Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/849bcf-da5f-4c97-97b1-5ba5954dfc37/1/gFLwSW86j5vgcaJdt0Ap4t2HXoo.roa
File:                     gFLwSW86j5vgcaJdt0Ap4t2HXoo.roa (raw, json)
Hash identifier:          gRHFSMNLs07PYEwGnnXhykI9+A6zqMd4VJlyKN8pvvs=
Subject key identifier:   80:52:F0:49:6F:3A:8F:9B:E0:71:A2:5D:B7:40:29:E2:DD:87:5E:8A
Certificate issuer:       /CN=24b0e4f18183fbd9d6950eea433fe5d216bd5f12
Certificate serial:       056825F3
Authority key identifier: 24:B0:E4:F1:81:83:FB:D9:D6:95:0E:EA:43:3F:E5:D2:16:BD:5F:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JLDk8YGD-9nWlQ7qQz_l0ha9XxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/849bcf-da5f-4c97-97b1-5ba5954dfc37/1/gFLwSW86j5vgcaJdt0Ap4t2HXoo.roa
Signing time:             Tue 26 Apr 2022 15:24:28 +0000
ROA not before:           Tue 26 Apr 2022 15:24:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3303
IP address blocks:        193.8.140.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90711539 (0x56825f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24b0e4f18183fbd9d6950eea433fe5d216bd5f12
        Validity
            Not Before: Apr 26 15:24:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8052f0496f3a8f9be071a25db74029e2dd875e8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ec:ec:8f:dd:0d:4e:fa:17:bb:11:b3:c5:1b:
                    b6:50:63:03:11:45:eb:81:97:08:62:1d:d7:8e:62:
                    07:a6:8d:e1:95:a8:02:27:80:f5:20:e0:38:3a:40:
                    9b:55:50:38:be:51:e7:f3:45:07:7c:e1:6d:fb:c5:
                    6e:1b:df:09:e4:4f:ac:83:db:c1:6e:87:00:ce:8b:
                    65:cc:4e:0f:18:6f:6f:13:0c:00:b7:be:8f:d8:82:
                    ce:2c:11:bb:ef:f5:a2:41:fc:ee:45:27:fc:3d:4c:
                    9b:fb:e0:44:c5:b8:43:26:30:2c:4f:9e:b5:e3:fa:
                    eb:93:8d:ad:cb:b2:7d:62:91:2f:3a:1b:41:f1:c3:
                    3f:e1:64:e1:5d:0f:6c:5a:b4:b8:73:7b:31:c7:47:
                    86:e8:f2:0b:d4:75:e2:49:9a:76:6a:50:01:45:dd:
                    87:c4:98:6f:a2:fe:b7:76:07:67:da:6c:f5:36:cc:
                    49:92:77:ee:bf:f1:ad:30:d4:03:a5:31:5d:71:82:
                    fe:27:62:8b:0d:9b:03:22:34:70:90:57:e5:93:80:
                    85:d0:4a:af:03:b5:44:4b:64:f6:48:54:02:75:86:
                    ce:06:25:1c:a9:48:e3:b8:c4:00:11:e3:a2:9f:74:
                    a3:28:45:b4:6f:b4:46:66:3c:f5:00:50:02:58:63:
                    5b:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:52:F0:49:6F:3A:8F:9B:E0:71:A2:5D:B7:40:29:E2:DD:87:5E:8A
            X509v3 Authority Key Identifier:
                keyid:24:B0:E4:F1:81:83:FB:D9:D6:95:0E:EA:43:3F:E5:D2:16:BD:5F:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLDk8YGD-9nWlQ7qQz_l0ha9XxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/849bcf-da5f-4c97-97b1-5ba5954dfc37/1/gFLwSW86j5vgcaJdt0Ap4t2HXoo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/849bcf-da5f-4c97-97b1-5ba5954dfc37/1/JLDk8YGD-9nWlQ7qQz_l0ha9XxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.8.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         34:bd:49:3f:5a:9a:cb:f3:a0:cc:ba:84:c5:be:99:df:3f:d7:
         4c:b2:c9:3d:68:e2:48:1e:50:34:33:a2:8e:1e:65:f9:8d:c3:
         e8:9b:a5:79:a3:29:10:be:3b:b2:e1:4b:5f:85:db:89:dc:ab:
         1c:96:97:39:7d:e6:c9:a2:93:ac:3e:05:6c:a5:f6:e9:a6:bb:
         b3:4d:bc:fb:2f:2c:74:e9:2a:19:de:e4:5a:05:26:bf:9a:be:
         4a:6f:2d:be:97:86:47:cd:ba:3d:13:a2:e9:bf:26:49:85:b5:
         d7:57:f2:24:08:d2:39:6d:f8:39:56:9f:8e:ad:c2:87:a9:c1:
         96:95:94:6d:b7:5c:f3:aa:3e:96:db:1a:0d:c2:1e:87:c4:1b:
         f8:1f:75:d4:45:a9:fa:96:41:f4:01:f7:f9:b1:0f:1f:c4:c3:
         80:be:9c:2d:ac:f8:2a:3e:de:ea:bb:13:23:83:57:c6:05:78:
         b4:36:0c:b6:32:db:61:f0:cf:51:5c:4b:bf:33:db:96:b9:5f:
         da:37:3e:d4:b9:1d:21:d6:34:d9:30:6e:4c:9b:50:bd:73:92:
         9f:8d:f3:9a:55:d4:9e:c3:b4:dc:13:cd:d4:8e:43:39:ad:71:
         25:00:73:e9:cb:fd:0e:88:6d:eb:bc:b9:70:91:66:d9:9f:0d:
         ca:9f:ab:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWgl8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGIwZTRmMTgxODNmYmQ5ZDY5NTBlZWE0MzNmZTVkMjE2YmQ1ZjEyMB4XDTIyMDQy
NjE1MjQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODA1MmYwNDk2ZjNh
OGY5YmUwNzFhMjVkYjc0MDI5ZTJkZDg3NWU4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbs7I/dDU76F7sRs8UbtlBjAxFF64GXCGId145iB6aN4ZWo
AieA9SDgODpAm1VQOL5R5/NFB3zhbfvFbhvfCeRPrIPbwW6HAM6LZcxODxhvbxMM
ALe+j9iCziwRu+/1okH87kUn/D1Mm/vgRMW4QyYwLE+eteP665ONrcuyfWKRLzob
QfHDP+Fk4V0PbFq0uHN7McdHhujyC9R14kmadmpQAUXdh8SYb6L+t3YHZ9ps9TbM
SZJ37r/xrTDUA6UxXXGC/idiiw2bAyI0cJBX5ZOAhdBKrwO1REtk9khUAnWGzgYl
HKlI47jEABHjop90oyhFtG+0RmY89QBQAlhjWyECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSAUvBJbzqPm+Bxol23QCni3YdeijAfBgNVHSMEGDAWgBQksOTxgYP72daV
DupDP+XSFr1fEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pMRGs4WUdELTluV2xRN3FRel9sMGhhOVh4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvODQ5YmNmLWRhNWYtNGM5Ny05N2IxLTViYTU5NTRkZmMzNy8x
L2dGTHdTVzg2ajV2Z2NhSmR0MEFwNHQySFhvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
ODQ5YmNmLWRhNWYtNGM5Ny05N2IxLTViYTU5NTRkZmMzNy8xL0pMRGs4WUdELTlu
V2xRN3FRel9sMGhhOVh4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcEIjDANBgkqhkiG9w0BAQsFAAOC
AQEANL1JP1qay/OgzLqExb6Z3z/XTLLJPWjiSB5QNDOijh5l+Y3D6JuleaMpEL47
suFLX4XbidyrHJaXOX3myaKTrD4FbKX26aa7s028+y8sdOkqGd7kWgUmv5q+Sm8t
vpeGR826PROi6b8mSYW111fyJAjSOW34OVafjq3Ch6nBlpWUbbdc86o+ltsaDcIe
h8Qb+B911EWp+pZB9AH3+bEPH8TDgL6cLaz4Kj7e6rsTI4NXxgV4tDYMtjLbYfDP
UVxLvzPblrlf2jc+1LkdIdY02TBuTJtQvXOSn43zmlXUnsO03BPN1I5DOa1xJQBz
6cv9Doht67y5cJFm2Z8Nyp+r+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:32 2024 by rpki-client on console-ams.rpki-client.org