Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/jQHJedDVy_9I4XrISxSSEjh_uT8.roa
File:                     jQHJedDVy_9I4XrISxSSEjh_uT8.roa (raw, json)
Hash identifier:          tP9iqdnPZ/Sc64WMEPCSq2wGxzTfkNJNoFbINJVzCVw=
Subject key identifier:   8D:01:C9:79:D0:D5:CB:FF:48:E1:7A:C8:4B:14:92:12:38:7F:B9:3F
Certificate issuer:       /CN=43b88ff1edfb67206603026771aaaec84b8b1eb8
Certificate serial:       AA5B
Authority key identifier: 43:B8:8F:F1:ED:FB:67:20:66:03:02:67:71:AA:AE:C8:4B:8B:1E:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q7iP8e37ZyBmAwJncaquyEuLHrg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/jQHJedDVy_9I4XrISxSSEjh_uT8.roa
Signing time:             Thu 17 Feb 2022 10:34:08 +0000
ROA not before:           Thu 17 Feb 2022 10:34:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212031
IP address blocks:        193.163.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 43611 (0xaa5b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43b88ff1edfb67206603026771aaaec84b8b1eb8
        Validity
            Not Before: Feb 17 10:34:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8d01c979d0d5cbff48e17ac84b149212387fb93f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:9e:c9:8f:90:94:1c:56:ad:ff:8b:a0:ce:37:
                    df:97:e3:fb:34:c6:6e:a4:64:ee:43:76:db:5e:ef:
                    59:55:90:4e:f8:10:8f:b1:7d:ef:14:23:f3:20:99:
                    62:53:1e:89:63:99:04:14:c5:9e:c6:a6:d8:7b:8b:
                    a0:37:fa:ba:c1:f7:33:c7:00:ae:9e:c0:14:71:ed:
                    79:ba:80:51:2e:8a:75:91:de:70:e1:35:27:dd:f1:
                    9f:8b:99:b4:b7:1c:c7:1a:69:dc:b1:42:45:a2:98:
                    db:e8:2c:6f:3b:a6:b3:a3:05:9a:cd:c1:24:19:14:
                    75:65:3f:2b:78:19:a1:36:6f:e4:7b:0f:17:2e:7d:
                    ea:76:05:60:6d:d8:2f:78:eb:89:ba:3d:ed:56:68:
                    a3:94:b3:79:d9:33:21:c1:02:09:28:70:f0:33:22:
                    80:86:25:b1:71:e3:f6:c2:e0:1f:7c:b2:1d:c0:17:
                    e2:78:a9:f3:df:27:59:0c:b5:be:86:37:d3:d6:29:
                    bf:24:ad:43:cd:cd:e7:2d:ca:c1:0d:5c:fb:67:a9:
                    e8:ed:60:fe:32:96:9d:53:61:2c:68:1c:f1:d5:0c:
                    74:6b:65:f5:4c:dc:91:69:19:46:df:1b:2a:6d:63:
                    f4:ed:a2:f4:e1:91:1d:88:f7:0e:d7:6a:66:77:e9:
                    3e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:01:C9:79:D0:D5:CB:FF:48:E1:7A:C8:4B:14:92:12:38:7F:B9:3F
            X509v3 Authority Key Identifier:
                keyid:43:B8:8F:F1:ED:FB:67:20:66:03:02:67:71:AA:AE:C8:4B:8B:1E:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7iP8e37ZyBmAwJncaquyEuLHrg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/jQHJedDVy_9I4XrISxSSEjh_uT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/Q7iP8e37ZyBmAwJncaquyEuLHrg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.163.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:03:ea:48:61:33:ad:75:2a:f0:7a:d6:0a:93:18:3a:70:7c:
         7e:55:7a:08:7f:1c:76:50:43:4e:50:90:f8:a8:fb:99:a6:7a:
         e5:e7:69:6b:3e:f3:86:06:23:ed:35:3e:02:ff:11:3f:93:55:
         27:6c:c6:46:36:71:44:00:7c:ea:2c:c6:d6:fd:af:ad:26:30:
         27:e9:8b:24:8a:a5:89:60:07:9c:13:30:38:19:45:9a:04:c5:
         8f:5e:06:70:d7:48:a5:9f:8f:6a:dc:04:03:02:7d:7a:06:b4:
         0a:35:c1:59:ce:d8:b6:09:7c:e3:8c:00:17:8f:a7:57:02:cd:
         c0:de:ff:08:23:c8:b4:79:24:98:59:0f:d4:74:25:ae:54:a7:
         ad:7a:7b:a2:1a:0f:c3:44:78:65:3d:13:ac:30:41:2a:ea:49:
         1e:54:5c:08:a4:c9:a7:8c:ec:1a:01:5e:e4:b0:28:87:79:60:
         ea:fe:08:d2:10:e5:52:72:b8:6e:38:fd:a0:03:81:cc:09:cb:
         eb:6c:c2:9b:e9:c0:e7:c1:c2:0c:fb:f9:d8:4e:a0:8f:25:b4:
         07:73:eb:ea:c9:90:3b:d9:ff:02:ff:c6:15:b1:86:9b:1c:49:
         84:2b:63:db:83:4c:9c:fb:57:74:a9:18:46:5b:f3:a5:70:8f:
         39:46:11:91
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAKpbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQz
Yjg4ZmYxZWRmYjY3MjA2NjAzMDI2NzcxYWFhZWM4NGI4YjFlYjgwHhcNMjIwMjE3
MTAzNDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4ZDAxYzk3OWQwZDVj
YmZmNDhlMTdhYzg0YjE0OTIxMjM4N2ZiOTNmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1Z7Jj5CUHFat/4ugzjffl+P7NMZupGTuQ3bbXu9ZVZBO+BCP
sX3vFCPzIJliUx6JY5kEFMWexqbYe4ugN/q6wfczxwCunsAUce15uoBRLop1kd5w
4TUn3fGfi5m0txzHGmncsUJFopjb6CxvO6azowWazcEkGRR1ZT8reBmhNm/kew8X
Ln3qdgVgbdgveOuJuj3tVmijlLN52TMhwQIJKHDwMyKAhiWxceP2wuAffLIdwBfi
eKnz3ydZDLW+hjfT1im/JK1Dzc3nLcrBDVz7Z6no7WD+MpadU2EsaBzx1Qx0a2X1
TNyRaRlG3xsqbWP07aL04ZEdiPcO12pmd+k+3wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFI0ByXnQ1cv/SOF6yEsUkhI4f7k/MB8GA1UdIwQYMBaAFEO4j/Ht+2cgZgMC
Z3GqrshLix64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UTdpUDhlMzdaeUJtQXdKbmNhcXV5RXVMSHJnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZi9lNWM3ODMtNDM2ZS00NmU1LWI1MTQtYzFiZTVkYzAxYmJlLzEv
alFISmVkRFZ5XzlJNFhySVN4U1NFamhfdVQ4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9l
NWM3ODMtNDM2ZS00NmU1LWI1MTQtYzFiZTVkYzAxYmJlLzEvUTdpUDhlMzdaeUJt
QXdKbmNhcXV5RXVMSHJnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaORMA0GCSqGSIb3DQEBCwUAA4IB
AQBtA+pIYTOtdSrwetYKkxg6cHx+VXoIfxx2UENOUJD4qPuZpnrl52lrPvOGBiPt
NT4C/xE/k1UnbMZGNnFEAHzqLMbW/a+tJjAn6YskiqWJYAecEzA4GUWaBMWPXgZw
10iln49q3AQDAn16BrQKNcFZzti2CXzjjAAXj6dXAs3A3v8II8i0eSSYWQ/UdCWu
VKetenuiGg/DRHhlPROsMEEq6kkeVFwIpMmnjOwaAV7ksCiHeWDq/gjSEOVScrhu
OP2gA4HMCcvrbMKb6cDnwcIM+/nYTqCPJbQHc+vqyZA72f8C/8YVsYabHEmEK2Pb
g0yc+1d0qRhGW/OlcI85RhGR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:16 2024 by rpki-client on console-fra.rpki-client.org