Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/afU4VNdG_zMyWqdkZORksubgZog.roa
File:                     afU4VNdG_zMyWqdkZORksubgZog.roa (raw, json)
Hash identifier:          2TTtohYITl6LeojoUn1/Dw6GdZbfhuxSN7eSn4NEKdo=
Subject key identifier:   69:F5:38:54:D7:46:FF:33:32:5A:A7:64:64:E4:64:B2:E6:E0:66:88
Certificate issuer:       /CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
Certificate serial:       036BDC4A
Authority key identifier: 9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/afU4VNdG_zMyWqdkZORksubgZog.roa
Signing time:             Sat 01 Jan 2022 07:58:56 +0000
ROA not before:           Sat 01 Jan 2022 07:58:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1759
IP address blocks:        193.143.104.0/21 maxlen: 21
                          193.143.102.0/23 maxlen: 23
                          193.143.101.0/24 maxlen: 24
                          193.143.112.0/22 maxlen: 22
                          193.143.118.0/24 maxlen: 24
                          193.143.116.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 57400394 (0x36bdc4a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e02e064c98b3231c3f2148a1c3d9c387d489ee9
        Validity
            Not Before: Jan  1 07:58:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=69f53854d746ff33325aa76464e464b2e6e06688
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:11:a0:50:f1:d0:25:a3:9f:d6:9a:2c:fd:de:
                    31:c2:7d:07:b7:65:b5:ea:d6:f7:ab:8c:e0:b3:4f:
                    93:53:03:16:ac:49:ad:2d:68:88:44:f1:67:48:cd:
                    96:58:ba:2c:01:3f:58:55:29:d0:cf:ea:5e:89:63:
                    34:37:5e:96:5a:db:a3:a8:91:89:d6:69:c4:0d:5f:
                    13:c2:ef:3d:53:45:2c:d6:00:d1:bc:9d:84:b5:13:
                    42:94:ea:4c:bd:19:71:f3:ee:79:f2:12:c0:27:4b:
                    e0:2d:d5:ee:4d:94:16:d0:08:c9:6a:24:91:ba:71:
                    0a:33:15:a7:b0:82:7a:18:c7:77:3d:1b:e7:44:96:
                    fe:42:28:0f:d8:52:9c:23:64:91:e8:79:7d:d2:e2:
                    61:b6:ed:2a:e5:bf:86:8e:5b:70:c1:fa:68:c2:49:
                    4c:fb:a5:07:ab:6d:50:3d:03:b5:85:16:29:83:0d:
                    40:8a:13:07:f4:48:41:72:da:f8:35:0e:a9:55:14:
                    8d:68:05:20:7e:54:72:14:d3:bd:d4:d2:f0:3e:5b:
                    c8:d7:4f:fc:25:0f:9b:5a:de:3f:a3:60:36:9c:70:
                    3c:ca:54:b6:97:11:e2:da:4b:83:d6:14:19:a5:f4:
                    d3:73:07:21:ac:3f:1b:0e:41:21:88:43:1a:72:10:
                    1e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:F5:38:54:D7:46:FF:33:32:5A:A7:64:64:E4:64:B2:E6:E0:66:88
            X509v3 Authority Key Identifier:
                keyid:9E:02:E0:64:C9:8B:32:31:C3:F2:14:8A:1C:3D:9C:38:7D:48:9E:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ngLgZMmLMjHD8hSKHD2cOH1Inuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/afU4VNdG_zMyWqdkZORksubgZog.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5d7bc4-e0c5-4a48-90e6-752516890d3d/1/ngLgZMmLMjHD8hSKHD2cOH1Inuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.143.101.0-193.143.118.255

