Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/345c9b-7b4a-4b21-9b00-4d301684c3bc/1/DKW5LDe6O52OxK8O87VWoeUMro4.roa
File:                     DKW5LDe6O52OxK8O87VWoeUMro4.roa (raw, json)
Hash identifier:          Mh5/KDirDeEdIoSHdSJTxDHa3wFoikQV5CWz78kto/8=
Subject key identifier:   0C:A5:B9:2C:37:BA:3B:9D:8E:C4:AF:0E:F3:B5:56:A1:E5:0C:AE:8E
Certificate issuer:       /CN=a76abda90346d0cad25dca6f7450bccf8d08e771
Certificate serial:       C94B
Authority key identifier: A7:6A:BD:A9:03:46:D0:CA:D2:5D:CA:6F:74:50:BC:CF:8D:08:E7:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p2q9qQNG0MrSXcpvdFC8z40I53E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/345c9b-7b4a-4b21-9b00-4d301684c3bc/1/DKW5LDe6O52OxK8O87VWoeUMro4.roa
Signing time:             Thu 28 Apr 2022 08:28:11 +0000
ROA not before:           Thu 28 Apr 2022 08:28:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        193.227.77.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51531 (0xc94b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a76abda90346d0cad25dca6f7450bccf8d08e771
        Validity
            Not Before: Apr 28 08:28:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0ca5b92c37ba3b9d8ec4af0ef3b556a1e50cae8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:dc:ff:41:17:db:3b:24:87:c8:08:95:af:0d:
                    6d:26:c3:95:7d:c2:24:63:e6:54:19:47:3b:9e:bb:
                    72:33:ef:72:b9:35:10:af:5c:c5:59:b9:67:4b:6c:
                    81:7c:75:3b:a1:96:0e:e5:b6:6a:c3:45:35:76:39:
                    ba:60:3e:52:b5:bd:e0:6a:bf:4d:41:f8:b2:bb:57:
                    3c:c0:e6:e0:ac:3e:f3:db:e9:9b:df:bd:93:aa:38:
                    db:11:82:03:4e:3c:d9:f6:8c:cc:a9:b0:d6:43:ab:
                    99:7f:f4:2b:8e:ff:5e:bc:82:6e:7f:06:e3:6f:b8:
                    0f:5c:16:c6:4b:1b:be:3b:e7:ae:6e:40:a8:b0:a7:
                    5d:99:17:2d:f2:b7:e3:31:7a:25:1e:6f:56:1c:28:
                    79:fe:82:6d:27:a5:4f:9d:af:bf:c8:34:68:fc:d1:
                    67:70:a3:bb:72:2a:34:95:f9:53:b4:a1:b8:f7:4c:
                    1b:1e:83:03:51:38:aa:3e:58:91:98:94:be:8c:ef:
                    6b:d9:ef:10:5e:4b:67:6d:3d:8a:f2:41:e3:fd:d3:
                    ed:d7:25:8d:e7:fe:b3:07:9a:77:1c:88:e1:10:c9:
                    da:53:f9:c5:fd:ea:81:b7:b0:ce:c7:92:f3:f7:81:
                    dc:38:2b:c1:00:e0:d5:69:8f:d9:bd:62:3b:83:3e:
                    5c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:A5:B9:2C:37:BA:3B:9D:8E:C4:AF:0E:F3:B5:56:A1:E5:0C:AE:8E
            X509v3 Authority Key Identifier:
                keyid:A7:6A:BD:A9:03:46:D0:CA:D2:5D:CA:6F:74:50:BC:CF:8D:08:E7:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2q9qQNG0MrSXcpvdFC8z40I53E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/345c9b-7b4a-4b21-9b00-4d301684c3bc/1/DKW5LDe6O52OxK8O87VWoeUMro4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/345c9b-7b4a-4b21-9b00-4d301684c3bc/1/p2q9qQNG0MrSXcpvdFC8z40I53E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.227.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:7e:ed:26:50:6b:ed:49:2c:c9:fa:73:22:29:7f:3f:b6:fc:
