Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2915a1-4a6b-427f-9c45-4bf301d598e5/1/vU0AsmgsXA1IM7xUj77qo-VrWcI.roa
File:                     vU0AsmgsXA1IM7xUj77qo-VrWcI.roa (raw, json)
Hash identifier:          WDTao3FArmtjvAjt6n1K6QXgo0KfPmPqvZxJuaN3mzA=
Subject key identifier:   BD:4D:00:B2:68:2C:5C:0D:48:33:BC:54:8F:BE:EA:A3:E5:6B:59:C2
Certificate issuer:       /CN=7e99b674f5f41d37982203c95ac6c3f008ef88a4
Certificate serial:       97DC94
Authority key identifier: 7E:99:B6:74:F5:F4:1D:37:98:22:03:C9:5A:C6:C3:F0:08:EF:88:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fpm2dPX0HTeYIgPJWsbD8AjviKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/2915a1-4a6b-427f-9c45-4bf301d598e5/1/vU0AsmgsXA1IM7xUj77qo-VrWcI.roa
Signing time:             Sat 01 Jan 2022 02:53:07 +0000
ROA not before:           Sat 01 Jan 2022 02:53:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        193.3.163.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9952404 (0x97dc94)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e99b674f5f41d37982203c95ac6c3f008ef88a4
        Validity
            Not Before: Jan  1 02:53:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bd4d00b2682c5c0d4833bc548fbeeaa3e56b59c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a6:0d:48:00:bb:56:54:53:5a:30:f2:ec:8e:
                    37:23:b9:d7:4a:66:61:45:68:e8:f4:54:9f:10:3e:
                    f7:8c:cb:fd:83:5f:65:1c:80:01:f2:dc:c2:4e:e1:
                    90:d8:2c:7b:77:55:7d:51:49:49:52:1b:06:4e:db:
                    f8:74:2a:b8:10:db:b5:b7:c1:45:1f:34:49:07:a7:
                    1a:ac:31:fc:ab:7c:17:ba:6f:04:77:17:f1:57:c0:
                    e9:85:11:a0:0b:b8:c1:16:4e:08:08:1d:7d:2c:9e:
                    cf:3d:d6:fb:eb:a1:9a:fc:8e:98:6f:c4:b5:bd:e9:
                    a8:2b:d9:a3:b5:e3:a2:9b:4e:fc:cf:5e:3e:7a:0b:
                    aa:93:cd:9b:f6:5d:41:98:84:19:a9:2d:fc:82:16:
                    2a:7a:19:3f:2f:7c:54:db:7b:38:84:6c:ea:6c:87:
                    ed:fd:aa:39:1e:82:e2:20:b2:87:fe:a4:f2:14:ba:
                    dc:18:1f:c3:d0:78:38:81:41:ea:21:c1:e4:65:de:
                    8f:75:0f:05:76:7a:ba:1f:43:29:1b:9e:0b:31:c8:
                    2a:31:dc:f2:03:14:62:88:4a:2d:0c:45:45:e0:0a:
                    54:8a:0a:e2:c5:b3:64:1a:54:e7:f6:3e:75:d9:e1:
                    1d:7c:ed:dd:8e:dc:12:bc:c5:b0:9e:0a:8d:ca:c1:
                    d5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:4D:00:B2:68:2C:5C:0D:48:33:BC:54:8F:BE:EA:A3:E5:6B:59:C2
            X509v3 Authority Key Identifier:
                keyid:7E:99:B6:74:F5:F4:1D:37:98:22:03:C9:5A:C6:C3:F0:08:EF:88:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fpm2dPX0HTeYIgPJWsbD8AjviKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2915a1-4a6b-427f-9c45-4bf301d598e5/1/vU0AsmgsXA1IM7xUj77qo-VrWcI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2915a1-4a6b-427f-9c45-4bf301d598e5/1/fpm2dPX0HTeYIgPJWsbD8AjviKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:b3:77:6f:14:88:bd:94:92:d8:1b:2e:a8:e2:68:40:de:17:
