Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/l4I4ATxCzDmBamyYSF4bHR-RuGE.roa
File:                     l4I4ATxCzDmBamyYSF4bHR-RuGE.roa (raw, json)
Hash identifier:          9FeDr9T5speeqaS2OQZLny04Mk7NGocckWAckzdnViE=
Subject key identifier:   97:82:38:01:3C:42:CC:39:81:6A:6C:98:48:5E:1B:1D:1F:91:B8:61
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       0895309C
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/l4I4ATxCzDmBamyYSF4bHR-RuGE.roa
Signing time:             Wed 08 Jun 2022 08:02:10 +0000
ROA not before:           Wed 08 Jun 2022 08:02:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        193.31.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 143995036 (0x895309c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: Jun  8 08:02:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=978238013c42cc39816a6c98485e1b1d1f91b861
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:1c:41:46:12:7a:43:eb:38:da:85:dc:21:4d:
                    41:da:ea:a2:4c:38:48:6d:e5:a4:a6:5e:bf:6e:ca:
                    2c:f7:97:34:f0:de:3f:c8:43:33:64:68:ae:76:cd:
                    7f:23:03:02:62:3e:ca:4f:db:4f:5b:66:67:37:4f:
                    98:46:f0:96:76:90:de:8f:0a:f5:7f:d7:76:a3:28:
                    01:0f:c7:6d:fe:e8:fc:0e:e5:04:0b:8a:40:f0:32:
                    16:5a:dc:9b:10:c6:4f:2b:cf:f7:b1:6f:a8:f4:72:
                    02:59:82:7a:4b:4c:9b:a9:56:a4:4a:d0:81:b4:90:
                    77:1e:37:55:6e:a8:63:3a:80:c4:0e:de:b6:df:90:
                    23:d5:f8:96:2c:04:20:e0:f1:33:98:aa:71:7b:16:
                    a0:25:1a:25:cc:3e:8b:32:14:d1:28:5f:c0:a1:35:
                    f8:9e:7b:37:a5:15:06:61:88:08:fc:3e:db:c9:f1:
                    b6:be:34:38:e3:f9:e6:8f:be:d4:aa:bc:e9:98:65:
                    c5:a4:52:d7:6a:d9:5e:d6:19:e4:26:ad:aa:03:21:
                    e4:30:06:0c:e4:43:46:46:44:81:af:db:a3:5d:8b:
                    8f:ba:48:a3:c8:32:92:af:6d:44:a9:7a:45:05:8d:
                    c7:c7:99:a2:e4:20:9f:32:08:0f:a7:c8:84:90:19:
                    2f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:82:38:01:3C:42:CC:39:81:6A:6C:98:48:5E:1B:1D:1F:91:B8:61
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/l4I4ATxCzDmBamyYSF4bHR-RuGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:ee:cd:45:ad:97:c6:1a:86:c6:6a:f2:a1:a9:65:0f:ce:ce:
         f8:63:59:6f:97:7a:69:fc:d3:16:17:c1:91:7a:07:2d:19:99:
         24:57:5b:fd:3c:10:21:8c:b2:c4:40:9e:2c:19:79:65:8b:f1:
         40:bf:f2:b7:bf:b3:fd:27:fd:57:50:bb:3e:c4:bc:56:46:23:
         29:0c:0b:8d:e0:18:ef:72:5a:27:64:82:2b:86:56:10:ff:13:
         b6:a1:25:6c:08:74:ea:75:2d:db:94:99:64:5f:06:92:50:b3:
         15:bf:9a:ec:32:ba:fc:1d:9c:12:9a:c9:2f:f6:40:f4:be:f6:
         8d:03:50:c7:d6:cd:3d:18:d5:08:eb:b5:f9:ba:52:73:ff:a7:
         0c:df:25:99:95:29:1c:17:6e:81:3f:d7:9d:ef:d7:01:8b:16:
         24:5a:dc:66:00:71:9d:3f:2c:08:1d:58:b5:02:8a:c5:04:c2:
         97:bd:67:ea:72:9b:a0:d4:63:c2:6d:0a:75:3c:4f:b4:37:97:
         fb:43:67:a4:da:55:be:3c:94:d4:ef:df:99:1c:67:a1:bd:6a:
         91:0c:5a:04:7c:ca:5a:6f:ad:2b:a2:be:3b:a8:86:da:4e:d7:
         47:3e:ee:c7:f8:9f:2c:76:5b:c5:b0:74:14:5a:95:f0:59:89:
         b9:2c:d8:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECJUwnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZjFkNWZlYWZkMzkxNzQ3MjViZmU0YmVmOTFiZDI3YzdiMmY2ZjkxMB4XDTIyMDYw
ODA4MDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc4MjM4MDEzYzQy
Y2MzOTgxNmE2Yzk4NDg1ZTFiMWQxZjkxYjg2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8cQUYSekPrONqF3CFNQdrqokw4SG3lpKZev27KLPeXNPDe
P8hDM2RornbNfyMDAmI+yk/bT1tmZzdPmEbwlnaQ3o8K9X/XdqMoAQ/Hbf7o/A7l
BAuKQPAyFlrcmxDGTyvP97FvqPRyAlmCektMm6lWpErQgbSQdx43VW6oYzqAxA7e
tt+QI9X4liwEIODxM5iqcXsWoCUaJcw+izIU0ShfwKE1+J57N6UVBmGICPw+28nx
tr40OOP55o++1Kq86ZhlxaRS12rZXtYZ5CatqgMh5DAGDORDRkZEga/bo12Lj7pI
o8gykq9tRKl6RQWNx8eZouQgnzIID6fIhJAZL1kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXgjgBPELMOYFqbJhIXhsdH5G4YTAfBgNVHSMEGDAWgBS/HV/q/TkXRyW/
5L75G9J8ey9vkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Z4MWY2djA1RjBjbHYtUy0tUnZTZkhzdmI1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvNjA2NWQyLTEwM2UtNGFiNy1iZmIzLTFhOGM4NDJhZmUyYS8x
L2w0STRBVHhDekRtQmFteVlTRjRiSFItUnVHRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
NjA2NWQyLTEwM2UtNGFiNy1iZmIzLTFhOGM4NDJhZmUyYS8xL3Z4MWY2djA1RjBj
bHYtUy0tUnZTZkhzdmI1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEfPDANBgkqhkiG9w0BAQsFAAOC
AQEAXO7NRa2XxhqGxmryoallD87O+GNZb5d6afzTFhfBkXoHLRmZJFdb/TwQIYyy
xECeLBl5ZYvxQL/yt7+z/Sf9V1C7PsS8VkYjKQwLjeAY73JaJ2SCK4ZWEP8TtqEl
bAh06nUt25SZZF8GklCzFb+a7DK6/B2cEprJL/ZA9L72jQNQx9bNPRjVCOu1+bpS
c/+nDN8lmZUpHBdugT/Xne/XAYsWJFrcZgBxnT8sCB1YtQKKxQTCl71n6nKboNRj
wm0KdTxPtDeX+0NnpNpVvjyU1O/fmRxnob1qkQxaBHzKWm+tK6K+O6iG2k7XRz7u
x/ifLHZbxbB0FFqV8FmJuSzYJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:31 2024 by rpki-client on console-fra.rpki-client.org