Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/STWR9h1kICl9DQXCDA-imu7y3Ec.roa
File:                     STWR9h1kICl9DQXCDA-imu7y3Ec.roa (raw, json)
Hash identifier:          MaAealHiBJKqQUD5avug7Lae/H1qVkyLCn3ItiOxrbQ=
Subject key identifier:   49:35:91:F6:1D:64:20:29:7D:0D:05:C2:0C:0F:A2:9A:EE:F2:DC:47
Certificate issuer:       /CN=fac089a9cd6a0375bae499cc06a4caa3071b5d4c
Certificate serial:       0723F6D4
Authority key identifier: FA:C0:89:A9:CD:6A:03:75:BA:E4:99:CC:06:A4:CA:A3:07:1B:5D:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-sCJqc1qA3W65JnMBqTKowcbXUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/STWR9h1kICl9DQXCDA-imu7y3Ec.roa
Signing time:             Sat 01 Jan 2022 10:05:36 +0000
ROA not before:           Sat 01 Jan 2022 10:05:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209154
IP address blocks:        193.35.200.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119797460 (0x723f6d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fac089a9cd6a0375bae499cc06a4caa3071b5d4c
        Validity
            Not Before: Jan  1 10:05:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=493591f61d6420297d0d05c20c0fa29aeef2dc47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:45:a8:12:18:55:3b:68:52:53:52:80:e7:65:
                    c2:f8:93:41:7b:e2:14:1b:2e:63:f1:3e:db:a6:2b:
                    14:31:2e:12:a6:6d:db:0a:10:6f:ea:92:62:f1:48:
                    ff:74:35:f0:15:8a:89:87:c5:a4:31:07:c3:05:0f:
                    79:80:19:aa:6f:e9:3c:11:68:ec:9b:d6:e0:06:28:
                    8d:b1:09:42:e9:aa:47:5f:bb:fa:8c:80:7d:47:07:
                    e3:a7:e4:23:a6:8f:fa:2d:58:78:64:13:fc:1a:b4:
                    ce:a4:48:ea:b3:c7:c1:79:b4:cb:ae:64:f4:bb:ca:
                    4a:81:ea:ce:d9:bf:f3:e9:46:f8:26:17:fc:8a:dc:
                    89:88:9f:1a:dc:00:ca:76:fa:a5:4b:3d:90:23:58:
                    d7:f2:3e:c8:82:8a:7d:33:ed:f0:b2:b9:78:83:62:
                    22:e2:f4:6b:50:b6:da:d8:f1:1e:84:70:d4:18:2b:
                    a0:f4:12:9a:c0:50:78:a9:f7:91:ff:a6:09:5b:55:
                    17:fb:93:1c:13:c0:99:aa:4f:11:5a:11:05:5a:ae:
                    d1:3a:23:58:00:4b:6d:01:1d:85:9e:d6:5c:84:93:
                    87:6b:bd:59:0d:b8:f7:b4:ce:48:3c:ce:52:7e:50:
                    35:64:05:b9:6f:54:a8:81:81:68:ad:04:7c:4a:cb:
                    79:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:35:91:F6:1D:64:20:29:7D:0D:05:C2:0C:0F:A2:9A:EE:F2:DC:47
            X509v3 Authority Key Identifier:
                keyid:FA:C0:89:A9:CD:6A:03:75:BA:E4:99:CC:06:A4:CA:A3:07:1B:5D:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sCJqc1qA3W65JnMBqTKowcbXUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/STWR9h1kICl9DQXCDA-imu7y3Ec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/1-sCJqc1qA3W65JnMBqTKowcbXUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.35.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:7a:19:b2:d9:ec:01:c5:45:9a:3d:34:30:5c:df:dc:ba:74:
         0e:9c:d3:84:6a:08:c4:9d:5f:66:34:e2:20:4a:7a:5d:ab:b3:
         af:8c:83:8b:77:b5:fd:e4:b4:e1:a9:e9:82:ae:e6:3f:2d:c1:
         9f:cd:17:3a:68:9f:f7:7a:78:9c:84:7a:f4:2d:e5:10:20:b6:
         dc:35:32:c2:c1:ce:f0:5d:c5:38:1c:6a:39:31:31:85:5a:a5:
         d9:95:50:ac:fc:86:5a:c7:75:62:50:3f:c3:a3:d2:e5:94:76:
         be:ac:0b:b6:80:5a:fd:4c:0b:3c:f2:96:d7:9f:bf:fd:d4:ee:
         ad:0e:ab:93:2e:65:5b:d5:ae:df:79:d1:84:51:d6:6f:ed:b8:
         8c:f9:51:59:2d:7c:6b:17:00:9f:0a:88:06:d3:4f:cc:7c:83:
         40:b4:30:b8:51:86:bd:b9:29:41:86:d3:86:58:85:21:d7:74:
         6b:80:26:c2:b7:ae:3a:1d:4d:90:f9:3b:ef:d5:32:ff:e7:4a:
         74:fd:b2:da:5d:ed:7b:4c:05:b4:6f:5c:02:ab:96:3d:57:a0:
         e3:cc:42:56:c5:6e:7b:c2:68:88:1d:22:0c:8a:07:07:f7:8c:
         96:d8:02:b5:5e:27:14:f1:d2:5f:da:1d:f5:82:30:5f:86:b2:
         dd:d8:6b:46
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEByP21DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWMwODlhOWNkNmEwMzc1YmFlNDk5Y2MwNmE0Y2FhMzA3MWI1ZDRjMB4XDTIyMDEw
MTEwMDUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDkzNTkxZjYxZDY0
MjAyOTdkMGQwNWMyMGMwZmEyOWFlZWYyZGM0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFFqBIYVTtoUlNSgOdlwviTQXviFBsuY/E+26YrFDEuEqZt
2woQb+qSYvFI/3Q18BWKiYfFpDEHwwUPeYAZqm/pPBFo7JvW4AYojbEJQumqR1+7
+oyAfUcH46fkI6aP+i1YeGQT/Bq0zqRI6rPHwXm0y65k9LvKSoHqztm/8+lG+CYX
/IrciYifGtwAynb6pUs9kCNY1/I+yIKKfTPt8LK5eINiIuL0a1C22tjxHoRw1Bgr
oPQSmsBQeKn3kf+mCVtVF/uTHBPAmapPEVoRBVqu0TojWABLbQEdhZ7WXISTh2u9
WQ2497TOSDzOUn5QNWQFuW9UqIGBaK0EfErLee0CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRJNZH2HWQgKX0NBcIMD6Ka7vLcRzAfBgNVHSMEGDAWgBT6wImpzWoDdbrk
mcwGpMqjBxtdTDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtc0NKcWMxcUEzVzY1Sm5NQnFUS293Y2JYVXcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzhiLzJmYWM5Zi02MThjLTQyZjYtOTQ4My03NzdmODYxNjYyMjEv
MS9TVFdSOWgxa0lDbDlEUVhDREEtaW11N3kzRWMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhi
LzJmYWM5Zi02MThjLTQyZjYtOTQ4My03NzdmODYxNjYyMjEvMS8xLXNDSnFjMXFB
M1c2NUpuTUJxVEtvd2NiWFV3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSPIMA0GCSqGSIb3DQEBCwUA
A4IBAQBwehmy2ewBxUWaPTQwXN/cunQOnNOEagjEnV9mNOIgSnpdq7OvjIOLd7X9
5LThqemCruY/LcGfzRc6aJ/3enichHr0LeUQILbcNTLCwc7wXcU4HGo5MTGFWqXZ
lVCs/IZax3ViUD/Do9LllHa+rAu2gFr9TAs88pbXn7/91O6tDquTLmVb1a7fedGE
UdZv7biM+VFZLXxrFwCfCogG00/MfINAtDC4UYa9uSlBhtOGWIUh13RrgCbCt646
HU2Q+Tvv1TL/50p0/bLaXe17TAW0b1wCq5Y9V6DjzEJWxW57wmiIHSIMigcH94yW
2AK1XicU8dJf2h31gjBfhrLd2GtG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:42 2024 by rpki-client on console-ams.rpki-client.org