Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/xavW8507XZCwh0GUBOt3V4mLeUc.roa
File:                     xavW8507XZCwh0GUBOt3V4mLeUc.roa (raw, json)
Hash identifier:          /pJJQDLVnU68cJ+gwO4b+otaZ8xK10dsZjPCZN1MJuI=
Subject key identifier:   C5:AB:D6:F3:9D:3B:5D:90:B0:87:41:94:04:EB:77:57:89:8B:79:47
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       0182164A9698FBB7D68C9E1F529495827D50
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/xavW8507XZCwh0GUBOt3V4mLeUc.roa
Signing time:             Tue 19 Jul 2022 11:49:23 +0000
ROA not before:           Tue 19 Jul 2022 11:49:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1901
IP address blocks:        194.152.160.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:16:4a:96:98:fb:b7:d6:8c:9e:1f:52:94:95:82:7d:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Jul 19 11:49:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c5abd6f39d3b5d90b087419404eb7757898b7947
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:07:d2:a7:84:67:64:fc:3d:bb:20:cf:91:74:
                    b0:07:ca:66:62:35:5d:d0:a5:bd:17:21:36:aa:43:
                    fe:9a:3b:c5:18:12:4f:df:f1:05:5b:79:3a:bc:2f:
                    5b:ba:b6:16:63:db:8e:e4:89:67:b1:fa:e7:87:16:
                    91:17:66:cb:e2:d2:93:b0:8d:51:90:94:9b:95:08:
                    70:0f:18:dc:64:92:46:bd:2b:d7:dd:46:c9:ed:37:
                    fa:a3:0b:d0:c8:92:39:fc:25:60:de:63:a3:1f:a5:
                    30:87:c3:0a:49:bd:20:50:c1:49:ed:0c:00:f2:95:
                    0d:75:70:b3:8c:01:84:7e:2e:50:3c:71:07:48:2d:
                    61:7b:ca:73:57:e2:75:22:b7:a2:f0:56:aa:7f:b7:
                    40:28:2e:f0:24:83:31:c8:e1:5d:2c:1c:1d:45:a0:
                    a0:be:40:41:11:c7:20:6f:67:39:35:cf:b9:35:63:
                    e5:cc:7b:92:72:59:e1:64:17:f4:3f:75:31:eb:01:
                    14:6e:65:e3:f3:c3:52:52:3a:2c:a3:62:6d:fa:8d:
                    fe:3f:56:66:56:41:a4:99:36:18:1a:0e:91:9f:c8:
                    ff:bf:ea:e9:97:aa:9a:f5:81:78:36:95:79:f9:82:
                    40:df:fc:68:99:f3:cb:dc:b6:ac:6b:d5:65:bb:de:
                    44:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:AB:D6:F3:9D:3B:5D:90:B0:87:41:94:04:EB:77:57:89:8B:79:47
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/xavW8507XZCwh0GUBOt3V4mLeUc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.152.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         9e:de:93:96:9e:06:14:97:9c:76:be:cb:e2:d6:2c:a5:81:dc:
         c2:b8:ce:12:da:95:ed:6c:06:7a:24:d5:11:03:e3:c7:9d:63:
         4d:43:bb:30:65:65:71:c8:9f:ba:d0:ff:db:f9:20:cd:67:3d:
         b1:7a:1e:b8:98:01:d5:f1:03:e3:bb:d6:97:12:77:be:ae:20:
         55:a3:ab:06:ab:60:dc:d8:5d:ec:69:99:54:82:20:31:53:49:
         98:2b:60:7b:21:0f:99:be:7c:fc:ab:0e:f8:d7:bc:84:10:5d:
         06:ef:84:46:a7:24:26:f1:3b:01:98:62:6b:7a:b8:4e:a8:1a:
         84:2b:d4:38:92:f4:90:b3:da:03:1b:c4:41:97:0c:0b:f0:0d:
         75:32:64:40:6f:1b:1a:33:36:39:f2:64:64:80:6c:f8:87:52:
         79:94:c7:4f:e6:f6:40:27:b5:21:ae:5e:1a:bb:85:d0:65:d8:
         ef:8c:e7:38:d5:7d:61:3b:e7:61:e8:ca:a0:a8:f9:0c:76:1e:
         40:db:8c:87:02:06:43:7b:0c:40:bb:42:f9:bd:5a:46:5d:98:
         02:b2:81:6e:87:9f:53:bb:b5:8c:6e:ae:3b:17:22:01:f6:94:
         b6:a3:02:24:ae:1d:42:c3:5b:42:cc:bf:82:7b:bc:c3:0f:6b:
         33:6b:9a:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIWSpaY+7fWjJ4fUpSVgn1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIwNzE5MTE0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWFiZDZmMzlkM2I1ZDkwYjA4NzQxOTQwNGViNzc1Nzg5OGI3OTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgfSp4RnZPw9uyDPkXSwB8pmYjVd
0KW9FyE2qkP+mjvFGBJP3/EFW3k6vC9burYWY9uO5IlnsfrnhxaRF2bL4tKTsI1R
kJSblQhwDxjcZJJGvSvX3UbJ7Tf6owvQyJI5/CVg3mOjH6Uwh8MKSb0gUMFJ7QwA
8pUNdXCzjAGEfi5QPHEHSC1he8pzV+J1Irei8Faqf7dAKC7wJIMxyOFdLBwdRaCg
vkBBEccgb2c5Nc+5NWPlzHuSclnhZBf0P3Ux6wEUbmXj88NSUjoso2Jt+o3+P1Zm
VkGkmTYYGg6Rn8j/v+rpl6qa9YF4NpV5+YJA3/xomfPL3Lasa9Vlu95E5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWr1vOdO12QsIdBlATrd1eJi3lHMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEveGF2Vzg1MDdYWkN3aDBHVUJPdDNWNG1MZVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwpigMA0G
CSqGSIb3DQEBCwUAA4IBAQCe3pOWngYUl5x2vsvi1iylgdzCuM4S2pXtbAZ6JNUR
A+PHnWNNQ7swZWVxyJ+60P/b+SDNZz2xeh64mAHV8QPju9aXEne+riBVo6sGq2Dc
2F3saZlUgiAxU0mYK2B7IQ+Zvnz8qw7417yEEF0G74RGpyQm8TsBmGJrerhOqBqE
K9Q4kvSQs9oDG8RBlwwL8A11MmRAbxsaMzY58mRkgGz4h1J5lMdP5vZAJ7Uhrl4a
u4XQZdjvjOc41X1hO+dh6MqgqPkMdh5A24yHAgZDewxAu0L5vVpGXZgCsoFuh59T
u7WMbq47FyIB9pS2owIkrh1Cw1tCzL+Ce7zDD2sza5q5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org