    Signature Algorithm: sha256WithRSAEncryption
         38:67:d5:16:98:03:9f:8b:a3:e1:86:7b:03:ba:19:2c:6d:9e:
         9a:68:b9:49:07:68:a0:18:4b:9d:38:23:d2:e0:b6:18:55:f1:
         09:1d:a0:be:2a:28:3a:4e:e7:f0:0e:f8:ad:68:de:1a:88:c0:
         fd:87:ad:14:6c:80:bd:db:40:27:8c:ea:1d:99:b0:72:b0:e8:
         82:92:08:d6:13:30:dd:a0:2e:c0:ee:fc:08:e0:b0:ad:9a:d2:
         64:c9:70:b5:5d:b9:13:97:f6:90:88:3f:e1:81:b2:31:f6:82:
         61:e6:ce:e6:f0:dd:f7:3c:51:2a:d8:ca:2b:46:d0:44:1d:43:
         53:77:5b:d7:f3:da:4e:0a:27:7d:28:71:cd:16:f6:6b:35:15:
         39:91:e1:0a:58:a7:82:63:98:72:49:94:03:a8:a1:ec:28:5c:
         2b:1b:8f:cc:99:c5:53:51:8c:ef:1e:48:b9:7b:36:18:cd:6f:
         f1:72:14:dc:6c:d3:47:6e:ec:cf:3e:71:29:91:1c:f5:66:d9:
         e2:53:06:b1:a7:7f:5a:76:bc:37:73:bc:3d:36:20:60:65:d1:
         60:3b:a2:4e:df:a1:b0:6e:48:58:5a:06:a0:8d:cf:19:80:f5:
         1c:03:e9:5c:85:2b:37:4d:83:94:49:3f:40:7d:5a:df:69:1f:
         9e:f9:2f:e0
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEA2vcSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTAyZTA2NGM5OGIzMjMxYzNmMjE0OGExYzNkOWMzODdkNDg5ZWU5MB4XDTIyMDEw
MTA3NTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlmNTM4NTRkNzQ2
ZmYzMzMyNWFhNzY0NjRlNDY0YjJlNmUwNjY4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMARoFDx0CWjn9aaLP3eMcJ9B7dlterW96uM4LNPk1MDFqxJ
rS1oiETxZ0jNlli6LAE/WFUp0M/qXoljNDdellrbo6iRidZpxA1fE8LvPVNFLNYA
0bydhLUTQpTqTL0ZcfPuefISwCdL4C3V7k2UFtAIyWokkbpxCjMVp7CCehjHdz0b
50SW/kIoD9hSnCNkkeh5fdLiYbbtKuW/ho5bcMH6aMJJTPulB6ttUD0DtYUWKYMN
QIoTB/RIQXLa+DUOqVUUjWgFIH5UchTTvdTS8D5byNdP/CUPm1reP6NgNpxwPMpU
tpcR4tpLg9YUGaX003MHIaw/Gw5BIYhDGnIQHoECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRp9ThU10b/MzJap2Rk5GSy5uBmiDAfBgNVHSMEGDAWgBSeAuBkyYsyMcPy
FIocPZw4fUie6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25nTGdaTW1MTWpIRDhoU0tIRDJjT0gxSW51ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvNWQ3YmM0LWUwYzUtNGE0OC05MGU2LTc1MjUxNjg5MGQzZC8x
L2FmVTRWTmRHX3pNeVdxZGtaT1Jrc3ViZ1pvZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
NWQ3YmM0LWUwYzUtNGE0OC05MGU2LTc1MjUxNjg5MGQzZC8xL25nTGdaTW1MTWpI
RDhoU0tIRDJjT0gxSW51ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAwY9lAwQAwY92MA0GCSqGSIb3
DQEBCwUAA4IBAQA4Z9UWmAOfi6PhhnsDuhksbZ6aaLlJB2igGEudOCPS4LYYVfEJ
HaC+Kig6TufwDvitaN4aiMD9h60UbIC920AnjOodmbBysOiCkgjWEzDdoC7A7vwI
4LCtmtJkyXC1XbkTl/aQiD/hgbIx9oJh5s7m8N33PFEq2MorRtBEHUNTd1vX89pO
Cid9KHHNFvZrNRU5keEKWKeCY5hySZQDqKHsKFwrG4/MmcVTUYzvHki5ezYYzW/x
chTcbNNHbuzPPnEpkRz1ZtniUwaxp39adrw3c7w9NiBgZdFgO6JO36GwbkhYWgag
jc8ZgPUcA+lchSs3TYOUST9AfVrfaR+e+S/g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:01 2024 by rpki-client on console-fra.rpki-client.org