Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/x9kEAaSo0wzkxh1RJIvJAXUbxrk.roa
File:                     x9kEAaSo0wzkxh1RJIvJAXUbxrk.roa (raw, json)
Hash identifier:          zpmGNy9rncgbrsP756X3foPkhvl7atoB3ljAUwO+A0k=
Subject key identifier:   C7:D9:04:01:A4:A8:D3:0C:E4:C6:1D:51:24:8B:C9:01:75:1B:C6:B9
Certificate issuer:       /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial:       1806C232
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/x9kEAaSo0wzkxh1RJIvJAXUbxrk.roa
Signing time:             Wed 16 Mar 2022 09:45:43 +0000
ROA not before:           Wed 16 Mar 2022 09:45:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61138
IP address blocks:        193.57.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 403096114 (0x1806c232)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
        Validity
            Not Before: Mar 16 09:45:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c7d90401a4a8d30ce4c61d51248bc901751bc6b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e5:c8:5d:2c:26:1e:09:6c:fa:a6:37:d2:75:
                    fe:d3:7e:97:74:1c:e2:ea:7a:03:0c:96:0e:95:aa:
                    10:14:49:9e:69:11:7a:ab:00:dd:2b:ed:c2:9a:db:
                    3b:26:2e:89:5c:5b:fb:14:5a:21:77:aa:b0:63:5a:
                    29:05:d3:d0:c1:ef:22:c9:23:81:9d:14:82:04:e3:
                    1d:6f:a0:3c:ba:0d:97:1f:bf:9e:fa:42:ed:00:ab:
                    8b:01:52:40:e0:82:08:af:7c:3e:5b:11:9d:02:f2:
                    78:03:8a:2e:32:ba:32:1f:d2:ce:3b:e0:8f:01:e3:
                    3f:15:52:82:85:13:f4:c7:3e:bc:de:60:35:a8:05:
                    21:94:38:dd:46:aa:bd:d0:fa:29:94:2a:6b:5d:bb:
                    c0:3f:8e:e3:1f:89:c3:23:f6:14:0e:53:ed:5a:94:
                    53:02:d9:2f:3e:3a:35:78:08:0f:56:72:28:49:13:
                    e5:32:7c:2a:5d:74:cc:c5:0b:14:a8:7f:22:9e:d8:
                    a5:bb:fc:44:b4:bd:66:5f:9d:b3:43:df:e5:d2:3c:
                    d7:aa:d0:8c:11:a6:5d:3f:19:11:be:58:f6:81:85:
                    33:90:d1:d3:8e:3b:65:80:f0:28:7a:ec:f2:2f:6e:
                    7f:17:9a:2c:3e:9a:a3:c8:a7:c0:8f:8b:db:19:5b:
                    68:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:D9:04:01:A4:A8:D3:0C:E4:C6:1D:51:24:8B:C9:01:75:1B:C6:B9
            X509v3 Authority Key Identifier:
                keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/x9kEAaSo0wzkxh1RJIvJAXUbxrk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:65:a5:ba:b7:97:2a:9d:1a:0f:ed:fb:c1:1d:27:82:31:24:
         e2:66:72:62:e4:02:35:1c:5c:c3:d3:bd:85:d8:1e:bc:5c:22:
         74:77:45:f2:b2:60:1f:e0:b4:04:20:a2:bf:fb:f1:67:d2:d7:
         97:a1:24:3a:d4:db:52:b4:e5:3e:32:dc:af:62:f3:29:68:6c:
         a1:4b:f6:cd:1f:a2:dc:9d:de:d6:a6:5d:bb:a1:47:90:fe:0c:
         6b:53:f1:ff:9b:3d:48:ab:67:94:c0:9b:2d:32:d9:37:d6:82:
         46:8d:65:49:68:fa:b6:f5:69:ea:97:72:39:8e:8a:dc:ee:f9:
         12:ac:80:8a:19:70:ee:f2:64:3b:51:cd:30:02:32:24:59:03:
         3d:4c:be:55:cd:b3:40:8c:cf:94:34:3f:68:0e:bf:c7:76:55:
         da:17:10:bb:e9:b2:ff:12:41:02:87:20:d5:0f:48:eb:5e:66:
         32:ab:27:5f:18:78:8d:b4:91:84:9f:e0:cb:9f:3d:b8:05:07:
         f3:4b:cf:7c:20:93:83:09:8b:e7:5e:9c:35:05:8f:87:62:09:
         05:0d:ed:8e:20:33:4d:cc:92:ba:c3:01:86:d2:04:99:0f:7f:
         ca:49:6f:4a:c2:85:85:cd:9a:94:f3:2c:a1:ca:ba:37:cd:28:
         b1:65:5b:cb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGAbCMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWJhMTE3MjQ3MmVhODAyNjVkMTI5ODI5NjdkZTBhOGIwYmM1OTAxMB4XDTIyMDMx
NjA5NDU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzdkOTA0MDFhNGE4
ZDMwY2U0YzYxZDUxMjQ4YmM5MDE3NTFiYzZiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7lyF0sJh4JbPqmN9J1/tN+l3Qc4up6AwyWDpWqEBRJnmkR
eqsA3SvtwprbOyYuiVxb+xRaIXeqsGNaKQXT0MHvIskjgZ0UggTjHW+gPLoNlx+/
nvpC7QCriwFSQOCCCK98PlsRnQLyeAOKLjK6Mh/SzjvgjwHjPxVSgoUT9Mc+vN5g
NagFIZQ43UaqvdD6KZQqa127wD+O4x+JwyP2FA5T7VqUUwLZLz46NXgID1ZyKEkT
5TJ8Kl10zMULFKh/Ip7Ypbv8RLS9Zl+ds0Pf5dI816rQjBGmXT8ZEb5Y9oGFM5DR
0447ZYDwKHrs8i9ufxeaLD6ao8inwI+L2xlbaJ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTH2QQBpKjTDOTGHVEki8kBdRvGuTAfBgNVHSMEGDAWgBQ6uhFyRy6oAmXR
KYKWfeCosLxZATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09yb1Jja2N1cUFKbDBTbUNsbjNncUxDOFdRRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvN2IxYzU1LWRkZDAtNDI4MS04Mzc4LTRkZDA0MzQ2YWJjMy8x
L3g5a0VBYVNvMHd6a3hoMVJKSXZKQVhVYnhyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
N2IxYzU1LWRkZDAtNDI4MS04Mzc4LTRkZDA0MzQ2YWJjMy8xL09yb1Jja2N1cUFK
bDBTbUNsbjNncUxDOFdRRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5pTANBgkqhkiG9w0BAQsFAAOC
AQEAdGWlureXKp0aD+37wR0ngjEk4mZyYuQCNRxcw9O9hdgevFwidHdF8rJgH+C0
BCCiv/vxZ9LXl6EkOtTbUrTlPjLcr2LzKWhsoUv2zR+i3J3e1qZdu6FHkP4Ma1Px
/5s9SKtnlMCbLTLZN9aCRo1lSWj6tvVp6pdyOY6K3O75EqyAihlw7vJkO1HNMAIy
JFkDPUy+Vc2zQIzPlDQ/aA6/x3ZV2hcQu+my/xJBAocg1Q9I615mMqsnXxh4jbSR
hJ/gy589uAUH80vPfCCTgwmL516cNQWPh2IJBQ3tjiAzTcySusMBhtIEmQ9/yklv
SsKFhc2alPMsocq6N80osWVbyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:17 2024 by rpki-client on console-fra.rpki-client.org