Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/839925-1555-4ff6-bc46-7feab48eee61/1/U7tF3nhiDLXWLJzf0ofjXUBiLrc.roa
File:                     U7tF3nhiDLXWLJzf0ofjXUBiLrc.roa (raw, json)
Hash identifier:          CxZo2fPVH3jMpQnV9e0wZcezs9t+UAALKQmIhaP43FY=
Subject key identifier:   53:BB:45:DE:78:62:0C:B5:D6:2C:9C:DF:D2:87:E3:5D:40:62:2E:B7
Certificate issuer:       /CN=5b95a94adad3a2896c72074d667c1b62075958cb
Certificate serial:       6A9C27
Authority key identifier: 5B:95:A9:4A:DA:D3:A2:89:6C:72:07:4D:66:7C:1B:62:07:59:58:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W5WpStrToolscgdNZnwbYgdZWMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/839925-1555-4ff6-bc46-7feab48eee61/1/U7tF3nhiDLXWLJzf0ofjXUBiLrc.roa
Signing time:             Sat 01 Jan 2022 00:52:29 +0000
ROA not before:           Sat 01 Jan 2022 00:52:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        193.238.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6986791 (0x6a9c27)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b95a94adad3a2896c72074d667c1b62075958cb
        Validity
            Not Before: Jan  1 00:52:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=53bb45de78620cb5d62c9cdfd287e35d40622eb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:29:51:bf:81:95:59:64:85:38:fd:3b:ca:ce:
                    9e:e9:a2:c9:6a:5a:fb:24:06:b2:af:4e:46:2e:18:
                    9b:6b:73:8e:5a:3c:76:c7:13:05:bd:1a:79:55:f3:
                    4a:43:07:28:96:26:9a:24:66:f2:4c:1b:bb:b6:ee:
                    f6:4f:48:fa:7c:db:11:77:4b:da:3e:a1:76:22:2e:
                    4e:6c:7d:e5:e4:3f:a8:d7:22:dc:81:c5:dc:6c:3c:
                    34:43:41:3c:98:6c:32:7e:71:ad:3b:d3:c9:c6:09:
                    be:77:98:e9:2a:6f:af:95:4a:50:c0:bc:8b:43:8e:
                    dc:af:b2:c8:f0:cf:47:fb:cf:ad:09:8c:6a:39:cf:
                    da:c2:13:b6:42:73:19:f5:1b:f4:23:93:75:b1:de:
                    b7:b8:be:e4:81:fa:12:03:26:b6:e9:9d:6b:43:4e:
                    e3:fb:27:45:05:5f:0e:d6:33:a8:11:00:4b:f2:cb:
                    39:95:f1:d9:d4:e7:ba:31:1d:d1:99:94:1d:52:6c:
                    4e:e6:c9:63:ef:0c:63:3d:75:31:50:88:a0:fd:e9:
                    6c:ab:56:6d:c4:d8:91:ba:5b:47:d1:5e:8b:26:bf:
                    44:08:e9:03:46:83:c5:6e:38:45:c4:5e:ac:9b:03:
                    81:e2:d9:f5:56:93:7d:fc:50:f3:f2:0c:13:78:d3:
                    41:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:BB:45:DE:78:62:0C:B5:D6:2C:9C:DF:D2:87:E3:5D:40:62:2E:B7
            X509v3 Authority Key Identifier:
                keyid:5B:95:A9:4A:DA:D3:A2:89:6C:72:07:4D:66:7C:1B:62:07:59:58:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W5WpStrToolscgdNZnwbYgdZWMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/839925-1555-4ff6-bc46-7feab48eee61/1/U7tF3nhiDLXWLJzf0ofjXUBiLrc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/839925-1555-4ff6-bc46-7feab48eee61/1/W5WpStrToolscgdNZnwbYgdZWMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.238.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:f4:88:88:71:46:42:c7:33:83:35:c9:89:d0:c6:af:5d:35:
         55:cc:45:79:61:3f:ec:a6:81:c5:63:46:b9:7b:04:bd:69:ce:
         28:8b:06:98:96:5a:36:99:7d:15:22:f5:af:9e:7a:a2:a0:c3:
         a9:81:dc:72:81:88:9f:ef:5a:ad:a1:ba:ec:03:85:6d:4e:c1:
         2b:56:1f:50:64:aa:5c:c2:8a:fa:3e:cc:9f:9f:cf:e4:9a:7f:
         19:fb:36:bd:5c:38:a5:d4:f3:42:02:c5:94:5f:9e:81:58:76:
         1a:3e:bf:52:3a:ce:7b:2e:3d:91:e4:5a:a8:dc:59:cd:c4:26:
         3f:5f:00:77:e7:f2:91:da:c3:ae:17:a7:10:f3:ca:73:8a:18:
         25:33:14:af:1b:29:67:c6:10:e5:e0:01:60:e7:c6:7d:7e:c9:
         bb:76:1b:b1:8e:4c:33:ea:7e:bc:3d:16:35:86:cf:b3:e4:cb:
         01:7d:46:33:64:88:45:b8:01:48:1c:07:a5:1d:fb:94:ab:d2:
         6e:e9:79:05:ac:b8:7f:90:4b:c0:ff:a2:da:13:83:6a:f2:90:
         bf:fc:3e:6d:71:6a:2a:86:00:03:27:0c:1d:a2:11:37:98:40:
         28:7b:25:d2:aa:de:51:fb:4c:f6:49:38:2f:01:9c:a6:1e:28:
         2c:36:a1:de
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDapwnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVi
OTVhOTRhZGFkM2EyODk2YzcyMDc0ZDY2N2MxYjYyMDc1OTU4Y2IwHhcNMjIwMTAx
MDA1MjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1M2JiNDVkZTc4NjIw
Y2I1ZDYyYzljZGZkMjg3ZTM1ZDQwNjIyZWI3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnSlRv4GVWWSFOP07ys6e6aLJalr7JAayr05GLhiba3OOWjx2
xxMFvRp5VfNKQwcoliaaJGbyTBu7tu72T0j6fNsRd0vaPqF2Ii5ObH3l5D+o1yLc
gcXcbDw0Q0E8mGwyfnGtO9PJxgm+d5jpKm+vlUpQwLyLQ47cr7LI8M9H+8+tCYxq
Oc/awhO2QnMZ9Rv0I5N1sd63uL7kgfoSAya26Z1rQ07j+ydFBV8O1jOoEQBL8ss5
lfHZ1Oe6MR3RmZQdUmxO5slj7wxjPXUxUIig/elsq1ZtxNiRultH0V6LJr9ECOkD
RoPFbjhFxF6smwOB4tn1VpN9/FDz8gwTeNNB0wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFFO7Rd54Ygy11iyc39KH411AYi63MB8GA1UdIwQYMBaAFFuVqUra06KJbHIH
TWZ8G2IHWVjLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VzVXcFN0clRvb2xzY2dkTlpud2JZZ2RaV01zLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84YS84Mzk5MjUtMTU1NS00ZmY2LWJjNDYtN2ZlYWI0OGVlZTYxLzEv
VTd0RjNuaGlETFhXTEp6ZjBvZmpYVUJpTHJjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84
Mzk5MjUtMTU1NS00ZmY2LWJjNDYtN2ZlYWI0OGVlZTYxLzEvVzVXcFN0clRvb2xz
Y2dkTlpud2JZZ2RaV01zLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwe7iMA0GCSqGSIb3DQEBCwUAA4IB
AQBU9IiIcUZCxzODNcmJ0MavXTVVzEV5YT/spoHFY0a5ewS9ac4oiwaYllo2mX0V
IvWvnnqioMOpgdxygYif71qtobrsA4VtTsErVh9QZKpcwor6Psyfn8/kmn8Z+za9
XDil1PNCAsWUX56BWHYaPr9SOs57Lj2R5Fqo3FnNxCY/XwB35/KR2sOuF6cQ88pz
ihglMxSvGylnxhDl4AFg58Z9fsm7dhuxjkwz6n68PRY1hs+z5MsBfUYzZIhFuAFI
HAelHfuUq9Ju6XkFrLh/kEvA/6LaE4Nq8pC//D5tcWoqhgADJwwdohE3mEAoeyXS
qt5R+0z2STgvAZymHigsNqHe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:34 2024 by rpki-client on console-ams.rpki-client.org