Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/cUkXgRSvRmpvlpbTg6o4wjuPlt4.roa
File:                     cUkXgRSvRmpvlpbTg6o4wjuPlt4.roa (raw, json)
Hash identifier:          sv4uUaw8TnxixAVNGRDHnYz0VSrFr3LkRbozMNHcViI=
Subject key identifier:   71:49:17:81:14:AF:46:6A:6F:96:96:D3:83:AA:38:C2:3B:8F:96:DE
Certificate issuer:       /CN=6cf2fb0fa52de13c336689cf3f4829d63506750f
Certificate serial:       385DDD98
Authority key identifier: 6C:F2:FB:0F:A5:2D:E1:3C:33:66:89:CF:3F:48:29:D6:35:06:75:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/cUkXgRSvRmpvlpbTg6o4wjuPlt4.roa
Signing time:             Sat 01 Jan 2022 02:02:03 +0000
ROA not before:           Sat 01 Jan 2022 02:02:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43751
IP address blocks:        93.191.216.0/21 maxlen: 24
                          2a02:4b0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 945675672 (0x385ddd98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cf2fb0fa52de13c336689cf3f4829d63506750f
        Validity
            Not Before: Jan  1 02:02:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7149178114af466a6f9696d383aa38c23b8f96de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:18:28:62:e0:8e:b2:4c:f3:9c:8d:bc:7d:f4:
                    c3:f0:e3:2d:9d:9f:b4:d9:24:35:21:49:23:c3:ba:
                    b1:58:b7:b4:15:e2:bd:34:73:96:a2:92:69:e0:0b:
                    77:2e:bb:0a:66:b5:51:2d:15:d3:f5:86:38:49:e0:
                    7c:c3:ea:cc:8e:76:b8:30:30:56:89:31:98:1c:5e:
                    b9:27:06:05:f1:96:98:bc:61:82:d2:9c:38:dd:25:
                    ad:52:30:f1:e0:f7:a4:38:0c:49:8e:5c:cf:c9:b1:
                    2a:dd:c8:04:9e:07:53:84:e3:78:c7:de:d7:a7:f3:
                    6f:d9:a3:e0:ab:cf:ab:b9:78:f6:c4:6c:d7:03:f5:
                    4a:de:16:be:33:83:0d:d8:f4:3f:a2:ea:c6:da:88:
                    c3:a7:74:13:9e:63:9b:b3:37:16:85:59:34:1a:9c:
                    f0:85:61:08:32:50:17:9e:19:d3:62:24:a5:c9:f9:
                    54:e8:e4:ed:d3:75:8b:00:ef:bf:b3:9c:5e:bd:97:
                    15:23:80:13:92:8b:93:b8:b1:f3:31:0d:bc:71:35:
                    3f:10:2e:1c:24:73:cd:eb:a0:b7:9f:25:ac:59:aa:
                    28:5f:9d:72:cb:6e:eb:84:c2:4c:c0:60:fc:47:24:
                    43:89:d3:27:32:5a:9c:17:3b:69:85:57:6f:86:36:
                    98:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:49:17:81:14:AF:46:6A:6F:96:96:D3:83:AA:38:C2:3B:8F:96:DE
            X509v3 Authority Key Identifier:
                keyid:6C:F2:FB:0F:A5:2D:E1:3C:33:66:89:CF:3F:48:29:D6:35:06:75:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/cUkXgRSvRmpvlpbTg6o4wjuPlt4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.191.216.0/21
                IPv6:
