Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/D6pzXEERCoIEU-SwkeCUtKX1SeQ.roa
File:                     D6pzXEERCoIEU-SwkeCUtKX1SeQ.roa (raw, json)
Hash identifier:          TgwLevujhO0420KH2LQCHzx5ZFAm+6wzXt7gJXFwUUU=
Subject key identifier:   0F:AA:73:5C:41:11:0A:82:04:53:E4:B0:91:E0:94:B4:A5:F5:49:E4
Certificate issuer:       /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial:       176CB57F
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/D6pzXEERCoIEU-SwkeCUtKX1SeQ.roa
Signing time:             Sat 01 Jan 2022 09:54:08 +0000
ROA not before:           Sat 01 Jan 2022 09:54:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206717
IP address blocks:        213.7.209.0/24 maxlen: 24
                          93.109.217.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 393000319 (0x176cb57f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
        Validity
            Not Before: Jan  1 09:54:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0faa735c41110a820453e4b091e094b4a5f549e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ee:65:ab:4a:7e:fa:5e:06:b3:1d:d1:b8:0e:
                    4e:f5:c5:b1:e9:43:dc:94:df:ed:35:93:8c:cd:92:
                    3e:50:f0:e7:26:36:dd:e1:62:2f:68:f5:dc:cd:d1:
                    08:5e:fc:5e:73:7b:36:90:3d:5e:a7:53:83:42:b7:
                    ed:d8:d6:60:ca:d5:90:d4:b1:bb:69:d7:d9:86:e2:
                    ca:1b:43:4b:22:25:10:51:98:2b:04:b3:00:c5:f3:
                    dd:73:09:0d:db:6e:0b:39:d7:f9:af:cb:c4:04:29:
                    f7:5c:c0:32:4f:b1:30:59:20:01:35:dd:bb:78:08:
                    61:ff:1a:d8:3e:00:21:fb:98:22:74:7c:e9:a0:47:
                    68:4c:c6:f1:41:4a:29:e3:76:22:9b:55:78:18:f6:
                    72:86:eb:9d:b1:fa:3c:ee:40:ed:15:a5:80:8b:60:
                    5f:e0:29:71:8d:2a:b4:43:40:8f:8f:cb:52:7a:4a:
                    69:1b:8b:a2:92:43:44:6f:3d:f6:86:70:7a:a3:24:
                    99:80:a5:63:c2:91:55:45:36:4c:9b:fd:34:b5:d4:
                    41:82:90:ab:5b:87:5c:a8:e1:9a:87:05:dc:b7:67:
                    42:49:55:d7:f9:a9:c4:1c:07:1d:8c:d6:6a:76:69:
                    a8:dc:4e:a5:5e:02:77:c4:ab:e8:15:da:cf:8d:03:
                    29:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:AA:73:5C:41:11:0A:82:04:53:E4:B0:91:E0:94:B4:A5:F5:49:E4
            X509v3 Authority Key Identifier:
                keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/D6pzXEERCoIEU-SwkeCUtKX1SeQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.109.217.0/24
                  213.7.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:08:b6:27:ac:3b:4e:92:9c:dc:39:74:1d:22:87:85:fb:80:
         dd:d8:f7:7b:b3:a6:e4:01:87:e1:94:ef:97:ce:ca:07:d9:79:
         6d:c4:2e:1d:e6:55:a8:8d:00:91:a7:a1:16:4f:63:02:14:e5:
         4b:ab:a8:9c:fd:dd:d5:57:94:5d:1e:2f:74:b7:8a:2e:b4:d9:
         b8:85:04:24:69:a7:88:b7:2e:04:40:ac:a0:9f:87:cf:ed:ba:
         71:d2:b3:d6:88:46:a1:b0:13:e3:b2:50:4e:63:b0:6d:53:df:
         04:30:8f:f7:14:e4:68:b5:9a:2b:f6:c9:33:d1:95:54:c8:9f:
         2b:ac:b1:ee:9b:8c:9f:4f:4c:22:0c:ae:2c:73:c9:1c:a2:5c:
         d4:75:2e:f5:3a:ea:ee:e1:c2:40:74:c2:dc:16:bf:2d:64:3e:
         d4:48:78:10:d3:59:53:a9:19:41:d7:f7:68:06:50:4f:02:b5:
         74:e7:11:c5:2c:a2:a1:54:4d:0a:ec:04:a1:9c:fb:c5:4f:b5:
         68:1a:54:b4:bb:3d:d6:8f:85:59:23:55:ac:37:95:b8:7b:4b:
         61:00:03:aa:c2:ec:19:ca:33:1a:2b:65:1f:17:83:92:22:51:
         3b:c7:7c:0f:65:2e:7f:36:18:25:bd:da:4f:77:04:1e:9a:84:
         d1:d9:8e:ac
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF2y1fzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDExYWJjNGMwNDY4YWIyODkxZWFhY2FkYmEwZGMwMzc3OTM2ZmQ1MB4XDTIyMDEw
MTA5NTQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZhYTczNWM0MTEx
MGE4MjA0NTNlNGIwOTFlMDk0YjRhNWY1NDllNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPuZatKfvpeBrMd0bgOTvXFselD3JTf7TWTjM2SPlDw5yY2
3eFiL2j13M3RCF78XnN7NpA9XqdTg0K37djWYMrVkNSxu2nX2YbiyhtDSyIlEFGY
KwSzAMXz3XMJDdtuCznX+a/LxAQp91zAMk+xMFkgATXdu3gIYf8a2D4AIfuYInR8
6aBHaEzG8UFKKeN2IptVeBj2cobrnbH6PO5A7RWlgItgX+ApcY0qtENAj4/LUnpK
aRuLopJDRG899oZweqMkmYClY8KRVUU2TJv9NLXUQYKQq1uHXKjhmocF3LdnQklV
1/mpxBwHHYzWanZpqNxOpV4Cd8Sr6BXaz40DKaMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQPqnNcQREKggRT5LCR4JS0pfVJ5DAfBgNVHSMEGDAWgBTUEavEwEaKsoke
qsrboNwDd5Nv1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFCR3J4TUJHaXJLSkhxcksyNkRjQTNlVGI5VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvNjE4ZTUzLWFmYzQtNDBkZi04NjEyLWIwZjRiOWMzN2U0OS8x
L0Q2cHpYRUVSQ29JRVUtU3drZUNVdEtYMVNlUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
NjE4ZTUzLWFmYzQtNDBkZi04NjEyLWIwZjRiOWMzN2U0OS8xLzFCR3J4TUJHaXJL
SkhxcksyNkRjQTNlVGI5VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF1t2QMEANUH0TANBgkqhkiG9w0B
AQsFAAOCAQEAQgi2J6w7TpKc3Dl0HSKHhfuA3dj3e7Om5AGH4ZTvl87KB9l5bcQu
HeZVqI0AkaehFk9jAhTlS6uonP3d1VeUXR4vdLeKLrTZuIUEJGmniLcuBECsoJ+H
z+26cdKz1ohGobAT47JQTmOwbVPfBDCP9xTkaLWaK/bJM9GVVMifK6yx7puMn09M
IgyuLHPJHKJc1HUu9Trq7uHCQHTC3Ba/LWQ+1Eh4ENNZU6kZQdf3aAZQTwK1dOcR
xSyioVRNCuwEoZz7xU+1aBpUtLs91o+FWSNVrDeVuHtLYQADqsLsGcozGitlHxeD
kiJRO8d8D2UufzYYJb3aT3cEHpqE0dmOrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:17 2024 by rpki-client on console-ams.rpki-client.org