Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/VHbdliA1gfVXI7BJl8l-q-YWeAA.roa
File:                     VHbdliA1gfVXI7BJl8l-q-YWeAA.roa (raw, json)
Hash identifier:          p3Qg4FhtEjz5yZzDvDW72/yZ9sWa2cTQboa9xKKHX/c=
Subject key identifier:   54:76:DD:96:20:35:81:F5:57:23:B0:49:97:C9:7E:AB:E6:16:78:00
Certificate issuer:       /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial:       0185217EC8C12AF4B72ADDE0EB3689BDEA4D
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/VHbdliA1gfVXI7BJl8l-q-YWeAA.roa
Signing time:             Sat 17 Dec 2022 19:10:35 +0000
ROA not before:           Sat 17 Dec 2022 19:10:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30475
IP address blocks:        193.8.172.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:21:7e:c8:c1:2a:f4:b7:2a:dd:e0:eb:36:89:bd:ea:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
        Validity
            Not Before: Dec 17 19:10:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5476dd96203581f55723b04997c97eabe6167800
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d1:ef:e9:97:f7:2d:fb:92:d1:ef:94:0c:8d:
                    e5:49:b3:53:eb:2d:d4:df:2f:19:4e:1c:c0:4f:09:
                    f6:01:be:10:f0:77:8f:90:f5:54:93:c6:f3:33:6f:
                    65:ec:5d:5a:92:82:15:9b:de:21:28:37:af:87:d5:
                    4a:bc:2f:53:26:53:35:3b:1c:78:7e:ca:fe:6a:66:
                    31:7b:47:e0:32:ec:d1:18:d2:86:b4:5e:cb:7a:86:
                    f3:3e:86:d1:a6:4d:33:f8:86:84:ce:7a:e6:56:a0:
                    2c:59:0b:57:ba:89:00:e3:a8:12:24:74:f6:74:5d:
                    27:d3:a9:51:14:33:da:d0:0a:42:73:d1:dc:b4:0f:
                    80:3b:3f:db:c5:ed:04:3c:e6:aa:49:dc:24:84:2d:
                    d4:e4:7f:ea:2a:7a:ca:88:64:59:78:86:2d:62:e8:
                    ba:10:ff:05:34:35:d9:99:fb:c3:2a:e3:3b:4b:c6:
                    fc:d0:93:36:b2:fb:4c:03:36:f7:8e:6f:5c:65:fa:
                    ba:e3:19:74:2d:9b:d7:57:1b:17:b3:ae:aa:f4:09:
                    6d:11:08:99:11:90:09:70:24:9b:9b:c3:8b:b8:0a:
                    bb:85:03:5f:55:f3:6b:0b:56:d5:70:b2:0b:38:b3:
                    35:a6:48:dd:cb:c5:4c:76:2f:64:f1:a6:0f:a1:d4:
                    2c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:76:DD:96:20:35:81:F5:57:23:B0:49:97:C9:7E:AB:E6:16:78:00
            X509v3 Authority Key Identifier:
                keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/VHbdliA1gfVXI7BJl8l-q-YWeAA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.8.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:f1:98:84:01:44:ea:ee:ce:d9:db:91:26:cc:36:6e:8b:1a:
         72:40:94:ad:e0:cc:3d:a8:95:74:5d:ad:e9:c2:3a:f6:96:63:
         f4:49:f5:a0:5e:f2:f4:9f:4f:af:34:95:0f:70:c6:53:41:f7:
         78:eb:6f:96:03:96:b3:f7:c7:44:30:50:f1:76:ec:d3:3c:8f:
         71:90:1c:1e:d0:17:e2:03:6a:76:6d:63:ee:a3:d8:6b:3a:5b:
         fd:86:5d:45:42:9f:af:8c:e5:9e:0c:5d:17:be:0f:c7:9e:4b:
         18:92:63:f7:4a:62:99:8e:ff:0a:4d:f7:fc:23:9e:fa:b1:c4:
         39:93:f5:92:a2:e0:cc:3c:0a:97:73:ea:a7:b2:2d:e7:7c:e1:
         1f:ec:3b:70:b8:ce:d3:ba:26:6d:2d:97:55:fa:8d:fb:9f:cc:
         e9:5b:74:f0:70:ab:fd:07:ec:2a:f9:bd:8a:5d:72:a2:1c:25:
         03:0e:33:3a:51:bb:ff:1c:8f:b5:64:1d:75:fc:0e:94:11:b3:
         97:fb:96:48:b4:41:af:cc:b6:5f:0a:67:ef:f3:56:54:40:11:
         0b:45:87:6e:95:b5:58:43:ab:c9:24:d7:f1:6e:58:1c:19:37:
         e5:f7:ae:e7:93:7a:05:8b:b8:23:e5:06:e5:23:c1:b7:ff:4b:
         2e:d0:60:c0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYUhfsjBKvS3Kt3g6zaJvepNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjIxMjE3MTkxMDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDc2ZGQ5NjIwMzU4MWY1NTcyM2IwNDk5N2M5N2VhYmU2MTY3ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9Hv6Zf3LfuS0e+UDI3lSbNT6y3U
3y8ZThzATwn2Ab4Q8HePkPVUk8bzM29l7F1akoIVm94hKDevh9VKvC9TJlM1Oxx4
fsr+amYxe0fgMuzRGNKGtF7LeobzPobRpk0z+IaEznrmVqAsWQtXuokA46gSJHT2
dF0n06lRFDPa0ApCc9HctA+AOz/bxe0EPOaqSdwkhC3U5H/qKnrKiGRZeIYtYui6
EP8FNDXZmfvDKuM7S8b80JM2svtMAzb3jm9cZfq64xl0LZvXVxsXs66q9AltEQiZ
EZAJcCSbm8OLuAq7hQNfVfNrC1bVcLILOLM1pkjdy8VMdi9k8aYPodQsaQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFR23ZYgNYH1VyOwSZfJfqvmFngAMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL1ZIYmRsaUExZ2ZWWEk3QkpsOGwtcS1ZV2VBQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBCKww
DQYJKoZIhvcNAQELBQADggEBAI3xmIQBROruztnbkSbMNm6LGnJAlK3gzD2olXRd
renCOvaWY/RJ9aBe8vSfT680lQ9wxlNB93jrb5YDlrP3x0QwUPF27NM8j3GQHB7Q
F+IDanZtY+6j2Gs6W/2GXUVCn6+M5Z4MXRe+D8eeSxiSY/dKYpmO/wpN9/wjnvqx
xDmT9ZKi4Mw8Cpdz6qeyLed84R/sO3C4ztO6Jm0tl1X6jfufzOlbdPBwq/0H7Cr5
vYpdcqIcJQMOMzpRu/8cj7VkHXX8DpQRs5f7lki0Qa/Mtl8KZ+/zVlRAEQtFh26V
tVhDq8kk1/FuWBwZN+X3rueTegWLuCPlBuUjwbf/Sy7QYMA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:08 2024 by rpki-client on console-ams.rpki-client.org