Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c4210e-90de-4eca-8206-5537d85d2bd0/1/q0WzQmiECa2x_VsqXXorRWiHtTM.roa
File:                     q0WzQmiECa2x_VsqXXorRWiHtTM.roa (raw, json)
Hash identifier:          Blzex5GPmPSDoxznEpU/02bngkiR4/STvoxPx+MfxQ4=
Subject key identifier:   AB:45:B3:42:68:84:09:AD:B1:FD:5B:2A:5D:7A:2B:45:68:87:B5:33
Certificate issuer:       /CN=a0bb1718963ddd9128b76fd3d8213a1565ef856d
Certificate serial:       0640D66C
Authority key identifier: A0:BB:17:18:96:3D:DD:91:28:B7:6F:D3:D8:21:3A:15:65:EF:85:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oLsXGJY93ZEot2_T2CE6FWXvhW0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/c4210e-90de-4eca-8206-5537d85d2bd0/1/q0WzQmiECa2x_VsqXXorRWiHtTM.roa
Signing time:             Sat 01 Jan 2022 08:59:52 +0000
ROA not before:           Sat 01 Jan 2022 08:59:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1764
IP address blocks:        193.201.41.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 104912492 (0x640d66c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0bb1718963ddd9128b76fd3d8213a1565ef856d
        Validity
            Not Before: Jan  1 08:59:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ab45b342688409adb1fd5b2a5d7a2b456887b533
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:f4:b5:52:0c:d6:66:66:f7:a5:1b:9e:82:1a:
                    99:ee:5c:5f:44:6a:c2:5a:52:74:e0:e2:1a:b9:12:
                    ad:3f:33:04:06:12:f4:29:75:f5:ce:b5:48:a2:5b:
                    f9:db:fb:d5:84:b3:0e:ce:50:d3:48:41:2e:f0:b3:
                    6f:37:68:24:d5:bd:89:0f:53:53:2c:bc:8d:f5:44:
                    8b:f2:d2:12:21:18:e6:fe:61:e0:8d:4f:57:ec:8a:
                    87:50:02:ab:01:e6:a0:d6:27:94:54:a4:0a:ad:49:
                    28:c8:7c:69:2e:6b:74:4f:e2:eb:c5:61:22:15:78:
                    1e:e4:34:9a:d4:2b:e5:21:d1:9d:44:a1:91:bf:72:
                    1c:d4:54:2c:12:90:51:76:c7:64:dd:e1:1b:51:90:
                    45:9e:12:32:d6:5e:78:33:00:6b:2e:6f:74:58:af:
                    e6:44:d4:17:7e:51:36:4f:d0:b0:27:ff:7b:ac:ee:
                    c1:48:ed:5f:2e:3f:4b:67:77:e0:85:b9:e4:86:d3:
                    0c:15:aa:22:07:8a:c2:98:2e:00:ea:b2:d1:5c:2f:
                    34:ee:ca:db:17:b3:b5:ef:7c:90:55:f9:7a:6f:2f:
                    da:ac:11:09:c8:3f:1f:2c:d7:c7:81:ed:ea:b9:23:
                    b0:fb:a5:bf:4d:a8:62:16:b0:99:ee:85:4e:83:8d:
                    a3:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:45:B3:42:68:84:09:AD:B1:FD:5B:2A:5D:7A:2B:45:68:87:B5:33
            X509v3 Authority Key Identifier:
