Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/7H96eB29EHqeTmaYvhv77LjzBJs.roa
File:                     7H96eB29EHqeTmaYvhv77LjzBJs.roa (raw, json)
Hash identifier:          V0SpZDV9Jllci/4H0e0Gkqg6Nc1SxdntpMhNtCrBs7U=
Subject key identifier:   EC:7F:7A:78:1D:BD:10:7A:9E:4E:66:98:BE:1B:FB:EC:B8:F3:04:9B
Certificate issuer:       /CN=b17b44904c7694a5408a0d2972c39ff0b1b03ea5
Certificate serial:       0BB964
Authority key identifier: B1:7B:44:90:4C:76:94:A5:40:8A:0D:29:72:C3:9F:F0:B1:B0:3E:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/7H96eB29EHqeTmaYvhv77LjzBJs.roa
Signing time:             Sat 01 Jan 2022 01:54:40 +0000
ROA not before:           Sat 01 Jan 2022 01:54:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30816
IP address blocks:        193.27.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 768356 (0xbb964)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b17b44904c7694a5408a0d2972c39ff0b1b03ea5
        Validity
            Not Before: Jan  1 01:54:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec7f7a781dbd107a9e4e6698be1bfbecb8f3049b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:72:90:d3:28:09:f4:82:d9:00:7c:5c:d1:4c:
                    72:53:5f:b5:95:08:38:08:be:c9:e5:3f:08:86:74:
                    ed:c8:14:d8:69:b0:c4:e1:af:1d:91:e3:c8:b6:65:
                    a8:00:be:fd:6f:97:95:28:8a:50:4d:cb:89:ff:6e:
                    a5:1d:5c:4e:a8:d6:c5:1e:91:f0:c8:85:59:85:6a:
                    e5:e7:85:f4:37:1d:5b:8c:5c:dc:e2:7d:8a:ab:64:
                    c6:73:b2:60:d2:df:c9:46:dd:2c:9a:c3:cc:c6:28:
                    86:0e:a0:6e:c3:a5:30:9a:8a:84:f7:2c:e2:71:4c:
                    ea:48:46:59:0d:4f:96:17:bc:7f:d6:e2:cc:18:fc:
                    19:1c:76:23:f5:eb:6e:16:04:aa:50:46:ba:b5:13:
                    b3:cf:7e:95:4e:65:30:d9:33:35:09:07:85:ee:61:
                    d7:d0:a3:23:79:58:d8:01:a9:dc:f6:d3:75:dd:68:
                    a1:74:f3:60:f7:44:31:c1:19:a3:3c:f7:61:f4:f8:
                    0f:17:24:6a:17:53:1e:df:1f:0d:2a:f3:19:d4:47:
                    7d:f1:77:fd:8f:02:1c:90:b2:88:58:9b:f0:99:31:
                    3f:5d:fa:d9:ba:49:fa:12:66:31:a5:e5:a0:3e:37:
                    7e:9e:c4:eb:d7:5a:4c:16:d1:00:1f:ee:da:2f:a1:
                    91:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:7F:7A:78:1D:BD:10:7A:9E:4E:66:98:BE:1B:FB:EC:B8:F3:04:9B
            X509v3 Authority Key Identifier:
                keyid:B1:7B:44:90:4C:76:94:A5:40:8A:0D:29:72:C3:9F:F0:B1:B0:3E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/7H96eB29EHqeTmaYvhv77LjzBJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.27.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:df:45:d1:e9:54:23:a1:61:40:bf:c9:f7:c3:77:6a:54:f8:
         c9:0d:b5:57:ca:87:63:95:7f:07:d1:9a:f4:e8:35:73:84:24:
         c0:5d:c4:b8:99:08:e8:ab:d2:47:c2:12:d3:6f:98:7e:4a:0f:
         43:96:5e:a0:35:5a:e1:cc:1e:3c:e3:1c:6a:d9:de:1e:2d:30:
         d1:27:b6:0d:0f:e8:13:d5:da:e9:08:c9:1d:02:ae:0c:bd:68:
         01:17:31:6d:62:18:c9:13:e6:ae:3a:c0:37:44:0d:57:66:7b:
         a1:bd:86:b1:6c:00:25:3b:ee:7e:50:62:8f:2a:00:20:6a:f7:
         50:79:50:64:a6:8d:78:f1:9b:86:1c:2f:7d:7d:9a:8a:59:38:
         9b:98:12:1a:6d:2d:3f:0e:8a:80:29:e5:d0:7f:9b:b1:b7:31:
         d8:a6:0a:d6:ec:3e:16:7d:bc:f5:de:ca:26:f6:4f:54:4b:af:
         25:13:24:26:40:f9:24:96:cc:f2:57:58:13:48:06:56:d4:6b:
         c8:4f:ac:70:71:3f:2f:c8:ec:31:36:56:e5:52:b7:9e:c6:25:
         52:d3:5d:67:d8:f5:ec:5c:e3:f2:d0:a0:39:8a:57:c6:bf:a6:
         0f:3d:19:69:e1:df:c2:40:59:1f:d5:13:ce:3e:89:74:3c:89:
         52:b3:c7:6a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDC7lkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIx
N2I0NDkwNGM3Njk0YTU0MDhhMGQyOTcyYzM5ZmYwYjFiMDNlYTUwHhcNMjIwMTAx
MDE1NDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlYzdmN2E3ODFkYmQx
MDdhOWU0ZTY2OThiZTFiZmJlY2I4ZjMwNDliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0XKQ0ygJ9ILZAHxc0UxyU1+1lQg4CL7J5T8IhnTtyBTYabDE
4a8dkePItmWoAL79b5eVKIpQTcuJ/26lHVxOqNbFHpHwyIVZhWrl54X0Nx1bjFzc
4n2Kq2TGc7Jg0t/JRt0smsPMxiiGDqBuw6UwmoqE9yzicUzqSEZZDU+WF7x/1uLM
GPwZHHYj9etuFgSqUEa6tROzz36VTmUw2TM1CQeF7mHX0KMjeVjYAanc9tN13Wih
dPNg90QxwRmjPPdh9PgPFyRqF1Me3x8NKvMZ1Ed98Xf9jwIckLKIWJvwmTE/XfrZ
ukn6EmYxpeWgPjd+nsTr11pMFtEAH+7aL6GRZwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFOx/engdvRB6nk5mmL4b++y48wSbMB8GA1UdIwQYMBaAFLF7RJBMdpSlQIoN
KXLDn/CxsD6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85ZC85MTgyNDUtN2I1MC00OTUyLWEzYTctYTQ1OTE2OTU1ZTZmLzEv
N0g5NmVCMjlFSHFlVG1hWXZodjc3TGp6QkpzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85
MTgyNDUtN2I1MC00OTUyLWEzYTctYTQ1OTE2OTU1ZTZmLzEvc1h0RWtFeDJsS1ZB
aWcwcGNzT2Y4TEd3UHFVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRsGMA0GCSqGSIb3DQEBCwUAA4IB
AQC930XR6VQjoWFAv8n3w3dqVPjJDbVXyodjlX8H0Zr06DVzhCTAXcS4mQjoq9JH
whLTb5h+Sg9Dll6gNVrhzB484xxq2d4eLTDRJ7YND+gT1drpCMkdAq4MvWgBFzFt
YhjJE+auOsA3RA1XZnuhvYaxbAAlO+5+UGKPKgAgavdQeVBkpo148ZuGHC99fZqK
WTibmBIabS0/DoqAKeXQf5uxtzHYpgrW7D4Wfbz13som9k9US68lEyQmQPkklszy
V1gTSAZW1GvIT6xwcT8vyOwxNlblUreexiVS011n2PXsXOPy0KA5ilfGv6YPPRlp
4d/CQFkf1RPOPol0PIlSs8dq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:57 2024 by rpki-client on console-fra.rpki-client.org