Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/RTeoOWkAXADSTrn2vWgZkIiqkgk.roa
File:                     RTeoOWkAXADSTrn2vWgZkIiqkgk.roa (raw, json)
Hash identifier:          6Ezh6ZqX0xzXSQZHCbpxGQxosgoYcNsYqWkwHbozQWk=
Subject key identifier:   45:37:A8:39:69:00:5C:00:D2:4E:B9:F6:BD:68:19:90:88:AA:92:09
Certificate issuer:       /CN=fac089a9cd6a0375bae499cc06a4caa3071b5d4c
Certificate serial:       07228E59
Authority key identifier: FA:C0:89:A9:CD:6A:03:75:BA:E4:99:CC:06:A4:CA:A3:07:1B:5D:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-sCJqc1qA3W65JnMBqTKowcbXUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/RTeoOWkAXADSTrn2vWgZkIiqkgk.roa
Signing time:             Sat 01 Jan 2022 10:05:35 +0000
ROA not before:           Sat 01 Jan 2022 10:05:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34984
IP address blocks:        193.35.200.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119705177 (0x7228e59)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fac089a9cd6a0375bae499cc06a4caa3071b5d4c
        Validity
            Not Before: Jan  1 10:05:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4537a83969005c00d24eb9f6bd68199088aa9209
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:a5:a6:19:6d:6b:86:f7:f1:b2:e6:96:0f:8e:
                    7c:00:c7:30:1b:e0:67:10:75:90:26:e7:c5:31:37:
                    3d:3e:0e:74:56:c4:47:16:1e:4c:87:52:df:58:57:
                    66:55:b3:e8:c4:87:7c:62:73:f3:2b:d1:a9:ba:7e:
                    b8:58:a2:8f:06:17:26:a1:b0:49:7a:0d:d9:26:42:
                    af:70:f3:e0:f5:cc:3f:7c:ff:59:27:92:cc:bc:44:
                    1a:80:15:f2:55:55:c4:71:fc:6d:d8:b1:15:13:a6:
                    79:aa:1c:b0:65:f5:6d:89:18:bd:0d:cc:ee:6a:1a:
                    d4:ae:14:6c:10:16:ba:bd:e6:35:a5:2c:79:5b:55:
                    68:86:26:39:dc:f0:bb:7e:4b:54:12:15:7f:bf:ea:
                    69:2a:41:93:ce:d8:f9:b9:87:ad:ed:5f:65:5a:36:
                    a7:a6:8a:2c:79:f5:25:ac:1d:37:67:94:10:db:3c:
                    2f:7f:d0:70:cb:f7:31:61:42:93:0b:40:aa:84:12:
                    76:57:a9:96:b9:e3:d6:57:3b:c5:9b:5d:a3:b8:4c:
                    14:51:40:f9:6c:6a:f2:c6:fe:16:d4:52:46:b5:7c:
                    c6:ce:69:c7:2c:f0:53:b1:27:bc:b6:e8:e0:76:e2:
                    65:2d:c7:9a:0f:2c:6e:74:d0:89:bf:a8:fa:e8:d1:
                    69:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:37:A8:39:69:00:5C:00:D2:4E:B9:F6:BD:68:19:90:88:AA:92:09
            X509v3 Authority Key Identifier:
                keyid:FA:C0:89:A9:CD:6A:03:75:BA:E4:99:CC:06:A4:CA:A3:07:1B:5D:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sCJqc1qA3W65JnMBqTKowcbXUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/RTeoOWkAXADSTrn2vWgZkIiqkgk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/1-sCJqc1qA3W65JnMBqTKowcbXUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.35.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:b0:40:3c:1b:4f:44:de:a9:f6:de:46:b2:13:dc:b1:c7:30:
         9f:a5:40:a6:aa:28:8a:9a:a0:22:f8:0c:df:fb:7c:c5:5e:16:
         f6:e7:e3:67:14:18:98:d7:f6:a3:44:a1:e6:41:00:16:5b:92:
         ee:d1:a5:6f:b7:e9:0c:8e:18:e9:94:bc:a0:24:68:4b:39:d7:
         db:d2:a6:d5:85:48:e3:75:48:18:d0:11:00:e1:3a:6d:94:5d:
         d2:b0:e4:73:3b:5a:a4:fa:e1:df:16:68:e3:7d:9d:99:a4:c2:
         36:d5:e5:02:d2:ff:b4:9b:14:96:46:0e:4a:7d:1b:30:e1:83:
         87:3e:ad:23:8b:bb:31:d3:27:37:38:57:d1:46:04:04:f7:d6:
         d5:3c:6e:4f:27:d3:e9:6b:ee:08:c3:67:db:d5:a6:67:e2:cd:
         83:5d:0b:be:ce:b1:f5:15:c7:c5:54:01:6f:73:91:56:d4:98:
         da:43:e5:11:dd:14:95:16:bb:7d:2b:aa:d4:4c:35:a0:24:ec:
         ed:a7:43:c6:41:5a:0c:8c:45:87:6f:9c:3b:6e:6b:d7:3e:9b:
         40:a6:5e:38:3e:7d:ee:32:52:a2:de:37:43:5b:69:d7:11:13:
         16:b7:00:7c:99:2f:5a:cb:d0:29:86:80:76:e7:93:88:d7:7d:
         86:50:55:d7
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEByKOWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWMwODlhOWNkNmEwMzc1YmFlNDk5Y2MwNmE0Y2FhMzA3MWI1ZDRjMB4XDTIyMDEw
MTEwMDUzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDUzN2E4Mzk2OTAw
NWMwMGQyNGViOWY2YmQ2ODE5OTA4OGFhOTIwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMalphlta4b38bLmlg+OfADHMBvgZxB1kCbnxTE3PT4OdFbE
RxYeTIdS31hXZlWz6MSHfGJz8yvRqbp+uFiijwYXJqGwSXoN2SZCr3Dz4PXMP3z/
WSeSzLxEGoAV8lVVxHH8bdixFROmeaocsGX1bYkYvQ3M7moa1K4UbBAWur3mNaUs
eVtVaIYmOdzwu35LVBIVf7/qaSpBk87Y+bmHre1fZVo2p6aKLHn1JawdN2eUENs8
L3/QcMv3MWFCkwtAqoQSdleplrnj1lc7xZtdo7hMFFFA+Wxq8sb+FtRSRrV8xs5p
xyzwU7EnvLbo4HbiZS3Hmg8sbnTQib+o+ujRabcCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRFN6g5aQBcANJOufa9aBmQiKqSCTAfBgNVHSMEGDAWgBT6wImpzWoDdbrk
mcwGpMqjBxtdTDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtc0NKcWMxcUEzVzY1Sm5NQnFUS293Y2JYVXcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzhiLzJmYWM5Zi02MThjLTQyZjYtOTQ4My03NzdmODYxNjYyMjEv
MS9SVGVvT1drQVhBRFNUcm4ydldnWmtJaXFrZ2sucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhi
LzJmYWM5Zi02MThjLTQyZjYtOTQ4My03NzdmODYxNjYyMjEvMS8xLXNDSnFjMXFB
M1c2NUpuTUJxVEtvd2NiWFV3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSPIMA0GCSqGSIb3DQEBCwUA
A4IBAQBasEA8G09E3qn23kayE9yxxzCfpUCmqiiKmqAi+Azf+3zFXhb25+NnFBiY
1/ajRKHmQQAWW5Lu0aVvt+kMjhjplLygJGhLOdfb0qbVhUjjdUgY0BEA4TptlF3S
sORzO1qk+uHfFmjjfZ2ZpMI21eUC0v+0mxSWRg5KfRsw4YOHPq0ji7sx0yc3OFfR
RgQE99bVPG5PJ9Ppa+4Iw2fb1aZn4s2DXQu+zrH1FcfFVAFvc5FW1JjaQ+UR3RSV
Frt9K6rUTDWgJOztp0PGQVoMjEWHb5w7bmvXPptApl44Pn3uMlKi3jdDW2nXERMW
twB8mS9ay9AphoB255OI132GUFXX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:42 2024 by rpki-client on console-ams.rpki-client.org