Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/OY-2Z4M50HmrzQxRXH9In-Dk34A.roa
File:                     OY-2Z4M50HmrzQxRXH9In-Dk34A.roa (raw, json)
Hash identifier:          gYsOQe+53S3fniKlVEiusHnYc0CKT5CnfinBtpzQXYk=
Subject key identifier:   39:8F:B6:67:83:39:D0:79:AB:CD:0C:51:5C:7F:48:9F:E0:E4:DF:80
Certificate issuer:       /CN=0b4cfabe47e9285f65f1f2d686baaf15b8b41773
Certificate serial:       387D5527
Authority key identifier: 0B:4C:FA:BE:47:E9:28:5F:65:F1:F2:D6:86:BA:AF:15:B8:B4:17:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/OY-2Z4M50HmrzQxRXH9In-Dk34A.roa
Signing time:             Sat 01 Jan 2022 12:04:29 +0000
ROA not before:           Sat 01 Jan 2022 12:04:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44919
IP address blocks:        188.92.144.0/21 maxlen: 24
                          193.46.73.0/24 maxlen: 24
                          2a02:d58::/29 maxlen: 35

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 947737895 (0x387d5527)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b4cfabe47e9285f65f1f2d686baaf15b8b41773
        Validity
            Not Before: Jan  1 12:04:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=398fb6678339d079abcd0c515c7f489fe0e4df80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:2f:24:35:7e:d5:4a:5b:54:a5:a4:9c:fa:56:
                    91:dd:9f:be:76:4b:72:38:a7:a4:6a:f7:3b:5d:64:
                    ac:5a:30:94:2c:5d:a4:e4:c5:67:5d:27:92:86:bd:
                    6a:c1:f3:e8:f2:fd:c7:7e:66:58:2e:eb:7c:3d:bc:
                    58:c9:d6:d6:54:6b:1f:2b:89:5f:b3:e9:a0:90:92:
                    e4:52:6e:e6:a8:05:e4:67:58:59:8f:83:90:83:5b:
                    54:c7:77:cf:2e:2f:09:b1:f0:2a:27:66:fd:41:0d:
                    a4:e0:bc:ed:f2:fa:0f:18:06:e7:bb:30:b6:6a:ef:
                    8d:26:9b:34:86:86:64:6a:de:e5:e1:9c:67:a9:fe:
                    80:58:54:44:ab:ad:ec:bb:63:5e:2b:98:b5:e1:16:
                    6c:1f:04:01:02:aa:b2:9a:58:e8:f7:a3:f2:24:7d:
                    5d:f7:2b:48:e1:13:f4:9d:ab:04:34:c4:9e:da:ef:
                    51:fa:cc:cd:12:5e:0b:26:9b:77:e0:b4:fd:08:c8:
                    3a:46:e9:fa:27:45:68:85:79:52:27:a6:63:4d:00:
                    b5:f7:00:e5:3a:33:8f:aa:3b:ca:a7:67:45:eb:42:
                    c2:f7:19:96:dd:81:ce:51:10:70:d9:48:41:27:1a:
                    00:99:f2:bc:f1:a7:b1:2e:a3:ec:db:b8:e7:90:5c:
                    95:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:8F:B6:67:83:39:D0:79:AB:CD:0C:51:5C:7F:48:9F:E0:E4:DF:80
            X509v3 Authority Key Identifier:
                keyid:0B:4C:FA:BE:47:E9:28:5F:65:F1:F2:D6:86:BA:AF:15:B8:B4:17:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/OY-2Z4M50HmrzQxRXH9In-Dk34A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/C0z6vkfpKF9l8fLWhrqvFbi0F3M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.92.144.0/21
