Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/c1b3c8-0693-49c4-8132-905407eb0f53/1/4C-lUJpkq_Gze3xdcmVceTIEPD4.roa
File:                     4C-lUJpkq_Gze3xdcmVceTIEPD4.roa (raw, json)
Hash identifier:          /dCYEfKRWfhxPxiHGwrtxLMVRLuFMn7YfaKAXJ29BWI=
Subject key identifier:   E0:2F:A5:50:9A:64:AB:F1:B3:7B:7C:5D:72:65:5C:79:32:04:3C:3E
Certificate issuer:       /CN=ff48fb9cf17dece6addb08eefd9bee842c1e2b60
Certificate serial:       092A961B
Authority key identifier: FF:48:FB:9C:F1:7D:EC:E6:AD:DB:08:EE:FD:9B:EE:84:2C:1E:2B:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_0j7nPF97Oat2wju_ZvuhCweK2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/c1b3c8-0693-49c4-8132-905407eb0f53/1/4C-lUJpkq_Gze3xdcmVceTIEPD4.roa
Signing time:             Sat 01 Jan 2022 06:54:37 +0000
ROA not before:           Sat 01 Jan 2022 06:54:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     137
IP address blocks:        193.42.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153785883 (0x92a961b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff48fb9cf17dece6addb08eefd9bee842c1e2b60
        Validity
            Not Before: Jan  1 06:54:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e02fa5509a64abf1b37b7c5d72655c7932043c3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e5:d9:a6:80:59:1e:57:db:e0:21:60:39:69:
                    24:90:59:e6:8e:8a:4f:b3:8f:ec:ab:3d:4b:e9:4a:
                    ab:7f:42:74:a9:3f:5d:2c:65:90:81:58:de:7d:5a:
                    bf:96:a5:0b:24:ee:17:01:3c:bd:93:4a:fd:15:07:
                    6d:b0:a9:fb:42:07:ad:39:26:3a:ea:03:2f:9b:48:
                    2b:6c:6e:9d:60:3d:f7:07:d5:a4:5d:f4:f6:5c:27:
                    4a:c8:8e:0e:85:53:b9:a1:cb:6a:4d:6d:bc:06:a5:
                    2b:7a:25:cb:02:81:2d:cc:cf:8f:db:ea:c7:a1:b8:
                    0d:44:27:d3:ce:0f:60:5c:13:65:47:05:09:b6:08:
                    ec:dd:65:3c:5a:ba:2a:cb:57:a9:49:37:03:ff:f7:
                    24:22:a9:a8:08:33:8e:a8:17:97:42:14:3b:80:41:
                    13:7f:1a:0f:68:ab:f4:b2:70:b1:9a:20:e0:60:71:
                    a0:93:a4:e8:28:99:16:d0:91:b0:a1:a5:61:b0:6d:
                    42:e7:4f:d1:06:47:5e:49:56:65:5f:d4:b6:9a:a4:
                    43:ee:7d:7f:92:77:3c:80:df:94:7c:84:b5:25:50:
                    4a:e5:ee:07:79:30:60:ea:f4:ee:39:8f:1f:e2:64:
                    40:de:23:72:55:1b:c6:02:57:a9:97:5e:ef:59:dc:
                    4f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:2F:A5:50:9A:64:AB:F1:B3:7B:7C:5D:72:65:5C:79:32:04:3C:3E
            X509v3 Authority Key Identifier:
                keyid:FF:48:FB:9C:F1:7D:EC:E6:AD:DB:08:EE:FD:9B:EE:84:2C:1E:2B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0j7nPF97Oat2wju_ZvuhCweK2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/c1b3c8-0693-49c4-8132-905407eb0f53/1/4C-lUJpkq_Gze3xdcmVceTIEPD4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/c1b3c8-0693-49c4-8132-905407eb0f53/1/_0j7nPF97Oat2wju_ZvuhCweK2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.42.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:0c:54:08:f0:cb:6a:ce:89:94:89:fe:8d:99:1d:18:88:21:
         e0:54:0e:e0:8d:39:65:5d:c7:26:eb:cc:d1:a2:16:2f:f2:c9:
         c0:3b:e2:61:24:da:ae:19:c4:a1:39:3d:32:f9:2e:f5:44:9b:
         47:d9:24:8c:6e:9e:7b:a9:5d:49:f1:37:02:ef:15:07:06:5d:
         12:cb:f0:88:21:21:d6:6a:ef:96:49:13:89:36:8d:ff:1e:e2:
         dc:46:27:f4:e0:05:cc:af:f7:74:47:43:a7:af:3a:51:31:a3:
         a0:dd:ad:21:50:73:fa:19:61:71:03:bb:ea:1b:4f:d3:19:28:
         f0:b6:58:02:b6:42:f5:bd:12:b2:08:c4:54:b4:34:6d:1d:94:
         fd:76:75:b0:26:41:b3:16:6b:ec:1c:6d:59:71:23:a4:e1:aa:
         36:21:02:14:43:cb:58:59:77:2e:f0:64:4a:52:28:0d:53:9e:
         f0:ce:01:40:f4:bd:7e:d3:02:42:95:f7:34:03:26:95:ed:e5:
         7c:ce:e9:6d:d1:03:95:26:5b:32:52:ff:e7:54:b5:2d:c1:e4:
         5a:18:ff:c7:2d:f6:77:83:bd:92:a6:f1:1e:92:2b:d8:4b:1b:
         5d:d8:52:b3:d2:47:01:0c:f2:dc:26:c6:06:c6:96:1e:bb:bc:
         04:75:79:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECSqWGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjQ4ZmI5Y2YxN2RlY2U2YWRkYjA4ZWVmZDliZWU4NDJjMWUyYjYwMB4XDTIyMDEw
MTA2NTQzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTAyZmE1NTA5YTY0
YWJmMWIzN2I3YzVkNzI2NTVjNzkzMjA0M2MzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHl2aaAWR5X2+AhYDlpJJBZ5o6KT7OP7Ks9S+lKq39CdKk/
XSxlkIFY3n1av5alCyTuFwE8vZNK/RUHbbCp+0IHrTkmOuoDL5tIK2xunWA99wfV
pF309lwnSsiODoVTuaHLak1tvAalK3olywKBLczPj9vqx6G4DUQn084PYFwTZUcF
CbYI7N1lPFq6KstXqUk3A//3JCKpqAgzjqgXl0IUO4BBE38aD2ir9LJwsZog4GBx
oJOk6CiZFtCRsKGlYbBtQudP0QZHXklWZV/UtpqkQ+59f5J3PIDflHyEtSVQSuXu
B3kwYOr07jmPH+JkQN4jclUbxgJXqZde71ncT+kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTgL6VQmmSr8bN7fF1yZVx5MgQ8PjAfBgNVHSMEGDAWgBT/SPuc8X3s5q3b
CO79m+6ELB4rYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18wajduUEY5N09hdDJ3anVfWnZ1aEN3ZUsyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvYzFiM2M4LTA2OTMtNDljNC04MTMyLTkwNTQwN2ViMGY1My8x
LzRDLWxVSnBrcV9HemUzeGRjbVZjZVRJRVBENC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
YzFiM2M4LTA2OTMtNDljNC04MTMyLTkwNTQwN2ViMGY1My8xL18wajduUEY5N09h
dDJ3anVfWnZ1aEN3ZUsyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEqizANBgkqhkiG9w0BAQsFAAOC
AQEAlgxUCPDLas6JlIn+jZkdGIgh4FQO4I05ZV3HJuvM0aIWL/LJwDviYSTarhnE
oTk9Mvku9USbR9kkjG6ee6ldSfE3Au8VBwZdEsvwiCEh1mrvlkkTiTaN/x7i3EYn
9OAFzK/3dEdDp686UTGjoN2tIVBz+hlhcQO76htP0xko8LZYArZC9b0SsgjEVLQ0
bR2U/XZ1sCZBsxZr7BxtWXEjpOGqNiECFEPLWFl3LvBkSlIoDVOe8M4BQPS9ftMC
QpX3NAMmle3lfM7pbdEDlSZbMlL/51S1LcHkWhj/xy32d4O9kqbxHpIr2EsbXdhS
s9JHAQzy3CbGBsaWHru8BHV5lA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:20 2024 by rpki-client on console-fra.rpki-client.org