Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/AFtifntUamh3r1FEKIJ_gjz_CDQ.roa
File:                     AFtifntUamh3r1FEKIJ_gjz_CDQ.roa (raw, json)
Hash identifier:          i5kyHcwnBG5nPSoZj+vr9AJtc7SuJtJB/UIUSUt72Lo=
Subject key identifier:   00:5B:62:7E:7B:54:6A:68:77:AF:51:44:28:82:7F:82:3C:FF:08:34
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       086EB34D
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/AFtifntUamh3r1FEKIJ_gjz_CDQ.roa
Signing time:             Fri 15 Apr 2022 16:48:42 +0000
ROA not before:           Fri 15 Apr 2022 16:48:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        193.37.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141472589 (0x86eb34d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Apr 15 16:48:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=005b627e7b546a6877af514428827f823cff0834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:2a:d1:2f:ba:27:cf:0b:53:e5:2e:a4:e5:c4:
                    e0:ee:75:94:a6:7f:0a:e6:98:b0:c9:68:af:a1:f1:
                    c1:22:39:65:e1:b3:fd:0a:18:7d:74:42:49:b4:73:
                    d9:5e:a5:9b:be:76:76:56:60:14:0c:7a:73:c7:fc:
                    92:35:2e:aa:d0:da:0e:fa:fc:e7:f2:ae:80:04:e4:
                    d4:e9:49:c4:60:86:2f:1b:f2:84:f6:14:46:2e:30:
                    b3:a5:8a:5d:1d:64:77:48:6c:7a:ca:14:07:4b:e2:
                    54:19:1e:63:9a:3f:3a:f2:41:88:f0:9b:15:8b:dd:
                    01:94:97:f7:9d:d0:77:ea:e3:bb:22:97:7c:53:ad:
                    e2:52:d5:a0:de:cf:8d:6f:e0:8e:e3:97:e3:43:e5:
                    7d:5e:a7:fb:3a:b5:e3:b0:64:ca:1a:a5:1f:c4:53:
                    46:7d:24:9f:fc:99:3d:c9:11:09:f2:f6:20:91:9f:
                    d3:eb:d0:df:26:9c:c6:b4:46:d3:1e:8b:e0:66:dc:
                    ee:82:b3:6b:2c:5c:d2:3a:85:80:c8:01:bc:a8:e7:
                    c6:95:4c:53:68:8b:c7:18:e7:bc:66:c3:46:af:07:
                    d2:98:c0:35:e3:ef:47:07:68:d6:91:f0:78:0e:12:
                    a5:d1:73:3e:6b:7c:2a:4f:6f:ff:cb:6c:aa:91:79:
                    6c:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:5B:62:7E:7B:54:6A:68:77:AF:51:44:28:82:7F:82:3C:FF:08:34
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/AFtifntUamh3r1FEKIJ_gjz_CDQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.37.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:0d:da:c1:22:7c:c1:60:8d:fd:27:1f:fb:1d:8d:c8:a1:b3:
         d3:d2:42:92:e3:35:80:2b:34:34:0b:dc:52:fc:76:a8:35:da:
         85:0f:88:e1:6c:e9:1c:14:47:2c:d7:65:92:fa:42:71:49:df:
         96:81:04:25:7e:ab:ac:14:4f:7a:23:17:ae:5a:39:4c:91:1b:
         cc:56:3a:04:36:a9:88:19:4d:49:87:f7:05:51:20:54:ac:3d:
         60:23:53:e5:8c:6b:fe:8a:e2:29:30:b5:c6:6a:36:6d:4d:38:
         e3:7e:1d:ad:1f:df:85:72:8a:49:ba:76:f7:bd:d6:5a:c6:0a:
         83:3a:a6:58:1f:c0:cc:f3:e2:2b:11:78:c1:e9:08:d3:45:83:
         d1:73:47:9e:5b:08:09:df:19:52:75:98:ff:c3:d2:eb:ee:e2:
         4e:72:b9:a1:ee:e9:1d:13:70:f9:de:83:d2:4b:87:0b:4d:a6:
         46:4b:e7:1b:4b:c4:1d:c7:c7:d1:41:89:b0:11:a1:2d:59:23:
         29:b1:3c:2c:bd:ea:cb:d6:f8:03:c7:48:14:9f:86:c6:5e:eb:
         c8:04:e9:bc:71:d4:57:3a:0d:9c:fe:dc:4a:69:da:64:c0:ae:
         a8:7d:95:07:95:be:9a:0c:56:ca:be:a1:fa:42:16:5b:df:40:
         30:9d:b9:d4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECG6zTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzY3N2Q3Y2I5MjcxY2UzNjEyNTZlOTgzM2NjN2IxNGZkMDIzZWJlMB4XDTIyMDQx
NTE2NDg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA1YjYyN2U3YjU0
NmE2ODc3YWY1MTQ0Mjg4MjdmODIzY2ZmMDgzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkq0S+6J88LU+UupOXE4O51lKZ/CuaYsMlor6HxwSI5ZeGz
/QoYfXRCSbRz2V6lm752dlZgFAx6c8f8kjUuqtDaDvr85/KugATk1OlJxGCGLxvy
hPYURi4ws6WKXR1kd0hsesoUB0viVBkeY5o/OvJBiPCbFYvdAZSX953Qd+rjuyKX
fFOt4lLVoN7PjW/gjuOX40PlfV6n+zq147BkyhqlH8RTRn0kn/yZPckRCfL2IJGf
0+vQ3yacxrRG0x6L4Gbc7oKzayxc0jqFgMgBvKjnxpVMU2iLxxjnvGbDRq8H0pjA
NePvRwdo1pHweA4SpdFzPmt8Kk9v/8tsqpF5bPkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQAW2J+e1RqaHevUUQogn+CPP8INDAfBgNVHSMEGDAWgBSTZ318uScc42El
bpgzzHsU/QI+vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syZDlmTGtuSE9OaEpXNllNOHg3RlAwQ1ByNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8x
L0FGdGlmbnRVYW1oM3IxRkVLSUpfZ2p6X0NEUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8xL2syZDlmTGtuSE9O
aEpXNllNOHg3RlAwQ1ByNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMElxDANBgkqhkiG9w0BAQsFAAOC
AQEACQ3awSJ8wWCN/Scf+x2NyKGz09JCkuM1gCs0NAvcUvx2qDXahQ+I4WzpHBRH
LNdlkvpCcUnfloEEJX6rrBRPeiMXrlo5TJEbzFY6BDapiBlNSYf3BVEgVKw9YCNT
5Yxr/oriKTC1xmo2bU04434drR/fhXKKSbp2973WWsYKgzqmWB/AzPPiKxF4wekI
00WD0XNHnlsICd8ZUnWY/8PS6+7iTnK5oe7pHRNw+d6D0kuHC02mRkvnG0vEHcfH
0UGJsBGhLVkjKbE8LL3qy9b4A8dIFJ+Gxl7ryATpvHHUVzoNnP7cSmnaZMCuqH2V
B5W+mgxWyr6h+kIWW99AMJ251A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org