Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/kdvbzhCQ7HlSZt5wOlN3UucCvw0.roa
File:                     kdvbzhCQ7HlSZt5wOlN3UucCvw0.roa (raw, json)
Hash identifier:          MryKaRZmGJ88asGty7kjD9SmorxFQ+Qd3tkxM0AtUsQ=
Subject key identifier:   91:DB:DB:CE:10:90:EC:79:52:66:DE:70:3A:53:77:52:E7:02:BF:0D
Certificate issuer:       /CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Certificate serial:       31244788
Authority key identifier: 6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/kdvbzhCQ7HlSZt5wOlN3UucCvw0.roa
Signing time:             Thu 16 Jun 2022 23:17:36 +0000
ROA not before:           Thu 16 Jun 2022 23:17:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204776
IP address blocks:        194.143.130.0/23 maxlen: 24
                          193.16.100.0/24 maxlen: 24
                          195.246.98.0/24 maxlen: 24
                          195.246.99.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 824461192 (0x31244788)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
        Validity
            Not Before: Jun 16 23:17:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=91dbdbce1090ec795266de703a537752e702bf0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ea:02:e1:97:0f:bf:d9:88:79:1f:3b:5b:32:
                    08:98:41:32:d5:5f:5f:c5:52:38:e9:89:41:f6:da:
                    5d:2e:bb:94:e2:e6:be:fb:d4:62:f7:9b:b6:12:98:
                    7a:ac:f8:22:3b:d2:64:72:b1:02:0b:e1:77:6d:49:
                    22:69:18:ec:2c:5f:0d:73:57:cb:f8:0c:d6:9f:0c:
                    fc:4a:e8:8b:05:99:5a:0c:fb:80:a3:21:d8:d9:76:
                    3a:2f:0b:43:c3:5d:cf:51:bc:ae:34:f4:9e:25:39:
                    c4:04:55:37:9f:a9:1b:da:dc:38:14:e8:d9:76:fc:
                    e3:18:0a:b1:d9:bc:af:c7:ac:47:67:da:4a:91:04:
                    59:56:64:ba:76:df:ed:3c:c4:d5:69:8e:54:6c:95:
                    8c:f1:4f:20:0b:25:07:c0:d1:cd:cb:94:be:ce:fe:
                    28:e4:26:77:18:58:71:de:d1:6c:79:0a:fa:f8:ee:
                    e1:b8:1b:e5:7d:bd:d9:a7:72:9f:63:89:41:ab:a1:
                    1b:43:38:c5:24:ca:bb:90:ef:ef:8b:fc:0f:ce:ce:
                    ac:d9:ee:64:e4:21:d3:30:6f:2b:ea:27:9c:3d:82:
                    69:9a:97:01:ed:5e:9e:95:f3:88:70:42:27:2e:67:
                    1f:b8:18:c3:49:7b:c8:e5:d1:d3:02:16:f7:fc:e5:
                    8e:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:DB:DB:CE:10:90:EC:79:52:66:DE:70:3A:53:77:52:E7:02:BF:0D
            X509v3 Authority Key Identifier:
                keyid:6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/kdvbzhCQ7HlSZt5wOlN3UucCvw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bT7hpSpdZbkJHeWltGT7lwMtDps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.16.100.0/24
