Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/cks0jmcv_EYF4AgQ-4xL4nXHPmQ.roa
File:                     cks0jmcv_EYF4AgQ-4xL4nXHPmQ.roa (raw, json)
Hash identifier:          T+/f/DxMciV4PPZru8lHpFitI9RjVroWEGX5d2bWRGQ=
Subject key identifier:   72:4B:34:8E:67:2F:FC:46:05:E0:08:10:FB:8C:4B:E2:75:C7:3E:64
Certificate issuer:       /CN=854bb7aa3908c998de3c42f7e1849538b0592617
Certificate serial:       0182EE4CB6A5B3FF17C0836A3807645B9AAC
Authority key identifier: 85:4B:B7:AA:39:08:C9:98:DE:3C:42:F7:E1:84:95:38:B0:59:26:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUu3qjkIyZjePEL34YSVOLBZJhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/cks0jmcv_EYF4AgQ-4xL4nXHPmQ.roa
Signing time:             Tue 30 Aug 2022 10:29:41 +0000
ROA not before:           Tue 30 Aug 2022 10:29:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205847
IP address blocks:        193.36.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ee:4c:b6:a5:b3:ff:17:c0:83:6a:38:07:64:5b:9a:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=854bb7aa3908c998de3c42f7e1849538b0592617
        Validity
            Not Before: Aug 30 10:29:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=724b348e672ffc4605e00810fb8c4be275c73e64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:54:da:79:c4:8f:39:3d:67:48:75:ed:fe:db:
                    7d:31:bd:00:54:42:8f:77:f7:6d:a0:df:42:fd:4e:
                    da:21:b2:18:c5:2f:4d:68:fd:8c:7a:a4:a0:7f:66:
                    2e:3b:b4:35:bf:41:13:85:59:fb:b4:f2:b6:02:fe:
                    c8:ce:e8:51:87:15:2f:02:65:67:db:00:ce:da:5e:
                    1d:ed:9a:df:40:b0:ee:f8:64:d2:c6:e6:c4:c6:68:
                    92:c2:e2:53:7f:56:b4:d8:42:8f:ff:c9:d0:1c:2d:
                    f1:45:dd:62:aa:7a:75:0a:06:52:01:af:68:c9:21:
                    87:31:ff:a7:e3:2c:28:58:c1:c6:04:a1:5e:8c:0b:
                    17:a2:1d:7f:10:e9:73:94:3d:29:96:74:01:a7:de:
                    03:ce:c8:f6:4d:66:92:85:58:05:50:23:b7:83:35:
                    22:79:fd:c8:c1:30:59:f3:a6:ab:6f:fe:3f:2e:8a:
                    94:0d:66:0e:b0:10:7e:50:31:96:a2:63:97:77:4d:
                    15:f1:8d:52:8a:ca:98:e9:62:d2:3b:5d:68:54:51:
                    38:bd:d3:b1:cf:4a:19:cb:7c:e4:f6:24:b1:69:98:
                    16:70:04:42:fb:ce:90:fa:3f:d6:56:9e:6a:d4:b9:
                    a7:ba:d7:24:60:15:cd:5a:a5:76:11:3e:ea:0b:1b:
                    0f:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:4B:34:8E:67:2F:FC:46:05:E0:08:10:FB:8C:4B:E2:75:C7:3E:64
            X509v3 Authority Key Identifier:
                keyid:85:4B:B7:AA:39:08:C9:98:DE:3C:42:F7:E1:84:95:38:B0:59:26:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUu3qjkIyZjePEL34YSVOLBZJhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/cks0jmcv_EYF4AgQ-4xL4nXHPmQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/965826-eb93-470e-b67a-64e52b9dd8d1/1/hUu3qjkIyZjePEL34YSVOLBZJhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.36.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:a9:b7:95:60:5f:fa:a5:8d:15:4e:ad:ce:e9:71:44:76:e5:
         e3:43:7d:51:d6:10:9b:3e:67:3a:5e:d2:62:bc:0e:fe:bb:0e:
         50:3b:71:66:77:28:70:a2:84:d7:57:54:5e:74:fb:da:29:4b:
         24:bc:00:1e:4e:ac:13:d6:40:59:01:3d:43:5f:34:31:d7:73:
         5a:c4:44:e6:31:f2:de:81:5c:2b:7e:ae:16:28:77:63:37:74:
         82:bb:6e:f5:52:ca:c2:a9:50:01:74:b6:14:06:3b:ef:e3:6a:
         d2:9f:f1:7b:e0:e9:16:82:03:50:89:0b:43:89:1f:06:02:7b:
         fc:e1:86:df:11:cf:0b:e8:72:cd:6e:5b:ee:1e:31:f2:73:14:
         28:a3:a1:bb:93:4f:12:04:b4:b2:2f:35:81:68:d5:63:d9:fc:
         b7:c2:6e:f7:4f:1e:b9:f0:83:bb:45:0c:78:3b:b5:f3:e7:a3:
         df:8f:6b:e4:ab:86:8d:02:15:c1:00:12:7f:69:f4:4c:89:0f:
         c7:df:3d:59:fb:7d:a1:1d:a6:88:d7:ea:10:40:e2:2d:cf:86:
         85:f1:5e:3c:01:ea:c7:8b:2c:3e:c0:33:4c:c0:86:85:23:72:
         a6:1e:02:d0:40:f6:d6:1b:3a:94:f2:67:f8:9d:24:32:89:e2:
         d7:bd:e3:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLuTLals/8XwINqOAdkW5qsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGJiN2FhMzkwOGM5OThkZTNjNDJmN2UxODQ5NTM4YjA1
OTI2MTcwHhcNMjIwODMwMTAyOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjRiMzQ4ZTY3MmZmYzQ2MDVlMDA4MTBmYjhjNGJlMjc1YzczZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1TaecSPOT1nSHXt/tt9Mb0AVEKP
d/dtoN9C/U7aIbIYxS9NaP2MeqSgf2YuO7Q1v0EThVn7tPK2Av7IzuhRhxUvAmVn
2wDO2l4d7ZrfQLDu+GTSxubExmiSwuJTf1a02EKP/8nQHC3xRd1iqnp1CgZSAa9o
ySGHMf+n4ywoWMHGBKFejAsXoh1/EOlzlD0plnQBp94Dzsj2TWaShVgFUCO3gzUi
ef3IwTBZ86arb/4/LoqUDWYOsBB+UDGWomOXd00V8Y1SisqY6WLSO11oVFE4vdOx
z0oZy3zk9iSxaZgWcARC+86Q+j/WVp5q1LmnutckYBXNWqV2ET7qCxsPMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJLNI5nL/xGBeAIEPuMS+J1xz5kMB8GA1UdIwQY
MBaAFIVLt6o5CMmY3jxC9+GElTiwWSYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV1M3Fqa0l5WmplUEVMMzRZU1ZPTEJaSmhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NjU4MjYtZWI5My00NzBlLWI2N2Et
NjRlNTJiOWRkOGQxLzEvY2tzMGptY3ZfRVlGNEFnUS00eEw0blhIUG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NjU4MjYtZWI5My00NzBlLWI2N2EtNjRlNTJiOWRkOGQx
LzEvaFV1M3Fqa0l5WmplUEVMMzRZU1ZPTEJaSmhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSQhMA0G
CSqGSIb3DQEBCwUAA4IBAQACqbeVYF/6pY0VTq3O6XFEduXjQ31R1hCbPmc6XtJi
vA7+uw5QO3FmdyhwooTXV1RedPvaKUskvAAeTqwT1kBZAT1DXzQx13NaxETmMfLe
gVwrfq4WKHdjN3SCu271UsrCqVABdLYUBjvv42rSn/F74OkWggNQiQtDiR8GAnv8
4YbfEc8L6HLNblvuHjHycxQoo6G7k08SBLSyLzWBaNVj2fy3wm73Tx658IO7RQx4
O7Xz56Pfj2vkq4aNAhXBABJ/afRMiQ/H3z1Z+32hHaaI1+oQQOItz4aF8V48AerH
iyw+wDNMwIaFI3KmHgLQQPbWGzqU8mf4nSQyieLXveO8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org