Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/VMjcA3t93Cwk8hJuVuEokcmTdjo.roa
File:                     VMjcA3t93Cwk8hJuVuEokcmTdjo.roa (raw, json)
Hash identifier:          SvK8Y7Brv6Sbe2fkGPzK8/I9+l4BgneLsN0WfZGyQSA=
Subject key identifier:   54:C8:DC:03:7B:7D:DC:2C:24:F2:12:6E:56:E1:28:91:C9:93:76:3A
Certificate issuer:       /CN=9098153bde0e34584bac91fa1868d7ef24d68bcf
Certificate serial:       046AD79D
Authority key identifier: 90:98:15:3B:DE:0E:34:58:4B:AC:91:FA:18:68:D7:EF:24:D6:8B:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kJgVO94ONFhLrJH6GGjX7yTWi88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/VMjcA3t93Cwk8hJuVuEokcmTdjo.roa
Signing time:             Mon 28 Mar 2022 21:18:37 +0000
ROA not before:           Mon 28 Mar 2022 21:18:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43350
IP address blocks:        193.218.190.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74110877 (0x46ad79d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9098153bde0e34584bac91fa1868d7ef24d68bcf
        Validity
            Not Before: Mar 28 21:18:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54c8dc037b7ddc2c24f2126e56e12891c993763a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:1d:5e:af:53:3f:42:d8:64:4e:be:6d:b8:04:
                    ce:23:38:50:c3:a4:98:9a:81:35:78:a4:bb:02:e6:
                    6c:b1:ea:fd:c6:ee:c0:c1:60:ef:5a:42:6d:af:45:
                    09:5d:70:9d:8e:9b:6f:d2:f6:a1:41:a0:cb:3b:2f:
                    77:f6:1e:4c:dd:f9:e4:6d:43:10:53:46:f7:c5:86:
                    01:5e:d0:b1:f3:9a:90:8c:8b:ba:4a:b9:8d:a1:e7:
                    52:f9:e7:f1:a9:52:b3:28:b7:e5:4b:e2:66:74:2e:
                    a1:36:84:d0:8e:53:68:5d:98:24:ae:cc:6e:27:e6:
                    2d:c2:23:5e:70:51:5d:db:02:4a:74:48:51:3d:2b:
                    8d:8e:21:10:80:3b:3a:c4:01:c6:c8:d2:31:a7:b3:
                    59:1a:02:77:1a:bf:de:de:87:4c:0a:99:2a:fc:ac:
                    e8:66:db:b5:62:23:cf:58:1c:ce:99:66:3b:89:8f:
                    8d:f2:8d:38:74:bf:32:16:9a:56:c7:75:6d:17:a8:
                    56:5f:26:b3:41:73:94:44:2c:c0:14:8b:48:56:bf:
                    f3:03:68:24:05:82:71:e6:99:68:76:fc:0d:7d:43:
                    62:50:ab:8a:99:34:50:bd:ae:0f:4e:d0:d2:a9:f7:
                    90:bd:3f:2b:87:7a:ae:2d:0d:e8:22:b8:1a:df:9c:
                    fe:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C8:DC:03:7B:7D:DC:2C:24:F2:12:6E:56:E1:28:91:C9:93:76:3A
            X509v3 Authority Key Identifier:
                keyid:90:98:15:3B:DE:0E:34:58:4B:AC:91:FA:18:68:D7:EF:24:D6:8B:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kJgVO94ONFhLrJH6GGjX7yTWi88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/VMjcA3t93Cwk8hJuVuEokcmTdjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/kJgVO94ONFhLrJH6GGjX7yTWi88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.218.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:0d:84:60:71:7d:62:65:32:f8:ce:1d:b0:76:16:2c:59:90:
         d4:29:28:f8:4d:96:21:fb:51:c9:56:98:a4:b2:ce:6e:b9:37:
         b6:03:83:2f:ec:53:22:f3:e7:37:c9:98:4f:45:34:d9:e0:fd:
         e3:88:91:b0:26:b0:85:e8:ca:aa:43:79:ad:c0:03:a5:e3:b3:
         d6:27:38:41:f2:b5:9d:e9:51:77:dd:6e:7f:4b:7b:fd:92:ac:
         8c:6c:71:41:b7:bd:ad:dd:ec:b7:78:ff:31:5f:7c:3e:28:8d:
         a8:1b:ca:dc:30:1a:6c:20:34:f6:db:be:df:16:92:f7:6b:06:
         e3:da:c7:3b:b1:47:e0:f5:87:4a:6f:c6:30:5c:d9:33:ff:2d:
         65:62:e8:0a:1e:41:57:74:b6:8b:a5:74:34:48:81:99:77:e6:
         f7:48:4b:8a:7b:73:e7:2b:28:45:e5:64:d9:07:45:c7:43:31:
         8c:de:31:f5:75:6a:7f:60:3d:94:6a:20:74:31:65:a5:0a:99:
         c6:f3:05:00:0b:8c:32:4f:8f:be:47:43:fd:4c:5b:33:9f:07:
         c4:53:85:d6:43:58:46:90:72:bc:56:20:59:a7:0f:8f:e4:39:
         34:57:f0:de:7f:36:49:6e:0c:82:9b:9e:e9:19:de:87:75:8f:
         c8:0f:29:a3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBGrXnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDk4MTUzYmRlMGUzNDU4NGJhYzkxZmExODY4ZDdlZjI0ZDY4YmNmMB4XDTIyMDMy
ODIxMTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRjOGRjMDM3Yjdk
ZGMyYzI0ZjIxMjZlNTZlMTI4OTFjOTkzNzYzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKYdXq9TP0LYZE6+bbgEziM4UMOkmJqBNXikuwLmbLHq/cbu
wMFg71pCba9FCV1wnY6bb9L2oUGgyzsvd/YeTN355G1DEFNG98WGAV7QsfOakIyL
ukq5jaHnUvnn8alSsyi35UviZnQuoTaE0I5TaF2YJK7MbifmLcIjXnBRXdsCSnRI
UT0rjY4hEIA7OsQBxsjSMaezWRoCdxq/3t6HTAqZKvys6GbbtWIjz1gczplmO4mP
jfKNOHS/MhaaVsd1bReoVl8ms0FzlEQswBSLSFa/8wNoJAWCceaZaHb8DX1DYlCr
ipk0UL2uD07Q0qn3kL0/K4d6ri0N6CK4Gt+c/osCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRUyNwDe33cLCTyEm5W4SiRyZN2OjAfBgNVHSMEGDAWgBSQmBU73g40WEus
kfoYaNfvJNaLzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tKZ1ZPOTRPTkZoTHJKSDZHR2pYN3lUV2k4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYmE5MDAzLWQ0MzMtNDA5NS04NGI3LTJmOTMzZDk4OTZlMC8x
L1ZNamNBM3Q5M0N3azhoSnVWdUVva2NtVGRqby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YmE5MDAzLWQ0MzMtNDA5NS04NGI3LTJmOTMzZDk4OTZlMC8xL2tKZ1ZPOTRPTkZo
THJKSDZHR2pYN3lUV2k4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHavjANBgkqhkiG9w0BAQsFAAOC
AQEAKg2EYHF9YmUy+M4dsHYWLFmQ1Cko+E2WIftRyVaYpLLObrk3tgODL+xTIvPn
N8mYT0U02eD944iRsCawhejKqkN5rcADpeOz1ic4QfK1nelRd91uf0t7/ZKsjGxx
Qbe9rd3st3j/MV98PiiNqBvK3DAabCA09tu+3xaS92sG49rHO7FH4PWHSm/GMFzZ
M/8tZWLoCh5BV3S2i6V0NEiBmXfm90hLintz5ysoReVk2QdFx0MxjN4x9XVqf2A9
lGogdDFlpQqZxvMFAAuMMk+PvkdD/UxbM58HxFOF1kNYRpByvFYgWacPj+Q5NFfw
3n82SW4Mgpue6Rneh3WPyA8pow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:25 2024 by rpki-client on console-ams.rpki-client.org