         8a:e8:53:c2:e7:79:43:45:12:25:c5:95:05:aa:98:42:e1:35:
         a5:b1:04:8c:e4:e2:82:15:5d:7d:4a:95:68:3b:52:2c:54:05:
         ff:01:96:37:9f:c5:51:fc:8b:29:0c:88:f7:12:70:eb:5d:73:
         18:25:f0:fc:cb:f8:c3:e0:b8:3a:1c:ea:48:09:24:b9:13:f4:
         13:98:87:ed:7e:e1:3f:23:9e:d2:06:6f:98:e3:e5:50:6c:5f:
         49:38:01:e3:ae:d8:5a:b5:16:66:7d:31:98:b9:10:e8:6f:bb:
         23:0d:52:6f:c2:cd:33:b6:7c:06:51:76:1c:5e:6f:61:41:19:
         9f:61:85:26:89:6d:c5:f6:d8:43:fc:f7:ac:23:04:85:e0:94:
         a5:d2:6f:31:f2:ff:9f:c9:93:04:f8:52:34:73:f9:97:ca:0e:
         23:5c:29:7b:81:f5:39:18:09:bc:fa:f5:af:fe:16:8d:fb:3f:
         bd:5b:e7:48:ee:b7:2a:fb:fb:0c:1f:f8:33:76:d8:8c:b1:0c:
         ec:ad:73:5f:68:8d:b1:ac:5f:fb:e5:32:66:43:8e:ba:ba:cb:
         61:6a:0c:50:e2:b2:4e:ae:c8:49:12:3e:c7:f8:b2:5a:c7:b7:
         fd:4f:10:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJfclDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZTk5YjY3NGY1ZjQxZDM3OTgyMjAzYzk1YWM2YzNmMDA4ZWY4OGE0MB4XDTIyMDEw
MTAyNTMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQ0ZDAwYjI2ODJj
NWMwZDQ4MzNiYzU0OGZiZWVhYTNlNTZiNTljMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALamDUgAu1ZUU1ow8uyONyO510pmYUVo6PRUnxA+94zL/YNf
ZRyAAfLcwk7hkNgse3dVfVFJSVIbBk7b+HQquBDbtbfBRR80SQenGqwx/Kt8F7pv
BHcX8VfA6YURoAu4wRZOCAgdfSyezz3W++uhmvyOmG/Etb3pqCvZo7XjoptO/M9e
PnoLqpPNm/ZdQZiEGakt/IIWKnoZPy98VNt7OIRs6myH7f2qOR6C4iCyh/6k8hS6
3Bgfw9B4OIFB6iHB5GXej3UPBXZ6uh9DKRueCzHIKjHc8gMUYohKLQxFReAKVIoK
4sWzZBpU5/Y+ddnhHXzt3Y7cErzFsJ4KjcrB1V8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS9TQCyaCxcDUgzvFSPvuqj5WtZwjAfBgNVHSMEGDAWgBR+mbZ09fQdN5gi
A8laxsPwCO+IpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZwbTJkUFgwSFRlWUlnUEpXc2JEOEFqdmlLUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMjkxNWExLTRhNmItNDI3Zi05YzQ1LTRiZjMwMWQ1OThlNS8x
L3ZVMEFzbWdzWEExSU03eFVqNzdxby1WcldjSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MjkxNWExLTRhNmItNDI3Zi05YzQ1LTRiZjMwMWQ1OThlNS8xL2ZwbTJkUFgwSFRl
WUlnUEpXc2JEOEFqdmlLUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEDozANBgkqhkiG9w0BAQsFAAOC
AQEAdbN3bxSIvZSS2BsuqOJoQN4XiuhTwud5Q0USJcWVBaqYQuE1pbEEjOTighVd
fUqVaDtSLFQF/wGWN5/FUfyLKQyI9xJw611zGCXw/Mv4w+C4OhzqSAkkuRP0E5iH
7X7hPyOe0gZvmOPlUGxfSTgB467YWrUWZn0xmLkQ6G+7Iw1Sb8LNM7Z8BlF2HF5v
YUEZn2GFJoltxfbYQ/z3rCMEheCUpdJvMfL/n8mTBPhSNHP5l8oOI1wpe4H1ORgJ
vPr1r/4Wjfs/vVvnSO63Kvv7DB/4M3bYjLEM7K1zX2iNsaxf++UyZkOOurrLYWoM
UOKyTq7ISRI+x/iyWse3/U8QnA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:20 2023 by rpki-client on console-ams.rpki-client.org