Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/y1yK2fp0LnwQZy43Y_DgLVMh-yo.roa
File:                     y1yK2fp0LnwQZy43Y_DgLVMh-yo.roa (raw, json)
Hash identifier:          RFjYdUqGIQ9Ett33v1+TuGby6B1EIp5LE4maJ22ring=
Subject key identifier:   CB:5C:8A:D9:FA:74:2E:7C:10:67:2E:37:63:F0:E0:2D:53:21:FB:2A
Certificate issuer:       /CN=8cbd74c6d11d63ca5de3cc637ce967ee97604c67
Certificate serial:       70AB
Authority key identifier: 8C:BD:74:C6:D1:1D:63:CA:5D:E3:CC:63:7C:E9:67:EE:97:60:4C:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jL10xtEdY8pd48xjfOln7pdgTGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/y1yK2fp0LnwQZy43Y_DgLVMh-yo.roa
Signing time:             Thu 17 Mar 2022 09:30:31 +0000
ROA not before:           Thu 17 Mar 2022 09:30:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25598
IP address blocks:        193.135.4.0/23 maxlen: 24
                          195.245.237.0/24 maxlen: 24
                          193.200.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 28843 (0x70ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cbd74c6d11d63ca5de3cc637ce967ee97604c67
        Validity
            Not Before: Mar 17 09:30:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cb5c8ad9fa742e7c10672e3763f0e02d5321fb2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:8a:db:55:5c:c7:e4:6c:a3:c2:71:0e:a0:81:
                    b0:f1:6d:6d:ca:d0:2a:4a:65:2d:8f:57:f1:1a:5e:
                    27:31:a3:79:c9:59:75:e7:07:5e:89:6c:77:24:28:
                    bb:8d:ac:02:82:0c:ba:4f:f8:71:03:10:44:79:b5:
                    f4:03:79:a2:33:8e:4e:86:6d:3f:31:c9:7c:00:59:
                    7f:f0:35:f0:1e:8a:b8:90:2d:ff:86:c9:8b:58:cb:
                    d9:cd:28:c7:74:4b:14:b7:f3:33:9f:90:81:d0:30:
                    cb:1d:45:64:2e:53:1e:d1:17:5f:8e:91:ce:e9:3f:
                    eb:eb:06:6e:27:e9:6a:47:cb:25:19:aa:24:25:67:
                    70:8e:0a:d6:1a:f1:30:13:fe:ee:4f:12:8d:a7:fb:
                    d8:3d:91:90:44:dd:ac:4c:ac:27:08:98:4c:db:11:
                    51:80:c9:00:35:73:9f:f7:e3:2b:00:2f:88:cc:44:
                    59:4c:20:40:85:53:e2:2f:52:ba:57:3e:b4:8c:3e:
                    14:0e:dd:5d:3e:67:02:66:c3:ed:7c:8c:23:2c:24:
                    05:44:68:39:10:04:0c:27:dc:53:25:cb:e1:11:63:
                    ef:63:2d:44:a7:b7:f6:ae:dd:5e:b1:5b:82:ee:09:
                    bc:7f:de:50:a4:e3:3a:e8:5c:a0:b0:c5:f6:ef:de:
                    2d:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:5C:8A:D9:FA:74:2E:7C:10:67:2E:37:63:F0:E0:2D:53:21:FB:2A
            X509v3 Authority Key Identifier:
                keyid:8C:BD:74:C6:D1:1D:63:CA:5D:E3:CC:63:7C:E9:67:EE:97:60:4C:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jL10xtEdY8pd48xjfOln7pdgTGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/y1yK2fp0LnwQZy43Y_DgLVMh-yo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/jL10xtEdY8pd48xjfOln7pdgTGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.135.4.0/23
