Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/g_HNBWJUoOTKS5_i4x9e2tzAlQo.roa
File:                     g_HNBWJUoOTKS5_i4x9e2tzAlQo.roa (raw, json)
Hash identifier:          GDFjFwMFMXyNs+EAWILUgofyzPqHgQLkLsRvjtsU/gg=
Subject key identifier:   83:F1:CD:05:62:54:A0:E4:CA:4B:9F:E2:E3:1F:5E:DA:DC:C0:95:0A
Certificate issuer:       /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial:       07435CDF
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/g_HNBWJUoOTKS5_i4x9e2tzAlQo.roa
Signing time:             Sat 01 Jan 2022 14:00:03 +0000
ROA not before:           Sat 01 Jan 2022 14:00:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        193.142.58.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121855199 (0x7435cdf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
        Validity
            Not Before: Jan  1 14:00:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=83f1cd056254a0e4ca4b9fe2e31f5edadcc0950a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:72:8e:2a:58:f0:75:a6:6e:c2:8a:d9:06:c6:
                    91:83:51:2e:3c:de:df:7e:6c:cb:b8:e0:6f:00:f3:
                    8a:54:c1:2a:cc:ec:15:78:a6:7f:5e:2f:d2:bb:e8:
                    af:45:91:39:99:5a:a2:68:59:1c:49:34:35:da:87:
                    6c:cc:a0:a5:dd:04:0b:a3:50:19:37:47:fa:8e:45:
                    cd:79:05:a7:ff:ed:9f:9f:3c:64:34:ad:b0:3b:b5:
                    64:b4:c0:db:70:ae:a4:93:04:3e:73:bc:b7:1d:80:
                    f9:8a:43:57:99:22:48:19:a1:8e:f1:85:58:ef:c5:
                    74:a0:49:d2:da:37:14:bd:63:73:73:93:9b:51:20:
                    52:75:82:c9:00:40:54:38:2a:7a:81:e0:c5:6e:14:
                    c9:d7:2a:02:a4:f8:e0:6f:31:af:49:c5:47:15:50:
                    d6:36:d4:03:87:55:e1:b2:a7:74:d1:e6:e9:84:36:
                    8e:cd:7c:fd:32:c1:13:56:74:d7:c8:24:f0:b0:fe:
                    0c:bf:dd:bc:4e:93:cd:41:3e:7a:56:be:c8:06:53:
                    03:71:2e:5d:a1:27:ec:de:33:b9:8b:cb:27:52:65:
                    83:c7:24:f2:11:2e:35:59:47:ec:65:84:a4:ad:53:
                    6b:ab:72:3b:6c:84:ce:33:a8:1d:81:ff:ab:89:a5:
                    7b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:F1:CD:05:62:54:A0:E4:CA:4B:9F:E2:E3:1F:5E:DA:DC:C0:95:0A
            X509v3 Authority Key Identifier:
                keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/g_HNBWJUoOTKS5_i4x9e2tzAlQo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.142.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:08:12:d2:72:67:02:ef:31:6e:80:c0:1e:cc:d6:32:76:a9:
         d8:dc:af:a1:84:15:a2:ab:ce:a0:20:3a:16:5a:44:3c:c1:f0:
         eb:c3:e9:e5:18:a2:77:3d:7f:5d:5a:11:5a:22:3c:a9:4d:54:
         d6:df:c1:69:90:19:90:d4:9d:f0:ae:de:e6:b6:18:c1:f1:87:
         6a:45:4e:cb:74:20:2b:a5:f6:b2:48:7f:13:4b:0b:2c:f7:f9:
         fb:5a:a5:1a:c5:c9:6f:b9:ec:3f:b9:c2:28:a3:3c:6a:3a:08:
         f3:88:6a:86:4c:e7:7f:5a:8a:7a:95:a9:b0:39:4a:12:10:e6:
         c9:bb:64:95:90:f0:67:d1:eb:17:e5:bd:e1:68:08:0e:00:58:
         68:c3:80:8a:fb:fb:7c:ff:50:b6:c4:2b:e2:1f:37:95:98:b6:
         46:47:87:6a:39:c8:95:ab:3b:ea:00:c7:eb:bb:98:bb:f6:12:
         97:06:7f:53:98:e1:84:c8:69:e0:ee:dd:1f:9e:29:1a:93:4f:
         cd:51:14:4f:39:5e:60:74:7a:4a:1a:45:ae:0a:0f:28:db:63:
         82:6d:ce:a4:c7:7a:cf:bb:98:43:a4:48:1b:96:81:91:a8:be:
         9e:36:f3:b9:90:ac:4a:d8:24:37:93:10:14:40:36:20:1d:72:
         91:29:4a:8b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB0Nc3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmU2YWI4ZTBjNDZlODQxYjQ0ZDJiOWM2YjAzYmI2NWY1NjIxZGIxMB4XDTIyMDEw
MTE0MDAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODNmMWNkMDU2MjU0
YTBlNGNhNGI5ZmUyZTMxZjVlZGFkY2MwOTUwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJyjipY8HWmbsKK2QbGkYNRLjze335sy7jgbwDzilTBKszs
FXimf14v0rvor0WROZlaomhZHEk0NdqHbMygpd0EC6NQGTdH+o5FzXkFp//tn588
ZDStsDu1ZLTA23CupJMEPnO8tx2A+YpDV5kiSBmhjvGFWO/FdKBJ0to3FL1jc3OT
m1EgUnWCyQBAVDgqeoHgxW4UydcqAqT44G8xr0nFRxVQ1jbUA4dV4bKndNHm6YQ2
js18/TLBE1Z018gk8LD+DL/dvE6TzUE+ela+yAZTA3EuXaEn7N4zuYvLJ1Jlg8ck
8hEuNVlH7GWEpK1Ta6tyO2yEzjOoHYH/q4mle28CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSD8c0FYlSg5MpLn+LjH17a3MCVCjAfBgNVHSMEGDAWgBTb5quODEboQbRN
K5xrA7tl9WIdsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzItYXJqZ3hHNkVHMFRTdWNhd083WmZWaUhiRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvOTY0MzZjLWY2ZmEtNDBiYS1hMjdjLWZiMTAzMDY1MTA2Ny8x
L2dfSE5CV0pVb09US1M1X2k0eDllMnR6QWxRby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
OTY0MzZjLWY2ZmEtNDBiYS1hMjdjLWZiMTAzMDY1MTA2Ny8xLzItYXJqZ3hHNkVH
MFRTdWNhd083WmZWaUhiRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGOOjANBgkqhkiG9w0BAQsFAAOC
AQEAuggS0nJnAu8xboDAHszWMnap2NyvoYQVoqvOoCA6FlpEPMHw68Pp5Riidz1/
XVoRWiI8qU1U1t/BaZAZkNSd8K7e5rYYwfGHakVOy3QgK6X2skh/E0sLLPf5+1ql
GsXJb7nsP7nCKKM8ajoI84hqhkznf1qKepWpsDlKEhDmybtklZDwZ9HrF+W94WgI
DgBYaMOAivv7fP9QtsQr4h83lZi2RkeHajnIlas76gDH67uYu/YSlwZ/U5jhhMhp
4O7dH54pGpNPzVEUTzleYHR6ShpFrgoPKNtjgm3OpMd6z7uYQ6RIG5aBkai+njbz
uZCsStgkN5MQFEA2IB1ykSlKiw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:13 2023 by rpki-client on console-ams.rpki-client.org