Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/69327a-68de-4585-acfb-501257590de7/1/eTKsJ07cWf8Iez_0ykPgp9VQ_Qc.roa
File:                     eTKsJ07cWf8Iez_0ykPgp9VQ_Qc.roa (raw, json)
Hash identifier:          kXoGGi3I+2uisO8OQXiTy7TXKX6DbqUeAlRwNeyHgT4=
Subject key identifier:   79:32:AC:27:4E:DC:59:FF:08:7B:3F:F4:CA:43:E0:A7:D5:50:FD:07
Certificate issuer:       /CN=058737ac1bca8c1428b3969546f1974f0694e400
Certificate serial:       01C49371
Authority key identifier: 05:87:37:AC:1B:CA:8C:14:28:B3:96:95:46:F1:97:4F:06:94:E4:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BYc3rBvKjBQos5aVRvGXTwaU5AA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/69327a-68de-4585-acfb-501257590de7/1/eTKsJ07cWf8Iez_0ykPgp9VQ_Qc.roa
Signing time:             Sat 01 Jan 2022 11:56:36 +0000
ROA not before:           Sat 01 Jan 2022 11:56:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205185
IP address blocks:        193.163.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29660017 (0x1c49371)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=058737ac1bca8c1428b3969546f1974f0694e400
        Validity
            Not Before: Jan  1 11:56:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7932ac274edc59ff087b3ff4ca43e0a7d550fd07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:04:f6:91:ac:d0:6b:bf:dd:02:3c:56:f8:d4:
                    a9:5b:f6:fd:1d:1b:52:0a:b4:33:7e:00:67:b1:11:
                    d0:65:fe:8c:29:b8:b2:e3:26:f0:50:5f:fa:32:77:
                    3d:39:69:26:9f:a6:d5:31:e9:99:51:9d:5e:5b:03:
                    cc:2a:5d:a4:3f:ab:c9:c1:8d:5c:76:05:99:53:07:
                    de:c9:7a:f9:3c:40:76:77:f2:61:a2:df:79:2b:9f:
                    42:ca:e3:29:36:04:7d:2b:f7:3d:28:82:50:e4:96:
                    f0:b6:12:12:91:56:a4:bf:1e:50:36:86:f1:9c:57:
                    98:a9:6d:00:6a:91:55:6b:10:fa:1b:ea:2a:82:03:
                    4b:d7:c3:86:91:4b:53:d4:02:60:d3:08:74:e0:13:
                    df:13:e9:31:b3:cb:e1:4c:76:c9:f4:02:38:5e:c5:
                    58:b6:91:b8:0a:d6:c9:98:3c:55:46:29:d7:81:11:
                    08:da:b4:e8:02:26:12:bf:7b:95:3d:7c:bc:50:b4:
                    62:4d:d5:34:2f:73:a2:52:37:1c:84:9b:ea:76:ac:
                    9d:a9:bd:e6:3e:4a:e8:b8:df:96:11:61:bc:e7:34:
                    24:c3:ec:04:7d:e4:b5:ae:da:07:63:f9:97:1b:01:
                    08:17:d5:fd:5a:a7:65:f1:ff:0f:8b:3f:a6:61:88:
                    be:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:32:AC:27:4E:DC:59:FF:08:7B:3F:F4:CA:43:E0:A7:D5:50:FD:07
            X509v3 Authority Key Identifier:
                keyid:05:87:37:AC:1B:CA:8C:14:28:B3:96:95:46:F1:97:4F:06:94:E4:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYc3rBvKjBQos5aVRvGXTwaU5AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/69327a-68de-4585-acfb-501257590de7/1/eTKsJ07cWf8Iez_0ykPgp9VQ_Qc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/69327a-68de-4585-acfb-501257590de7/1/BYc3rBvKjBQos5aVRvGXTwaU5AA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.163.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:71:82:60:8c:b0:b5:10:b0:5d:84:e8:ec:ce:33:d8:5a:e7:
         1d:73:e5:9b:1e:52:6a:09:71:0a:e8:f8:59:07:4b:6f:a9:70:
         68:d0:8f:dd:79:09:fd:b1:07:9f:50:aa:ad:8f:71:66:48:2e:
         66:a6:df:79:c0:f0:88:13:95:b3:93:65:13:52:03:a7:15:b5:
         fc:10:cf:ea:4b:52:5a:3d:a5:10:87:32:22:1a:54:ea:4f:fa:
         69:0c:7d:ee:1d:fe:02:62:16:54:7e:e3:01:14:18:2e:e5:8c:
         25:6d:66:34:f7:47:52:ac:4b:16:be:38:9c:ad:0d:1e:0e:69:
         0b:2f:9b:a9:3f:30:3f:6e:85:fa:ad:31:a0:d4:61:40:b8:f6:
         91:92:6e:52:91:e9:cd:90:e6:dc:8d:fa:a0:2e:08:2f:39:2f:
         be:d1:ad:cc:2a:30:60:ef:87:62:96:5d:83:dd:cd:95:46:20:
         2a:c5:3f:0c:bd:1e:72:13:94:93:a9:9a:ba:27:42:e8:a3:37:
         b9:0d:3e:44:f4:d0:ce:f8:bd:0e:38:e0:a7:04:0c:79:5e:9e:
         c1:45:92:ad:c9:5d:b7:9c:52:ea:2a:eb:9c:4a:6c:56:9a:96:
         9d:a8:73:f2:a0:3f:c6:fa:85:0f:d3:57:b5:18:95:89:4b:02:
         cb:68:d5:42
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAcSTcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTg3MzdhYzFiY2E4YzE0MjhiMzk2OTU0NmYxOTc0ZjA2OTRlNDAwMB4XDTIyMDEw
MTExNTYzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzkzMmFjMjc0ZWRj
NTlmZjA4N2IzZmY0Y2E0M2UwYTdkNTUwZmQwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANoE9pGs0Gu/3QI8VvjUqVv2/R0bUgq0M34AZ7ER0GX+jCm4
suMm8FBf+jJ3PTlpJp+m1THpmVGdXlsDzCpdpD+rycGNXHYFmVMH3sl6+TxAdnfy
YaLfeSufQsrjKTYEfSv3PSiCUOSW8LYSEpFWpL8eUDaG8ZxXmKltAGqRVWsQ+hvq
KoIDS9fDhpFLU9QCYNMIdOAT3xPpMbPL4Ux2yfQCOF7FWLaRuArWyZg8VUYp14ER
CNq06AImEr97lT18vFC0Yk3VNC9zolI3HISb6nasnam95j5K6LjflhFhvOc0JMPs
BH3kta7aB2P5lxsBCBfV/VqnZfH/D4s/pmGIvoECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR5MqwnTtxZ/wh7P/TKQ+Cn1VD9BzAfBgNVHSMEGDAWgBQFhzesG8qMFCiz
lpVG8ZdPBpTkADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JZYzNyQnZLakJRb3M1YVZSdkdYVHdhVTVBQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvNjkzMjdhLTY4ZGUtNDU4NS1hY2ZiLTUwMTI1NzU5MGRlNy8x
L2VUS3NKMDdjV2Y4SWV6XzB5a1BncDlWUV9RYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
NjkzMjdhLTY4ZGUtNDU4NS1hY2ZiLTUwMTI1NzU5MGRlNy8xL0JZYzNyQnZLakJR
b3M1YVZSdkdYVHdhVTVBQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGjbDANBgkqhkiG9w0BAQsFAAOC
AQEAOHGCYIywtRCwXYTo7M4z2FrnHXPlmx5SaglxCuj4WQdLb6lwaNCP3XkJ/bEH
n1CqrY9xZkguZqbfecDwiBOVs5NlE1IDpxW1/BDP6ktSWj2lEIcyIhpU6k/6aQx9
7h3+AmIWVH7jARQYLuWMJW1mNPdHUqxLFr44nK0NHg5pCy+bqT8wP26F+q0xoNRh
QLj2kZJuUpHpzZDm3I36oC4ILzkvvtGtzCowYO+HYpZdg93NlUYgKsU/DL0echOU
k6mauidC6KM3uQ0+RPTQzvi9DjjgpwQMeV6ewUWSrcldt5xS6irrnEpsVpqWnahz
8qA/xvqFD9NXtRiViUsCy2jVQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org