Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/rywUhtGFyW3GoNuCV3hBidCmnEw.roa
File:                     rywUhtGFyW3GoNuCV3hBidCmnEw.roa (raw, json)
Hash identifier:          inllA96dfBBAKvWW2GtyS2UdH7ss4Mv7lOd6Gmd+Prs=
Subject key identifier:   AF:2C:14:86:D1:85:C9:6D:C6:A0:DB:82:57:78:41:89:D0:A6:9C:4C
Certificate issuer:       /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial:       01827EF59CB4CDF9570CB12548377E6C2052
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/rywUhtGFyW3GoNuCV3hBidCmnEw.roa
Signing time:             Mon 08 Aug 2022 19:36:41 +0000
ROA not before:           Mon 08 Aug 2022 19:36:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        193.31.15.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:7e:f5:9c:b4:cd:f9:57:0c:b1:25:48:37:7e:6c:20:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
        Validity
            Not Before: Aug  8 19:36:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=af2c1486d185c96dc6a0db8257784189d0a69c4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:49:20:42:06:c1:6f:7c:c6:76:bf:a9:6d:67:
                    34:72:53:2c:43:ab:39:a3:e7:d3:64:f6:49:aa:0a:
                    e9:72:c0:6f:5d:44:e3:4e:38:5f:4c:e4:03:0e:14:
                    98:f4:f4:85:1c:b1:bd:d5:bd:fd:09:cf:e7:d4:08:
                    18:5c:ae:e9:db:03:ae:0c:6e:20:df:f0:a1:d0:e3:
                    89:4d:9d:01:d7:d4:dc:c6:96:f7:36:00:da:bd:1d:
                    f3:bf:87:02:41:03:38:e2:4e:71:60:9d:14:0c:77:
                    18:07:fe:e7:37:62:62:d7:ce:18:2e:f3:35:6f:e4:
                    2a:2e:b1:0b:e0:96:41:91:30:8d:34:d9:f3:5c:b7:
                    99:f9:33:c8:c9:d7:81:75:dd:3a:6f:60:91:5c:33:
                    6a:43:70:4c:05:6b:81:78:47:b7:e9:22:d0:d6:b5:
                    8d:22:a5:ef:bd:25:44:ed:66:84:17:ed:b0:d7:ff:
                    ac:6b:39:0e:e9:12:87:0f:e6:60:9c:6a:17:2a:ef:
                    8a:4b:13:3e:db:e4:7a:7e:72:94:67:1b:1e:1c:4b:
                    d9:63:52:3e:4f:39:d7:2f:8e:2b:85:72:72:61:88:
                    7d:b0:bb:84:0d:da:8e:e9:cc:d3:8e:27:7f:b4:f8:
                    21:e3:de:63:31:44:43:fd:4b:95:45:c1:e7:a7:3a:
                    5f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:2C:14:86:D1:85:C9:6D:C6:A0:DB:82:57:78:41:89:D0:A6:9C:4C
            X509v3 Authority Key Identifier:
                keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/rywUhtGFyW3GoNuCV3hBidCmnEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:9f:ae:20:29:59:de:f1:9c:04:03:9b:1f:cc:f9:35:18:e7:
         32:45:a9:4d:da:7d:b7:51:a4:39:ea:6a:ff:f8:9c:31:b9:17:
         db:53:b2:f2:0b:22:f7:c2:d3:09:fd:94:28:ed:8b:ec:b9:58:
         72:c6:f5:e3:68:42:83:3e:66:64:d1:07:f3:33:c1:72:2b:c0:
         dc:a5:f1:9c:b7:d4:af:25:2c:54:83:22:a9:36:62:79:7e:ef:
         8a:5f:d4:71:fb:eb:60:13:5e:7d:01:71:2d:67:8d:c7:ff:b6:
         d4:8c:42:0b:ae:0a:e8:57:5c:74:c2:d7:92:ad:fa:2d:80:06:
         93:de:34:dc:e1:bb:10:95:de:97:6b:db:c1:7e:d7:0d:4f:7e:
         4e:24:f0:a0:f0:95:cc:c7:fe:ec:bb:0e:f7:03:b4:c8:17:0e:
         1a:e5:3e:1f:bd:d0:d8:2b:4f:68:b1:d2:3b:fe:d6:82:23:fe:
         7b:bd:ef:3b:d2:c5:f9:8f:88:a2:09:39:ca:04:92:50:7f:21:
         81:28:f3:45:73:5f:40:5a:a4:1a:32:ef:d9:b0:ea:69:44:b1:
         2d:89:4a:11:00:a4:4a:70:43:f3:0e:65:f4:e1:fb:ac:8a:0f:
         22:51:92:52:1c:44:de:e5:e7:06:cc:b8:fe:ca:ca:1e:1c:cf:
         49:ae:31:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJ+9Zy0zflXDLElSDd+bCBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjIwODA4MTkzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjJjMTQ4NmQxODVjOTZkYzZhMGRiODI1Nzc4NDE4OWQwYTY5YzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0kgQgbBb3zGdr+pbWc0clMsQ6s5
o+fTZPZJqgrpcsBvXUTjTjhfTOQDDhSY9PSFHLG91b39Cc/n1AgYXK7p2wOuDG4g
3/Ch0OOJTZ0B19Tcxpb3NgDavR3zv4cCQQM44k5xYJ0UDHcYB/7nN2Ji184YLvM1
b+QqLrEL4JZBkTCNNNnzXLeZ+TPIydeBdd06b2CRXDNqQ3BMBWuBeEe36SLQ1rWN
IqXvvSVE7WaEF+2w1/+sazkO6RKHD+ZgnGoXKu+KSxM+2+R6fnKUZxseHEvZY1I+
TznXL44rhXJyYYh9sLuEDdqO6czTjid/tPgh495jMURD/UuVRcHnpzpfJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8sFIbRhcltxqDbgld4QYnQppxMMB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvcnl3VWh0R0Z5VzNHb051Q1YzaEJpZENtbkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR8PMA0G
CSqGSIb3DQEBCwUAA4IBAQA3n64gKVne8ZwEA5sfzPk1GOcyRalN2n23UaQ56mr/
+JwxuRfbU7LyCyL3wtMJ/ZQo7YvsuVhyxvXjaEKDPmZk0QfzM8FyK8DcpfGct9Sv
JSxUgyKpNmJ5fu+KX9Rx++tgE159AXEtZ43H/7bUjEILrgroV1x0wteSrfotgAaT
3jTc4bsQld6Xa9vBftcNT35OJPCg8JXMx/7suw73A7TIFw4a5T4fvdDYK09osdI7
/taCI/57ve870sX5j4iiCTnKBJJQfyGBKPNFc19AWqQaMu/ZsOppRLEtiUoRAKRK
cEPzDmX04fusig8iUZJSHETe5ecGzLj+ysoeHM9JrjHy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:29 2024 by rpki-client on console-ams.rpki-client.org