         e2:45:0f:b8:6a:d2:a4:e3:7f:5f:7f:d2:0a:64:81:c6:75:ab:
         1e:73:99:6e:71:20:a4:19:e8:d4:4f:e8:7f:81:d8:d9:aa:1e:
         7c:a5:20:37:ab:92:87:81:63:9e:0e:39:11:f3:41:9f:3d:02:
         65:06:43:64:e1:e9:bd:d6:b8:d4:f6:0b:7b:44:cf:a6:be:2a:
         91:01:c6:1d:ae:2c:13:eb:73:e6:5d:ea:3f:50:7e:bc:61:30:
         54:3f:f4:54:55:5e:6c:f2:45:35:70:f9:22:5c:ef:b6:0c:fa:
         d8:24:02:f7:b0:a5:52:a9:1a:74:3f:57:74:f6:10:8f:32:c0:
         e7:e2:d5:5f:e0:f8:99:58:94:de:69:48:78:7a:01:bb:fd:be:
         e9:9a:91:ee:2d:4c:f1:55:5e:a9:a0:2a:c4:65:ed:c8:b0:5d:
         ae:04:81:8b:86:7d:0a:de:18:26:a9:6c:01:04:fc:91:07:f4:
         1f:e0:56:bd:27:d5:12:98:97:6d:33:2e:fb:ab:f6:56:50:76:
         4a:62:c8:c0:2d:a3:24:52:4a:aa:9e:33:15:51:c6:d5:66:c8:
         b2:f8:b2:b6:78:14:f4:17:89:93:3a:4c:69:3b:9d:3b:48:47:
         8e:1e:1f:56
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAMlLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
NmFiZGE5MDM0NmQwY2FkMjVkY2E2Zjc0NTBiY2NmOGQwOGU3NzEwHhcNMjIwNDI4
MDgyODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwY2E1YjkyYzM3YmEz
YjlkOGVjNGFmMGVmM2I1NTZhMWU1MGNhZThlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAttz/QRfbOySHyAiVrw1tJsOVfcIkY+ZUGUc7nrtyM+9yuTUQ
r1zFWblnS2yBfHU7oZYO5bZqw0U1djm6YD5Stb3gar9NQfiyu1c8wObgrD7z2+mb
372TqjjbEYIDTjzZ9ozMqbDWQ6uZf/Qrjv9evIJufwbjb7gPXBbGSxu+O+eubkCo
sKddmRct8rfjMXolHm9WHCh5/oJtJ6VPna+/yDRo/NFncKO7cio0lflTtKG490wb
HoMDUTiqPliRmJS+jO9r2e8QXktnbT2K8kHj/dPt1yWN5/6zB5p3HIjhEMnaU/nF
/eqBt7DOx5Lz94HcOCvBAODVaY/ZvWI7gz5c3wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFAyluSw3ujudjsSvDvO1VqHlDK6OMB8GA1UdIwQYMBaAFKdqvakDRtDK0l3K
b3RQvM+NCOdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cDJxOXFRTkcwTXJTWGNwdmRGQzh6NDBJNTNFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Ni8zNDVjOWItN2I0YS00YjIxLTliMDAtNGQzMDE2ODRjM2JjLzEv
REtXNUxEZTZPNTJPeEs4Tzg3VldvZVVNcm80LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8z
NDVjOWItN2I0YS00YjIxLTliMDAtNGQzMDE2ODRjM2JjLzEvcDJxOXFRTkcwTXJT
WGNwdmRGQzh6NDBJNTNFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAweNNMA0GCSqGSIb3DQEBCwUAA4IB
AQA1fu0mUGvtSSzJ+nMiKX8/tvziRQ+4atKk439ff9IKZIHGdasec5lucSCkGejU
T+h/gdjZqh58pSA3q5KHgWOeDjkR80GfPQJlBkNk4em91rjU9gt7RM+mviqRAcYd
riwT63PmXeo/UH68YTBUP/RUVV5s8kU1cPkiXO+2DPrYJAL3sKVSqRp0P1d09hCP
MsDn4tVf4PiZWJTeaUh4egG7/b7pmpHuLUzxVV6poCrEZe3IsF2uBIGLhn0K3hgm
qWwBBPyRB/Qf4Fa9J9USmJdtMy77q/ZWUHZKYsjALaMkUkqqnjMVUcbVZsiy+LK2
eBT0F4mTOkxpO507SEeOHh9W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:30 2024 by rpki-client on console-ams.rpki-client.org