Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/PRXhXUQZEnDt4PfCgu7Kc1hBhQY.roa
File:                     PRXhXUQZEnDt4PfCgu7Kc1hBhQY.roa (raw, json)
Hash identifier:          UJW5coZfrJt9JvjGBAlMMUdEqnbNVCNSVmzwv4ZD5pM=
Subject key identifier:   3D:15:E1:5D:44:19:12:70:ED:E0:F7:C2:82:EE:CA:73:58:41:85:06
Certificate issuer:       /CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
Certificate serial:       0142C5F8
Authority key identifier: 6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/PRXhXUQZEnDt4PfCgu7Kc1hBhQY.roa
Signing time:             Sat 01 Jan 2022 05:06:24 +0000
ROA not before:           Sat 01 Jan 2022 05:06:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15806
IP address blocks:        193.178.96.0/20 maxlen: 24
                          193.178.64.0/19 maxlen: 24
                          2a01:88::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21153272 (0x142c5f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
        Validity
            Not Before: Jan  1 05:06:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d15e15d44191270ede0f7c282eeca7358418506
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ad:5a:23:79:eb:15:0b:79:52:78:67:39:6f:
                    ce:69:3e:28:1f:99:8c:67:72:4f:85:c9:91:35:e8:
                    69:dd:d8:c6:d2:be:19:bc:2b:a0:7d:45:30:07:36:
                    05:19:42:3b:54:ae:08:6d:6c:98:0d:e1:98:c1:61:
                    40:55:f7:dc:63:7c:7c:21:df:c4:46:34:43:2c:8e:
                    e6:8c:e9:6e:10:54:b6:40:77:95:a9:e8:21:28:c1:
                    37:37:ba:b5:14:4c:9c:40:57:a2:7d:13:8b:e9:79:
                    2c:61:06:3e:d1:15:81:9c:c6:2f:05:f5:07:0d:cd:
                    42:93:07:7a:67:0e:eb:f0:6d:4c:42:67:f0:89:d4:
                    12:13:34:93:7a:fb:7b:a4:80:fc:07:ae:3d:1a:34:
                    f2:1a:13:eb:4e:d8:3a:7d:b3:89:81:18:ca:ab:05:
                    38:82:79:49:4b:6b:5a:6d:97:ec:16:e1:c4:64:71:
                    a3:f7:ea:33:af:70:1a:f7:ca:cf:42:7e:a0:08:f0:
                    38:75:c1:c0:90:c9:6b:82:69:97:c2:0f:28:93:8a:
                    64:33:f6:12:86:42:58:a7:83:59:6c:e9:27:56:78:
                    97:04:c6:b7:b4:18:aa:a5:18:ac:ef:cd:a9:0e:0d:
                    22:5d:62:55:80:84:a8:a9:0c:2a:34:cf:6d:e5:4f:
                    9c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:15:E1:5D:44:19:12:70:ED:E0:F7:C2:82:EE:CA:73:58:41:85:06
            X509v3 Authority Key Identifier:
                keyid:6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/PRXhXUQZEnDt4PfCgu7Kc1hBhQY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.64.0-193.178.111.255
                IPv6:
                  2a01:88::/32

