Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6007ff-5f0c-4a73-a3f2-ccc5814094ad/1/eAPNh9CFWW_gIbp0MBMqVZ3Mnn4.roa
File:                     eAPNh9CFWW_gIbp0MBMqVZ3Mnn4.roa (raw, json)
Hash identifier:          qCdSY3ravA2Jx7MhO89UYMzCv/wOGHoVQijli8LEQd0=
Subject key identifier:   78:03:CD:87:D0:85:59:6F:E0:21:BA:74:30:13:2A:55:9D:CC:9E:7E
Certificate issuer:       /CN=190d5b0543bd85a8ecf969abb8503c9dead0df98
Certificate serial:       E985
Authority key identifier: 19:0D:5B:05:43:BD:85:A8:EC:F9:69:AB:B8:50:3C:9D:EA:D0:DF:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GQ1bBUO9hajs-WmruFA8nerQ35g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/6007ff-5f0c-4a73-a3f2-ccc5814094ad/1/eAPNh9CFWW_gIbp0MBMqVZ3Mnn4.roa
Signing time:             Thu 28 Apr 2022 09:34:39 +0000
ROA not before:           Thu 28 Apr 2022 09:34:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42264
IP address blocks:        193.33.24.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59781 (0xe985)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=190d5b0543bd85a8ecf969abb8503c9dead0df98
        Validity
            Not Before: Apr 28 09:34:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7803cd87d085596fe021ba7430132a559dcc9e7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:bf:26:79:af:21:3d:f9:0b:46:2b:c0:62:89:
                    e1:68:8c:f1:cf:cc:19:e2:4d:3c:cd:a6:50:29:12:
                    ee:4b:f2:99:e8:4f:88:a3:73:2e:b4:39:bb:2d:db:
                    16:48:a5:fd:00:55:62:b3:40:04:bc:4f:2e:ba:02:
                    b5:09:91:30:9c:8d:48:07:ea:c6:27:18:41:b9:b2:
                    48:94:49:97:41:4c:cc:6f:7f:38:0a:d4:01:17:a7:
                    af:a4:7b:cb:66:f3:9d:a2:d8:26:d8:e5:70:c8:c2:
                    d3:3b:b1:56:19:7d:a3:16:b8:da:31:62:ff:10:1b:
                    1e:24:a4:87:be:d5:4b:32:2c:93:e5:33:92:f9:be:
                    9e:96:f1:ab:f9:b2:25:40:80:90:1b:03:ad:d4:5f:
                    43:38:a3:61:06:1b:c4:82:5c:ed:4e:fe:25:e0:64:
                    65:4e:5e:ff:6f:ed:18:fb:56:14:d4:24:a5:bf:0e:
                    4f:c3:51:f6:0a:64:5d:34:1e:b6:15:45:81:4d:89:
                    56:4c:17:0a:fd:cf:1e:c0:80:bb:d5:84:1b:78:53:
                    56:7f:61:f3:55:c4:4d:79:96:49:80:54:1a:7a:4a:
                    5c:06:02:29:2a:33:74:8c:14:26:0b:19:f8:a8:e3:
                    35:7b:b3:25:cd:cb:df:cf:e3:c2:7f:03:a1:f0:21:
                    f7:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:03:CD:87:D0:85:59:6F:E0:21:BA:74:30:13:2A:55:9D:CC:9E:7E
            X509v3 Authority Key Identifier:
                keyid:19:0D:5B:05:43:BD:85:A8:EC:F9:69:AB:B8:50:3C:9D:EA:D0:DF:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQ1bBUO9hajs-WmruFA8nerQ35g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6007ff-5f0c-4a73-a3f2-ccc5814094ad/1/eAPNh9CFWW_gIbp0MBMqVZ3Mnn4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6007ff-5f0c-4a73-a3f2-ccc5814094ad/1/GQ1bBUO9hajs-WmruFA8nerQ35g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.33.24.0/23

