Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/J7SXZBZ6WEeYqcSot9JogdBM1A0.roa
File:                     J7SXZBZ6WEeYqcSot9JogdBM1A0.roa (raw, json)
Hash identifier:          7McTweqlEY1zhgRiKMI6BWG1TltGL/9Ukf9pMBPtMls=
Subject key identifier:   27:B4:97:64:16:7A:58:47:98:A9:C4:A8:B7:D2:68:81:D0:4C:D4:0D
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       07298F68
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/J7SXZBZ6WEeYqcSot9JogdBM1A0.roa
Signing time:             Sat 01 Jan 2022 04:56:38 +0000
ROA not before:           Sat 01 Jan 2022 04:56:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60781
IP address blocks:        193.31.15.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120164200 (0x7298f68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: Jan  1 04:56:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=27b49764167a584798a9c4a8b7d26881d04cd40d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1b:11:9a:11:d7:1d:4c:7d:13:98:25:b7:8f:
                    a0:61:02:6c:7d:8d:d2:b0:73:7a:8a:63:bd:9a:fd:
                    7b:0c:fc:7d:b6:fa:0c:70:4d:e1:3d:41:cd:7c:68:
                    e3:56:99:2d:8b:9b:1e:f7:04:ce:98:76:dd:5c:7b:
                    69:bb:01:67:98:c7:9e:51:56:06:20:0c:8d:38:f5:
                    a6:27:85:0a:b7:f1:e1:74:a0:4c:4f:a5:5d:ee:9b:
                    6b:17:e6:18:51:c7:91:43:60:cb:84:75:da:da:ba:
                    10:61:41:ba:56:ab:14:ac:3b:29:60:1a:47:3b:67:
                    73:b1:d6:a2:30:ed:39:ea:bf:52:7a:c8:2d:4a:53:
                    b7:20:ad:ae:b0:7a:98:9f:c8:99:a1:6d:44:bb:45:
                    47:c5:f7:cc:d7:2c:e9:19:2e:a1:68:07:0f:bf:b6:
                    1e:fc:0f:57:2e:76:ce:bd:0f:d3:c8:cf:8e:30:d0:
                    96:8a:28:bf:35:52:5a:b8:75:93:7d:ca:61:0f:2d:
                    4b:5c:91:06:46:19:20:3f:0e:92:00:c6:52:e1:cf:
                    cd:20:87:74:a6:b5:8d:f3:fe:d3:4b:7f:6c:4c:76:
                    06:c7:48:ce:f8:18:f5:23:02:9d:29:3f:3a:89:b2:
                    8d:a2:31:53:f5:01:3e:7d:50:ad:fd:0f:b5:fb:46:
                    e4:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:B4:97:64:16:7A:58:47:98:A9:C4:A8:B7:D2:68:81:D0:4C:D4:0D
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/J7SXZBZ6WEeYqcSot9JogdBM1A0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:24:5a:ee:34:a9:78:5c:8c:bb:98:2c:cb:9b:a2:f3:ed:b5:
         3d:a9:6e:3c:d0:77:bc:be:ad:db:1a:72:d5:42:cf:d8:9c:ea:
         49:db:6a:3b:a3:9c:ae:89:88:a0:26:cc:fc:43:17:b5:59:5d:
         0d:7c:b2:91:59:d2:f3:b3:b8:13:1c:f9:74:36:3b:65:74:ce:
         ff:db:7b:61:77:07:08:e1:e2:dc:f0:be:c4:ef:1d:ef:25:2a:
         c3:7d:67:02:a4:4e:13:2c:77:09:9b:6f:15:4a:64:04:96:f6:
         a7:ef:9e:41:0b:4c:ec:65:37:88:e6:3c:c8:59:6c:8e:83:52:
         53:9e:08:bc:5e:6c:5a:a7:0e:65:d8:78:09:77:b7:4f:7c:30:
         00:64:31:f0:4e:ef:65:36:ed:96:0a:ac:02:5f:76:a1:4e:6e:
         5c:ee:3e:4c:bf:13:08:6d:31:e3:35:82:c7:4a:e2:3d:07:b6:
         fd:78:41:22:a5:e1:20:82:32:36:ff:34:d1:fe:b5:98:80:bb:
         20:6e:87:3b:8e:d7:2a:d7:82:59:4a:7f:53:31:f0:d0:f5:00:
         e2:01:e9:db:62:2e:ed:15:fe:72:82:d8:bb:63:c7:4b:5c:46:
         70:10:44:d0:3f:da:be:94:e2:6b:c8:ad:f5:0a:ba:1f:5a:d0:
         5b:9d:18:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBymPaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZjFkNWZlYWZkMzkxNzQ3MjViZmU0YmVmOTFiZDI3YzdiMmY2ZjkxMB4XDTIyMDEw
MTA0NTYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdiNDk3NjQxNjdh
NTg0Nzk4YTljNGE4YjdkMjY4ODFkMDRjZDQwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgbEZoR1x1MfROYJbePoGECbH2N0rBzeopjvZr9ewz8fbb6
DHBN4T1BzXxo41aZLYubHvcEzph23Vx7absBZ5jHnlFWBiAMjTj1pieFCrfx4XSg
TE+lXe6baxfmGFHHkUNgy4R12tq6EGFBularFKw7KWAaRztnc7HWojDtOeq/UnrI
LUpTtyCtrrB6mJ/ImaFtRLtFR8X3zNcs6RkuoWgHD7+2HvwPVy52zr0P08jPjjDQ
looovzVSWrh1k33KYQ8tS1yRBkYZID8OkgDGUuHPzSCHdKa1jfP+00t/bEx2BsdI
zvgY9SMCnSk/OomyjaIxU/UBPn1Qrf0PtftG5FMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQntJdkFnpYR5ipxKi30miB0EzUDTAfBgNVHSMEGDAWgBS/HV/q/TkXRyW/
5L75G9J8ey9vkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Z4MWY2djA1RjBjbHYtUy0tUnZTZkhzdmI1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvNjA2NWQyLTEwM2UtNGFiNy1iZmIzLTFhOGM4NDJhZmUyYS8x
L0o3U1haQlo2V0VlWXFjU290OUpvZ2RCTTFBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
NjA2NWQyLTEwM2UtNGFiNy1iZmIzLTFhOGM4NDJhZmUyYS8xL3Z4MWY2djA1RjBj
bHYtUy0tUnZTZkhzdmI1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEfDzANBgkqhkiG9w0BAQsFAAOC
AQEAcyRa7jSpeFyMu5gsy5ui8+21PaluPNB3vL6t2xpy1ULP2JzqSdtqO6OcromI
oCbM/EMXtVldDXyykVnS87O4Exz5dDY7ZXTO/9t7YXcHCOHi3PC+xO8d7yUqw31n
AqROEyx3CZtvFUpkBJb2p++eQQtM7GU3iOY8yFlsjoNSU54IvF5sWqcOZdh4CXe3
T3wwAGQx8E7vZTbtlgqsAl92oU5uXO4+TL8TCG0x4zWCx0riPQe2/XhBIqXhIIIy
Nv800f61mIC7IG6HO47XKteCWUp/UzHw0PUA4gHp22Iu7RX+coLYu2PHS1xGcBBE
0D/avpTia8it9Qq6H1rQW50YpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:29 2024 by rpki-client on console-ams.rpki-client.org