Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/1DX8_Xz87elJFDOcqOT2BSmA6mc.roa
File:                     1DX8_Xz87elJFDOcqOT2BSmA6mc.roa (raw, json)
Hash identifier:          H2EjWkPbnMK6IOLBr3IoFk+qEET5t+vK6aLzTRScK1I=
Subject key identifier:   D4:35:FC:FD:7C:FC:ED:E9:49:14:33:9C:A8:E4:F6:05:29:80:EA:67
Certificate issuer:       /CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Certificate serial:       0168D60C
Authority key identifier: 63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/1DX8_Xz87elJFDOcqOT2BSmA6mc.roa
Signing time:             Sat 01 Jan 2022 05:05:13 +0000
ROA not before:           Sat 01 Jan 2022 05:05:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202208
IP address blocks:        193.111.226.0/24 maxlen: 24
                          193.111.229.0/24 maxlen: 24
                          193.111.168.0/24 maxlen: 24
                          193.111.174.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23647756 (0x168d60c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
        Validity
            Not Before: Jan  1 05:05:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d435fcfd7cfcede94914339ca8e4f6052980ea67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:4b:94:bb:72:77:d8:12:1e:12:3d:8a:6d:14:
                    e2:f8:28:72:14:a7:38:2b:3e:8f:09:94:2c:14:1a:
                    bd:c8:c8:18:5d:93:d4:8e:a9:6c:87:f4:f2:8f:01:
                    ca:7c:f6:95:57:66:0f:41:e8:16:5a:39:01:9a:e9:
                    7a:dc:ea:0e:b4:3a:9d:61:a7:3f:65:78:63:7b:e1:
                    3d:4a:0e:bc:4e:27:60:5e:3e:a8:d8:e4:54:ad:f0:
                    f6:08:87:d6:c5:2a:55:74:60:41:b4:96:c5:f2:a9:
                    e3:ef:1f:ee:9e:45:95:18:2e:c4:fe:19:88:77:a9:
                    40:a1:ed:d7:ff:ff:cf:0f:fb:c1:47:b9:df:d2:00:
                    a7:4c:5f:ec:f9:25:86:87:36:18:5a:79:71:21:90:
                    6a:1b:89:b6:7c:b5:1b:8b:09:c9:7c:7e:8d:4c:4b:
                    29:a7:22:8b:11:b6:37:26:7d:34:91:89:b8:b3:c6:
                    60:a3:1a:8e:4f:05:30:42:2e:4e:e3:bb:47:ac:75:
                    fa:21:9e:52:00:c9:8e:5c:17:f6:d5:d5:95:77:11:
                    59:3f:02:f5:09:75:b2:12:88:08:2d:a2:20:02:fd:
                    5c:b2:62:5a:05:ce:5c:a0:05:d5:33:69:dc:17:f0:
                    ec:5a:f2:57:d7:1f:27:b0:18:15:79:7a:8f:0e:d9:
                    66:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:35:FC:FD:7C:FC:ED:E9:49:14:33:9C:A8:E4:F6:05:29:80:EA:67
            X509v3 Authority Key Identifier:
                keyid:63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/1DX8_Xz87elJFDOcqOT2BSmA6mc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.111.168.0/24
                  193.111.174.0/24
