Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/AUZc53p1HtHpCzbndnqMGRfI9CU.roa
File:                     AUZc53p1HtHpCzbndnqMGRfI9CU.roa (raw, json)
Hash identifier:          zy02+nZENACtPNjU4bEGczJqu6UDPKjyG2cp62Lr5To=
Subject key identifier:   01:46:5C:E7:7A:75:1E:D1:E9:0B:36:E7:76:7A:8C:19:17:C8:F4:25
Certificate issuer:       /CN=fac089a9cd6a0375bae499cc06a4caa3071b5d4c
Certificate serial:       07217B73
Authority key identifier: FA:C0:89:A9:CD:6A:03:75:BA:E4:99:CC:06:A4:CA:A3:07:1B:5D:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-sCJqc1qA3W65JnMBqTKowcbXUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/AUZc53p1HtHpCzbndnqMGRfI9CU.roa
Signing time:             Sat 01 Jan 2022 10:05:35 +0000
ROA not before:           Sat 01 Jan 2022 10:05:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15924
IP address blocks:        193.35.200.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119634803 (0x7217b73)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fac089a9cd6a0375bae499cc06a4caa3071b5d4c
        Validity
            Not Before: Jan  1 10:05:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=01465ce77a751ed1e90b36e7767a8c1917c8f425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:d9:20:7b:a0:d6:cc:cf:1d:16:02:8e:0d:75:
                    0e:34:39:dd:e5:ba:a1:b2:9a:8c:9b:86:80:66:6e:
                    9e:7b:33:04:45:1d:17:32:5d:e8:86:99:04:0f:c5:
                    2a:65:28:dc:a6:19:c0:b6:87:0c:eb:81:43:ba:ad:
                    b4:d1:f2:8a:4a:ce:e4:ad:96:2b:ff:20:e1:3b:26:
                    6e:cd:5d:ec:88:2d:b3:05:22:2d:00:27:a4:85:fd:
                    00:b4:8d:a9:46:2f:95:2d:62:19:d6:cc:cb:30:1f:
                    a0:c3:26:12:d2:73:2d:1a:49:14:68:66:b2:c5:f6:
                    ed:9e:3a:a0:05:e9:5e:7f:2f:57:3f:7f:92:d4:78:
                    2d:59:37:ab:ec:31:21:44:73:50:d6:b8:e1:a8:28:
                    85:ae:81:3c:08:a3:18:1e:0e:70:a7:24:f7:2c:01:
                    9e:31:af:bf:ed:00:3d:9f:a2:dc:81:2a:fc:43:35:
                    1e:fb:10:52:90:9c:10:cf:bb:1b:dc:8d:37:74:8b:
                    ca:db:cc:44:4a:a8:2d:cc:e7:b0:24:7f:98:2f:62:
                    f1:64:2a:60:70:67:0a:b4:9e:4d:b1:e2:de:c0:98:
                    74:4e:5e:d6:30:e5:4d:e5:98:e4:a1:ad:83:b0:cb:
                    f3:47:d5:0c:76:12:59:33:8e:22:dc:cb:ef:6e:31:
                    7d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:46:5C:E7:7A:75:1E:D1:E9:0B:36:E7:76:7A:8C:19:17:C8:F4:25
            X509v3 Authority Key Identifier:
                keyid:FA:C0:89:A9:CD:6A:03:75:BA:E4:99:CC:06:A4:CA:A3:07:1B:5D:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sCJqc1qA3W65JnMBqTKowcbXUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/AUZc53p1HtHpCzbndnqMGRfI9CU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/1-sCJqc1qA3W65JnMBqTKowcbXUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.35.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:5e:bd:0b:f8:72:34:93:f4:7d:cf:79:8f:10:71:bf:97:8a:
         88:2e:48:ca:af:1e:58:f2:3a:b4:b2:fe:0e:fb:92:96:c6:85:
         a8:55:3f:4f:68:f7:27:eb:55:f2:c9:6b:9c:b0:b0:44:46:95:
         fd:b4:a2:f3:dd:18:e2:57:4f:86:8f:9e:ff:8b:87:88:bf:8a:
         df:86:b3:6a:5e:ee:05:be:82:19:9a:c5:fa:6d:96:de:36:49:
         e5:38:79:f8:89:27:48:b6:94:b1:0a:3a:c4:5b:75:a5:99:a5:
         4a:f9:4d:aa:04:6f:16:30:a5:0a:c5:4d:3c:95:4a:7d:c2:99:
         c0:bb:1c:c8:b3:5e:8e:a8:24:b5:c0:0a:a7:b1:f0:a1:03:5e:
         15:6c:6a:99:4c:14:68:be:f8:1b:7f:47:43:0a:89:07:98:36:
         95:59:fa:b7:e0:5d:02:3e:dc:5e:49:c8:f9:08:8b:4c:c6:20:
         5d:fd:57:55:07:21:ec:2f:7e:cc:a5:2b:61:5c:a3:05:78:ec:
         d6:67:da:ab:5a:37:55:96:27:4f:da:9e:96:df:8a:4f:5a:7f:
         da:41:1e:f7:13:b6:9d:80:f8:d6:90:91:34:66:15:56:4d:fb:
         d3:10:f2:80:c4:7f:26:0b:96:bc:30:f2:81:b6:66:ab:12:12:
         05:b4:06:04
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEByF7czANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWMwODlhOWNkNmEwMzc1YmFlNDk5Y2MwNmE0Y2FhMzA3MWI1ZDRjMB4XDTIyMDEw
MTEwMDUzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE0NjVjZTc3YTc1
MWVkMWU5MGIzNmU3NzY3YThjMTkxN2M4ZjQyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOTZIHug1szPHRYCjg11DjQ53eW6obKajJuGgGZunnszBEUd
FzJd6IaZBA/FKmUo3KYZwLaHDOuBQ7qttNHyikrO5K2WK/8g4Tsmbs1d7IgtswUi
LQAnpIX9ALSNqUYvlS1iGdbMyzAfoMMmEtJzLRpJFGhmssX27Z46oAXpXn8vVz9/
ktR4LVk3q+wxIURzUNa44agoha6BPAijGB4OcKck9ywBnjGvv+0APZ+i3IEq/EM1
HvsQUpCcEM+7G9yNN3SLytvMREqoLcznsCR/mC9i8WQqYHBnCrSeTbHi3sCYdE5e
1jDlTeWY5KGtg7DL80fVDHYSWTOOItzL724xfTkCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQBRlznenUe0ekLNud2eowZF8j0JTAfBgNVHSMEGDAWgBT6wImpzWoDdbrk
mcwGpMqjBxtdTDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtc0NKcWMxcUEzVzY1Sm5NQnFUS293Y2JYVXcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzhiLzJmYWM5Zi02MThjLTQyZjYtOTQ4My03NzdmODYxNjYyMjEv
MS9BVVpjNTNwMUh0SHBDemJuZG5xTUdSZkk5Q1Uucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhi
LzJmYWM5Zi02MThjLTQyZjYtOTQ4My03NzdmODYxNjYyMjEvMS8xLXNDSnFjMXFB
M1c2NUpuTUJxVEtvd2NiWFV3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSPIMA0GCSqGSIb3DQEBCwUA
A4IBAQAZXr0L+HI0k/R9z3mPEHG/l4qILkjKrx5Y8jq0sv4O+5KWxoWoVT9PaPcn
61XyyWucsLBERpX9tKLz3RjiV0+Gj57/i4eIv4rfhrNqXu4FvoIZmsX6bZbeNknl
OHn4iSdItpSxCjrEW3WlmaVK+U2qBG8WMKUKxU08lUp9wpnAuxzIs16OqCS1wAqn
sfChA14VbGqZTBRovvgbf0dDCokHmDaVWfq34F0CPtxeScj5CItMxiBd/VdVByHs
L37MpSthXKMFeOzWZ9qrWjdVlidP2p6W34pPWn/aQR73E7adgPjWkJE0ZhVWTfvT
EPKAxH8mC5a8MPKBtmarEhIFtAYE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:25 2024 by rpki-client on console-fra.rpki-client.org