Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/PBI6wfPEW5qtqI9ja--krOSxeCI.roa
File:                     PBI6wfPEW5qtqI9ja--krOSxeCI.roa (raw, json)
Hash identifier:          wWpgPjPCSB4jIROvm0zEhNo5hFkYj2PXc3xvqtIIw1s=
Subject key identifier:   3C:12:3A:C1:F3:C4:5B:9A:AD:A8:8F:63:6B:EF:A4:AC:E4:B1:78:22
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17FCE057
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/PBI6wfPEW5qtqI9ja--krOSxeCI.roa
Signing time:             Sat 01 Jan 2022 04:54:59 +0000
ROA not before:           Sat 01 Jan 2022 04:54:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399114
IP address blocks:        193.22.157.0/24 maxlen: 32
                          193.22.158.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 402448471 (0x17fce057)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c123ac1f3c45b9aada88f636befa4ace4b17822
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c8:f7:44:fd:3f:f9:1a:b2:a3:63:e5:7d:52:
                    c1:6d:2a:4a:90:42:10:df:f8:3f:02:6a:8c:91:8a:
                    99:21:57:43:79:c7:14:02:2f:09:d4:2d:9b:f0:ff:
                    e8:55:61:58:d7:e3:ff:bb:f9:c8:af:fd:0c:9c:4a:
                    fe:a3:13:f6:94:2e:39:60:26:13:c9:62:b8:1f:49:
                    72:9d:1c:8c:b0:d0:4b:f3:bc:e4:65:79:ef:c9:6e:
                    5f:6b:be:e3:10:87:7c:8b:ef:fb:f5:d6:70:9c:98:
                    a1:07:b6:b2:88:e3:7c:ac:7c:31:51:89:19:ec:e9:
                    59:3e:39:fe:aa:c4:13:03:43:64:a8:7a:fb:87:e8:
                    9e:c3:36:03:06:2f:b7:8c:ed:ad:f0:a0:e5:90:77:
                    f9:b7:09:60:e6:03:66:f4:8e:0b:ea:97:a0:d8:af:
                    fa:e0:6e:d8:d1:9c:73:83:7f:b9:ef:29:4b:8c:e3:
                    0a:09:88:57:d3:bc:e6:cd:4e:50:8f:1c:ba:fc:ea:
                    da:f9:19:73:a9:a7:68:65:65:18:1f:72:dc:e2:8b:
                    da:c5:56:89:7c:9b:d4:ee:b0:2a:2f:35:98:1e:d8:
                    d5:82:c6:16:be:87:8a:48:71:bd:7e:47:ed:e0:61:
                    29:29:ed:7c:84:3f:67:dc:ad:57:0e:cc:95:fb:aa:
                    84:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:12:3A:C1:F3:C4:5B:9A:AD:A8:8F:63:6B:EF:A4:AC:E4:B1:78:22
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/PBI6wfPEW5qtqI9ja--krOSxeCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.22.157.0-193.22.158.255

    Signature Algorithm: sha256WithRSAEncryption
         a1:9f:69:d3:19:01:cf:a5:84:bb:64:6f:4a:b3:80:1a:84:1c:
         11:93:19:29:aa:de:d3:89:a1:94:ae:4b:9e:22:1f:09:f1:a6:
         76:42:57:12:3a:57:11:bf:28:6a:b5:96:fe:b8:f4:de:06:9d:
         e9:bf:a5:6d:a9:30:82:62:1c:b1:ff:32:bb:f5:f7:93:9b:4f:
         0d:99:53:38:f3:8a:2c:25:8a:f8:bc:20:bc:cc:21:3b:e9:87:
         31:1d:2b:bd:aa:93:e4:3b:3b:70:66:fd:92:65:8c:f8:95:04:
         e4:9e:c0:1f:4a:cd:63:cb:19:e7:68:01:a3:c9:82:17:2c:b4:
         99:5b:27:15:67:6e:66:eb:77:c7:54:e5:f5:fd:72:60:a7:b9:
         f2:15:b0:54:85:d1:2b:ad:ee:02:5c:2e:d3:47:38:72:e6:c5:
         c0:a7:51:f1:a0:e3:9a:37:62:52:b5:af:e0:69:90:fb:3e:6d:
         74:1d:1a:92:36:ea:61:94:ab:44:4d:ff:8d:ce:99:e8:37:78:
         46:6c:c0:6e:7e:62:ac:2e:c2:0f:43:18:a8:7c:29:58:64:7d:
         4a:25:e2:bf:68:24:b0:b2:9b:ee:87:57:15:e4:b5:e1:41:99:
         cc:6e:1b:17:4b:bd:d7:f5:19:b2:14:83:0d:4a:6f:77:cd:bf:
         3d:03:59:9e
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEF/zgVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MxMjNhYzFmM2M0
NWI5YWFkYTg4ZjYzNmJlZmE0YWNlNGIxNzgyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/I90T9P/kasqNj5X1SwW0qSpBCEN/4PwJqjJGKmSFXQ3nH
FAIvCdQtm/D/6FVhWNfj/7v5yK/9DJxK/qMT9pQuOWAmE8liuB9Jcp0cjLDQS/O8
5GV578luX2u+4xCHfIvv+/XWcJyYoQe2sojjfKx8MVGJGezpWT45/qrEEwNDZKh6
+4fonsM2AwYvt4ztrfCg5ZB3+bcJYOYDZvSOC+qXoNiv+uBu2NGcc4N/ue8pS4zj
CgmIV9O85s1OUI8cuvzq2vkZc6mnaGVlGB9y3OKL2sVWiXyb1O6wKi81mB7Y1YLG
Fr6HikhxvX5H7eBhKSntfIQ/Z9ytVw7MlfuqhIkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQ8EjrB88Rbmq2oj2Nr76Ss5LF4IjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1BCSTZ3ZlBFVzVxdHFJOWphLS1rck9TeGVDSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAwRadAwQAwRaeMA0GCSqGSIb3
DQEBCwUAA4IBAQChn2nTGQHPpYS7ZG9Ks4AahBwRkxkpqt7TiaGUrkueIh8J8aZ2
QlcSOlcRvyhqtZb+uPTeBp3pv6VtqTCCYhyx/zK79feTm08NmVM484osJYr4vCC8
zCE76YcxHSu9qpPkOztwZv2SZYz4lQTknsAfSs1jyxnnaAGjyYIXLLSZWycVZ25m
63fHVOX1/XJgp7nyFbBUhdErre4CXC7TRzhy5sXAp1HxoOOaN2JSta/gaZD7Pm10
HRqSNuphlKtETf+NzpnoN3hGbMBufmKsLsIPQxiofClYZH1KJeK/aCSwspvuh1cV
5LXhQZnMbhsXS73X9RmyFIMNSm93zb89A1me
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org