                  193.111.226.0/24
                  193.111.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:90:0e:64:eb:65:e3:ec:84:bd:50:23:dd:ae:a2:bb:b4:d7:
         e0:38:a6:98:41:60:49:b5:0d:75:ab:47:09:45:de:f3:a2:94:
         ca:b1:c5:5b:81:0e:09:be:80:2d:b3:96:cf:54:3e:37:e8:0f:
         da:d7:51:4a:ed:ab:80:ae:46:78:0e:18:c6:f9:7b:e3:05:43:
         d4:ef:af:fe:cb:f9:bb:8b:92:8d:9b:83:03:5e:72:c9:4b:90:
         09:98:c1:47:61:76:de:2a:da:97:b3:5b:f6:c8:df:fb:a1:a4:
         69:ab:d1:2e:2b:20:a0:ee:0f:ac:ff:c8:70:25:1b:15:ab:5a:
         c5:10:c0:27:29:cb:e0:28:46:dd:7f:e4:b9:bb:35:70:07:05:
         4d:3a:04:5c:c9:ca:de:8a:cb:ec:c0:f8:4c:66:4c:e9:e9:4c:
         b8:98:88:8a:bb:73:2f:d4:d8:1c:58:09:20:f7:a3:dd:bf:39:
         4f:6a:5e:d1:c0:da:e6:b3:de:f6:6d:2b:a8:d0:28:93:d7:2c:
         ae:29:ee:db:d3:2f:5a:c2:a4:49:1e:66:3d:f9:dd:b7:a6:78:
         df:64:02:40:ba:06:03:ea:8f:2f:19:f2:08:3e:f4:4c:17:cd:
         0d:91:ec:1a:63:d1:c4:8e:50:17:16:54:72:c8:41:af:61:e7:
         b1:7c:ab:f0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAWjWDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MzNiNjg5NWZlNDk5MzM5N2I2NjIzMmJiMGEyZDNlM2M2MjVjYzFiMB4XDTIyMDEw
MTA1MDUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDQzNWZjZmQ3Y2Zj
ZWRlOTQ5MTQzMzljYThlNGY2MDUyOTgwZWE2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJLlLtyd9gSHhI9im0U4vgochSnOCs+jwmULBQavcjIGF2T
1I6pbIf08o8Bynz2lVdmD0HoFlo5AZrpetzqDrQ6nWGnP2V4Y3vhPUoOvE4nYF4+
qNjkVK3w9giH1sUqVXRgQbSWxfKp4+8f7p5FlRguxP4ZiHepQKHt1///zw/7wUe5
39IAp0xf7Pklhoc2GFp5cSGQahuJtny1G4sJyXx+jUxLKaciixG2NyZ9NJGJuLPG
YKMajk8FMEIuTuO7R6x1+iGeUgDJjlwX9tXVlXcRWT8C9Ql1shKICC2iIAL9XLJi
WgXOXKAF1TNp3Bfw7FryV9cfJ7AYFXl6jw7ZZgUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTUNfz9fPzt6UkUM5yo5PYFKYDqZzAfBgNVHSMEGDAWgBRjO2iV/kmTOXtm
IyuwotPjxiXMGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l6dG9sZjVKa3psN1ppTXJzS0xUNDhZbHpCcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmZjNDBhLTU1ZTMtNGFiYS05MWI1LTcwYjg4NzFiOGUyMC8x
LzFEWDhfWHo4N2VsSkZET2NxT1QyQlNtQTZtYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmZjNDBhLTU1ZTMtNGFiYS05MWI1LTcwYjg4NzFiOGUyMC8xL1l6dG9sZjVKa3ps
N1ppTXJzS0xUNDhZbHpCcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMFvqAMEAMFvrgMEAMFv4gMEAMFv
5TANBgkqhkiG9w0BAQsFAAOCAQEAopAOZOtl4+yEvVAj3a6iu7TX4DimmEFgSbUN
datHCUXe86KUyrHFW4EOCb6ALbOWz1Q+N+gP2tdRSu2rgK5GeA4Yxvl74wVD1O+v
/sv5u4uSjZuDA15yyUuQCZjBR2F23iral7Nb9sjf+6GkaavRLisgoO4PrP/IcCUb
FataxRDAJynL4ChG3X/kubs1cAcFTToEXMnK3orL7MD4TGZM6elMuJiIirtzL9TY
HFgJIPej3b85T2pe0cDa5rPe9m0rqNAok9csrinu29MvWsKkSR5mPfndt6Z432QC
QLoGA+qPLxnyCD70TBfNDZHsGmPRxI5QFxZUcshBr2HnsXyr8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org