Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/KRT3yMUSHUTKPftBSqEOrbFZZkU.roa
File:                     KRT3yMUSHUTKPftBSqEOrbFZZkU.roa (raw, json)
Hash identifier:          8D/ydwbpGDyI/gmSxj7QenG8bmWSMeBXKkxejegDfTI=
Subject key identifier:   29:14:F7:C8:C5:12:1D:44:CA:3D:FB:41:4A:A1:0E:AD:B1:59:66:45
Certificate issuer:       /CN=bfa0a38f85d2f53053b8c8943d9017b0b8f771ac
Certificate serial:       03463FF9
Authority key identifier: BF:A0:A3:8F:85:D2:F5:30:53:B8:C8:94:3D:90:17:B0:B8:F7:71:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v6Cjj4XS9TBTuMiUPZAXsLj3caw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/KRT3yMUSHUTKPftBSqEOrbFZZkU.roa
Signing time:             Sat 01 Jan 2022 08:56:13 +0000
ROA not before:           Sat 01 Jan 2022 08:56:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15404
IP address blocks:        193.58.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54935545 (0x3463ff9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfa0a38f85d2f53053b8c8943d9017b0b8f771ac
        Validity
            Not Before: Jan  1 08:56:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2914f7c8c5121d44ca3dfb414aa10eadb1596645
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:33:0d:15:1a:67:34:90:49:ab:98:5b:8b:36:
                    09:00:6a:67:bf:3d:c1:22:4d:b0:20:00:a9:c3:37:
                    e3:46:1c:fc:16:df:31:57:fd:e6:47:6a:24:3a:25:
                    36:af:a7:f1:40:d9:c6:64:47:90:b6:a8:30:0e:3c:
                    ab:c7:43:f6:ac:b3:4d:04:bd:6d:dc:0e:4c:62:0e:
                    ed:01:74:d5:b1:47:8d:2e:83:49:8c:8c:94:8a:80:
                    48:c2:a8:0a:0f:3a:ee:d6:b0:57:41:5d:c2:15:83:
                    68:1d:3d:12:da:74:63:76:48:a5:20:45:6c:1c:22:
                    5b:58:f2:4c:2c:ae:6e:da:e1:a5:c6:41:eb:46:4f:
                    4c:d4:a7:58:93:0b:f3:3c:94:42:b5:44:f7:3e:23:
                    62:02:a5:68:7b:df:1e:f3:66:7c:a4:1a:99:10:08:
                    c4:fc:2b:45:35:29:7d:e8:8f:47:e8:69:97:a4:9a:
                    9b:57:14:03:bd:69:88:df:16:79:b2:2f:1e:91:a1:
                    f9:a9:70:2e:a7:86:93:32:0c:3c:b4:41:45:37:40:
                    cb:86:10:68:c2:e2:5e:87:05:04:f8:3f:3e:8a:89:
                    d5:e4:72:3f:da:ac:c7:d1:73:12:af:ea:3e:a8:02:
                    c9:e4:1e:e2:02:af:41:31:41:f0:d5:b8:17:c6:80:
                    d2:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:14:F7:C8:C5:12:1D:44:CA:3D:FB:41:4A:A1:0E:AD:B1:59:66:45
            X509v3 Authority Key Identifier:
                keyid:BF:A0:A3:8F:85:D2:F5:30:53:B8:C8:94:3D:90:17:B0:B8:F7:71:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6Cjj4XS9TBTuMiUPZAXsLj3caw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/KRT3yMUSHUTKPftBSqEOrbFZZkU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/v6Cjj4XS9TBTuMiUPZAXsLj3caw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.58.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:9e:98:c2:97:8f:15:87:20:f8:cf:b4:ba:60:86:b0:2f:e2:
         27:29:57:7f:21:06:16:74:c6:14:26:6c:1f:ef:78:dc:60:90:
         a3:c9:5e:27:f5:4e:59:61:80:b1:79:e5:74:9a:bc:d0:70:89:
         78:22:58:8c:c2:e4:12:da:63:1f:cc:9c:bf:2a:55:19:d7:98:
         9b:74:c8:d1:3d:f6:18:7c:6f:26:f3:84:7e:a6:af:61:c2:6c:
         35:cd:09:93:04:78:10:dc:f7:c2:5e:9f:9a:be:ec:83:c7:18:
         64:95:73:5d:b5:07:c3:f4:a3:27:59:f7:c7:70:af:7d:aa:b7:
         a0:da:31:c6:83:df:c5:32:a7:1c:a3:e5:f2:ec:52:4a:16:2c:
         d6:b7:78:73:08:40:03:9d:ae:df:f8:8f:d8:b5:f8:b5:80:ee:
         48:a3:f0:bd:de:6b:48:ea:66:f1:79:84:5e:71:d5:38:49:dc:
         8b:19:00:8a:7d:46:b0:42:fc:cf:70:9c:01:31:14:ed:90:61:
         a3:5b:83:30:28:80:04:c7:0b:0c:78:e3:43:fa:19:5a:46:f4:
         a0:3e:0e:85:8b:1f:1f:4b:00:16:d1:4e:f4:3b:ab:56:75:c1:
         31:0e:49:43:07:98:6e:97:c7:47:71:ad:27:84:31:a1:37:f7:
         df:73:97:39
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA0Y/+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmEwYTM4Zjg1ZDJmNTMwNTNiOGM4OTQzZDkwMTdiMGI4Zjc3MWFjMB4XDTIyMDEw
MTA4NTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkxNGY3YzhjNTEy
MWQ0NGNhM2RmYjQxNGFhMTBlYWRiMTU5NjY0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4zDRUaZzSQSauYW4s2CQBqZ789wSJNsCAAqcM340Yc/Bbf
MVf95kdqJDolNq+n8UDZxmRHkLaoMA48q8dD9qyzTQS9bdwOTGIO7QF01bFHjS6D
SYyMlIqASMKoCg867tawV0FdwhWDaB09Etp0Y3ZIpSBFbBwiW1jyTCyubtrhpcZB
60ZPTNSnWJML8zyUQrVE9z4jYgKlaHvfHvNmfKQamRAIxPwrRTUpfeiPR+hpl6Sa
m1cUA71piN8WebIvHpGh+alwLqeGkzIMPLRBRTdAy4YQaMLiXocFBPg/PoqJ1eRy
P9qsx9FzEq/qPqgCyeQe4gKvQTFB8NW4F8aA0jkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpFPfIxRIdRMo9+0FKoQ6tsVlmRTAfBgNVHSMEGDAWgBS/oKOPhdL1MFO4
yJQ9kBewuPdxrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y2Q2pqNFhTOVRCVHVNaVVQWkFYc0xqM2Nhdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvNDA5OWQ3LWMzY2UtNDcyMS1iMGU5LTdhYjFmYTBiYTM5OS8x
L0tSVDN5TVVTSFVUS1BmdEJTcUVPcmJGWlprVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
NDA5OWQ3LWMzY2UtNDcyMS1iMGU5LTdhYjFmYTBiYTM5OS8xL3Y2Q2pqNFhTOVRC
VHVNaVVQWkFYc0xqM2Nhdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME6BjANBgkqhkiG9w0BAQsFAAOC
AQEAcZ6YwpePFYcg+M+0umCGsC/iJylXfyEGFnTGFCZsH+943GCQo8leJ/VOWWGA
sXnldJq80HCJeCJYjMLkEtpjH8ycvypVGdeYm3TI0T32GHxvJvOEfqavYcJsNc0J
kwR4ENz3wl6fmr7sg8cYZJVzXbUHw/SjJ1n3x3Cvfaq3oNoxxoPfxTKnHKPl8uxS
ShYs1rd4cwhAA52u3/iP2LX4tYDuSKPwvd5rSOpm8XmEXnHVOEncixkAin1GsEL8
z3CcATEU7ZBho1uDMCiABMcLDHjjQ/oZWkb0oD4OhYsfH0sAFtFO9DurVnXBMQ5J
QweYbpfHR3GtJ4QxoTf333OXOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:06 2024 by rpki-client on console-fra.rpki-client.org