                  194.143.130.0/23
                  195.246.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:02:cf:8d:cc:95:21:8e:57:5e:91:95:a6:90:ca:80:d3:77:
         37:d6:b5:42:2f:8d:11:18:fd:85:ae:c3:86:2a:86:48:66:0c:
         54:e1:07:75:80:d3:18:99:d2:93:eb:3a:63:7f:ae:63:8d:66:
         2c:5b:31:26:df:97:61:5a:c9:a0:b5:60:15:2d:a9:a1:b4:11:
         50:3e:4c:a5:aa:43:39:d4:24:d3:97:35:7d:0b:3e:63:37:05:
         cc:7f:05:4f:a0:c0:8e:db:f0:2d:df:94:27:ca:da:74:43:ac:
         10:83:80:e1:47:08:91:21:83:82:3b:6b:e6:d6:1a:3a:5a:db:
         0d:01:d7:d4:d3:e3:4f:a8:af:8e:68:9c:94:40:cf:ca:71:79:
         d4:2a:e0:94:b7:a8:5e:83:c0:ee:06:ac:d2:26:73:68:9c:cd:
         b3:c6:1d:c4:7d:85:f2:93:9e:3d:2a:e1:2e:c1:8d:c8:2c:df:
         41:f0:90:9d:57:c3:21:6f:dc:f2:ac:26:50:1e:7c:bc:1f:15:
         2e:82:c6:51:48:42:f7:30:31:3f:bb:e2:6a:25:10:7c:e2:cb:
         45:f2:70:66:b7:8d:0a:ae:d6:6b:77:68:3e:f6:cb:ef:ed:0d:
         4c:85:fc:e5:fc:1a:25:c6:2f:c0:bd:05:c4:c1:f3:f5:6b:f4:
         7c:21:ac:7b
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEMSRHiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDNlZTFhNTJhNWQ2NWI5MDkxZGU1YTViNDY0ZmI5NzAzMmQwZTliMB4XDTIyMDYx
NjIzMTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFkYmRiY2UxMDkw
ZWM3OTUyNjZkZTcwM2E1Mzc3NTJlNzAyYmYwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/qAuGXD7/ZiHkfO1syCJhBMtVfX8VSOOmJQfbaXS67lOLm
vvvUYvebthKYeqz4IjvSZHKxAgvhd21JImkY7CxfDXNXy/gM1p8M/EroiwWZWgz7
gKMh2Nl2Oi8LQ8Ndz1G8rjT0niU5xARVN5+pG9rcOBTo2Xb84xgKsdm8r8esR2fa
SpEEWVZkunbf7TzE1WmOVGyVjPFPIAslB8DRzcuUvs7+KOQmdxhYcd7RbHkK+vju
4bgb5X292adyn2OJQauhG0M4xSTKu5Dv74v8D87OrNnuZOQh0zBvK+onnD2CaZqX
Ae1enpXziHBCJy5nH7gYw0l7yOXR0wIW9/zljhkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSR29vOEJDseVJm3nA6U3dS5wK/DTAfBgNVHSMEGDAWgBRtPuGlKl1luQkd
5aW0ZPuXAy0OmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JUN2hwU3BkWmJrSkhlV2x0R1Q3bHdNdERwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvMTJlN2Q1LTNhMGYtNGJjNi05NjExLTA1NDM1ZWZkOGJmNi8x
L2tkdmJ6aENRN0hsU1p0NXdPbE4zVXVjQ3Z3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
MTJlN2Q1LTNhMGYtNGJjNi05NjExLTA1NDM1ZWZkOGJmNi8xL2JUN2hwU3BkWmJr
SkhlV2x0R1Q3bHdNdERwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMEQZAMEAcKPggMEAcP2YjANBgkq
hkiG9w0BAQsFAAOCAQEAiwLPjcyVIY5XXpGVppDKgNN3N9a1Qi+NERj9ha7DhiqG
SGYMVOEHdYDTGJnSk+s6Y3+uY41mLFsxJt+XYVrJoLVgFS2pobQRUD5MpapDOdQk
05c1fQs+YzcFzH8FT6DAjtvwLd+UJ8radEOsEIOA4UcIkSGDgjtr5tYaOlrbDQHX
1NPjT6ivjmiclEDPynF51CrglLeoXoPA7gas0iZzaJzNs8YdxH2F8pOePSrhLsGN
yCzfQfCQnVfDIW/c8qwmUB58vB8VLoLGUUhC9zAxP7viaiUQfOLLRfJwZreNCq7W
a3doPvbL7+0NTIX85fwaJcYvwL0FxMHz9Wv0fCGsew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:17 2024 by rpki-client on console-ams.rpki-client.org