    Signature Algorithm: sha256WithRSAEncryption
         56:ab:76:f0:bf:bc:31:50:f1:6f:e6:4e:f3:bd:76:e1:0d:f1:
         92:10:5c:4c:3f:88:e8:5a:44:6e:67:b0:ee:09:9f:43:27:ba:
         93:31:b3:c1:d6:7b:40:ad:64:38:64:42:df:d2:43:f1:33:81:
         7f:8a:7e:95:45:a0:c8:73:5b:46:5a:a8:0f:58:ae:9c:ab:1d:
         1b:a2:46:33:57:94:9f:15:fc:71:f6:b6:c2:a4:32:7f:15:88:
         4f:73:34:78:b7:4c:31:3d:92:12:d5:f9:c8:04:4e:e4:72:a2:
         d7:37:5e:8f:e2:d2:cb:b2:0a:26:3a:b5:b3:f0:e7:96:65:f6:
         61:3b:7b:65:d0:8e:d8:ad:10:b0:65:e8:14:98:91:75:9b:18:
         40:b9:e5:23:03:02:cd:c2:90:5c:75:6a:ce:e8:49:8b:45:79:
         c0:fc:7e:94:81:3f:c4:ee:f2:98:cf:5c:5b:26:51:50:14:a1:
         06:cc:e1:15:91:90:f1:06:f5:ed:12:ad:05:c8:0e:83:dc:2e:
         b4:65:76:ee:59:51:39:88:df:56:18:04:7b:54:64:eb:20:f7:
         00:7a:f3:a5:64:93:7b:61:4a:13:96:f9:bc:26:c1:ff:1e:4c:
         80:82:b9:44:c3:7e:b3:ac:fd:2b:27:69:3c:52:c5:bc:c2:6f:
         08:3b:9c:a4
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEAULF+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzczYTA0YTdkMGViMmRmNDdkYWYwYzM5ZmJhNzVlMzY1Yzg4NTNkMB4XDTIyMDEw
MTA1MDYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QxNWUxNWQ0NDE5
MTI3MGVkZTBmN2MyODJlZWNhNzM1ODQxODUwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCtWiN56xULeVJ4Zzlvzmk+KB+ZjGdyT4XJkTXoad3YxtK+
GbwroH1FMAc2BRlCO1SuCG1smA3hmMFhQFX33GN8fCHfxEY0QyyO5ozpbhBUtkB3
lanoISjBNze6tRRMnEBXon0Ti+l5LGEGPtEVgZzGLwX1Bw3NQpMHemcO6/BtTEJn
8InUEhM0k3r7e6SA/AeuPRo08hoT607YOn2ziYEYyqsFOIJ5SUtrWm2X7BbhxGRx
o/fqM69wGvfKz0J+oAjwOHXBwJDJa4Jpl8IPKJOKZDP2EoZCWKeDWWzpJ1Z4lwTG
t7QYqqUYrO/NqQ4NIl1iVYCEqKkMKjTPbeVPnDkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQ9FeFdRBkScO3g98KC7spzWEGFBjAfBgNVHSMEGDAWgBRsc6BKfQ6y30fa
8MOfunXjZciFPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JIT2dTbjBPc3Q5SDJ2RERuN3AxNDJYSWhUMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNDJhZjFlLWQ1NTMtNGZlNi05ZmMzLWY5NjMzMjkyYzk3Ny8x
L1BSWGhYVVFaRW5EdDRQZkNndTdLYzFoQmhRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NDJhZjFlLWQ1NTMtNGZlNi05ZmMzLWY5NjMzMjkyYzk3Ny8xL2JIT2dTbjBPc3Q5
SDJ2RERuN3AxNDJYSWhUMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQGwbJAAwQEwbJgMA0EAgACMAcD
BQAqAQCIMA0GCSqGSIb3DQEBCwUAA4IBAQBWq3bwv7wxUPFv5k7zvXbhDfGSEFxM
P4joWkRuZ7DuCZ9DJ7qTMbPB1ntArWQ4ZELf0kPxM4F/in6VRaDIc1tGWqgPWK6c
qx0bokYzV5SfFfxx9rbCpDJ/FYhPczR4t0wxPZIS1fnIBE7kcqLXN16P4tLLsgom
OrWz8OeWZfZhO3tl0I7YrRCwZegUmJF1mxhAueUjAwLNwpBcdWrO6EmLRXnA/H6U
gT/E7vKYz1xbJlFQFKEGzOEVkZDxBvXtEq0FyA6D3C60ZXbuWVE5iN9WGAR7VGTr
IPcAevOlZJN7YUoTlvm8JsH/HkyAgrlEw36zrP0rJ2k8UsW8wm8IO5yk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:46 2024 by rpki-client on console-ams.rpki-client.org