Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lSdW_9XPCaRG9b2SEIx1cRntyfo.roa
File:                     lSdW_9XPCaRG9b2SEIx1cRntyfo.roa (raw, json)
Hash identifier:          qBQ1ceHlaO8OfsycDj2RsnMwDjd9o4T8SVp8sRyx8Wo=
Subject key identifier:   95:27:56:FF:D5:CF:09:A4:46:F5:BD:92:10:8C:75:71:19:ED:C9:FA
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01853B1080D2682AD1FB4AAABD3F7A894B1C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lSdW_9XPCaRG9b2SEIx1cRntyfo.roa
Signing time:             Thu 22 Dec 2022 18:20:15 +0000
ROA not before:           Thu 22 Dec 2022 18:20:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9312
IP address blocks:        194.242.2.0/24 maxlen: 24
                          193.19.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3b:10:80:d2:68:2a:d1:fb:4a:aa:bd:3f:7a:89:4b:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Dec 22 18:20:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=952756ffd5cf09a446f5bd92108c757119edc9fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f8:7d:8d:85:ea:89:9f:8e:fd:39:4b:f9:97:
                    e0:a0:25:44:66:24:ef:e9:ee:51:dc:ed:5d:e8:41:
                    09:25:16:0d:f7:f1:27:55:e6:ad:9b:b3:96:91:9e:
                    1f:45:fb:9f:d7:4a:68:cd:a2:5d:89:75:51:2e:e6:
                    6e:6b:e3:32:77:e8:97:0b:ee:56:97:6d:59:a0:b2:
                    44:33:eb:5b:23:34:72:0c:d5:2f:fc:db:4a:23:14:
                    70:92:c6:b9:29:98:bd:5e:03:28:d8:51:3a:ae:03:
                    de:4f:e9:0b:7e:3d:74:d9:02:9b:18:72:0c:c0:9c:
                    9b:a3:0d:22:1e:00:54:c8:8e:87:a5:e6:fe:f8:42:
                    76:24:02:ce:1b:9c:60:b5:b0:43:18:e4:5d:3c:b6:
                    89:05:a2:92:98:79:a0:38:cd:d6:9a:88:1a:4d:b7:
                    99:4b:e7:21:59:7e:32:5e:b1:5e:d9:0d:2d:71:64:
                    4a:f5:90:b1:a4:ce:45:fa:2a:04:a3:e3:26:15:9a:
                    56:70:cf:80:6e:0d:73:aa:da:9e:bd:9e:0e:d7:62:
                    84:fd:49:c0:8d:a6:91:50:99:dc:6d:93:9b:0f:34:
                    0f:28:09:48:b6:ba:77:b1:80:19:13:c0:3a:a0:30:
                    cb:2d:a1:43:1e:2c:f9:eb:8d:f9:a2:bc:f4:93:ca:
                    82:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:27:56:FF:D5:CF:09:A4:46:F5:BD:92:10:8C:75:71:19:ED:C9:FA
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lSdW_9XPCaRG9b2SEIx1cRntyfo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.19.108.0/24
                  194.242.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:be:c0:fc:8f:33:47:a1:b2:a7:07:96:86:2a:e9:56:fa:ff:
         e5:08:4e:54:0d:6a:8f:29:b0:3d:8b:50:79:a5:e5:5a:d6:e3:
         96:07:78:27:1d:8e:5f:f0:d6:89:30:00:75:02:6d:6c:58:c7:
         d1:af:e3:39:ee:7d:e7:19:a7:0a:6c:0b:43:a8:8f:88:79:7d:
         e3:84:d6:e2:30:8a:81:f9:d7:3d:29:30:4b:43:bb:dc:d4:45:
         0f:61:9e:81:71:90:fa:73:7e:b8:f1:4b:f9:ca:6a:e9:6c:54:
         23:8b:06:1b:88:10:c0:eb:c0:d2:0a:52:41:93:ed:65:ab:81:
         b5:fa:a1:11:50:4c:c9:38:3f:3e:1a:7a:bc:02:e3:07:51:64:
         2b:a9:13:0a:67:f3:2f:ca:f2:81:62:7f:b4:d8:be:3e:ee:cd:
         84:40:98:e3:6f:e6:cc:f2:64:36:54:df:03:5e:33:d3:2b:22:
         99:dd:4c:61:3d:19:7a:cc:f5:10:f4:a7:e6:1a:f2:d8:ae:4e:
         a1:a4:88:32:ea:84:8b:7a:d9:fa:bf:36:79:59:41:24:b0:72:
         d5:f1:fd:2f:21:86:65:ad:96:56:78:63:81:4e:5b:23:3c:23:
         13:51:72:6c:0d:9f:ab:a8:eb:f3:9d:1b:61:dd:37:e2:33:6d:
         de:0e:a1:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU7EIDSaCrR+0qqvT96iUscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMjIyMTgyMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTI3NTZmZmQ1Y2YwOWE0NDZmNWJkOTIxMDhjNzU3MTE5ZWRjOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifh9jYXqiZ+O/TlL+ZfgoCVEZiTv
6e5R3O1d6EEJJRYN9/EnVeatm7OWkZ4fRfuf10pozaJdiXVRLuZua+Myd+iXC+5W
l21ZoLJEM+tbIzRyDNUv/NtKIxRwksa5KZi9XgMo2FE6rgPeT+kLfj102QKbGHIM
wJybow0iHgBUyI6Hpeb++EJ2JALOG5xgtbBDGORdPLaJBaKSmHmgOM3WmogaTbeZ
S+chWX4yXrFe2Q0tcWRK9ZCxpM5F+ioEo+MmFZpWcM+Abg1zqtqevZ4O12KE/UnA
jaaRUJncbZObDzQPKAlItrp3sYAZE8A6oDDLLaFDHiz56435orz0k8qCbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJUnVv/VzwmkRvW9khCMdXEZ7cn6MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbFNkV185WFBDYVJHOWIyU0VJeDFjUm50eWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA
wvICMA0GCSqGSIb3DQEBCwUAA4IBAQBQvsD8jzNHobKnB5aGKulW+v/lCE5UDWqP
KbA9i1B5peVa1uOWB3gnHY5f8NaJMAB1Am1sWMfRr+M57n3nGacKbAtDqI+IeX3j
hNbiMIqB+dc9KTBLQ7vc1EUPYZ6BcZD6c3648Uv5ymrpbFQjiwYbiBDA68DSClJB
k+1lq4G1+qERUEzJOD8+Gnq8AuMHUWQrqRMKZ/MvyvKBYn+02L4+7s2EQJjjb+bM
8mQ2VN8DXjPTKyKZ3UxhPRl6zPUQ9KfmGvLYrk6hpIgy6oSLetn6vzZ5WUEksHLV
8f0vIYZlrZZWeGOBTlsjPCMTUXJsDZ+rqOvznRth3TfiM23eDqEP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org