                  193.46.73.0/24
                IPv6:
                  2a02:d58::/29

    Signature Algorithm: sha256WithRSAEncryption
         8e:87:55:2a:84:22:94:11:73:83:76:cd:b7:86:0d:fd:be:1f:
         08:a8:e3:f2:34:29:ab:c4:1a:b0:15:3d:6f:b0:5b:74:5c:e8:
         bf:e8:57:19:85:be:3b:69:cb:b5:36:27:38:2d:be:78:7d:cb:
         da:37:93:5b:88:ed:3c:af:bc:a2:62:05:e6:15:e1:cb:9d:67:
         70:79:c5:32:04:e9:eb:b1:97:a5:96:4a:1e:cf:e6:90:ed:9d:
         87:91:70:11:32:d0:b6:44:96:ce:d1:96:6b:e1:76:3e:0f:d3:
         4c:fd:cc:6d:d6:83:c6:f8:c9:a4:dc:f7:de:d9:96:ff:3e:9a:
         5b:16:18:01:11:5b:e2:22:d0:2e:6b:72:68:61:df:43:c5:c5:
         52:42:02:27:ce:11:80:82:1e:88:40:95:02:1d:39:d7:b2:9f:
         65:ff:da:1e:e7:4c:3f:1f:29:d4:fa:25:60:98:68:9b:91:c6:
         bc:3f:b5:28:32:80:af:07:6a:60:d9:82:66:94:87:0a:ee:85:
         3e:1a:b1:8a:f1:2f:e1:84:94:cc:15:ff:97:3e:e3:ac:98:5c:
         55:f8:2a:f4:79:0f:ed:93:2c:db:e9:c1:f5:3c:1b:40:4f:3b:
         96:f3:48:98:dc:30:5a:20:60:9d:ec:5a:1b:d2:ac:d7:db:0f:
         6e:36:f4:e3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEOH1VJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjRjZmFiZTQ3ZTkyODVmNjVmMWYyZDY4NmJhYWYxNWI4YjQxNzczMB4XDTIyMDEw
MTEyMDQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk4ZmI2Njc4MzM5
ZDA3OWFiY2QwYzUxNWM3ZjQ4OWZlMGU0ZGY4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOsvJDV+1UpbVKWknPpWkd2fvnZLcjinpGr3O11krFowlCxd
pOTFZ10nkoa9asHz6PL9x35mWC7rfD28WMnW1lRrHyuJX7PpoJCS5FJu5qgF5GdY
WY+DkINbVMd3zy4vCbHwKidm/UENpOC87fL6DxgG57swtmrvjSabNIaGZGre5eGc
Z6n+gFhURKut7LtjXiuYteEWbB8EAQKqsppY6Pej8iR9XfcrSOET9J2rBDTEntrv
UfrMzRJeCyabd+C0/QjIOkbp+idFaIV5UiemY00AtfcA5Tozj6o7yqdnRetCwvcZ
lt2BzlEQcNlIQScaAJnyvPGnsS6j7Nu455Bclc8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ5j7ZngznQeavNDFFcf0if4OTfgDAfBgNVHSMEGDAWgBQLTPq+R+koX2Xx
8taGuq8VuLQXczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0MwejZ2a2ZwS0Y5bDhmTFdocnF2RmJpMEYzTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvMWFiZThhLTQ1YTItNDE1Ni05OGQ3LTY4MDZlM2Q0Y2U0Zi8x
L09ZLTJaNE01MEhtcnpReFJYSDlJbi1EazM0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
MWFiZThhLTQ1YTItNDE1Ni05OGQ3LTY4MDZlM2Q0Y2U0Zi8xL0MwejZ2a2ZwS0Y5
bDhmTFdocnF2RmJpMEYzTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA7xckAMEAMEuSTANBAIAAjAHAwUD
KgINWDANBgkqhkiG9w0BAQsFAAOCAQEAjodVKoQilBFzg3bNt4YN/b4fCKjj8jQp
q8QasBU9b7BbdFzov+hXGYW+O2nLtTYnOC2+eH3L2jeTW4jtPK+8omIF5hXhy51n
cHnFMgTp67GXpZZKHs/mkO2dh5FwETLQtkSWztGWa+F2Pg/TTP3MbdaDxvjJpNz3
3tmW/z6aWxYYARFb4iLQLmtyaGHfQ8XFUkICJ84RgIIeiECVAh0517KfZf/aHudM
Px8p1PolYJhom5HGvD+1KDKArwdqYNmCZpSHCu6FPhqxivEv4YSUzBX/lz7jrJhc
Vfgq9HkP7ZMs2+nB9TwbQE87lvNImNwwWiBgnexaG9Ks19sPbjb04w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:03 2024 by rpki-client on console-ams.rpki-client.org