Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/RJ6a7UMpUHTYRsVuPU0r73oANUs.roa
File:                     RJ6a7UMpUHTYRsVuPU0r73oANUs.roa (raw, json)
Hash identifier:          GNcBxyWmXfUFl3X1ZAli8nxRvQGCP4SxwhGwhrW7Gb0=
Subject key identifier:   44:9E:9A:ED:43:29:50:74:D8:46:C5:6E:3D:4D:2B:EF:7A:00:35:4B
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       03168E10
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/RJ6a7UMpUHTYRsVuPU0r73oANUs.roa
Signing time:             Sat 01 Jan 2022 16:04:13 +0000
ROA not before:           Sat 01 Jan 2022 16:04:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14576
IP address blocks:        193.0.201.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51809808 (0x3168e10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  1 16:04:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=449e9aed43295074d846c56e3d4d2bef7a00354b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d8:10:88:3e:02:6e:bd:a8:0e:e8:20:a4:d7:
                    e9:94:fb:a5:f3:51:4c:03:70:60:fc:f6:6a:c7:52:
                    cf:53:c9:36:1c:46:da:5c:e8:35:4c:4a:a7:48:a9:
                    0d:0f:a7:6a:84:80:d9:ff:8b:22:00:91:f3:10:49:
                    d5:36:34:91:91:41:f5:82:12:cf:73:34:96:d9:4a:
                    8e:00:bb:2f:2d:2e:70:8b:bb:d9:16:3e:14:12:4a:
                    dc:f7:aa:aa:91:ea:b0:59:e9:9c:67:d9:fb:b8:1e:
                    71:c1:47:a4:31:24:99:98:77:e1:aa:f6:c5:a0:4f:
                    70:f3:1d:8e:1e:88:08:b4:58:71:32:04:00:b3:0d:
                    09:57:0f:76:7d:5d:eb:62:76:9d:b5:bc:e2:86:9c:
                    da:9c:d4:91:28:b0:d1:0b:1c:04:8f:da:1d:cd:e1:
                    61:27:90:fc:fb:ee:f4:8f:e2:49:14:be:fd:5b:c3:
                    5a:24:53:fc:22:45:d6:35:72:c1:ed:54:7e:45:1a:
                    cf:36:77:2c:2d:42:04:59:da:36:57:52:7b:aa:32:
                    e7:36:2b:59:b1:07:87:3d:b3:bf:de:cc:0b:ec:49:
                    7e:b8:8c:f6:eb:6c:2b:a0:2a:5d:c5:17:5c:f0:62:
                    13:a5:50:fa:25:ec:81:5a:ad:af:90:a1:99:04:27:
                    89:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:9E:9A:ED:43:29:50:74:D8:46:C5:6E:3D:4D:2B:EF:7A:00:35:4B
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/RJ6a7UMpUHTYRsVuPU0r73oANUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:ab:86:cf:ad:4e:67:f5:a5:5f:1e:55:7e:bf:af:5c:b3:6b:
         c3:f3:6b:f5:f4:ff:b3:69:5e:1d:85:69:3d:bb:29:dd:0a:6b:
         78:04:b8:46:42:22:3a:0b:9b:ff:6e:ef:a9:e5:6b:d2:9e:f0:
         c9:a6:84:b2:ec:e0:56:ae:d7:4d:a0:d1:8b:36:01:b2:c1:69:
         59:10:61:3a:16:fe:12:7f:f4:fc:23:0a:92:80:fa:c7:48:53:
         7f:ad:23:54:69:78:97:c9:05:16:55:0e:7a:1d:31:08:35:a6:
         ba:78:87:8c:38:51:8c:cd:01:58:c9:5c:0b:01:9b:c0:5a:4c:
         7c:26:54:47:7f:d0:af:9f:62:2c:df:12:fe:00:19:45:b5:0e:
         14:35:27:ea:2d:12:04:fb:b9:33:17:35:2f:ee:3b:8a:38:ce:
         c7:cd:b8:48:53:28:da:0b:bd:b0:10:39:ba:70:1d:80:e5:12:
         1c:bd:74:a6:a5:be:16:78:3c:ea:91:e9:11:71:ec:c2:f0:b2:
         3f:12:f5:6b:e9:74:1e:9f:c1:33:4b:51:95:74:0b:ee:e7:90:
         02:78:5a:9d:b6:41:2f:60:4b:0c:4c:4e:ea:15:17:f3:13:3e:
         9d:ce:06:d3:91:2d:aa:11:df:c3:08:f6:a0:45:72:23:6e:64:
         f9:d7:6a:3f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAxaOEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEw
MTE2MDQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ5ZTlhZWQ0MzI5
NTA3NGQ4NDZjNTZlM2Q0ZDJiZWY3YTAwMzU0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPYEIg+Am69qA7oIKTX6ZT7pfNRTANwYPz2asdSz1PJNhxG
2lzoNUxKp0ipDQ+naoSA2f+LIgCR8xBJ1TY0kZFB9YISz3M0ltlKjgC7Ly0ucIu7
2RY+FBJK3PeqqpHqsFnpnGfZ+7geccFHpDEkmZh34ar2xaBPcPMdjh6ICLRYcTIE
ALMNCVcPdn1d62J2nbW84oac2pzUkSiw0QscBI/aHc3hYSeQ/Pvu9I/iSRS+/VvD
WiRT/CJF1jVywe1UfkUazzZ3LC1CBFnaNldSe6oy5zYrWbEHhz2zv97MC+xJfriM
9utsK6AqXcUXXPBiE6VQ+iXsgVqtr5ChmQQniWcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBREnprtQylQdNhGxW49TSvvegA1SzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1JKNmE3VU1wVUhUWVJzVnVQVTByNzNvQU5Vcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEAyTANBgkqhkiG9w0BAQsFAAOC
AQEAXquGz61OZ/WlXx5Vfr+vXLNrw/Nr9fT/s2leHYVpPbsp3QpreAS4RkIiOgub
/27vqeVr0p7wyaaEsuzgVq7XTaDRizYBssFpWRBhOhb+En/0/CMKkoD6x0hTf60j
VGl4l8kFFlUOeh0xCDWmuniHjDhRjM0BWMlcCwGbwFpMfCZUR3/Qr59iLN8S/gAZ
RbUOFDUn6i0SBPu5Mxc1L+47ijjOx824SFMo2gu9sBA5unAdgOUSHL10pqW+Fng8
6pHpEXHswvCyPxL1a+l0Hp/BM0tRlXQL7ueQAnhanbZBL2BLDExO6hUX8xM+nc4G
05EtqhHfwwj2oEVyI25k+ddqPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org