Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/vBovhcun0uAJmPDtFVvm8h_xHJk.roa
File:                     vBovhcun0uAJmPDtFVvm8h_xHJk.roa (raw, json)
Hash identifier:          OGvh3Wr7bzF9EBsOzfZZm5Yn+sljkbLjh1BX/WrqetU=
Subject key identifier:   BC:1A:2F:85:CB:A7:D2:E0:09:98:F0:ED:15:5B:E6:F2:1F:F1:1C:99
Certificate issuer:       /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial:       059EC1ED
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/vBovhcun0uAJmPDtFVvm8h_xHJk.roa
Signing time:             Sat 01 Jan 2022 07:04:02 +0000
ROA not before:           Sat 01 Jan 2022 07:04:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50939
IP address blocks:        93.174.166.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94290413 (0x59ec1ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
        Validity
            Not Before: Jan  1 07:04:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bc1a2f85cba7d2e00998f0ed155be6f21ff11c99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:fa:a6:73:75:0d:91:8e:8c:2b:11:e0:7d:5a:
                    eb:5e:40:33:23:9b:e2:2b:4c:18:0d:16:c2:d4:6e:
                    44:4d:c5:74:8f:a8:e5:d6:2b:c9:50:cd:7d:43:53:
                    5a:c0:49:7d:8b:b0:ee:ca:5f:55:7b:de:fc:0a:df:
                    d5:e3:6a:61:83:df:fe:c9:25:5a:fc:9c:0d:08:5a:
                    c4:37:3a:b8:61:1b:07:50:ec:4f:21:7a:7c:8f:54:
                    f7:61:b9:dc:02:17:4b:55:6d:6d:51:f6:0a:f8:2b:
                    c9:17:27:aa:44:f9:29:cf:38:64:53:81:3e:67:a4:
                    57:be:3e:96:e2:8e:0e:f3:35:5a:a9:9a:2e:df:5e:
                    48:07:dd:f0:37:fc:21:f7:1f:d2:ad:3b:eb:8c:9d:
                    b2:54:a2:88:d0:1c:ba:1f:4d:bd:d5:85:e3:a8:2c:
                    8f:fd:a1:05:73:9a:bb:04:46:48:ae:d1:1e:12:c3:
                    f3:d8:c3:94:74:f1:26:15:d8:04:e2:2d:c7:3f:63:
                    6e:0f:b0:74:ea:fc:89:38:19:cd:2e:4d:70:69:fc:
                    7b:80:49:79:52:ec:05:ff:b4:39:2e:41:fc:fb:2b:
                    1d:ac:67:5d:32:47:ee:d6:2f:28:d5:f3:8e:d2:77:
                    1c:b1:b5:f0:9f:ff:82:ef:b6:36:1a:8d:9b:8b:dc:
                    38:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:1A:2F:85:CB:A7:D2:E0:09:98:F0:ED:15:5B:E6:F2:1F:F1:1C:99
            X509v3 Authority Key Identifier:
                keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/vBovhcun0uAJmPDtFVvm8h_xHJk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.174.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:c2:7a:06:1e:48:f7:32:a6:4a:3f:4e:71:d5:49:d2:80:07:
         aa:c5:dc:26:1e:3a:06:b2:b5:6e:12:2f:c6:e2:24:13:6e:6b:
         df:7e:46:5e:cd:b4:d6:29:d8:b5:32:15:5e:1d:05:34:ee:33:
         f1:81:5f:66:9c:71:72:3e:47:51:25:f2:8c:87:3f:2e:b7:ac:
         21:31:30:2a:d8:73:6d:a1:bb:ba:80:95:7b:0b:e3:bc:d0:8c:
         d2:30:8f:29:d7:79:41:e6:ed:e6:4d:57:89:44:e0:d8:99:a3:
         3f:1f:ab:a6:08:2d:07:ae:2e:c7:47:e6:bd:7a:31:96:8b:51:
         4f:17:23:ac:df:1a:5e:c0:ae:91:70:39:8d:73:32:5a:55:af:
         b8:d2:b5:1d:5a:22:73:71:8b:53:59:78:17:ab:02:58:69:d8:
         81:c5:11:5d:51:b0:88:1f:62:19:74:0f:c6:6c:2b:99:e1:70:
         e8:37:30:90:fd:5b:f2:0a:f7:c5:df:93:63:78:2e:3c:58:7b:
         2c:7a:5e:ea:e1:35:b9:45:e1:d1:d1:ed:b8:bb:7c:6b:88:0b:
         11:6d:88:bc:b4:07:c7:dc:fe:2a:5f:eb:2b:a0:8f:9c:bb:13:
         a5:75:89:35:4b:4a:73:68:ae:96:ef:24:2d:fa:d9:70:8b:0b:
         87:af:69:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBZ7B7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2VmNThkNGNmYTM1NTQzZjg0ODhhMjc1NmU2OTI0ZTY0N2I0NTg5MB4XDTIyMDEw
MTA3MDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmMxYTJmODVjYmE3
ZDJlMDA5OThmMGVkMTU1YmU2ZjIxZmYxMWM5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKz6pnN1DZGOjCsR4H1a615AMyOb4itMGA0WwtRuRE3FdI+o
5dYryVDNfUNTWsBJfYuw7spfVXve/Arf1eNqYYPf/sklWvycDQhaxDc6uGEbB1Ds
TyF6fI9U92G53AIXS1VtbVH2CvgryRcnqkT5Kc84ZFOBPmekV74+luKODvM1Wqma
Lt9eSAfd8Df8Ifcf0q0764ydslSiiNAcuh9NvdWF46gsj/2hBXOauwRGSK7RHhLD
89jDlHTxJhXYBOItxz9jbg+wdOr8iTgZzS5NcGn8e4BJeVLsBf+0OS5B/PsrHaxn
XTJH7tYvKNXzjtJ3HLG18J//gu+2NhqNm4vcOMMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS8Gi+Fy6fS4AmY8O0VW+byH/EcmTAfBgNVHSMEGDAWgBTc71jUz6NVQ/hI
iidW5pJOZHtFiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8x
L3ZCb3ZoY3VuMHVBSm1QRHRGVnZtOGhfeEhKay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8xLzNPOVkxTS1qVlVQ
NFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF2upjANBgkqhkiG9w0BAQsFAAOC
AQEAQ8J6Bh5I9zKmSj9OcdVJ0oAHqsXcJh46BrK1bhIvxuIkE25r335GXs201inY
tTIVXh0FNO4z8YFfZpxxcj5HUSXyjIc/LresITEwKthzbaG7uoCVewvjvNCM0jCP
Kdd5Qebt5k1XiUTg2JmjPx+rpggtB64ux0fmvXoxlotRTxcjrN8aXsCukXA5jXMy
WlWvuNK1HVoic3GLU1l4F6sCWGnYgcURXVGwiB9iGXQPxmwrmeFw6DcwkP1b8gr3
xd+TY3guPFh7LHpe6uE1uUXh0dHtuLt8a4gLEW2IvLQHx9z+Kl/rK6CPnLsTpXWJ
NUtKc2iulu8kLfrZcIsLh69pYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:43 2024 by rpki-client on console-ams.rpki-client.org