Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/g41JH6bxFjDVrBA0g7tESrcsfPE.roa
File:                     g41JH6bxFjDVrBA0g7tESrcsfPE.roa (raw, json)
Hash identifier:          LEl+DclA6mIf3quSq84A4vgxKDVQ2SOaIG1T4rufKQY=
Subject key identifier:   83:8D:49:1F:A6:F1:16:30:D5:AC:10:34:83:BB:44:4A:B7:2C:7C:F1
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       0181FB249ECF03E53D7D523277249FAA800A
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/g41JH6bxFjDVrBA0g7tESrcsfPE.roa
Signing time:             Thu 14 Jul 2022 05:18:09 +0000
ROA not before:           Thu 14 Jul 2022 05:18:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210993
IP address blocks:        193.232.65.0/24 maxlen: 24
                          62.76.141.0/24 maxlen: 24
                          194.226.42.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:fb:24:9e:cf:03:e5:3d:7d:52:32:77:24:9f:aa:80:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Jul 14 05:18:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=838d491fa6f11630d5ac103483bb444ab72c7cf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:40:26:89:14:c7:6c:83:df:5e:3d:f5:5c:94:
                    20:2f:2a:c9:09:5b:1c:cd:59:c7:ae:31:72:6f:17:
                    c6:05:85:18:c4:da:bf:d5:62:1f:25:a4:f7:bb:6b:
                    5c:f3:48:f0:24:53:ae:1c:9f:c7:e4:00:3f:ec:af:
                    f3:b5:22:93:c4:97:e2:63:00:e2:d1:23:fc:3f:80:
                    32:14:cf:12:e2:6c:33:95:f5:24:0a:5e:63:7d:56:
                    b3:e6:b3:c2:16:dc:d3:23:4e:0f:b3:42:68:ea:45:
                    22:82:67:79:c1:ac:fc:06:20:f9:8e:04:0c:68:e7:
                    d4:a1:93:0d:06:da:26:c4:f8:23:e9:10:e2:6e:01:
                    2b:12:4a:48:66:29:f8:47:fb:7f:1d:51:85:65:55:
                    8a:ca:2b:13:4e:10:b4:96:1f:6a:60:02:e5:e2:41:
                    17:16:9b:32:a2:24:d0:72:a4:92:33:62:ca:7a:76:
                    4b:d4:70:32:aa:e9:0a:9c:e1:ab:80:f3:23:dc:22:
                    3e:d6:57:48:a4:ce:69:98:30:33:bb:a6:ec:e5:31:
                    5b:12:7d:92:f7:e1:e0:96:1b:f8:4c:e5:51:fb:23:
                    3e:81:47:99:4f:c7:83:0c:90:74:80:54:67:bc:8f:
                    f3:86:71:22:41:71:bc:c6:81:75:16:e1:83:8c:64:
                    2e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:8D:49:1F:A6:F1:16:30:D5:AC:10:34:83:BB:44:4A:B7:2C:7C:F1
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/g41JH6bxFjDVrBA0g7tESrcsfPE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.141.0/24
                  193.232.65.0/24
                  194.226.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:8d:62:f0:2c:d8:3e:34:39:c5:a2:88:c1:8a:78:0c:cf:c8:
         39:1d:33:db:57:97:f5:1c:d5:37:e8:ab:76:54:b3:21:48:94:
         3c:45:80:08:a4:fc:6e:dd:23:06:db:45:2d:48:03:da:9d:a2:
         f2:c8:96:56:90:f1:16:ad:6c:69:b6:aa:c4:5c:2a:9d:8f:ea:
         c2:3d:52:66:bd:27:cb:de:1f:2a:c3:92:13:c1:72:32:bb:b0:
         3e:26:85:a1:9d:39:29:ab:69:80:7b:dc:db:99:bb:11:72:d8:
         a4:66:97:4e:42:2b:88:a3:c6:4a:36:9a:d0:24:81:26:1e:5f:
         1a:7a:e2:06:d2:f6:81:ad:49:c0:1c:35:be:0c:dc:49:f5:37:
         6c:ba:40:b5:c3:9e:02:d7:01:97:ef:24:ae:34:72:ec:2d:a9:
         4b:17:ac:73:b8:3f:48:7f:df:27:2b:e4:5a:c0:28:7d:d7:d6:
         ee:ff:58:87:e9:79:59:e7:89:e3:25:6c:bb:0e:37:6f:38:58:
         c6:6b:b4:f7:40:9c:a6:ea:4b:30:e9:8a:32:a0:e3:ec:0b:db:
         a9:ae:8d:16:55:f1:57:41:af:a3:88:9e:2d:c8:e9:8a:bf:f7:
         11:95:01:35:9b:f8:35:4c:81:3d:1d:a1:7d:b3:93:85:b6:2d:
         a4:e8:d7:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYH7JJ7PA+U9fVIydySfqoAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjIwNzE0MDUxODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhkNDkxZmE2ZjExNjMwZDVhYzEwMzQ4M2JiNDQ0YWI3MmM3Y2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUAmiRTHbIPfXj31XJQgLyrJCVsc
zVnHrjFybxfGBYUYxNq/1WIfJaT3u2tc80jwJFOuHJ/H5AA/7K/ztSKTxJfiYwDi
0SP8P4AyFM8S4mwzlfUkCl5jfVaz5rPCFtzTI04Ps0Jo6kUigmd5waz8BiD5jgQM
aOfUoZMNBtomxPgj6RDibgErEkpIZin4R/t/HVGFZVWKyisTThC0lh9qYALl4kEX
FpsyoiTQcqSSM2LKenZL1HAyqukKnOGrgPMj3CI+1ldIpM5pmDAzu6bs5TFbEn2S
9+Hglhv4TOVR+yM+gUeZT8eDDJB0gFRnvI/zhnEiQXG8xoF1FuGDjGQuCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIONSR+m8RYw1awQNIO7REq3LHzxMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvZzQxSkg2YnhGakRWckJBMGc3dEVTcmNzZlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPkyNAwQA
wehBAwQAwuIqMA0GCSqGSIb3DQEBCwUAA4IBAQABjWLwLNg+NDnFoojBingMz8g5
HTPbV5f1HNU36Kt2VLMhSJQ8RYAIpPxu3SMG20UtSAPanaLyyJZWkPEWrWxptqrE
XCqdj+rCPVJmvSfL3h8qw5ITwXIyu7A+JoWhnTkpq2mAe9zbmbsRctikZpdOQiuI
o8ZKNprQJIEmHl8aeuIG0vaBrUnAHDW+DNxJ9TdsukC1w54C1wGX7ySuNHLsLalL
F6xzuD9If98nK+RawCh919bu/1iH6XlZ54njJWy7DjdvOFjGa7T3QJym6ksw6Yoy
oOPsC9upro0WVfFXQa+jiJ4tyOmKv/cRlQE1m/g1TIE9HaF9s5OFti2k6NdQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org