Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/XNPvMdhG5uVN-FnJlpdBpWG7jfg.roa
File:                     XNPvMdhG5uVN-FnJlpdBpWG7jfg.roa (raw, json)
Hash identifier:          gqZr7CAhMDJi6z/ZdqEwGgg6ezvmK5ck6YYY/KZw32g=
Subject key identifier:   5C:D3:EF:31:D8:46:E6:E5:4D:F8:59:C9:96:97:41:A5:61:BB:8D:F8
Certificate issuer:       /CN=6cf2fb0fa52de13c336689cf3f4829d63506750f
Certificate serial:       385BBBDF
Authority key identifier: 6C:F2:FB:0F:A5:2D:E1:3C:33:66:89:CF:3F:48:29:D6:35:06:75:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/XNPvMdhG5uVN-FnJlpdBpWG7jfg.roa
Signing time:             Sat 01 Jan 2022 02:02:02 +0000
ROA not before:           Sat 01 Jan 2022 02:02:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        93.191.217.0/24 maxlen: 24
                          93.191.219.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 945535967 (0x385bbbdf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cf2fb0fa52de13c336689cf3f4829d63506750f
        Validity
            Not Before: Jan  1 02:02:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5cd3ef31d846e6e54df859c9969741a561bb8df8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:af:1c:8b:bf:47:d4:2d:de:9c:df:3d:46:94:
                    05:3d:16:20:11:30:7f:5b:f8:b5:aa:87:d7:d4:c0:
                    cd:d1:f0:ad:d6:6b:9b:b5:44:65:5b:08:9e:2d:7b:
                    20:4a:78:13:87:ae:f4:cb:2a:23:f7:d3:69:8b:f3:
                    4c:ab:a6:ad:4f:5c:af:6f:1d:bf:55:b5:27:76:b6:
                    99:e1:51:fe:98:1f:e1:2e:4d:41:07:ec:14:4b:74:
                    64:fb:ea:56:ab:d0:80:98:b7:8b:43:32:96:fd:20:
                    9a:b9:bb:67:74:02:0e:b9:5c:75:74:72:5f:ba:32:
                    4d:92:9d:71:4f:56:81:b2:ba:81:4a:86:e9:26:87:
                    2c:d6:b7:26:b9:25:3f:87:89:3b:e2:94:4a:f8:e3:
                    79:3d:17:76:1c:44:cf:69:d4:7f:99:43:60:d5:e7:
                    5c:e6:2a:bc:29:da:14:3b:a8:fc:1b:b0:90:93:76:
                    6b:ae:e7:ae:1d:7a:ab:af:c9:bb:cb:3c:02:54:e2:
                    0c:e5:fa:de:0b:d4:d5:00:91:69:ec:1e:d7:d9:33:
                    34:0b:96:0b:bf:2a:e6:63:3d:da:ef:24:bb:36:74:
                    b8:be:68:77:f2:68:b7:a8:91:32:30:c9:8b:d7:a7:
                    86:10:be:db:24:aa:b1:e3:f0:b4:fe:b1:43:ff:f9:
                    6c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:D3:EF:31:D8:46:E6:E5:4D:F8:59:C9:96:97:41:A5:61:BB:8D:F8
            X509v3 Authority Key Identifier:
                keyid:6C:F2:FB:0F:A5:2D:E1:3C:33:66:89:CF:3F:48:29:D6:35:06:75:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/XNPvMdhG5uVN-FnJlpdBpWG7jfg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.191.217.0/24
