Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/0QC3KcxyaJ7POasgOC3m8jvdr7A.roa
File:                     0QC3KcxyaJ7POasgOC3m8jvdr7A.roa (raw, json)
Hash identifier:          zEHjdhBdpkCX/JCKOBjubhueezW+/HoTM4V0UnMz+/E=
Subject key identifier:   D1:00:B7:29:CC:72:68:9E:CF:39:AB:20:38:2D:E6:F2:3B:DD:AF:B0
Certificate issuer:       /CN=a3d31f1799bf5588ffa988e49286bfc70a4b34be
Certificate serial:       018258251C633850D9F9553BACCB8B74A14E
Authority key identifier: A3:D3:1F:17:99:BF:55:88:FF:A9:88:E4:92:86:BF:C7:0A:4B:34:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o9MfF5m_VYj_qYjkkoa_xwpLNL4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/0QC3KcxyaJ7POasgOC3m8jvdr7A.roa
Signing time:             Mon 01 Aug 2022 06:43:23 +0000
ROA not before:           Mon 01 Aug 2022 06:43:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24940
IP address blocks:        193.110.6.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:58:25:1c:63:38:50:d9:f9:55:3b:ac:cb:8b:74:a1:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3d31f1799bf5588ffa988e49286bfc70a4b34be
        Validity
            Not Before: Aug  1 06:43:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d100b729cc72689ecf39ab20382de6f23bddafb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:41:b6:ec:e2:89:e5:13:8e:a3:7c:4e:e8:e4:
                    1a:f7:92:27:62:a2:22:e8:a4:8b:02:28:d3:f1:f8:
                    3e:ff:74:bd:8b:15:61:ab:3b:21:28:e9:e7:25:b1:
                    62:5f:8a:12:18:2f:3c:1c:f7:c9:dc:7e:26:be:05:
                    df:a7:29:3d:44:f6:fb:6c:b6:5b:67:54:3f:4a:87:
                    d9:b2:79:32:79:5d:a0:a5:0f:01:ec:01:d2:d3:78:
                    3a:07:1a:52:c8:6d:57:87:78:18:7c:a3:1c:bc:0b:
                    e5:a7:ff:bb:a2:66:17:23:a3:68:7c:34:86:10:f3:
                    19:97:32:2a:5c:43:8e:65:80:b7:ca:f0:f2:82:28:
                    01:6d:80:35:19:06:c7:f0:2f:73:ea:82:01:d5:75:
                    b6:1e:ed:d5:3a:91:33:ff:18:50:af:78:da:a2:fc:
                    05:6b:e6:5b:f4:29:bf:c2:68:ef:26:42:15:52:64:
                    45:09:27:32:c2:96:9c:88:9f:c8:6d:04:af:1b:a5:
                    56:a7:08:24:2d:66:ae:82:07:c8:3b:86:4f:23:26:
                    a6:18:b3:b7:0c:bd:f9:38:c8:61:a6:77:d0:70:e2:
                    8e:6b:ef:6b:50:d2:2d:2b:40:5b:42:1a:72:ab:ea:
                    8a:06:d3:8c:ea:be:df:e3:5d:8f:2a:c8:f2:2b:73:
                    35:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:00:B7:29:CC:72:68:9E:CF:39:AB:20:38:2D:E6:F2:3B:DD:AF:B0
            X509v3 Authority Key Identifier:
                keyid:A3:D3:1F:17:99:BF:55:88:FF:A9:88:E4:92:86:BF:C7:0A:4B:34:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9MfF5m_VYj_qYjkkoa_xwpLNL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/0QC3KcxyaJ7POasgOC3m8jvdr7A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/o9MfF5m_VYj_qYjkkoa_xwpLNL4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.110.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8a:f3:b6:6e:43:fb:4c:db:ff:bf:89:e6:80:8f:6d:c0:16:0a:
