Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/o_ej2rD45fCOpPbz0PApj3yP1oo.roa
File:                     o_ej2rD45fCOpPbz0PApj3yP1oo.roa (raw, json)
Hash identifier:          0/np+9Ugj6IieJZ1bkeKha6GpGJ7io3cl4N8inJjygw=
Subject key identifier:   A3:F7:A3:DA:B0:F8:E5:F0:8E:A4:F6:F3:D0:F0:29:8F:7C:8F:D6:8A
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       1A03A4E3
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/o_ej2rD45fCOpPbz0PApj3yP1oo.roa
Signing time:             Wed 04 May 2022 22:48:23 +0000
ROA not before:           Wed 04 May 2022 22:48:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     26636
IP address blocks:        193.187.153.0/24 maxlen: 24
                          2.59.174.0/24 maxlen: 32
                          213.232.104.0/24 maxlen: 24
                          92.119.150.0/24 maxlen: 32
                          91.188.203.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 436446435 (0x1a03a4e3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: May  4 22:48:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a3f7a3dab0f8e5f08ea4f6f3d0f0298f7c8fd68a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:9b:bb:39:a5:bd:25:c3:f4:b4:96:5d:d1:02:
                    09:6d:cc:76:38:9f:ba:7e:e5:9c:30:e2:9d:8f:df:
                    2b:a0:51:bc:05:6b:40:ab:fa:67:2d:47:e8:50:c0:
                    fa:c3:fc:30:7a:f2:3d:a6:a1:38:65:3f:c9:0e:95:
                    b7:ed:0b:08:a0:a7:2f:cb:c4:9b:32:1a:c5:36:f7:
                    68:53:dd:3e:8b:18:a4:7e:58:68:b0:5e:59:9a:68:
                    b9:d1:13:b1:8f:fd:e1:13:4c:86:17:c7:2d:7e:38:
                    ca:b2:b7:10:66:6d:ba:94:c0:ed:e7:41:e2:3b:94:
                    c8:c2:ec:6c:7d:06:1c:7d:ec:bd:8b:f7:2b:40:75:
                    c0:05:7d:a8:ad:c3:b3:b9:78:ca:23:d2:0a:78:c9:
                    73:73:9e:2d:bc:45:23:19:73:6a:f9:1d:d4:55:7a:
                    e2:a5:73:61:c3:ec:9f:33:3b:7c:86:65:5d:53:92:
                    c9:17:f2:ec:45:98:01:83:0d:d4:cc:e7:17:f8:1c:
                    30:8f:7b:1b:1f:de:0f:82:da:b1:ab:9c:28:eb:d2:
                    95:9e:cc:6c:42:af:16:7e:c6:8a:ce:30:20:2c:b7:
                    1b:79:2f:81:ed:b2:0c:bd:49:e9:01:ec:2e:08:ad:
                    8b:3b:19:d1:ef:40:86:90:d1:3d:ef:8a:8d:e9:41:
                    4c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:F7:A3:DA:B0:F8:E5:F0:8E:A4:F6:F3:D0:F0:29:8F:7C:8F:D6:8A
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/o_ej2rD45fCOpPbz0PApj3yP1oo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.174.0/24
                  91.188.203.0/24
                  92.119.150.0/24
                  193.187.153.0/24
                  213.232.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:4e:84:96:32:9f:5d:bd:2b:33:ce:fb:ba:05:ed:b6:d7:51:
         e5:0a:54:27:13:aa:20:19:24:c3:cf:35:8c:28:8d:28:39:b2:
         d8:f2:13:08:e7:26:8c:42:52:b4:21:15:85:41:91:9b:4c:17:
         e1:d5:d4:0a:b9:30:7e:b3:04:6f:59:2f:79:2e:cd:40:69:f6:
         a4:80:16:de:4d:8e:56:4b:27:f9:64:18:25:29:49:9f:e3:b9:
         4b:10:14:2f:64:98:83:a9:d3:ea:71:8b:a1:44:4d:04:cf:62:
         a9:49:7e:77:ff:5c:cf:3c:69:2c:8a:c0:11:59:b3:2d:c0:29:
         5b:09:51:19:9b:18:01:0f:8d:c4:97:74:86:38:4d:fc:bf:1d:
         94:bd:5c:de:6d:a1:10:d0:f8:8d:a6:83:d0:29:eb:b1:0a:35:
         38:42:d9:73:b1:8f:eb:87:f5:ac:75:a6:0c:29:24:41:dd:cb:
         33:7f:9a:f8:e4:13:a3:28:f8:5a:36:3f:54:10:14:be:60:15:
         78:94:e8:c9:24:bb:bd:82:50:aa:b8:ca:78:01:1a:8c:eb:29:
         c7:72:cf:8a:5b:9b:17:17:e6:83:b0:ec:87:cb:32:33:f0:93:
         59:ba:42:b8:96:84:12:df:a4:dd:b6:63:a4:62:fe:a5:c6:98:
         6e:1f:35:9b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEGgOk4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDUw
NDIyNDgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNmN2EzZGFiMGY4
ZTVmMDhlYTRmNmYzZDBmMDI5OGY3YzhmZDY4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2buzmlvSXD9LSWXdECCW3Mdjifun7lnDDinY/fK6BRvAVr
QKv6Zy1H6FDA+sP8MHryPaahOGU/yQ6Vt+0LCKCnL8vEmzIaxTb3aFPdPosYpH5Y
aLBeWZpoudETsY/94RNMhhfHLX44yrK3EGZtupTA7edB4juUyMLsbH0GHH3svYv3
K0B1wAV9qK3Ds7l4yiPSCnjJc3OeLbxFIxlzavkd1FV64qVzYcPsnzM7fIZlXVOS
yRfy7EWYAYMN1MznF/gcMI97Gx/eD4LasaucKOvSlZ7MbEKvFn7Gis4wICy3G3kv
ge2yDL1J6QHsLgitizsZ0e9AhpDRPe+KjelBTEkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSj96PasPjl8I6k9vPQ8CmPfI/WijAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L29fZWoyckQ0NWZDT3BQYnowUEFwajN5UDFvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAAI7rgMEAFu8ywMEAFx3lgMEAMG7
mQMEANXoaDANBgkqhkiG9w0BAQsFAAOCAQEANU6EljKfXb0rM877ugXtttdR5QpU
JxOqIBkkw881jCiNKDmy2PITCOcmjEJStCEVhUGRm0wX4dXUCrkwfrMEb1kveS7N
QGn2pIAW3k2OVksn+WQYJSlJn+O5SxAUL2SYg6nT6nGLoURNBM9iqUl+d/9czzxp
LIrAEVmzLcApWwlRGZsYAQ+NxJd0hjhN/L8dlL1c3m2hEND4jaaD0CnrsQo1OELZ
c7GP64f1rHWmDCkkQd3LM3+a+OQToyj4WjY/VBAUvmAVeJToySS7vYJQqrjKeAEa
jOspx3LPilubFxfmg7Dsh8syM/CTWbpCuJaEEt+k3bZjpGL+pcaYbh81mw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org