                  93.191.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:27:35:cc:76:63:0b:af:00:d4:be:98:e4:5a:b6:4f:9c:d8:
         20:bd:f4:dc:b5:4d:41:3b:5e:05:89:34:91:fa:d6:ca:0a:71:
         8f:76:50:d5:81:a7:02:72:17:16:e2:c5:8f:1c:8a:49:53:57:
         95:84:1d:76:7a:3c:ba:28:0a:48:ee:3f:87:83:9d:2d:6a:40:
         db:33:3a:ca:10:8b:68:51:8b:53:69:21:b0:27:c9:61:24:61:
         5f:c4:93:fc:88:aa:1d:5e:97:83:08:21:2d:93:b6:3f:1c:d5:
         00:da:60:45:7a:e9:0b:38:44:a2:19:38:aa:66:6d:5e:f3:ac:
         02:97:8e:13:0c:83:96:05:a4:d6:4f:50:76:5c:8b:b0:38:1a:
         12:4b:e4:39:56:b4:f9:99:95:95:6e:b5:27:9a:2c:8c:a2:67:
         1a:18:55:35:40:ea:49:5a:47:44:fa:b2:e5:4e:41:01:60:b1:
         3a:e2:dd:f8:b9:62:1c:9f:f6:b7:b4:17:2a:1e:f8:3a:b8:bf:
         a9:22:f0:77:d1:9e:5b:bd:80:ef:5a:88:be:64:25:2d:c9:71:
         e8:cc:51:a7:3f:85:ea:e3:0d:22:96:74:9d:40:ef:27:6a:eb:
         ed:ea:20:ee:d4:9b:e6:bb:a5:e3:b0:de:91:70:83:e2:4f:cc:
         20:21:23:b9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOFu73zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2YyZmIwZmE1MmRlMTNjMzM2Njg5Y2YzZjQ4MjlkNjM1MDY3NTBmMB4XDTIyMDEw
MTAyMDIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNkM2VmMzFkODQ2
ZTZlNTRkZjg1OWM5OTY5NzQxYTU2MWJiOGRmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKevHIu/R9Qt3pzfPUaUBT0WIBEwf1v4taqH19TAzdHwrdZr
m7VEZVsIni17IEp4E4eu9MsqI/fTaYvzTKumrU9cr28dv1W1J3a2meFR/pgf4S5N
QQfsFEt0ZPvqVqvQgJi3i0Mylv0gmrm7Z3QCDrlcdXRyX7oyTZKdcU9WgbK6gUqG
6SaHLNa3JrklP4eJO+KUSvjjeT0XdhxEz2nUf5lDYNXnXOYqvCnaFDuo/BuwkJN2
a67nrh16q6/Ju8s8AlTiDOX63gvU1QCRaewe19kzNAuWC78q5mM92u8kuzZ0uL5o
d/Jot6iRMjDJi9enhhC+2ySqsePwtP6xQ//5bHECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRc0+8x2Ebm5U34WcmWl0GlYbuN+DAfBgNVHSMEGDAWgBRs8vsPpS3hPDNm
ic8/SCnWNQZ1DzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JQTDdENlV0NFR3elpvblBQMGdwMWpVR2RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvY2YwNzE1LWI5OTMtNDM0OC05N2U5LTZlYzk4Mjk1MWNmNy8x
L1hOUHZNZGhHNXVWTi1GbkpscGRCcFdHN2pmZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
Y2YwNzE1LWI5OTMtNDM0OC05N2U5LTZlYzk4Mjk1MWNmNy8xL2JQTDdENlV0NFR3
elpvblBQMGdwMWpVR2RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF2/2QMEAF2/2zANBgkqhkiG9w0B
AQsFAAOCAQEAkCc1zHZjC68A1L6Y5Fq2T5zYIL303LVNQTteBYk0kfrWygpxj3ZQ
1YGnAnIXFuLFjxyKSVNXlYQddno8uigKSO4/h4OdLWpA2zM6yhCLaFGLU2khsCfJ
YSRhX8ST/IiqHV6XgwghLZO2PxzVANpgRXrpCzhEohk4qmZtXvOsApeOEwyDlgWk
1k9QdlyLsDgaEkvkOVa0+ZmVlW61J5osjKJnGhhVNUDqSVpHRPqy5U5BAWCxOuLd
+LliHJ/2t7QXKh74Ori/qSLwd9GeW72A71qIvmQlLclx6MxRpz+F6uMNIpZ0nUDv
J2rr7eog7tSb5rul47DekXCD4k/MICEjuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:11 2024 by rpki-client on console-fra.rpki-client.org