         08:18:a9:15:81:86:75:98:a7:d8:b8:35:51:23:1a:62:92:b9:
         f2:f2:56:fa:56:f9:1d:8e:a6:64:13:45:3f:55:7f:44:4a:66:
         ab:70:f6:43:df:04:8b:cd:c4:e5:b7:6c:87:ce:bd:09:92:dd:
         a1:4e:1a:5f:64:dc:85:6d:f6:4f:43:6f:83:c3:ba:58:99:13:
         71:ec:c1:11:76:4f:cd:5b:af:f4:ba:b8:5e:4d:f9:c4:a3:42:
         ed:d6:ed:ff:f0:ea:c2:2e:5b:cb:e3:89:de:94:1d:22:a1:2a:
         83:86:af:18:e9:ce:c2:bb:0f:70:b9:f2:68:75:62:0e:fb:52:
         69:85:ea:9d:05:60:e9:09:27:1c:62:87:0f:80:10:59:e2:82:
         73:88:d3:fa:47:e8:59:b7:70:20:31:41:c2:fe:5b:50:f4:0a:
         1e:5d:4f:be:8c:72:c7:e7:c6:2c:bf:c3:5c:9d:70:a3:45:56:
         85:ed:c2:f1:4f:57:ef:9a:d6:e3:b6:4a:c4:3c:15:d8:fb:11:
         8c:5a:fc:31:a7:a4:55:88:7a:28:34:11:3a:89:14:4e:f0:3f:
         5b:15:ff:f7:a9:14:05:2a:cc:45:5b:96:bc:a1:ac:8d:64:4b:
         83:ec:39:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJYJRxjOFDZ+VU7rMuLdKFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZDMxZjE3OTliZjU1ODhmZmE5ODhlNDkyODZiZmM3MGE0
YjM0YmUwHhcNMjIwODAxMDY0MzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTAwYjcyOWNjNzI2ODllY2YzOWFiMjAzODJkZTZmMjNiZGRhZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0G27OKJ5ROOo3xO6OQa95InYqIi
6KSLAijT8fg+/3S9ixVhqzshKOnnJbFiX4oSGC88HPfJ3H4mvgXfpyk9RPb7bLZb
Z1Q/SofZsnkyeV2gpQ8B7AHS03g6BxpSyG1Xh3gYfKMcvAvlp/+7omYXI6NofDSG
EPMZlzIqXEOOZYC3yvDygigBbYA1GQbH8C9z6oIB1XW2Hu3VOpEz/xhQr3jaovwF
a+Zb9Cm/wmjvJkIVUmRFCScywpaciJ/IbQSvG6VWpwgkLWauggfIO4ZPIyamGLO3
DL35OMhhpnfQcOKOa+9rUNItK0BbQhpyq+qKBtOM6r7f412PKsjyK3M1/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEAtynMcmiezzmrIDgt5vI73a+wMB8GA1UdIwQY
MBaAFKPTHxeZv1WI/6mI5JKGv8cKSzS+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlNZkY1bV9WWWpfcVlqa2tvYV94d3BMTkw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYWNkNmMtODkyZi00NWUxLWIxNDUt
YWRlNTI2MWMxMDQzLzEvMFFDM0tjeHlhSjdQT2FzZ09DM204anZkcjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYWNkNmMtODkyZi00NWUxLWIxNDUtYWRlNTI2MWMxMDQz
LzEvbzlNZkY1bV9WWWpfcVlqa2tvYV94d3BMTkw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwW4GMA0G
CSqGSIb3DQEBCwUAA4IBAQCK87ZuQ/tM2/+/ieaAj23AFgoIGKkVgYZ1mKfYuDVR
Ixpikrny8lb6VvkdjqZkE0U/VX9ESmarcPZD3wSLzcTlt2yHzr0Jkt2hThpfZNyF
bfZPQ2+Dw7pYmRNx7MERdk/NW6/0urheTfnEo0Lt1u3/8OrCLlvL44nelB0ioSqD
hq8Y6c7Cuw9wufJodWIO+1JpheqdBWDpCSccYocPgBBZ4oJziNP6R+hZt3AgMUHC
/ltQ9AoeXU++jHLH58Ysv8NcnXCjRVaF7cLxT1fvmtbjtkrEPBXY+xGMWvwxp6RV
iHooNBE6iRRO8D9bFf/3qRQFKsxFW5a8oayNZEuD7Dlb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:07 2024 by rpki-client on console-fra.rpki-client.org