Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xtLuclEKHfLEjLf3eq9U4bUvfFM.roa
File:                     xtLuclEKHfLEjLf3eq9U4bUvfFM.roa (raw, json)
Hash identifier:          FVCwgA9WPmjWy1HbtFuyoOGIpx+CKlMl7y3kXJ28glY=
Subject key identifier:   C6:D2:EE:72:51:0A:1D:F2:C4:8C:B7:F7:7A:AF:54:E1:B5:2F:7C:53
Certificate issuer:       /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial:       431518F0
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xtLuclEKHfLEjLf3eq9U4bUvfFM.roa
Signing time:             Thu 05 May 2022 08:06:48 +0000
ROA not before:           Thu 05 May 2022 08:06:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47447
IP address blocks:        193.38.156.0/22 maxlen: 22
                          2a0d:6940::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1125456112 (0x431518f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
        Validity
            Not Before: May  5 08:06:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c6d2ee72510a1df2c48cb7f77aaf54e1b52f7c53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ae:dc:ea:a9:eb:dd:3b:04:99:d8:ce:b6:37:
                    5f:bf:64:19:23:77:2f:96:2a:e4:48:65:c1:c2:3f:
                    4f:22:cd:c2:57:f9:60:07:e0:64:69:ad:e7:bb:96:
                    d9:06:a4:45:a3:6d:4e:80:dc:61:a2:de:d3:52:2d:
                    16:86:c1:65:3a:70:89:6a:c9:c5:6a:0e:65:71:30:
                    0c:cd:d0:67:e7:5d:11:c1:3b:42:4f:59:18:eb:c8:
                    5f:c7:a0:7f:f6:b4:2a:c5:98:75:f7:44:b4:2b:c0:
                    44:22:6a:a9:db:9c:40:e5:d5:bd:35:8c:f8:36:07:
                    99:ec:1c:7b:7e:00:ff:91:7f:46:3a:48:76:b0:bd:
                    d3:6f:53:c3:bb:4a:9d:83:f9:17:ce:da:6e:9e:24:
                    cc:ab:e0:d5:fe:f0:32:54:f3:a0:ed:62:d1:b8:b7:
                    f4:e3:9a:91:ae:0a:de:d7:8e:64:32:cf:08:5d:96:
                    24:98:03:94:19:29:6b:84:0e:47:1f:f9:6a:62:d3:
                    e4:47:cc:69:35:cf:33:a8:1e:cc:37:37:74:0c:6e:
                    28:32:1c:95:9b:a6:50:57:da:70:da:9c:03:4f:97:
                    2d:9e:53:85:48:59:80:b6:d0:4b:87:93:14:9d:6f:
                    e9:c8:d2:db:4b:e0:fe:83:f4:e5:ee:8d:64:5a:fc:
                    99:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:D2:EE:72:51:0A:1D:F2:C4:8C:B7:F7:7A:AF:54:E1:B5:2F:7C:53
            X509v3 Authority Key Identifier:
                keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xtLuclEKHfLEjLf3eq9U4bUvfFM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.38.156.0/22
                IPv6:
                  2a0d:6940::/29

    Signature Algorithm: sha256WithRSAEncryption
         37:4b:11:bc:5a:b5:08:69:46:48:28:2a:d1:b8:33:92:54:27:
         1e:e2:69:29:45:91:92:ba:df:d3:1f:ca:56:14:f8:aa:7b:7e:
         f9:c3:4d:fb:0b:71:b8:61:da:1a:d6:81:bb:15:b6:d5:14:43:
         09:89:a4:33:1e:18:cc:b7:c1:48:53:5a:3f:4b:e3:1b:f6:ed:
         6f:5c:1d:10:04:a2:31:43:71:03:f7:f8:fe:b0:b8:25:d0:9b:
         3a:b8:02:16:68:03:dd:23:22:88:21:46:b4:fc:10:55:9b:5d:
         f9:10:6d:bb:65:b7:e2:0f:06:4d:6e:1b:49:21:07:2c:cd:4c:
         5f:dd:58:8a:0f:b0:8c:29:62:12:a3:b9:68:77:b1:1b:96:8f:
         e9:d3:6e:33:38:68:95:0d:95:ce:1a:2b:cb:eb:bf:f3:14:46:
         bb:62:b6:f8:f8:c9:5f:f8:86:2d:9c:e5:ae:0b:f3:ae:1d:95:
         51:94:fc:2f:54:f5:e2:68:61:63:9e:6a:64:80:b1:b4:6b:ee:
         55:ec:52:65:98:8f:f0:dc:d8:ee:3e:31:04:5f:4d:91:36:9e:
         b4:c0:56:4f:69:74:2b:c9:7f:a6:ea:f8:f1:e9:d9:65:5f:58:
         7e:60:29:63:42:27:95:67:3e:7d:13:85:8b:f2:ef:f3:5a:28:
         ef:93:53:cd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEQxUY8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDI3MDhkZjkzOTU0YWFjNjAxYWVmMTgzNWJkNWQ2OTI0NWZiMDJmMB4XDTIyMDUw
NTA4MDY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZkMmVlNzI1MTBh
MWRmMmM0OGNiN2Y3N2FhZjU0ZTFiNTJmN2M1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6u3Oqp6907BJnYzrY3X79kGSN3L5Yq5EhlwcI/TyLNwlf5
YAfgZGmt57uW2QakRaNtToDcYaLe01ItFobBZTpwiWrJxWoOZXEwDM3QZ+ddEcE7
Qk9ZGOvIX8egf/a0KsWYdfdEtCvARCJqqducQOXVvTWM+DYHmewce34A/5F/RjpI
drC9029Tw7tKnYP5F87abp4kzKvg1f7wMlTzoO1i0bi39OOaka4K3teOZDLPCF2W
JJgDlBkpa4QORx/5amLT5EfMaTXPM6gezDc3dAxuKDIclZumUFfacNqcA0+XLZ5T
hUhZgLbQS4eTFJ1v6cjS20vg/oP05e6NZFr8meUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTG0u5yUQod8sSMt/d6r1ThtS98UzAfBgNVHSMEGDAWgBTEJwjfk5VKrGAa
7xg1vV1pJF+wLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hDY0kzNU9WU3F4Z0d1OFlOYjFkYVNSZnNDOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvZjYxN2E1LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8x
L3h0THVjbEVLSGZMRWpMZjNlcTlVNGJVdmZGTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
ZjYxN2E1LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8xL3hDY0kzNU9WU3F4
Z0d1OFlOYjFkYVNSZnNDOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsEmnDANBAIAAjAHAwUDKg1pQDAN
BgkqhkiG9w0BAQsFAAOCAQEAN0sRvFq1CGlGSCgq0bgzklQnHuJpKUWRkrrf0x/K
VhT4qnt++cNN+wtxuGHaGtaBuxW21RRDCYmkMx4YzLfBSFNaP0vjG/btb1wdEASi
MUNxA/f4/rC4JdCbOrgCFmgD3SMiiCFGtPwQVZtd+RBtu2W34g8GTW4bSSEHLM1M
X91Yig+wjCliEqO5aHexG5aP6dNuMzholQ2Vzhory+u/8xRGu2K2+PjJX/iGLZzl
rgvzrh2VUZT8L1T14mhhY55qZICxtGvuVexSZZiP8NzY7j4xBF9NkTaetMBWT2l0
K8l/pur48enZZV9YfmApY0InlWc+fROFi/Lv81oo75NTzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org