Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/hVZsMjjbTkovV9NcR6Kb8zBn284.roa
File:                     hVZsMjjbTkovV9NcR6Kb8zBn284.roa (raw, json)
Hash identifier:          1sRiNrpwwzuwkoUHdB2bZzPycp2/hY1Wfjc8hkzpm7o=
Subject key identifier:   85:56:6C:32:38:DB:4E:4A:2F:57:D3:5C:47:A2:9B:F3:30:67:DB:CE
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       0183C265D2BBADBD33B3E3A4DF4F58EC75A9
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/hVZsMjjbTkovV9NcR6Kb8zBn284.roa
Signing time:             Mon 10 Oct 2022 14:56:36 +0000
ROA not before:           Mon 10 Oct 2022 14:56:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        193.31.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c2:65:d2:bb:ad:bd:33:b3:e3:a4:df:4f:58:ec:75:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: Oct 10 14:56:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=85566c3238db4e4a2f57d35c47a29bf33067dbce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:e5:8d:ba:1e:7b:da:64:b7:bf:56:cb:04:f6:
                    1c:9f:7d:74:06:69:48:a1:8a:bf:e3:86:86:ed:d7:
                    94:05:a0:1c:7b:2a:5b:fc:97:9a:f7:45:39:fd:21:
                    76:86:e0:88:b5:48:eb:6f:3a:26:2b:2e:37:36:c4:
                    86:1a:0e:f3:c1:4a:72:e0:3b:52:0d:f3:38:5b:7d:
                    bc:9f:ea:4c:8a:58:f3:56:0c:78:e7:1c:3c:1d:c6:
                    9b:82:de:a4:5f:6e:6f:a8:c2:92:fb:f1:8b:bb:37:
                    6e:ce:a2:33:78:8e:0c:18:1a:38:e2:80:e7:a1:2f:
                    88:be:37:8c:ba:a5:4b:d9:a3:71:09:6c:f7:2b:01:
                    18:80:2a:49:0b:41:41:f3:5c:94:34:40:f0:2d:76:
                    e7:1b:31:0d:cc:c2:1d:c1:54:6b:a3:66:4d:21:e4:
                    95:c7:44:b3:55:5a:8e:34:ee:28:26:f6:7a:ab:d3:
                    bc:b5:e2:26:ac:9c:66:36:3f:0a:8c:6c:77:f4:7e:
                    f7:9f:2d:e8:51:67:14:67:d7:c4:cd:5d:2f:df:7f:
                    5d:57:fb:44:a0:0c:04:2a:10:87:22:14:10:d0:4a:
                    dc:03:bf:99:1d:50:a5:98:b8:78:5c:5b:ba:42:be:
                    1f:69:38:1b:62:ae:2b:16:d6:bc:71:fe:79:cd:60:
                    e4:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:56:6C:32:38:DB:4E:4A:2F:57:D3:5C:47:A2:9B:F3:30:67:DB:CE
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/hVZsMjjbTkovV9NcR6Kb8zBn284.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:64:ee:8f:cd:9a:7b:2e:d1:d3:4c:a9:5f:45:f2:27:03:ce:
         e6:cc:9c:7d:6b:55:53:b5:57:e9:b1:e8:4b:3f:df:43:e3:73:
         64:f1:73:d4:aa:fb:58:46:93:f4:f7:a8:41:af:a9:33:88:c3:
         9f:9d:74:be:a8:24:3b:7e:25:5a:97:4d:af:55:e6:2b:3b:ca:
         30:b2:21:d6:fb:33:5f:64:b6:d8:61:c6:12:c9:e4:e7:83:43:
         51:ae:c6:c6:e1:c6:00:b9:f6:1c:6c:a2:5e:15:13:cd:4d:7f:
         50:0e:71:4e:d6:0f:2e:55:1b:f9:1b:60:20:bd:44:42:9c:be:
         3a:74:27:0b:a4:f8:3f:8f:34:1b:cb:f7:b7:3a:30:f5:7f:70:
         ad:64:35:7e:c7:37:ec:c2:48:69:34:1b:a9:c4:03:9a:e0:01:
         a9:8b:f6:cf:91:b7:a9:ca:8f:f7:30:d2:fa:01:7d:3c:ba:5e:
         fc:50:70:49:ce:63:7b:29:6e:de:2c:6c:f3:79:c6:15:02:e5:
         52:30:1e:ee:27:7d:43:b0:51:7c:0f:d9:72:2d:43:24:bf:a9:
         f2:f9:b3:7e:83:60:f6:95:c4:f2:cd:64:4e:08:f4:63:53:af:
         f0:f4:21:1d:8b:9e:91:70:39:69:66:29:a4:9e:53:d6:2e:1e:
         23:bb:52:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPCZdK7rb0zs+Ok309Y7HWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjIxMDEwMTQ1NjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU2NmMzMjM4ZGI0ZTRhMmY1N2QzNWM0N2EyOWJmMzMwNjdkYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOWNuh572mS3v1bLBPYcn310BmlI
oYq/44aG7deUBaAceypb/Jea90U5/SF2huCItUjrbzomKy43NsSGGg7zwUpy4DtS
DfM4W328n+pMiljzVgx45xw8Hcabgt6kX25vqMKS+/GLuzduzqIzeI4MGBo44oDn
oS+IvjeMuqVL2aNxCWz3KwEYgCpJC0FB81yUNEDwLXbnGzENzMIdwVRro2ZNIeSV
x0SzVVqONO4oJvZ6q9O8teImrJxmNj8KjGx39H73ny3oUWcUZ9fEzV0v339dV/tE
oAwEKhCHIhQQ0ErcA7+ZHVClmLh4XFu6Qr4faTgbYq4rFta8cf55zWDkCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVWbDI4205KL1fTXEeim/MwZ9vOMB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvaFZac01qamJUa292VjlOY1I2S2I4ekJuMjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR88MA0G
CSqGSIb3DQEBCwUAA4IBAQAIZO6PzZp7LtHTTKlfRfInA87mzJx9a1VTtVfpsehL
P99D43Nk8XPUqvtYRpP096hBr6kziMOfnXS+qCQ7fiVal02vVeYrO8owsiHW+zNf
ZLbYYcYSyeTng0NRrsbG4cYAufYcbKJeFRPNTX9QDnFO1g8uVRv5G2AgvURCnL46
dCcLpPg/jzQby/e3OjD1f3CtZDV+xzfswkhpNBupxAOa4AGpi/bPkbepyo/3MNL6
AX08ul78UHBJzmN7KW7eLGzzecYVAuVSMB7uJ31DsFF8D9lyLUMkv6ny+bN+g2D2
lcTyzWROCPRjU6/w9CEdi56RcDlpZimknlPWLh4ju1JC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:29 2024 by rpki-client on console-ams.rpki-client.org