                keyid:A0:BB:17:18:96:3D:DD:91:28:B7:6F:D3:D8:21:3A:15:65:EF:85:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLsXGJY93ZEot2_T2CE6FWXvhW0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c4210e-90de-4eca-8206-5537d85d2bd0/1/q0WzQmiECa2x_VsqXXorRWiHtTM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c4210e-90de-4eca-8206-5537d85d2bd0/1/oLsXGJY93ZEot2_T2CE6FWXvhW0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.201.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:c9:59:d8:9d:b0:a2:83:40:8d:0d:35:07:98:ec:45:c1:f1:
         24:90:25:1f:a5:16:83:5c:9a:df:49:6e:88:82:0f:f3:75:be:
         95:3d:64:69:9f:15:ad:2e:2b:30:ac:49:d0:e8:98:10:85:ca:
         ef:66:b4:d7:1b:d9:4f:0c:ba:80:c6:e3:d1:67:41:e2:64:b2:
         7b:66:88:96:a4:96:17:83:91:63:1f:4e:e6:0f:b8:fd:86:6d:
         0b:12:bb:2b:f7:49:99:24:62:cb:49:e6:5d:42:be:82:95:6f:
         90:7c:81:93:2d:c8:7f:c2:58:3d:2a:ae:ec:2e:8e:78:2a:c5:
         af:6e:72:c0:25:e8:7b:ea:52:66:fa:c8:04:a1:60:fc:a0:3a:
         4c:b9:a1:f2:65:45:70:21:5b:c9:92:63:d9:83:a5:5a:ba:d3:
         dc:5c:d7:18:98:bd:89:f4:2e:9f:d7:e9:b3:df:93:1b:b5:0a:
         bf:a4:4c:76:36:e3:1c:3d:71:07:ab:17:d2:b3:d5:05:fe:60:
         eb:1f:aa:00:d7:e1:aa:69:64:46:fb:ec:07:6b:97:57:09:df:
         03:a0:41:43:da:9d:68:4a:9b:49:e9:4e:28:c7:26:6a:b6:64:
         f8:39:59:9d:e7:c1:4e:5b:c5:d4:a1:07:b9:91:74:f7:fa:cd:
         6f:fe:8d:95
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBkDWbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGJiMTcxODk2M2RkZDkxMjhiNzZmZDNkODIxM2ExNTY1ZWY4NTZkMB4XDTIyMDEw
MTA4NTk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI0NWIzNDI2ODg0
MDlhZGIxZmQ1YjJhNWQ3YTJiNDU2ODg3YjUzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO30tVIM1mZm96UbnoIame5cX0RqwlpSdODiGrkSrT8zBAYS
9Cl19c61SKJb+dv71YSzDs5Q00hBLvCzbzdoJNW9iQ9TUyy8jfVEi/LSEiEY5v5h
4I1PV+yKh1ACqwHmoNYnlFSkCq1JKMh8aS5rdE/i68VhIhV4HuQ0mtQr5SHRnUSh
kb9yHNRULBKQUXbHZN3hG1GQRZ4SMtZeeDMAay5vdFiv5kTUF35RNk/QsCf/e6zu
wUjtXy4/S2d34IW55IbTDBWqIgeKwpguAOqy0VwvNO7K2xezte98kFX5em8v2qwR
Ccg/HyzXx4Ht6rkjsPulv02oYhawme6FToONo18CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSrRbNCaIQJrbH9WypdeitFaIe1MzAfBgNVHSMEGDAWgBSguxcYlj3dkSi3
b9PYIToVZe+FbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29Mc1hHSlk5M1pFb3QyX1QyQ0U2RldYdmhXMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvYzQyMTBlLTkwZGUtNGVjYS04MjA2LTU1MzdkODVkMmJkMC8x
L3EwV3pRbWlFQ2EyeF9Wc3FYWG9yUldpSHRUTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
YzQyMTBlLTkwZGUtNGVjYS04MjA2LTU1MzdkODVkMmJkMC8xL29Mc1hHSlk5M1pF
b3QyX1QyQ0U2RldYdmhXMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHJKTANBgkqhkiG9w0BAQsFAAOC
AQEADMlZ2J2wooNAjQ01B5jsRcHxJJAlH6UWg1ya30luiIIP83W+lT1kaZ8VrS4r
MKxJ0OiYEIXK72a01xvZTwy6gMbj0WdB4mSye2aIlqSWF4ORYx9O5g+4/YZtCxK7
K/dJmSRiy0nmXUK+gpVvkHyBky3If8JYPSqu7C6OeCrFr25ywCXoe+pSZvrIBKFg
/KA6TLmh8mVFcCFbyZJj2YOlWrrT3FzXGJi9ifQun9fps9+TG7UKv6RMdjbjHD1x
B6sX0rPVBf5g6x+qANfhqmlkRvvsB2uXVwnfA6BBQ9qdaEqbSelOKMcmarZk+DlZ
nefBTlvF1KEHuZF09/rNb/6NlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:41 2024 by rpki-client on console-fra.rpki-client.org