                  193.200.144.0/24
                  195.245.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:f7:e3:75:a9:95:6e:76:f9:15:f3:cd:d6:4c:ab:3a:01:0e:
         93:4f:34:bf:08:cf:40:29:68:c2:27:5b:f1:9f:26:b7:c3:1d:
         67:61:40:eb:14:e2:b4:94:ea:a6:e5:c7:3c:ef:d1:71:55:c8:
         69:69:8d:74:a0:b1:13:e0:27:d2:30:6d:30:62:fa:2d:2d:c7:
         3b:85:28:d3:ca:93:61:9a:25:72:7e:10:28:e5:3e:36:62:85:
         aa:d0:e3:a6:3f:c2:2d:8b:d2:82:0c:29:e5:94:61:ff:f9:77:
         2a:ca:2a:3a:b9:74:33:83:66:f8:ca:3b:43:50:d1:a3:8f:c9:
         94:9f:c0:48:5b:93:e6:28:6a:db:e0:9f:68:6a:d2:4c:14:7b:
         f7:da:9c:34:67:8c:4a:84:d9:39:71:4c:69:a0:39:fc:0f:33:
         55:18:6b:86:51:a0:36:be:8e:ba:cc:a2:6d:8a:52:47:7c:8f:
         ff:77:6d:5e:a4:68:68:6f:ca:26:38:0c:0f:4d:ca:59:ea:8e:
         5f:ce:1c:05:0d:de:65:e7:01:87:d3:a2:21:51:67:06:af:0d:
         e6:e7:0f:8c:f7:a4:c4:6d:39:07:32:08:c5:64:38:06:0d:01:
         0e:da:cb:d3:8b:ce:9a:96:17:39:5d:16:5d:d1:f3:33:95:0b:
         ee:7b:85:f7
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgICcKswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOGNi
ZDc0YzZkMTFkNjNjYTVkZTNjYzYzN2NlOTY3ZWU5NzYwNGM2NzAeFw0yMjAzMTcw
OTMwMzFaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGNiNWM4YWQ5ZmE3NDJl
N2MxMDY3MmUzNzYzZjBlMDJkNTMyMWZiMmEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcittVXMfkbKPCcQ6ggbDxbW3K0CpKZS2PV/EaXicxo3nJWXXn
B16JbHckKLuNrAKCDLpP+HEDEER5tfQDeaIzjk6GbT8xyXwAWX/wNfAeiriQLf+G
yYtYy9nNKMd0SxS38zOfkIHQMMsdRWQuUx7RF1+Okc7pP+vrBm4n6WpHyyUZqiQl
Z3COCtYa8TAT/u5PEo2n+9g9kZBE3axMrCcImEzbEVGAyQA1c5/34ysAL4jMRFlM
IECFU+IvUrpXPrSMPhQO3V0+ZwJmw+18jCMsJAVEaDkQBAwn3FMly+ERY+9jLUSn
t/au3V6xW4LuCbx/3lCk4zroXKCwxfbv3i3JAgMBAAGjggIVMIICETAdBgNVHQ4E
FgQUy1yK2fp0LnwQZy43Y/DgLVMh+yowHwYDVR0jBBgwFoAUjL10xtEdY8pd48xj
fOln7pdgTGcwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9q
TDEweHRFZFk4cGQ0OHhqZk9sbjdwZGdUR2MuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2M4L2NkM2ZmYi0wOWRhLTRmYWItYjM4ZS02YzhlNWQxOTM3N2UvMS95
MXlLMmZwMExud1FaeTQzWV9EZ0xWTWgteW8ucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M4L2Nk
M2ZmYi0wOWRhLTRmYWItYjM4ZS02YzhlNWQxOTM3N2UvMS9qTDEweHRFZFk4cGQ0
OHhqZk9sbjdwZGdUR2MuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKwYI
KwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAHBhwQDBADByJADBADD9e0wDQYJKoZI
hvcNAQELBQADggEBADP343WplW52+RXzzdZMqzoBDpNPNL8Iz0ApaMInW/GfJrfD
HWdhQOsU4rSU6qblxzzv0XFVyGlpjXSgsRPgJ9IwbTBi+i0txzuFKNPKk2GaJXJ+
ECjlPjZiharQ46Y/wi2L0oIMKeWUYf/5dyrKKjq5dDODZvjKO0NQ0aOPyZSfwEhb
k+Yoatvgn2hq0kwUe/fanDRnjEqE2TlxTGmgOfwPM1UYa4ZRoDa+jrrMom2KUkd8
j/93bV6kaGhvyiY4DA9Nylnqjl/OHAUN3mXnAYfToiFRZwavDebnD4z3pMRtOQcy
CMVkOAYNAQ7ay9OLzpqWFzldFl3R8zOVC+57hfc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:52 2024 by rpki-client on console-ams.rpki-client.org