Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/bI4hOlX8QktHrC7b8HGb4QGzIzU.roa
File:                     bI4hOlX8QktHrC7b8HGb4QGzIzU.roa (raw, json)
Hash identifier:          A9hf3E/VvTyr3R7+RA+dtA83NygnkK1A3yDydYukM5M=
Subject key identifier:   6C:8E:21:3A:55:FC:42:4B:47:AC:2E:DB:F0:71:9B:E1:01:B3:23:35
Certificate issuer:       /CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
Certificate serial:       040E2549
Authority key identifier: 31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/bI4hOlX8QktHrC7b8HGb4QGzIzU.roa
Signing time:             Thu 28 Apr 2022 12:32:16 +0000
ROA not before:           Thu 28 Apr 2022 12:32:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6830
IP address blocks:        193.223.208.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68035913 (0x40e2549)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
        Validity
            Not Before: Apr 28 12:32:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c8e213a55fc424b47ac2edbf0719be101b32335
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:20:49:51:f7:4e:ce:87:ff:3c:0f:86:fe:58:
                    cb:83:7d:b6:8b:a8:c4:81:0e:0f:fa:c7:b3:46:be:
                    77:64:db:2f:74:fd:fb:5a:86:34:95:4a:d6:46:ef:
                    74:f3:b8:df:a2:45:5e:15:2a:86:c7:4f:1b:70:37:
                    9a:45:eb:5c:50:48:9c:7c:e3:e5:a6:0d:c3:39:12:
                    f8:0e:a2:f4:99:6d:40:6b:73:f1:af:d8:36:6d:4c:
                    b4:94:55:12:11:a1:2f:d5:e7:d3:4d:10:76:29:c7:
                    f2:39:e1:02:f7:77:b1:19:8a:5e:52:fc:56:2a:4a:
                    47:5d:ef:fb:ab:93:71:ad:5b:3d:bc:05:e4:d1:d2:
                    be:ef:ad:ad:cd:08:26:b7:74:48:5d:10:d4:02:8a:
                    16:2a:c8:b7:4a:0a:7e:ae:df:78:dc:16:94:69:01:
                    e0:a2:9c:0a:9d:84:12:eb:12:05:1b:cc:38:9a:07:
                    20:8e:f4:f4:2b:6d:2d:2c:60:b7:31:29:75:b1:47:
                    77:8b:95:cb:72:3d:78:ca:2c:b5:a2:1d:01:b8:92:
                    fd:86:6b:0b:38:28:52:53:85:64:2a:a5:ea:35:a7:
                    d4:b9:24:05:de:b1:c8:e3:06:de:d0:e7:4f:48:fa:
                    2f:a7:a3:81:74:07:a9:a8:20:59:31:8d:34:46:4c:
                    40:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:8E:21:3A:55:FC:42:4B:47:AC:2E:DB:F0:71:9B:E1:01:B3:23:35
            X509v3 Authority Key Identifier:
                keyid:31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/bI4hOlX8QktHrC7b8HGb4QGzIzU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Mca7r0CfX9bXCcTX0kNEopKjyqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.223.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:21:ad:3a:38:d7:cd:d8:d7:a1:2a:dc:cb:a7:e0:27:64:ea:
         5e:c7:54:89:98:6e:1b:fc:9a:5e:07:60:cc:3a:02:eb:24:c0:
         a3:cc:f3:5b:fe:88:fa:79:46:72:ef:23:3a:e5:1f:50:23:2f:
         63:6e:a5:0d:ce:a1:9f:0b:5c:11:e3:6c:6e:b4:4b:e0:33:68:
         b0:16:cb:14:09:4a:8e:c6:0c:97:9b:d9:e1:ba:6b:ea:8e:0b:
         f2:bf:bd:0b:b0:19:6a:92:61:f9:12:f9:0a:f7:3e:87:af:2b:
         9a:1f:3a:e2:e1:44:1a:6b:e9:36:b3:08:b0:13:1f:73:92:8a:
         3e:c0:61:00:35:15:93:54:26:54:e4:50:d8:10:81:48:7c:b3:
         7d:fc:90:c0:a5:4e:7a:6b:5b:1d:b2:27:74:80:9d:c5:70:af:
         94:c2:e7:a2:39:35:40:68:39:66:c7:78:4e:0a:6b:0c:cb:dc:
         e4:3d:f8:28:a3:80:d6:43:a3:9c:ed:58:73:7e:30:e7:2c:b0:
         a8:83:6a:2f:0a:23:8d:ad:09:62:88:d3:06:fb:9f:92:84:d6:
         3e:cc:ad:80:e1:11:80:f3:6f:62:68:2f:fa:db:f4:40:33:92:
         2c:bc:f3:60:83:2a:d7:29:44:2c:e6:8e:c8:ed:21:6e:46:62:
         f2:cb:61:52
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBA4lSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MWM2YmJhZjQwOWY1ZmQ2ZDcwOWM0ZDdkMjQzNDRhMjkyYTNjYWE1MB4XDTIyMDQy
ODEyMzIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM4ZTIxM2E1NWZj
NDI0YjQ3YWMyZWRiZjA3MTliZTEwMWIzMjMzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIgSVH3Ts6H/zwPhv5Yy4N9touoxIEOD/rHs0a+d2TbL3T9
+1qGNJVK1kbvdPO436JFXhUqhsdPG3A3mkXrXFBInHzj5aYNwzkS+A6i9JltQGtz
8a/YNm1MtJRVEhGhL9Xn000QdinH8jnhAvd3sRmKXlL8VipKR13v+6uTca1bPbwF
5NHSvu+trc0IJrd0SF0Q1AKKFirIt0oKfq7feNwWlGkB4KKcCp2EEusSBRvMOJoH
II709CttLSxgtzEpdbFHd4uVy3I9eMostaIdAbiS/YZrCzgoUlOFZCql6jWn1Lkk
Bd6xyOMG3tDnT0j6L6ejgXQHqaggWTGNNEZMQHkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRsjiE6VfxCS0esLtvwcZvhAbMjNTAfBgNVHSMEGDAWgBQxxruvQJ9f1tcJ
xNfSQ0SikqPKpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01jYTdyMENmWDliWENjVFgwa05Fb3BLanlxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvY2JmOTNjLTZkZGEtNDgyNC04MDMzLTQxYzNjZjkwOGU5Ny8x
L2JJNGhPbFg4UWt0SHJDN2I4SEdiNFFHekl6VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
Y2JmOTNjLTZkZGEtNDgyNC04MDMzLTQxYzNjZjkwOGU5Ny8xL01jYTdyMENmWDli
WENjVFgwa05Fb3BLanlxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHf0DANBgkqhkiG9w0BAQsFAAOC
AQEAcCGtOjjXzdjXoSrcy6fgJ2TqXsdUiZhuG/yaXgdgzDoC6yTAo8zzW/6I+nlG
cu8jOuUfUCMvY26lDc6hnwtcEeNsbrRL4DNosBbLFAlKjsYMl5vZ4bpr6o4L8r+9
C7AZapJh+RL5Cvc+h68rmh864uFEGmvpNrMIsBMfc5KKPsBhADUVk1QmVORQ2BCB
SHyzffyQwKVOemtbHbIndICdxXCvlMLnojk1QGg5Zsd4TgprDMvc5D34KKOA1kOj
nO1Yc34w5yywqINqLwojja0JYojTBvufkoTWPsytgOERgPNvYmgv+tv0QDOSLLzz
YIMq1ylELOaOyO0hbkZi8sthUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:07 2024 by rpki-client on console-fra.rpki-client.org