Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3f6310-f56b-4165-b8fe-9b87f2afbd7f/1/0vRy-mlbzav34EwR3JmRfX5wM4E.roa
File:                     0vRy-mlbzav34EwR3JmRfX5wM4E.roa (raw, json)
Hash identifier:          hdV8j8HlTDuJulFZD0Yah5rlRGT+GZfjMMhshbZmyy4=
Subject key identifier:   D2:F4:72:FA:69:5B:CD:AB:F7:E0:4C:11:DC:99:91:7D:7E:70:33:81
Certificate issuer:       /CN=2fa4e870bc37ac9731fe6fcf9682eb657e50bca3
Certificate serial:       024683CB
Authority key identifier: 2F:A4:E8:70:BC:37:AC:97:31:FE:6F:CF:96:82:EB:65:7E:50:BC:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L6TocLw3rJcx_m_PloLrZX5QvKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3f6310-f56b-4165-b8fe-9b87f2afbd7f/1/0vRy-mlbzav34EwR3JmRfX5wM4E.roa
Signing time:             Sat 01 Jan 2022 04:53:42 +0000
ROA not before:           Sat 01 Jan 2022 04:53:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399587
IP address blocks:        193.3.54.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38175691 (0x24683cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fa4e870bc37ac9731fe6fcf9682eb657e50bca3
        Validity
            Not Before: Jan  1 04:53:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d2f472fa695bcdabf7e04c11dc99917d7e703381
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:a9:ba:4a:7e:b6:a8:24:e1:bd:90:53:f8:7f:
                    de:27:e0:e6:fe:49:f3:ee:3a:5a:b5:9f:99:1d:a5:
                    7d:85:b4:85:48:79:08:b6:ac:1e:b3:1d:8f:da:17:
                    71:53:dc:ac:c8:e2:24:50:4a:2b:c9:b5:f8:26:6e:
                    12:75:f6:92:8a:31:01:0d:73:97:4e:e0:2d:16:6f:
                    07:5a:08:ee:26:47:83:7a:1c:b6:ee:db:25:db:7b:
                    af:c2:48:60:61:a2:00:a0:08:a7:b1:90:20:6e:34:
                    43:4c:6b:59:bd:b5:aa:f4:ba:4b:5e:a7:28:ff:7a:
                    a8:df:48:d0:64:c2:86:31:7a:dd:f2:75:b4:a1:cb:
                    12:33:0b:0b:e5:0b:fa:77:6b:bd:a2:5f:84:18:df:
                    9d:db:aa:f0:d9:ef:98:69:2e:dd:e4:47:26:c2:be:
                    77:6a:0f:b7:ba:15:dc:24:bc:98:23:3d:d8:a1:d7:
                    6f:74:fe:6f:b8:22:ee:a7:82:a5:93:34:5a:5e:74:
                    b6:d5:1e:df:96:39:6d:cc:48:c7:96:11:28:f6:4e:
                    98:15:8b:c7:73:b2:17:d1:0f:2e:45:db:38:4c:46:
                    a7:cb:8d:ca:49:4b:bb:3d:d3:85:19:be:49:77:55:
                    80:e7:39:0d:83:64:30:ec:f2:ba:3b:bf:ca:f1:75:
                    e2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:F4:72:FA:69:5B:CD:AB:F7:E0:4C:11:DC:99:91:7D:7E:70:33:81
            X509v3 Authority Key Identifier:
                keyid:2F:A4:E8:70:BC:37:AC:97:31:FE:6F:CF:96:82:EB:65:7E:50:BC:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6TocLw3rJcx_m_PloLrZX5QvKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3f6310-f56b-4165-b8fe-9b87f2afbd7f/1/0vRy-mlbzav34EwR3JmRfX5wM4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3f6310-f56b-4165-b8fe-9b87f2afbd7f/1/L6TocLw3rJcx_m_PloLrZX5QvKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:15:6f:93:23:5b:0b:6f:66:99:e4:a9:cf:10:25:a5:6e:ee:
         1b:97:bf:62:8e:a3:27:bf:b6:e5:25:c7:ab:b8:9a:8c:71:21:
         37:06:ad:c1:4b:c8:48:ab:82:7a:49:30:78:77:7e:d1:79:4e:
         c3:c3:f6:5f:eb:50:54:5f:75:da:b1:56:28:02:76:10:ac:c5:
         c9:41:d6:78:f5:e1:d9:f6:4e:b6:36:5c:ea:a5:78:13:8b:b4:
         5e:b0:b9:16:8e:58:42:75:35:38:db:15:08:37:b2:b5:77:ae:
         5d:c6:37:66:4a:ca:8c:b8:ef:42:3c:f0:20:4e:98:8d:18:1f:
         f4:32:07:2b:a7:05:d1:df:b4:57:e0:59:b4:f3:6f:d5:af:5f:
         db:ac:6d:b5:cc:40:18:de:b8:48:93:05:2a:9f:d5:98:70:51:
         04:60:be:4a:83:f2:eb:3c:e9:48:5a:d8:8f:a6:96:fe:3b:00:
         1e:cc:ca:72:d9:aa:e9:1a:ab:ec:5a:0b:2d:52:b5:31:5a:01:
         c7:06:30:86:88:3a:12:d6:ea:91:8e:b0:89:3a:66:94:28:96:
         c2:14:45:f1:ca:23:ec:e7:87:01:d3:aa:b1:de:b7:3d:ff:9e:
         60:61:22:b6:60:d8:dd:37:ec:b8:ba:7c:48:2d:30:40:a6:95:
         d4:3c:f1:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkaDyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZmE0ZTg3MGJjMzdhYzk3MzFmZTZmY2Y5NjgyZWI2NTdlNTBiY2EzMB4XDTIyMDEw
MTA0NTM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJmNDcyZmE2OTVi
Y2RhYmY3ZTA0YzExZGM5OTkxN2Q3ZTcwMzM4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOapukp+tqgk4b2QU/h/3ifg5v5J8+46WrWfmR2lfYW0hUh5
CLasHrMdj9oXcVPcrMjiJFBKK8m1+CZuEnX2kooxAQ1zl07gLRZvB1oI7iZHg3oc
tu7bJdt7r8JIYGGiAKAIp7GQIG40Q0xrWb21qvS6S16nKP96qN9I0GTChjF63fJ1
tKHLEjMLC+UL+ndrvaJfhBjfnduq8NnvmGku3eRHJsK+d2oPt7oV3CS8mCM92KHX
b3T+b7gi7qeCpZM0Wl50ttUe35Y5bcxIx5YRKPZOmBWLx3OyF9EPLkXbOExGp8uN
yklLuz3ThRm+SXdVgOc5DYNkMOzyuju/yvF14tkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTS9HL6aVvNq/fgTBHcmZF9fnAzgTAfBgNVHSMEGDAWgBQvpOhwvDeslzH+
b8+WgutlflC8ozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w2VG9jTHczckpjeF9tX1Bsb0xyWlg1UXZLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvM2Y2MzEwLWY1NmItNDE2NS1iOGZlLTliODdmMmFmYmQ3Zi8x
LzB2UnktbWxiemF2MzRFd1IzSm1SZlg1d000RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
M2Y2MzEwLWY1NmItNDE2NS1iOGZlLTliODdmMmFmYmQ3Zi8xL0w2VG9jTHczckpj
eF9tX1Bsb0xyWlg1UXZLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEDNjANBgkqhkiG9w0BAQsFAAOC
AQEAhBVvkyNbC29mmeSpzxAlpW7uG5e/Yo6jJ7+25SXHq7iajHEhNwatwUvISKuC
ekkweHd+0XlOw8P2X+tQVF912rFWKAJ2EKzFyUHWePXh2fZOtjZc6qV4E4u0XrC5
Fo5YQnU1ONsVCDeytXeuXcY3ZkrKjLjvQjzwIE6YjRgf9DIHK6cF0d+0V+BZtPNv
1a9f26xttcxAGN64SJMFKp/VmHBRBGC+SoPy6zzpSFrYj6aW/jsAHszKctmq6Rqr
7FoLLVK1MVoBxwYwhog6EtbqkY6wiTpmlCiWwhRF8coj7OeHAdOqsd63Pf+eYGEi
tmDY3TfsuLp8SC0wQKaV1DzxAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:30 2024 by rpki-client on console-fra.rpki-client.org