Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/jGDxyE7HDVXsB-AwVeFG1mraLNM.roa
File:                     jGDxyE7HDVXsB-AwVeFG1mraLNM.roa (raw, json)
Hash identifier:          2RzhRx9uv/vD5WGUu4Foyxsji/j/Zi/mQNwwrFcFK38=
Subject key identifier:   8C:60:F1:C8:4E:C7:0D:55:EC:07:E0:30:55:E1:46:D6:6A:DA:2C:D3
Certificate issuer:       /CN=b0bd68e370e7ec25bec8e01497b2138d95dc6ebc
Certificate serial:       01843C97C39E0A8E6EAA68DDF2D7A573DA1D
Authority key identifier: B0:BD:68:E3:70:E7:EC:25:BE:C8:E0:14:97:B2:13:8D:95:DC:6E:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sL1o43Dn7CW-yOAUl7ITjZXcbrw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/jGDxyE7HDVXsB-AwVeFG1mraLNM.roa
Signing time:             Thu 03 Nov 2022 08:24:49 +0000
ROA not before:           Thu 03 Nov 2022 08:24:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8423
IP address blocks:        193.200.141.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:3c:97:c3:9e:0a:8e:6e:aa:68:dd:f2:d7:a5:73:da:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0bd68e370e7ec25bec8e01497b2138d95dc6ebc
        Validity
            Not Before: Nov  3 08:24:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8c60f1c84ec70d55ec07e03055e146d66ada2cd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:13:90:09:d7:b9:04:75:63:d6:84:4c:07:e2:
                    fa:b9:f3:de:7e:bd:5d:52:33:9d:74:5a:4d:4d:36:
                    bb:0e:ec:27:a5:e2:5e:b2:1c:f8:0d:cd:37:b5:74:
                    b5:8c:12:31:77:c1:5f:81:b8:bb:9a:8f:d8:eb:a3:
                    b3:07:b8:38:08:5d:cd:98:2a:bd:35:22:57:23:93:
                    c5:38:6d:d4:f9:3a:ba:38:d3:9d:de:3a:47:67:35:
                    28:08:03:15:61:9b:a6:bb:6b:0e:0c:a0:fb:43:68:
                    00:35:62:a0:61:ad:f5:e4:e4:21:14:cd:e4:24:70:
                    6b:08:5e:07:e0:b5:ea:d3:d3:15:73:5e:b8:9e:c1:
                    81:e8:49:87:b0:20:fc:71:4b:1f:94:d1:51:20:3b:
                    24:74:ff:0b:3d:ae:50:86:79:73:7c:05:4d:1e:bc:
                    1b:db:d7:5b:cf:7f:69:bf:85:7d:4d:0a:2c:8c:1b:
                    9c:23:f3:fd:35:e3:f9:52:a1:81:02:b5:fe:4c:7d:
                    89:f9:68:6a:1a:5f:23:c4:99:a8:ff:7d:72:3e:60:
                    64:9f:56:a1:f1:5a:eb:c8:26:bf:0f:d8:94:89:f1:
                    f0:c8:5d:99:99:f2:59:36:31:ad:a8:0f:74:d4:a3:
                    c7:dd:35:ce:a1:7b:7e:cd:ff:72:7b:53:25:6f:7f:
                    8b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:60:F1:C8:4E:C7:0D:55:EC:07:E0:30:55:E1:46:D6:6A:DA:2C:D3
            X509v3 Authority Key Identifier:
                keyid:B0:BD:68:E3:70:E7:EC:25:BE:C8:E0:14:97:B2:13:8D:95:DC:6E:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sL1o43Dn7CW-yOAUl7ITjZXcbrw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/jGDxyE7HDVXsB-AwVeFG1mraLNM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/f4ca1c-35dd-4cb1-84fa-8115cafd38ce/1/sL1o43Dn7CW-yOAUl7ITjZXcbrw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.200.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:c5:69:24:60:e4:b9:08:e3:e6:01:6b:c4:8f:29:a7:78:fe:
         95:b9:bb:a2:b8:85:2d:3a:7c:cd:81:08:2b:2f:34:3b:ff:32:
         df:f3:06:13:73:25:9a:cf:c5:7e:cf:ff:62:c1:93:d6:55:a9:
         a8:76:7c:df:5c:fe:ce:03:1d:ff:66:c7:ad:cf:55:54:ed:9e:
         00:f1:ea:78:41:8e:9b:7d:65:e3:27:4e:b3:be:28:21:60:23:
         87:c9:00:9e:38:5e:f1:7b:8a:60:a5:6d:58:83:e0:95:f3:e9:
         c7:50:bb:49:9d:d1:b3:3f:88:00:ff:87:ed:58:08:96:67:b8:
         27:3f:43:a3:e6:a2:22:93:fe:fe:21:8b:ec:47:74:42:23:bf:
         9b:bb:51:4a:13:09:07:39:f3:9b:72:69:a7:69:2e:12:83:54:
         bd:df:4f:a7:a4:2a:6e:30:09:51:c0:b4:8c:3f:0d:f1:4e:7d:
         83:b9:fb:c3:01:7c:01:40:e8:f9:7e:02:15:87:35:5d:97:50:
         ac:a7:87:d9:2d:dc:78:f1:46:a9:f7:64:da:7f:a4:18:4d:1b:
         3d:3c:97:62:17:fb:6a:d2:48:ba:79:f4:0a:35:00:e0:eb:9d:
         9e:42:f3:e7:95:91:d7:16:d6:be:29:88:2e:51:6f:e2:f4:1f:
         fd:f6:70:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ8l8OeCo5uqmjd8telc9odMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmQ2OGUzNzBlN2VjMjViZWM4ZTAxNDk3YjIxMzhkOTVk
YzZlYmMwHhcNMjIxMTAzMDgyNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzYwZjFjODRlYzcwZDU1ZWMwN2UwMzA1NWUxNDZkNjZhZGEyY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshOQCde5BHVj1oRMB+L6ufPefr1d
UjOddFpNTTa7DuwnpeJeshz4Dc03tXS1jBIxd8Ffgbi7mo/Y66OzB7g4CF3NmCq9
NSJXI5PFOG3U+Tq6ONOd3jpHZzUoCAMVYZumu2sODKD7Q2gANWKgYa315OQhFM3k
JHBrCF4H4LXq09MVc164nsGB6EmHsCD8cUsflNFRIDskdP8LPa5QhnlzfAVNHrwb
29dbz39pv4V9TQosjBucI/P9NeP5UqGBArX+TH2J+WhqGl8jxJmo/31yPmBkn1ah
8VrryCa/D9iUifHwyF2ZmfJZNjGtqA901KPH3TXOoXt+zf9ye1Mlb3+LzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIxg8chOxw1V7AfgMFXhRtZq2izTMB8GA1UdIwQY
MBaAFLC9aONw5+wlvsjgFJeyE42V3G68MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0wxbzQzRG43Q1cteU9BVWw3SVRqWlhjYnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9mNGNhMWMtMzVkZC00Y2IxLTg0ZmEt
ODExNWNhZmQzOGNlLzEvakdEeHlFN0hEVlhzQi1Bd1ZlRkcxbXJhTE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9mNGNhMWMtMzVkZC00Y2IxLTg0ZmEtODExNWNhZmQzOGNl
LzEvc0wxbzQzRG43Q1cteU9BVWw3SVRqWlhjYnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwciNMA0G
CSqGSIb3DQEBCwUAA4IBAQCqxWkkYOS5COPmAWvEjymneP6VubuiuIUtOnzNgQgr
LzQ7/zLf8wYTcyWaz8V+z/9iwZPWVamodnzfXP7OAx3/Zsetz1VU7Z4A8ep4QY6b
fWXjJ06zvighYCOHyQCeOF7xe4pgpW1Yg+CV8+nHULtJndGzP4gA/4ftWAiWZ7gn
P0Oj5qIik/7+IYvsR3RCI7+bu1FKEwkHOfObcmmnaS4Sg1S930+npCpuMAlRwLSM
Pw3xTn2DufvDAXwBQOj5fgIVhzVdl1Csp4fZLdx48Uap92Taf6QYTRs9PJdiF/tq
0ki6efQKNQDg652eQvPnlZHXFta+KYguUW/i9B/99nAm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org