Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dNbroR7hBrD8QPt7XRk9NGdMtX0.roa
File:                     dNbroR7hBrD8QPt7XRk9NGdMtX0.roa (raw, json)
Hash identifier:          FAlFljDcGxmnOANT/EB/xdEuGo7mKshcJWgp5cjXrzw=
Subject key identifier:   74:D6:EB:A1:1E:E1:06:B0:FC:40:FB:7B:5D:19:3D:34:67:4C:B5:7D
Certificate issuer:       /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial:       0182D8C424F8A5B35425D85246DE19714C61
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dNbroR7hBrD8QPt7XRk9NGdMtX0.roa
Signing time:             Fri 26 Aug 2022 06:08:29 +0000
ROA not before:           Fri 26 Aug 2022 06:08:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        193.39.208.0/24 maxlen: 24
                          193.41.38.0/24 maxlen: 24
                          193.39.143.0/24 maxlen: 24
                          2a0f:a203::/32 maxlen: 32
                          2a0f:3d86::/32 maxlen: 32
                          2a0e:2240:5::/48 maxlen: 48
                          2a0f:a207::/32 maxlen: 32
                          2a0f:3d87::/32 maxlen: 32
                          2a0e:2240:3::/48 maxlen: 48
                          2a0f:a200::/32 maxlen: 32
                          2a0f:3d81::/32 maxlen: 32
                          2a0e:2240:4::/48 maxlen: 48
                          2a0f:a206::/32 maxlen: 32
                          2a0f:3d84::/32 maxlen: 32
                          2a0f:a205::/32 maxlen: 32
                          2a0f:a201::/32 maxlen: 32
                          2a0f:a204::/32 maxlen: 32
                          2a0f:3d85::/32 maxlen: 32
                          2a0f:a202::/32 maxlen: 32
                          2a07:7880::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d8:c4:24:f8:a5:b3:54:25:d8:52:46:de:19:71:4c:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
        Validity
            Not Before: Aug 26 06:08:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74d6eba11ee106b0fc40fb7b5d193d34674cb57d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:28:2b:02:9b:49:ed:38:49:88:e6:6a:d8:c8:
                    85:04:53:a2:00:0d:16:4a:09:7f:dc:f1:22:ad:ed:
                    91:0d:59:6b:1f:af:74:1d:d5:29:36:b4:08:78:92:
                    13:1a:aa:6b:1b:53:1c:24:cd:32:d1:7e:74:4b:35:
                    2e:e0:25:28:4d:48:5b:17:a0:51:6f:14:b1:42:77:
                    8e:3b:b6:d6:5a:03:65:ed:21:1e:fb:76:86:85:1c:
                    98:39:28:80:ce:8a:23:f4:dc:dc:7d:73:0f:7f:4a:
                    15:95:52:94:8a:77:fb:0f:ec:58:0d:5b:97:b4:b9:
                    77:79:19:25:31:e1:6a:10:24:88:f3:53:fb:ea:bf:
                    7f:88:d9:e4:40:60:fd:32:66:1f:49:75:90:70:68:
                    65:d5:e8:02:55:44:75:2c:17:47:56:43:8d:a8:c0:
                    d4:c1:72:db:4f:a7:c0:7d:dd:21:f3:e7:01:86:c7:
                    59:39:6e:91:81:6b:43:d0:02:00:cf:bb:fc:b5:ed:
                    4f:39:7c:9a:af:df:cc:94:55:a3:07:59:a1:ec:55:
                    a4:3c:af:0d:21:c7:2c:d2:5a:b1:1b:99:53:d2:a7:
                    e2:8d:0f:24:0d:6c:03:c9:43:7e:f6:97:b4:e8:19:
                    7f:14:1b:d3:fa:79:be:38:6c:92:12:56:93:d1:1f:
                    71:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:D6:EB:A1:1E:E1:06:B0:FC:40:FB:7B:5D:19:3D:34:67:4C:B5:7D
            X509v3 Authority Key Identifier:
                keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dNbroR7hBrD8QPt7XRk9NGdMtX0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.39.143.0/24
                  193.39.208.0/24
                  193.41.38.0/24
                IPv6:
                  2a07:7880::/32
                  2a0e:2240:3::-2a0e:2240:5:ffff:ffff:ffff:ffff:ffff
                  2a0f:3d81::/32
                  2a0f:3d84::/30
                  2a0f:a200::/29

    Signature Algorithm: sha256WithRSAEncryption
         75:76:9f:47:ef:5c:47:cd:8f:d8:f5:fc:ed:80:c3:52:83:59:
         71:b6:25:17:35:e8:6d:e6:fa:ce:e7:a6:e7:94:2b:eb:d3:cc:
         d6:55:b5:2c:5d:fe:a7:f7:cf:d1:3b:2d:fc:d3:e9:51:d0:4c:
         d2:ef:fd:a6:c3:da:19:91:a3:8c:8a:8f:c4:7f:ac:49:67:e8:
         c2:7e:d3:a8:57:11:34:a9:9a:cb:d1:84:34:5e:6c:d1:f9:d3:
         dc:d2:00:a3:5d:cc:5d:07:47:c2:0f:d4:59:9a:9f:bd:2b:0f:
         8d:12:1a:31:18:05:01:2a:f9:c6:03:72:5b:8e:12:e9:53:7a:
         08:c3:1f:72:55:f3:34:63:10:9b:48:89:31:d4:ae:0b:21:3a:
         75:0f:04:66:8b:a4:a7:1c:ce:13:25:d4:22:7b:f6:5d:54:6f:
         09:de:77:4d:55:ac:7f:22:49:cf:2e:00:76:9a:ab:d2:db:7d:
         8f:0c:f4:8b:f5:97:28:66:9b:a1:92:33:9c:a1:6d:4e:bc:9e:
         bc:c7:49:46:ad:c5:f1:a8:2d:d9:99:8c:52:74:1a:26:44:3a:
         e1:52:7c:9d:c1:d1:ba:bc:2a:86:d3:20:90:16:fa:94:5d:1d:
         e7:3d:99:76:24:14:ce:77:49:42:ad:11:5f:2a:a1:f8:2e:e3:
         9d:7f:74:85
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYLYxCT4pbNUJdhSRt4ZcUxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwODI2MDYwODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGQ2ZWJhMTFlZTEwNmIwZmM0MGZiN2I1ZDE5M2QzNDY3NGNiNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuigrAptJ7ThJiOZq2MiFBFOiAA0W
Sgl/3PEire2RDVlrH690HdUpNrQIeJITGqprG1McJM0y0X50SzUu4CUoTUhbF6BR
bxSxQneOO7bWWgNl7SEe+3aGhRyYOSiAzooj9NzcfXMPf0oVlVKUinf7D+xYDVuX
tLl3eRklMeFqECSI81P76r9/iNnkQGD9MmYfSXWQcGhl1egCVUR1LBdHVkONqMDU
wXLbT6fAfd0h8+cBhsdZOW6RgWtD0AIAz7v8te1POXyar9/MlFWjB1mh7FWkPK8N
Iccs0lqxG5lT0qfijQ8kDWwDyUN+9pe06Bl/FBvT+nm+OGySElaT0R9xzwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFHTW66Ee4Qaw/ED7e10ZPTRnTLV9MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZE5icm9SN2hCckQ4UVB0N1hSazlOR2RNdFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAYBAIAATASAwQAwSePAwQA
wSfQAwQAwSkmMDYEAgACMDADBQAqB3iAMBIDBwAqDiJAAAMDBwEqDiJAAAQDBQAq
Dz2BAwUCKg89hAMFAyoPogAwDQYJKoZIhvcNAQELBQADggEBAHV2n0fvXEfNj9j1
/O2Aw1KDWXG2JRc16G3m+s7npueUK+vTzNZVtSxd/qf3z9E7LfzT6VHQTNLv/abD
2hmRo4yKj8R/rEln6MJ+06hXETSpmsvRhDRebNH509zSAKNdzF0HR8IP1Fman70r
D40SGjEYBQEq+cYDcluOEulTegjDH3JV8zRjEJtIiTHUrgshOnUPBGaLpKcczhMl
1CJ79l1Ubwned01VrH8iSc8uAHaaq9LbfY8M9Iv1lyhmm6GSM5yhbU68nrzHSUat
xfGoLdmZjFJ0GiZEOuFSfJ3B0bq8KobTIJAW+pRdHec9mXYkFM53SUKtEV8qofgu
451/dIU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-fra.rpki-client.org