    Signature Algorithm: sha256WithRSAEncryption
         cf:5e:55:a7:44:74:e7:bb:b8:cd:9c:6f:0a:42:51:6c:4d:89:
         77:34:dd:b4:cf:e8:6c:d9:6a:e6:e1:77:11:25:ba:bc:d4:4a:
         77:50:4c:d0:0a:a3:0a:94:fd:6d:56:8b:7c:30:df:d6:3c:3b:
         5e:ca:e5:bf:ba:28:21:c8:bf:4e:2b:a4:53:4a:8b:36:c7:40:
         42:20:ad:9c:47:6b:95:d7:72:d9:cc:ca:fb:a3:fc:83:76:86:
         0b:21:de:2b:86:d0:5e:64:df:6b:23:0e:1b:9c:3e:42:87:d7:
         de:5d:6f:b9:02:60:fc:fe:3f:40:a6:32:e4:b1:97:03:27:0e:
         e0:95:1d:0e:e7:e1:07:c3:2e:5a:73:2a:21:aa:bf:8e:46:b2:
         31:f4:35:57:13:43:a6:99:d1:53:90:99:35:a5:bc:74:d0:6e:
         88:c1:d9:3e:2d:8d:7b:03:69:64:9b:32:f6:9e:47:bf:16:36:
         96:b1:d9:dd:a2:95:52:59:6d:14:08:f5:34:93:f6:ba:f9:54:
         af:76:29:06:79:1e:ce:ae:05:0a:8c:ab:9c:7b:d9:85:0f:be:
         13:aa:f1:43:d5:38:96:10:29:01:eb:65:3c:74:e6:c9:8b:d7:
         31:92:f7:c6:d3:f5:79:dc:15:c8:f2:93:df:eb:7c:fd:0a:5c:
         43:b1:62:a5
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAOmFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE5
MGQ1YjA1NDNiZDg1YThlY2Y5NjlhYmI4NTAzYzlkZWFkMGRmOTgwHhcNMjIwNDI4
MDkzNDM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ODAzY2Q4N2QwODU1
OTZmZTAyMWJhNzQzMDEzMmE1NTlkY2M5ZTdlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm78mea8hPfkLRivAYonhaIzxz8wZ4k08zaZQKRLuS/KZ6E+I
o3MutDm7LdsWSKX9AFVis0AEvE8uugK1CZEwnI1IB+rGJxhBubJIlEmXQUzMb384
CtQBF6evpHvLZvOdotgm2OVwyMLTO7FWGX2jFrjaMWL/EBseJKSHvtVLMiyT5TOS
+b6elvGr+bIlQICQGwOt1F9DOKNhBhvEglztTv4l4GRlTl7/b+0Y+1YU1CSlvw5P
w1H2CmRdNB62FUWBTYlWTBcK/c8ewIC71YQbeFNWf2HzVcRNeZZJgFQaekpcBgIp
KjN0jBQmCxn4qOM1e7Mlzcvfz+PCfwOh8CH37wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFHgDzYfQhVlv4CG6dDATKlWdzJ5+MB8GA1UdIwQYMBaAFBkNWwVDvYWo7Plp
q7hQPJ3q0N+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
R1ExYkJVTzloYWpzLVdtcnVGQThuZXJRMzVnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lNC82MDA3ZmYtNWYwYy00YTczLWEzZjItY2NjNTgxNDA5NGFkLzEv
ZUFQTmg5Q0ZXV19nSWJwME1CTXFWWjNNbm40LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82
MDA3ZmYtNWYwYy00YTczLWEzZjItY2NjNTgxNDA5NGFkLzEvR1ExYkJVTzloYWpz
LVdtcnVGQThuZXJRMzVnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSEYMA0GCSqGSIb3DQEBCwUAA4IB
AQDPXlWnRHTnu7jNnG8KQlFsTYl3NN20z+hs2Wrm4XcRJbq81Ep3UEzQCqMKlP1t
Vot8MN/WPDteyuW/uighyL9OK6RTSos2x0BCIK2cR2uV13LZzMr7o/yDdoYLId4r
htBeZN9rIw4bnD5Ch9feXW+5AmD8/j9ApjLksZcDJw7glR0O5+EHwy5acyohqr+O
RrIx9DVXE0OmmdFTkJk1pbx00G6Iwdk+LY17A2lkmzL2nke/FjaWsdndopVSWW0U
CPU0k/a6+VSvdikGeR7OrgUKjKuce9mFD74TqvFD1TiWECkB62U8dObJi9cxkvfG
0/V53BXI8pPf63z9ClxDsWKl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:25 2024 by rpki-client on console-fra.rpki-client.org