Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/da9489-6b8f-47b0-a69d-b69e44349395/1/dP3trEj2QnuNj9qyY5vVg_e8hmw.roa
File:                     dP3trEj2QnuNj9qyY5vVg_e8hmw.roa (raw, json)
Hash identifier:          buemAJYfCBui3XR/8pkiQCEoz0UDEp2BdIPZDTaarkU=
Subject key identifier:   74:FD:ED:AC:48:F6:42:7B:8D:8F:DA:B2:63:9B:D5:83:F7:BC:86:6C
Certificate issuer:       /CN=5725add2bff3e668ae18554beebf31a23a69dda5
Certificate serial:       05F661C3
Authority key identifier: 57:25:AD:D2:BF:F3:E6:68:AE:18:55:4B:EE:BF:31:A2:3A:69:DD:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VyWt0r_z5miuGFVL7r8xojpp3aU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/da9489-6b8f-47b0-a69d-b69e44349395/1/dP3trEj2QnuNj9qyY5vVg_e8hmw.roa
Signing time:             Sat 01 Jan 2022 12:54:26 +0000
ROA not before:           Sat 01 Jan 2022 12:54:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12823
IP address blocks:        193.53.106.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 100032963 (0x5f661c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5725add2bff3e668ae18554beebf31a23a69dda5
        Validity
            Not Before: Jan  1 12:54:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74fdedac48f6427b8d8fdab2639bd583f7bc866c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:11:82:1d:b2:18:a2:75:88:58:da:fb:ce:69:
                    2e:59:ab:e6:6b:fc:2c:60:6f:67:dd:e6:36:fb:8d:
                    79:bb:f4:2e:b7:01:f1:16:96:39:8c:d2:e1:53:a1:
                    9b:27:3d:57:31:58:ae:ef:70:6d:66:c1:a7:6d:cb:
                    47:94:99:9b:6a:4b:76:4e:f8:26:01:19:9f:e8:eb:
                    32:11:17:16:b4:e3:ae:8c:2d:d3:9b:d5:9f:90:74:
                    4e:00:b9:5b:9f:8a:5f:27:54:99:97:44:e1:7a:da:
                    4b:02:c4:36:c3:bb:a2:b3:19:da:d4:0c:3d:05:d8:
                    fa:22:a3:15:b9:dd:64:5a:7a:62:01:58:8a:40:48:
                    84:65:14:00:ea:89:14:23:cd:d5:3a:ee:55:68:0b:
                    93:3e:37:bc:6d:d0:c9:4b:02:a4:3f:c8:ab:cf:ec:
                    54:76:0b:ca:fe:98:72:29:34:46:d4:63:3f:cf:c7:
                    e9:6d:91:0b:ec:ff:2b:b2:5f:37:e8:61:b1:66:85:
                    ff:b2:a0:20:a2:e2:83:79:7f:a1:23:87:28:2e:01:
                    2e:7b:fd:b2:52:96:aa:59:ed:ea:f4:bc:1a:62:78:
                    97:10:9c:ae:8b:4f:e8:b1:e8:0c:23:95:a1:e5:52:
                    1b:ed:e5:30:25:8d:1b:73:eb:f8:66:c8:23:69:b7:
                    0b:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:FD:ED:AC:48:F6:42:7B:8D:8F:DA:B2:63:9B:D5:83:F7:BC:86:6C
            X509v3 Authority Key Identifier:
                keyid:57:25:AD:D2:BF:F3:E6:68:AE:18:55:4B:EE:BF:31:A2:3A:69:DD:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VyWt0r_z5miuGFVL7r8xojpp3aU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/da9489-6b8f-47b0-a69d-b69e44349395/1/dP3trEj2QnuNj9qyY5vVg_e8hmw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/da9489-6b8f-47b0-a69d-b69e44349395/1/VyWt0r_z5miuGFVL7r8xojpp3aU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.53.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:f6:c3:31:13:43:08:0b:67:ba:2a:0a:02:ed:58:88:22:30:
         6d:9a:59:e5:9b:3a:d4:a3:48:88:4f:0c:f3:ae:ba:19:47:6d:
         50:30:70:7f:8d:51:71:6c:4f:f4:4e:20:68:0e:30:af:c2:a8:
         b8:b3:59:e9:f1:a9:63:c7:4c:32:4a:95:d4:51:1c:10:63:99:
         20:dc:97:8c:2a:54:75:c3:bf:8d:16:e5:48:92:5a:21:6a:27:
         14:9b:cb:30:8e:d8:80:4c:17:53:c2:ef:78:d8:21:49:a1:16:
         3f:60:fa:02:19:b3:dd:2e:a3:73:e1:0c:6c:35:60:a1:17:53:
         49:d8:89:7b:57:b3:68:c1:7f:08:bf:15:15:5b:02:6e:c4:5c:
         42:86:a2:6b:bc:75:a3:50:09:71:26:dd:62:76:d8:c9:de:a6:
         92:5e:0a:17:8e:7c:c2:21:7d:3b:f2:8d:8b:52:30:c7:38:51:
         df:b9:12:26:95:1a:0e:fc:eb:2e:c8:aa:fc:b3:b8:ff:5e:bb:
         f1:54:b8:2d:58:fa:12:e5:79:7e:cf:6f:36:6e:3b:61:93:b5:
         b3:6d:02:7e:85:af:8e:43:23:47:38:50:d9:d4:0f:d1:41:82:
         fe:6a:8e:a2:32:cf:8a:17:a1:1b:36:68:2c:b7:9b:f3:22:28:
         d3:78:af:25
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBfZhwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzI1YWRkMmJmZjNlNjY4YWUxODU1NGJlZWJmMzFhMjNhNjlkZGE1MB4XDTIyMDEw
MTEyNTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRmZGVkYWM0OGY2
NDI3YjhkOGZkYWIyNjM5YmQ1ODNmN2JjODY2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJURgh2yGKJ1iFja+85pLlmr5mv8LGBvZ93mNvuNebv0LrcB
8RaWOYzS4VOhmyc9VzFYru9wbWbBp23LR5SZm2pLdk74JgEZn+jrMhEXFrTjrowt
05vVn5B0TgC5W5+KXydUmZdE4XraSwLENsO7orMZ2tQMPQXY+iKjFbndZFp6YgFY
ikBIhGUUAOqJFCPN1TruVWgLkz43vG3QyUsCpD/Iq8/sVHYLyv6Ycik0RtRjP8/H
6W2RC+z/K7JfN+hhsWaF/7KgIKLig3l/oSOHKC4BLnv9slKWqlnt6vS8GmJ4lxCc
rotP6LHoDCOVoeVSG+3lMCWNG3Pr+GbII2m3C4UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR0/e2sSPZCe42P2rJjm9WD97yGbDAfBgNVHSMEGDAWgBRXJa3Sv/PmaK4Y
VUvuvzGiOmndpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Z5V3Qwcl96NW1pdUdGVkw3cjh4b2pwcDNhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvZGE5NDg5LTZiOGYtNDdiMC1hNjlkLWI2OWU0NDM0OTM5NS8x
L2RQM3RyRWoyUW51Tmo5cXlZNXZWZ19lOGhtdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
ZGE5NDg5LTZiOGYtNDdiMC1hNjlkLWI2OWU0NDM0OTM5NS8xL1Z5V3Qwcl96NW1p
dUdGVkw3cjh4b2pwcDNhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME1ajANBgkqhkiG9w0BAQsFAAOC
AQEAcPbDMRNDCAtnuioKAu1YiCIwbZpZ5Zs61KNIiE8M8666GUdtUDBwf41RcWxP
9E4gaA4wr8KouLNZ6fGpY8dMMkqV1FEcEGOZINyXjCpUdcO/jRblSJJaIWonFJvL
MI7YgEwXU8LveNghSaEWP2D6Ahmz3S6jc+EMbDVgoRdTSdiJe1ezaMF/CL8VFVsC
bsRcQoaia7x1o1AJcSbdYnbYyd6mkl4KF458wiF9O/KNi1IwxzhR37kSJpUaDvzr
Lsiq/LO4/1678VS4LVj6EuV5fs9vNm47YZO1s20CfoWvjkMjRzhQ2dQP0UGC/mqO
ojLPihehGzZoLLeb8yIo03ivJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:31 2024 by rpki-client on console-fra.rpki-client.org