Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/xL7OUYDWrhkTUKKoVMCSoikymkM.roa
File:                     xL7OUYDWrhkTUKKoVMCSoikymkM.roa (raw, json)
Hash identifier:          kYwuFToirGdO/52EdYu0WMsXdfxx2ztipWjhnaAod9Y=
Subject key identifier:   C4:BE:CE:51:80:D6:AE:19:13:50:A2:A8:54:C0:92:A2:29:32:9A:43
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       01821668CDB048D84AF4AD957243686A509C
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/xL7OUYDWrhkTUKKoVMCSoikymkM.roa
Signing time:             Tue 19 Jul 2022 12:22:23 +0000
ROA not before:           Tue 19 Jul 2022 12:22:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8562
IP address blocks:        193.154.144.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:16:68:cd:b0:48:d8:4a:f4:ad:95:72:43:68:6a:50:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Jul 19 12:22:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c4bece5180d6ae191350a2a854c092a229329a43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:4c:d0:9c:25:c4:e0:39:5d:4a:47:ec:d5:2c:
                    ba:f5:21:89:ed:eb:23:e9:45:da:18:69:93:e6:30:
                    9b:d4:f8:47:b9:fc:a3:15:57:25:df:14:75:9d:85:
                    01:ff:b8:d2:e2:18:38:83:7a:f4:27:8f:74:5d:98:
                    e2:1b:be:f5:13:9d:68:0a:45:1c:81:9f:48:67:1c:
                    8d:a8:55:2d:05:a0:d3:0d:5b:d0:72:b8:9b:61:c0:
                    f3:e1:78:a1:9e:1c:25:72:ec:a5:26:44:98:c2:e4:
                    9e:67:68:37:b4:bf:af:85:93:f1:bd:ae:a4:ae:9f:
                    cc:6a:ad:f7:7c:df:dc:ea:13:b9:06:99:a5:99:40:
                    bf:59:88:64:5b:c8:15:17:95:9a:c6:cc:27:8d:6b:
                    31:27:fe:7f:2b:73:94:4b:a8:44:f7:4d:80:38:e8:
                    ba:ab:8d:3e:9f:da:6b:69:eb:b6:79:d5:d8:77:1a:
                    90:05:21:a2:ca:61:ee:56:1d:b0:8a:66:0c:71:b9:
                    85:53:97:76:ab:0b:a3:ae:21:c9:11:c7:55:e4:b6:
                    43:70:0a:4f:2a:76:61:0e:53:b4:58:71:45:6c:78:
                    40:36:1a:f7:06:93:a0:77:33:89:70:a6:40:7c:6f:
                    ec:31:00:7d:be:2a:b1:12:c3:c6:49:9d:51:02:94:
                    b3:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:BE:CE:51:80:D6:AE:19:13:50:A2:A8:54:C0:92:A2:29:32:9A:43
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/xL7OUYDWrhkTUKKoVMCSoikymkM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.154.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         af:5f:34:9b:79:00:7b:80:b5:67:2a:86:7f:8e:ff:9c:dd:b1:
         cd:36:8a:b1:a7:d9:f5:1d:2f:84:22:bc:8f:5b:36:ea:e2:49:
         4b:9f:f2:ac:ef:95:2b:72:c1:4b:b1:71:d6:9c:e2:47:e5:14:
         89:18:f8:ee:73:e4:59:42:27:1c:cd:48:65:8c:cc:d8:58:5d:
         22:84:c3:d2:d3:0e:bc:05:c2:cf:e2:a6:89:7d:9e:44:b3:22:
         66:af:45:06:fb:a9:17:ca:43:ce:64:6e:34:98:f6:23:47:d8:
         63:60:a8:bb:20:3f:5b:f9:d8:73:8a:10:7f:55:ec:ae:41:e7:
         2a:03:11:07:7a:9d:a0:0d:32:3f:5c:b7:93:c3:0b:1c:6e:44:
         ee:e5:40:79:01:ea:3a:9a:3f:d0:21:5c:db:00:cb:25:07:b4:
         d8:39:d6:fa:e4:b8:0e:52:e2:fa:39:17:22:0a:44:f8:e3:82:
         15:df:a2:39:23:f5:bd:c7:21:f1:7d:34:e5:df:82:b7:41:73:
         aa:fa:f1:af:b0:d1:66:8c:f7:de:9b:3f:b9:af:0b:94:60:78:
         e1:e4:14:f5:b2:28:02:de:b6:97:dd:e0:29:f8:5f:e0:7a:c4:
         fe:60:26:ad:3e:a6:c8:cf:37:1d:71:8a:0b:ba:b2:7a:79:db:
         86:41:a6:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIWaM2wSNhK9K2VckNoalCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIwNzE5MTIyMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGJlY2U1MTgwZDZhZTE5MTM1MGEyYTg1NGMwOTJhMjI5MzI5YTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUzQnCXE4DldSkfs1Sy69SGJ7esj
6UXaGGmT5jCb1PhHufyjFVcl3xR1nYUB/7jS4hg4g3r0J490XZjiG771E51oCkUc
gZ9IZxyNqFUtBaDTDVvQcribYcDz4XihnhwlcuylJkSYwuSeZ2g3tL+vhZPxva6k
rp/Maq33fN/c6hO5BpmlmUC/WYhkW8gVF5WaxswnjWsxJ/5/K3OUS6hE902AOOi6
q40+n9praeu2edXYdxqQBSGiymHuVh2wimYMcbmFU5d2qwujriHJEcdV5LZDcApP
KnZhDlO0WHFFbHhANhr3BpOgdzOJcKZAfG/sMQB9viqxEsPGSZ1RApSzOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMS+zlGA1q4ZE1CiqFTAkqIpMppDMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEveEw3T1VZRFdyaGtUVUtLb1ZNQ1NvaWt5bWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwZqQMA0G
CSqGSIb3DQEBCwUAA4IBAQCvXzSbeQB7gLVnKoZ/jv+c3bHNNoqxp9n1HS+EIryP
Wzbq4klLn/Ks75UrcsFLsXHWnOJH5RSJGPjuc+RZQicczUhljMzYWF0ihMPS0w68
BcLP4qaJfZ5EsyJmr0UG+6kXykPOZG40mPYjR9hjYKi7ID9b+dhzihB/VeyuQecq
AxEHep2gDTI/XLeTwwscbkTu5UB5Aeo6mj/QIVzbAMslB7TYOdb65LgOUuL6ORci
CkT444IV36I5I/W9xyHxfTTl34K3QXOq+vGvsNFmjPfemz+5rwuUYHjh5BT1sigC
3raX3eAp+F/gesT+YCatPqbIzzcdcYoLurJ6eduGQaZX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org