Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/X1EJC8ad1e52SdQv054c4Fyo_8E.roa
File:                     X1EJC8ad1e52SdQv054c4Fyo_8E.roa (raw, json)
Hash identifier:          PHzO/BENsASmvIytnwqI9aTHPSOYX+AAlo+4pt+wIdE=
Subject key identifier:   5F:51:09:0B:C6:9D:D5:EE:76:49:D4:2F:D3:9E:1C:E0:5C:A8:FF:C1
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       0183C5A91C14C62A8AE0DBF98C9570BB9825
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/X1EJC8ad1e52SdQv054c4Fyo_8E.roa
Signing time:             Tue 11 Oct 2022 06:08:57 +0000
ROA not before:           Tue 11 Oct 2022 06:08:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16276
IP address blocks:        193.31.62.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c5:a9:1c:14:c6:2a:8a:e0:db:f9:8c:95:70:bb:98:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: Oct 11 06:08:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f51090bc69dd5ee7649d42fd39e1ce05ca8ffc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b2:a9:eb:0a:b2:47:db:ee:e7:4b:5a:ca:e5:
                    f4:ca:84:c3:20:71:58:89:ad:d0:8a:3c:d8:c5:0b:
                    45:44:08:d1:f4:89:d5:2a:78:43:6d:16:9c:6f:5a:
                    a4:e2:b5:80:65:81:f9:da:44:25:80:a0:19:d1:2b:
                    aa:1e:42:dd:ce:13:8e:f6:3b:14:62:c0:67:84:cb:
                    4c:78:50:5c:0c:2a:69:c5:46:65:fe:db:66:57:fd:
                    26:19:1b:cc:9f:70:39:20:21:1f:5f:96:09:49:a3:
                    a2:df:bd:33:7a:80:c7:a4:57:7f:7a:c2:19:10:d6:
                    dc:ea:32:cd:ab:9f:e8:0f:8a:d9:c5:b2:54:e1:6d:
                    c3:b9:77:dc:d9:b9:9c:7d:bf:a6:40:03:b3:b1:e6:
                    4a:ad:7c:7c:45:a0:eb:e2:ca:7c:f6:c4:42:0f:28:
                    10:09:60:a9:4a:a8:f6:66:f9:78:45:6b:db:05:d9:
                    51:3b:e8:a6:77:cb:bb:4f:ff:f5:0e:41:74:de:8f:
                    e6:97:83:3b:68:67:c2:5d:40:28:d0:4e:31:59:5f:
                    56:33:75:4b:02:09:25:ec:bf:80:73:0c:aa:ce:31:
                    38:5f:2a:9c:b0:1d:55:61:73:ca:cd:fe:99:18:9c:
                    fc:11:70:81:e3:98:a7:eb:c9:d7:7b:a7:a8:72:29:
                    61:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:51:09:0B:C6:9D:D5:EE:76:49:D4:2F:D3:9E:1C:E0:5C:A8:FF:C1
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/X1EJC8ad1e52SdQv054c4Fyo_8E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:74:2a:16:1c:5f:88:58:15:d5:ce:34:e2:ab:d3:43:8c:56:
         09:d6:b9:c1:9a:b4:8a:ef:26:2c:5c:21:d3:8c:ff:ef:38:bf:
         09:86:87:2a:6f:39:82:ba:ff:3e:71:38:75:87:9b:1c:52:59:
         e9:46:b1:cb:74:5f:30:7f:47:2f:78:44:6c:9d:a2:38:b1:71:
         eb:1b:58:c3:e0:df:3a:6f:c1:fa:8f:c8:ed:56:74:a8:51:cc:
         39:fd:89:29:d0:70:da:2f:5f:44:5f:69:9b:77:41:95:7e:53:
         82:62:2b:59:9c:ac:1e:17:a3:91:af:b5:81:f8:9e:d3:b0:05:
         6c:85:bd:44:e1:fd:48:c6:09:74:c8:14:76:53:06:3a:7e:27:
         1c:1c:9a:a8:23:bf:5d:51:b8:33:b2:2a:8a:33:5c:d0:4b:81:
         b0:b5:12:50:6b:01:50:fa:f8:8d:01:2d:6e:d6:f9:41:60:dd:
         23:3b:8b:9d:63:99:3f:06:71:e6:ad:f8:98:a0:af:ef:4d:6f:
         55:c7:07:34:eb:ca:00:b3:df:6b:19:27:3a:84:ae:3d:42:c7:
         c3:d6:e5:1e:7e:14:e4:3f:40:59:31:90:dc:bc:3e:98:00:fa:
         f7:40:92:fe:54:5f:e8:9a:85:02:be:42:cf:e4:37:ae:d1:43:
         43:f6:15:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPFqRwUxiqK4Nv5jJVwu5glMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjIxMDExMDYwODU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjUxMDkwYmM2OWRkNWVlNzY0OWQ0MmZkMzllMWNlMDVjYThmZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbKp6wqyR9vu50tayuX0yoTDIHFY
ia3QijzYxQtFRAjR9InVKnhDbRacb1qk4rWAZYH52kQlgKAZ0SuqHkLdzhOO9jsU
YsBnhMtMeFBcDCppxUZl/ttmV/0mGRvMn3A5ICEfX5YJSaOi370zeoDHpFd/esIZ
ENbc6jLNq5/oD4rZxbJU4W3DuXfc2bmcfb+mQAOzseZKrXx8RaDr4sp89sRCDygQ
CWCpSqj2Zvl4RWvbBdlRO+imd8u7T//1DkF03o/ml4M7aGfCXUAo0E4xWV9WM3VL
Agkl7L+AcwyqzjE4XyqcsB1VYXPKzf6ZGJz8EXCB45in68nXe6eocilhdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9RCQvGndXudknUL9OeHOBcqP/BMB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvWDFFSkM4YWQxZTUyU2RRdjA1NGM0RnlvXzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR8+MA0G
CSqGSIb3DQEBCwUAA4IBAQAZdCoWHF+IWBXVzjTiq9NDjFYJ1rnBmrSK7yYsXCHT
jP/vOL8JhocqbzmCuv8+cTh1h5scUlnpRrHLdF8wf0cveERsnaI4sXHrG1jD4N86
b8H6j8jtVnSoUcw5/Ykp0HDaL19EX2mbd0GVflOCYitZnKweF6ORr7WB+J7TsAVs
hb1E4f1Ixgl0yBR2UwY6ficcHJqoI79dUbgzsiqKM1zQS4GwtRJQawFQ+viNAS1u
1vlBYN0jO4udY5k/BnHmrfiYoK/vTW9Vxwc068oAs99rGSc6hK49QsfD1uUefhTk
P0BZMZDcvD6YAPr3QJL+VF/omoUCvkLP5Deu0UND9hWM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:31 2024 by rpki-client on console-fra.rpki-client.org