Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/mam-8KeI0WoP9HFlucxb8L7Pmfg.roa
File:                     mam-8KeI0WoP9HFlucxb8L7Pmfg.roa (raw, json)
Hash identifier:          DpP+DSf+T6cyNsERye3KrHjAfdz+6+kndric0gWxDYo=
Subject key identifier:   99:A9:BE:F0:A7:88:D1:6A:0F:F4:71:65:B9:CC:5B:F0:BE:CF:99:F8
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       0182F38086362BD71DBEFE36C29AEBCCEA90
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/mam-8KeI0WoP9HFlucxb8L7Pmfg.roa
Signing time:             Wed 31 Aug 2022 10:44:22 +0000
ROA not before:           Wed 31 Aug 2022 10:44:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197890
IP address blocks:        80.246.232.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:f3:80:86:36:2b:d7:1d:be:fe:36:c2:9a:eb:cc:ea:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Aug 31 10:44:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=99a9bef0a788d16a0ff47165b9cc5bf0becf99f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:8e:b1:24:17:c9:05:73:08:fa:43:d5:9f:e3:
                    42:3a:f0:0a:9d:7e:61:52:79:d8:81:8e:de:94:85:
                    60:21:8a:87:7b:98:b2:03:06:91:21:38:42:09:b5:
                    cc:3f:b7:1a:14:ad:43:4e:bd:e2:cc:cf:37:cd:94:
                    b6:92:25:ae:a3:b0:7f:a1:bb:fe:ab:d6:a3:15:d4:
                    c6:09:cf:aa:e1:b9:5d:0b:f2:c7:fc:62:af:43:0b:
                    35:62:ce:cd:bd:00:ea:ad:7b:07:25:ea:9b:d4:d1:
                    f4:f3:39:e5:1e:f8:20:b7:e1:c5:0c:38:b7:50:be:
                    cf:d7:80:1a:60:31:2b:fb:fc:7a:94:a3:aa:00:7c:
                    c7:1e:bb:82:fe:d8:47:ee:86:aa:e9:4c:33:d6:df:
                    09:14:8a:7f:05:70:93:a5:79:2b:53:4c:69:17:3c:
                    60:6f:02:00:96:9f:46:e1:f9:37:76:c6:66:77:bb:
                    50:77:84:45:58:07:a6:26:31:d1:9a:bf:6e:e5:e9:
                    6a:36:db:5a:11:bb:17:86:d2:7c:41:e4:b8:e2:56:
                    8e:4f:87:7d:30:27:49:78:f5:bd:3d:8b:e4:b6:9f:
                    82:16:57:82:90:b6:ae:b3:dc:a6:1c:b3:66:a2:62:
                    03:84:ac:92:bb:9e:8b:fa:6d:04:e7:d1:ab:7f:91:
                    7b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A9:BE:F0:A7:88:D1:6A:0F:F4:71:65:B9:CC:5B:F0:BE:CF:99:F8
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/mam-8KeI0WoP9HFlucxb8L7Pmfg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         97:19:40:aa:22:00:1e:61:b8:d9:8e:6f:0f:3e:40:79:23:d6:
         f1:e3:92:fd:08:6d:a4:9d:03:98:93:dd:30:e1:ae:ff:fd:92:
         b5:a4:b3:9a:67:9e:57:94:fd:c3:c4:ba:f1:7f:c1:84:20:2f:
         0a:d2:7a:9f:f0:94:6d:f8:b2:0e:76:87:22:66:71:70:2c:ca:
         bc:da:76:b8:10:d2:da:36:b3:85:05:d7:32:f7:bb:35:8c:61:
         99:a5:5c:4e:27:82:b1:cc:2d:6c:ba:ef:6c:f4:d7:7c:e5:61:
         95:d2:7c:e8:fa:03:18:49:de:41:9e:71:7e:22:98:bf:c1:c4:
         d0:bf:2c:b8:2f:ec:be:f8:50:cb:17:3e:e7:e7:67:3a:b2:b7:
         48:02:da:fa:bf:cc:55:e5:de:a5:ae:16:09:97:1a:a2:17:9b:
         60:3d:3e:d3:c4:b8:a2:13:b2:ee:af:5c:dc:f4:34:d2:df:c8:
         83:b6:98:48:18:f2:55:3a:12:7c:1d:b9:d6:c7:a9:13:20:2f:
         90:3b:9e:c6:05:15:a1:46:db:b2:91:14:8c:24:58:ed:fe:4e:
         ec:0f:11:9b:68:92:45:1a:56:2d:b3:7a:bd:69:b2:c2:26:3a:
         1b:b7:5a:98:eb:a4:1f:44:84:6b:ad:d4:78:91:ed:3a:07:5b:
         af:4d:63:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLzgIY2K9cdvv42wprrzOqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjIwODMxMTA0NDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWE5YmVmMGE3ODhkMTZhMGZmNDcxNjViOWNjNWJmMGJlY2Y5OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI6xJBfJBXMI+kPVn+NCOvAKnX5h
UnnYgY7elIVgIYqHe5iyAwaRIThCCbXMP7caFK1DTr3izM83zZS2kiWuo7B/obv+
q9ajFdTGCc+q4bldC/LH/GKvQws1Ys7NvQDqrXsHJeqb1NH08znlHvggt+HFDDi3
UL7P14AaYDEr+/x6lKOqAHzHHruC/thH7oaq6Uwz1t8JFIp/BXCTpXkrU0xpFzxg
bwIAlp9G4fk3dsZmd7tQd4RFWAemJjHRmr9u5elqNttaEbsXhtJ8QeS44laOT4d9
MCdJePW9PYvktp+CFleCkLaus9ymHLNmomIDhKySu56L+m0E59Grf5F7EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmpvvCniNFqD/RxZbnMW/C+z5n4MB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvbWFtLThLZUkwV29QOUhGbHVjeGI4TDdQbWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUPboMA0G
CSqGSIb3DQEBCwUAA4IBAQCXGUCqIgAeYbjZjm8PPkB5I9bx45L9CG2knQOYk90w
4a7//ZK1pLOaZ55XlP3DxLrxf8GEIC8K0nqf8JRt+LIOdociZnFwLMq82na4ENLa
NrOFBdcy97s1jGGZpVxOJ4KxzC1suu9s9Nd85WGV0nzo+gMYSd5BnnF+Ipi/wcTQ
vyy4L+y++FDLFz7n52c6srdIAtr6v8xV5d6lrhYJlxqiF5tgPT7TxLiiE7Lur1zc
9DTS38iDtphIGPJVOhJ8HbnWx6kTIC+QO57GBRWhRtuykRSMJFjt/k7sDxGbaJJF
GlYts3q9abLCJjobt1qY66QfRIRrrdR4ke06B1uvTWOr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org