTlZFCbXbo3geEMSTokSFgbTPyZn3bxopupqLCjSPVtvDtWBPzEr
8+XekK2TDr9WxieuUV/wZ9k7Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:10 2024 by rpki-client on console-fra.rpki-client.org