Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/9k0gTy2kTwYU7vcpOrwKJVGC18I.roa
File:                     9k0gTy2kTwYU7vcpOrwKJVGC18I.roa (raw, json)
Hash identifier:          lZtbXWravIE5SqASmOjBMvuVGB90jSmALAGlPRq8Jq8=
Subject key identifier:   F6:4D:20:4F:2D:A4:4F:06:14:EE:F7:29:3A:BC:0A:25:51:82:D7:C2
Certificate issuer:       /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial:       01849F81D2D444835FEF786855263846AD22
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/9k0gTy2kTwYU7vcpOrwKJVGC18I.roa
Signing time:             Tue 22 Nov 2022 13:23:16 +0000
ROA not before:           Tue 22 Nov 2022 13:23:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25498
IP address blocks:        46.232.232.0/23 maxlen: 23
                          195.22.130.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9f:81:d2:d4:44:83:5f:ef:78:68:55:26:38:46:ad:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
        Validity
            Not Before: Nov 22 13:23:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f64d204f2da44f0614eef7293abc0a255182d7c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:0c:8e:cd:9b:d3:16:a3:17:62:25:9b:ee:c6:
                    27:7a:47:7a:7c:10:aa:63:a4:95:60:60:8e:d4:54:
                    dd:5a:0c:de:5a:6e:44:3f:a5:4d:89:8e:0e:e7:51:
                    f2:f6:a5:79:6b:e3:eb:a4:7c:75:0f:d1:73:c6:09:
                    f3:7d:91:94:b7:04:0e:09:9c:d2:ae:8e:f1:61:16:
                    62:a3:de:67:2f:1c:8d:dd:4e:c5:c7:63:4b:e6:fc:
                    42:9f:d8:8d:36:7c:4b:f7:23:3c:bb:e2:74:c6:7a:
                    37:ee:dd:d4:0e:ac:88:fa:ac:0e:2d:dd:16:70:b4:
                    ed:8c:55:bf:16:53:26:e7:7a:5b:ee:93:0c:02:a3:
                    24:7d:5b:2e:ba:ee:ea:2c:7c:83:81:71:37:05:88:
                    1c:7c:a4:ea:6f:9a:ac:60:38:e9:82:d4:89:a8:0f:
                    d4:a2:5f:cf:a4:a2:73:f4:df:1e:14:f0:11:be:b4:
                    ab:fe:52:ce:f3:ea:82:b3:26:ca:38:d6:e7:6a:ec:
                    71:4b:9a:bf:9e:4a:1b:78:77:63:06:73:13:b0:81:
                    2e:01:1d:24:d6:ac:ce:0b:87:5a:de:f7:50:31:1f:
                    b3:d7:f2:1d:ac:9c:91:9f:da:21:f9:cb:76:e6:3f:
                    11:f4:a3:4a:fa:e6:df:06:94:d5:c8:32:33:6b:3a:
                    8c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:4D:20:4F:2D:A4:4F:06:14:EE:F7:29:3A:BC:0A:25:51:82:D7:C2
            X509v3 Authority Key Identifier:
                keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/9k0gTy2kTwYU7vcpOrwKJVGC18I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.232.232.0/23
                  195.22.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:95:1c:e1:c7:c5:69:6a:ea:3f:3b:28:77:6e:6b:c4:f3:53:
         be:4f:3d:f5:50:cd:27:e9:b1:fb:6c:f7:ec:b7:55:27:dc:e4:
         93:b3:6b:bd:87:ce:4a:fb:26:d4:de:21:d0:b2:d5:8a:44:6a:
         5f:d8:08:84:c7:44:8b:3f:d8:fa:14:27:bf:50:bb:9b:2c:d1:
         00:25:45:ae:f1:c8:9f:15:59:cd:95:74:43:95:98:96:08:f7:
         42:e5:de:35:b1:6c:fe:f1:93:09:6b:cb:8e:93:c3:21:75:52:
         ab:ba:28:92:8b:5c:0d:1b:c9:b2:a1:38:de:1a:1d:39:ac:25:
         a2:28:28:4d:46:12:44:af:be:fc:83:36:79:f1:fa:1f:cf:58:
         91:a5:3e:ee:dc:ed:6f:86:67:92:4b:cb:29:30:a9:44:a0:fd:
         8d:5b:9a:84:36:97:ab:7b:73:c1:36:0b:4b:76:84:c7:e6:9f:
         30:56:14:7b:b3:54:3a:51:d7:9c:30:6b:eb:13:ae:ca:11:5d:
         77:0f:f9:fb:d7:7a:04:68:ca:6e:99:cd:56:97:c2:69:7b:03:
         23:b2:cb:2c:ee:9c:f1:30:50:e9:ff:8f:9a:74:4d:ea:91:4d:
         fa:b8:d9:02:39:2b:9e:f7:14:2a:0d:30:85:ca:93:2d:e9:3a:
         94:25:5c:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSfgdLURINf73hoVSY4Rq0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjIxMTIyMTMyMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjRkMjA0ZjJkYTQ0ZjA2MTRlZWY3MjkzYWJjMGEyNTUxODJkN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAyOzZvTFqMXYiWb7sYnekd6fBCq
Y6SVYGCO1FTdWgzeWm5EP6VNiY4O51Hy9qV5a+PrpHx1D9FzxgnzfZGUtwQOCZzS
ro7xYRZio95nLxyN3U7Fx2NL5vxCn9iNNnxL9yM8u+J0xno37t3UDqyI+qwOLd0W
cLTtjFW/FlMm53pb7pMMAqMkfVsuuu7qLHyDgXE3BYgcfKTqb5qsYDjpgtSJqA/U
ol/PpKJz9N8eFPARvrSr/lLO8+qCsybKONbnauxxS5q/nkobeHdjBnMTsIEuAR0k
1qzOC4da3vdQMR+z1/IdrJyRn9oh+ct25j8R9KNK+ubfBpTVyDIzazqMcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPZNIE8tpE8GFO73KTq8CiVRgtfCMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvOWswZ1R5MmtUd1lVN3ZjcE9yd0tKVkdDMThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLujoAwQB
wxaCMA0GCSqGSIb3DQEBCwUAA4IBAQCLlRzhx8Vpauo/Oyh3bmvE81O+Tz31UM0n
6bH7bPfst1Un3OSTs2u9h85K+ybU3iHQstWKRGpf2AiEx0SLP9j6FCe/ULubLNEA
JUWu8cifFVnNlXRDlZiWCPdC5d41sWz+8ZMJa8uOk8MhdVKruiiSi1wNG8myoTje
Gh05rCWiKChNRhJEr778gzZ58fofz1iRpT7u3O1vhmeSS8spMKlEoP2NW5qENper
e3PBNgtLdoTH5p8wVhR7s1Q6UdecMGvrE67KEV13D/n713oEaMpumc1Wl8JpewMj
ssss7pzxMFDp/4+adE3qkU36uNkCOSue9xQqDTCFypMt6TqUJVzd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:21 2024 by rpki-client on console-fra.rpki-client.org