Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/XnVUxsGUcYuqAIew6_y0wDNh7o0.roa
File:                     XnVUxsGUcYuqAIew6_y0wDNh7o0.roa (raw, json)
Hash identifier:          X5pseKSCd3DBGiXps2xGAk1My7J51gvOyp+kbjtgrjI=
Subject key identifier:   5E:75:54:C6:C1:94:71:8B:AA:00:87:B0:EB:FC:B4:C0:33:61:EE:8D
Certificate issuer:       /CN=c6d11b64ffe18efa42f43a6c765639dee38d027e
Certificate serial:       3BB352
Authority key identifier: C6:D1:1B:64:FF:E1:8E:FA:42:F4:3A:6C:76:56:39:DE:E3:8D:02:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/XnVUxsGUcYuqAIew6_y0wDNh7o0.roa
Signing time:             Sat 01 Jan 2022 02:56:02 +0000
ROA not before:           Sat 01 Jan 2022 02:56:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8220
IP address blocks:        193.135.254.0/24 maxlen: 24
                          193.73.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3912530 (0x3bb352)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6d11b64ffe18efa42f43a6c765639dee38d027e
        Validity
            Not Before: Jan  1 02:56:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e7554c6c194718baa0087b0ebfcb4c03361ee8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:25:83:3c:28:94:45:ae:12:ae:3e:d0:49:33:
                    70:61:6b:a1:81:fc:20:95:58:42:0f:ae:77:b0:a7:
                    81:3a:85:85:29:40:42:f1:03:c5:73:f7:82:2e:04:
                    c9:63:41:ff:87:af:38:79:7f:4f:fe:d6:b4:28:5d:
                    ac:4c:3a:90:d0:30:fc:fa:a4:d5:b7:bc:cb:71:e3:
                    46:43:1a:83:af:07:74:ec:4c:72:67:92:82:86:48:
                    6d:23:57:eb:fa:c5:eb:ea:5b:20:a6:b5:27:24:a9:
                    db:1f:b6:f4:38:59:12:ae:27:4b:3e:37:8d:36:6e:
                    fd:b3:2d:8e:ca:b4:9d:60:be:3d:58:3a:bd:4f:c9:
                    b1:01:98:51:bb:49:71:62:3d:4f:33:c4:ff:ff:4e:
                    a6:f9:a8:d0:76:a0:8e:51:f2:82:21:fb:d3:84:8c:
                    b2:7f:39:7f:b4:14:18:99:fe:ac:37:98:3b:b4:5f:
                    5f:7f:54:97:62:f5:05:17:b2:f2:3b:24:b7:90:bb:
                    9a:dc:dd:ca:3e:5d:70:d1:1c:4b:3d:cc:18:c2:45:
                    06:70:47:fc:bf:f1:2b:24:34:cf:c6:31:5e:7c:6f:
                    07:b9:f3:18:84:d1:f6:22:33:12:4f:aa:da:32:84:
                    3d:cb:74:ac:36:7d:31:68:44:2e:33:d5:0c:28:e2:
                    35:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:75:54:C6:C1:94:71:8B:AA:00:87:B0:EB:FC:B4:C0:33:61:EE:8D
            X509v3 Authority Key Identifier:
                keyid:C6:D1:1B:64:FF:E1:8E:FA:42:F4:3A:6C:76:56:39:DE:E3:8D:02:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/XnVUxsGUcYuqAIew6_y0wDNh7o0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.73.113.0/24