                  2a02:4b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         27:92:50:ec:63:2a:30:9c:af:c4:a0:58:11:64:b8:00:2d:a6:
         1f:d5:2d:be:a6:6c:dd:b4:1b:45:5f:b6:c7:27:c7:1d:63:11:
         6c:c9:5f:21:78:56:66:cc:61:7b:c3:7d:16:6a:a9:6d:53:20:
         52:ab:ef:82:47:ca:47:23:f1:f4:f1:6d:91:77:a8:33:3a:b8:
         75:02:1f:07:24:03:54:eb:9f:31:a9:b3:d8:9d:5c:c9:41:0e:
         d5:b7:cc:b8:1e:52:17:01:df:5f:9d:b6:1d:b2:dd:5e:98:27:
         9b:85:74:32:25:7e:68:f1:0d:8d:d8:b8:1b:bb:2d:d8:72:fd:
         ee:0f:7a:39:65:a9:90:e1:7f:a5:60:a3:b5:8e:a6:bc:ae:1a:
         21:ac:89:48:d3:2a:c7:f0:20:e1:79:0d:48:79:6a:da:7b:92:
         83:c3:ef:c4:3a:7d:8c:2c:53:b7:c7:86:5e:77:71:55:a1:96:
         1c:f8:61:9d:d2:ed:71:12:8c:2b:30:a5:30:ad:60:99:b0:5f:
         9d:c1:45:33:7f:20:2a:dd:d4:12:58:16:b9:62:79:43:a6:de:
         e3:b5:78:da:df:26:a5:29:b0:b7:14:6e:4e:33:a4:49:33:01:
         3e:d9:76:90:0c:8f:28:89:24:84:e5:d8:f5:87:91:d2:f9:3b:
         12:8a:7d:9f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEOF3dmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2YyZmIwZmE1MmRlMTNjMzM2Njg5Y2YzZjQ4MjlkNjM1MDY3NTBmMB4XDTIyMDEw
MTAyMDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE0OTE3ODExNGFm
NDY2YTZmOTY5NmQzODNhYTM4YzIzYjhmOTZkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkYKGLgjrJM85yNvH30w/DjLZ2ftNkkNSFJI8O6sVi3tBXi
vTRzlqKSaeALdy67Cma1US0V0/WGOEngfMPqzI52uDAwVokxmBxeuScGBfGWmLxh
gtKcON0lrVIw8eD3pDgMSY5cz8mxKt3IBJ4HU4TjeMfe16fzb9mj4KvPq7l49sRs
1wP1St4WvjODDdj0P6LqxtqIw6d0E55jm7M3FoVZNBqc8IVhCDJQF54Z02Ikpcn5
VOjk7dN1iwDvv7OcXr2XFSOAE5KLk7ix8zENvHE1PxAuHCRzzeugt58lrFmqKF+d
cstu64TCTMBg/EckQ4nTJzJanBc7aYVXb4Y2mB0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRxSReBFK9Gam+WltODqjjCO4+W3jAfBgNVHSMEGDAWgBRs8vsPpS3hPDNm
ic8/SCnWNQZ1DzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JQTDdENlV0NFR3elpvblBQMGdwMWpVR2RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvY2YwNzE1LWI5OTMtNDM0OC05N2U5LTZlYzk4Mjk1MWNmNy8x
L2NVa1hnUlN2Um1wdmxwYlRnNm80d2p1UGx0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
Y2YwNzE1LWI5OTMtNDM0OC05N2U5LTZlYzk4Mjk1MWNmNy8xL2JQTDdENlV0NFR3
elpvblBQMGdwMWpVR2RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA12/2DANBAIAAjAHAwUAKgIEsDAN
BgkqhkiG9w0BAQsFAAOCAQEAJ5JQ7GMqMJyvxKBYEWS4AC2mH9UtvqZs3bQbRV+2
xyfHHWMRbMlfIXhWZsxhe8N9FmqpbVMgUqvvgkfKRyPx9PFtkXeoMzq4dQIfByQD
VOufMamz2J1cyUEO1bfMuB5SFwHfX522HbLdXpgnm4V0MiV+aPENjdi4G7st2HL9
7g96OWWpkOF/pWCjtY6mvK4aIayJSNMqx/Ag4XkNSHlq2nuSg8PvxDp9jCxTt8eG
XndxVaGWHPhhndLtcRKMKzClMK1gmbBfncFFM38gKt3UElgWuWJ5Q6be47V42t8m
pSmwtxRuTjOkSTMBPtl2kAyPKIkkhOXY9YeR0vk7Eop9nw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:11 2024 by rpki-client on console-fra.rpki-client.org