                  193.135.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:48:d1:32:cc:98:5d:0f:43:66:90:bc:e0:bf:7e:68:04:40:
         51:1c:3c:72:01:0c:b2:bb:1c:6c:ef:c5:60:ab:d0:b9:e1:56:
         8d:10:12:06:a1:27:b1:68:8c:8b:43:24:b8:26:b2:04:85:99:
         17:37:5e:0b:70:9d:d8:db:c7:70:9f:36:b4:8d:09:43:a4:8b:
         6f:1e:94:65:f9:f2:66:a5:18:44:8c:09:4f:55:ec:d8:dc:c5:
         71:58:ec:7c:af:18:5d:68:5b:ba:dd:1a:60:19:25:74:87:39:
         93:6d:5f:fb:3b:f4:73:5f:df:ab:3c:06:d2:08:a5:9e:e2:0e:
         94:a9:b6:7d:71:77:86:43:d6:c1:b9:ce:4a:d2:83:51:14:4d:
         c9:3d:4c:cc:1c:45:e1:fe:b6:97:10:19:56:d8:62:6e:37:f8:
         2d:2d:91:17:9e:f7:af:24:a5:21:33:10:59:cd:93:c7:f9:00:
         c8:f8:31:26:13:29:9c:96:ea:6a:97:34:24:a1:10:25:c4:41:
         ed:5d:3d:77:d8:73:14:d8:d2:b3:ee:33:ba:30:10:5c:76:8a:
         7c:3f:1d:94:d3:b1:9a:c2:83:5e:77:33:03:fb:c9:3c:37:47:
         9b:b6:12:29:1e:e4:c9:5a:2e:18:eb:e6:63:00:49:93:20:0a:
         b9:32:04:be
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDO7NSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM2
ZDExYjY0ZmZlMThlZmE0MmY0M2E2Yzc2NTYzOWRlZTM4ZDAyN2UwHhcNMjIwMTAx
MDI1NjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZTc1NTRjNmMxOTQ3
MThiYWEwMDg3YjBlYmZjYjRjMDMzNjFlZThkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA6CWDPCiURa4Srj7QSTNwYWuhgfwglVhCD653sKeBOoWFKUBC
8QPFc/eCLgTJY0H/h684eX9P/ta0KF2sTDqQ0DD8+qTVt7zLceNGQxqDrwd07Exy
Z5KChkhtI1fr+sXr6lsgprUnJKnbH7b0OFkSridLPjeNNm79sy2OyrSdYL49WDq9
T8mxAZhRu0lxYj1PM8T//06m+ajQdqCOUfKCIfvThIyyfzl/tBQYmf6sN5g7tF9f
f1SXYvUFF7LyOyS3kLua3N3KPl1w0RxLPcwYwkUGcEf8v/ErJDTPxjFefG8HufMY
hNH2IjMST6raMoQ9y3SsNn0xaEQuM9UMKOI17wIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFF51VMbBlHGLqgCHsOv8tMAzYe6NMB8GA1UdIwQYMBaAFMbRG2T/4Y76QvQ6
bHZWOd7jjQJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eHRFYlpQX2hqdnBDOURwc2RsWTUzdU9OQW40LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hNy80Y2FjNmItOGUwNS00NDhhLTgzZjctNjgzNTg1MjE1OGQ4LzEv
WG5WVXhzR1VjWXVxQUlldzZfeTB3RE5oN28wLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80
Y2FjNmItOGUwNS00NDhhLTgzZjctNjgzNTg1MjE1OGQ4LzEveHRFYlpQX2hqdnBD
OURwc2RsWTUzdU9OQW40LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwUlxAwQAwYf+MA0GCSqGSIb3DQEB
CwUAA4IBAQCLSNEyzJhdD0NmkLzgv35oBEBRHDxyAQyyuxxs78Vgq9C54VaNEBIG
oSexaIyLQyS4JrIEhZkXN14LcJ3Y28dwnza0jQlDpItvHpRl+fJmpRhEjAlPVezY
3MVxWOx8rxhdaFu63RpgGSV0hzmTbV/7O/RzX9+rPAbSCKWe4g6UqbZ9cXeGQ9bB
uc5K0oNRFE3JPUzMHEXh/raXEBlW2GJuN/gtLZEXnvevJKUhMxBZzZPH+QDI+DEm
EymclupqlzQkoRAlxEHtXT132HMU2NKz7jO6MBBcdop8Px2U07GawoNedzMD+8k8
N0ebthIpHuTJWi4Y6+ZjAEmTIAq5MgS+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:58 2024 by rpki-client on console-ams.rpki-client.org