Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/1-I625g8e1vz90rasRmoNLVP_gU8.roa
File:                     1-I625g8e1vz90rasRmoNLVP_gU8.roa (raw, json)
Hash identifier:          A3lb2PfCDSbXdfFVI7K8ayqIusogSoG2BChwx4QlQKE=
Subject key identifier:   F8:8E:B6:E6:0F:1E:D6:FC:FD:D2:B6:AC:46:6A:0D:2D:53:FF:81:4F
Certificate issuer:       /CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Certificate serial:       024D38F1
Authority key identifier: 80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/1-I625g8e1vz90rasRmoNLVP_gU8.roa
Signing time:             Sat 01 Jan 2022 05:56:55 +0000
ROA not before:           Sat 01 Jan 2022 05:56:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207143
IP address blocks:        193.135.58.0/24 maxlen: 24
                          2001:67c:3d4::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38615281 (0x24d38f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
        Validity
            Not Before: Jan  1 05:56:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f88eb6e60f1ed6fcfdd2b6ac466a0d2d53ff814f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:1e:ab:58:a2:60:ba:90:aa:39:4b:a5:61:a7:
                    e3:ab:db:02:f8:c9:75:7a:52:97:ca:85:ee:7a:40:
                    52:8e:18:1c:70:51:d6:d5:2c:a7:59:92:c0:cf:57:
                    02:7c:44:ff:e4:d0:65:4a:c1:15:15:69:ad:20:ca:
                    3e:d6:8a:2b:1d:95:16:c2:d2:1c:7e:2f:e0:2a:7d:
                    2f:8f:23:07:ff:03:42:40:c9:42:50:d6:e9:bf:06:
                    da:b9:03:9c:52:d9:2a:ea:18:f9:59:ce:6c:e4:7c:
                    86:8f:6e:3e:4e:8a:58:e1:83:fa:31:88:b7:c7:1d:
                    c8:47:98:3b:cf:d2:7b:34:52:0d:5a:fb:97:51:7d:
                    01:b8:f2:1b:ce:0c:83:6b:84:99:af:37:6d:fd:0d:
                    a6:e7:e5:ca:cf:de:da:18:32:0f:72:70:1a:7f:4b:
                    0a:4a:b8:65:a0:c3:b6:ee:53:bf:ba:88:d5:f6:6d:
                    c4:e0:1b:67:e9:5f:59:32:13:94:c1:20:3b:de:00:
                    da:03:3d:14:d7:1f:e2:b1:46:cd:dd:c4:43:9d:1b:
                    86:08:99:48:90:9d:db:b2:14:24:34:71:00:88:fd:
                    82:9a:13:9b:a2:1c:7e:a9:8f:ef:c6:38:76:4c:9c:
                    9e:88:bf:ae:da:27:00:68:63:ef:b6:f2:d0:47:69:
                    a3:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:8E:B6:E6:0F:1E:D6:FC:FD:D2:B6:AC:46:6A:0D:2D:53:FF:81:4F
            X509v3 Authority Key Identifier:
                keyid:80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/1-I625g8e1vz90rasRmoNLVP_gU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/gFBQT0sXdugLitn4s1bmE7WFs1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.135.58.0/24
                IPv6:
                  2001:67c:3d4::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:24:f6:df:27:0d:02:a1:1f:b7:22:e8:49:1e:3e:d5:15:3b:
         57:2c:19:c2:40:53:7f:c6:98:91:85:bf:bb:38:7f:52:ef:b7:
         34:bc:ed:80:4c:6f:17:fc:a8:86:a0:d3:b3:01:fd:94:dd:40:
         e1:0d:77:91:be:92:ba:21:6e:89:33:70:20:90:40:18:b8:16:
         22:04:91:18:9c:7f:21:f8:e4:a6:f0:c6:1d:68:af:13:af:06:
         a4:27:93:3b:c9:f6:a2:78:a1:e1:fe:21:95:79:5d:50:a2:30:
         d7:1b:bd:f4:86:df:f1:1b:3f:20:7c:44:eb:21:5f:af:ef:34:
         d4:59:97:70:08:b0:4a:0d:8b:f1:cc:f3:80:77:3c:7f:bc:3a:
         13:fa:1a:10:fa:0b:75:d0:55:fa:44:b7:8d:f8:d8:15:e2:5a:
         9a:d3:7e:c1:cf:2c:e8:d1:d3:6e:a4:09:40:63:ee:4a:d4:9a:
         c2:81:f9:d3:12:b6:5a:80:9c:cf:be:3d:56:f1:88:59:41:12:
         6e:64:fd:73:2d:10:41:ec:a3:c2:54:d4:81:01:46:9b:74:d2:
         ac:87:82:60:80:be:a4:21:62:00:35:f8:49:fb:08:fb:70:b4:
         91:6c:1e:78:2f:47:4d:73:58:1a:cb:0b:8a:35:c3:32:38:b0:
         50:75:ea:cd
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAk048TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MDUwNTA0ZjRiMTc3NmU4MGI4YWQ5ZjhiMzU2ZTYxM2I1ODViMzVhMB4XDTIyMDEw
MTA1NTY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg4ZWI2ZTYwZjFl
ZDZmY2ZkZDJiNmFjNDY2YTBkMmQ1M2ZmODE0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkeq1iiYLqQqjlLpWGn46vbAvjJdXpSl8qF7npAUo4YHHBR
1tUsp1mSwM9XAnxE/+TQZUrBFRVprSDKPtaKKx2VFsLSHH4v4Cp9L48jB/8DQkDJ
QlDW6b8G2rkDnFLZKuoY+VnObOR8ho9uPk6KWOGD+jGIt8cdyEeYO8/SezRSDVr7
l1F9AbjyG84Mg2uEma83bf0Npuflys/e2hgyD3JwGn9LCkq4ZaDDtu5Tv7qI1fZt
xOAbZ+lfWTITlMEgO94A2gM9FNcf4rFGzd3EQ50bhgiZSJCd27IUJDRxAIj9gpoT
m6IcfqmP78Y4dkycnoi/rtonAGhj77by0Edpo/MCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBT4jrbmDx7W/P3StqxGag0tU/+BTzAfBgNVHSMEGDAWgBSAUFBPSxd26AuK
2fizVuYTtYWzWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dGQlFUMHNYZHVnTGl0bjRzMWJtRTdXRnMxby5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvYjU5NzE1LWIwNWEtNGI0YS1hOTIyLTAxNDRhMzI4MmEyZS8x
LzEtSTYyNWc4ZTF2ejkwcmFzUm1vTkxWUF9nVTgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y0
L2I1OTcxNS1iMDVhLTRiNGEtYTkyMi0wMTQ0YTMyODJhMmUvMS9nRkJRVDBzWGR1
Z0xpdG40czFibUU3V0ZzMW8uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADBhzowDwQCAAIwCQMHACABBnwD
1DANBgkqhkiG9w0BAQsFAAOCAQEAMCT23ycNAqEftyLoSR4+1RU7VywZwkBTf8aY
kYW/uzh/Uu+3NLztgExvF/yohqDTswH9lN1A4Q13kb6SuiFuiTNwIJBAGLgWIgSR
GJx/IfjkpvDGHWivE68GpCeTO8n2onih4f4hlXldUKIw1xu99Ibf8Rs/IHxE6yFf
r+801FmXcAiwSg2L8czzgHc8f7w6E/oaEPoLddBV+kS3jfjYFeJamtN+wc8s6NHT
bqQJQGPuStSawoH50xK2WoCcz749VvGIWUESbmT9cy0QQeyjwlTUgQFGm3TSrIeC
YIC+pCFiADX4SfsI+3C0kWweeC9HTXNYGssLijXDMjiwUHXqzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:40 2024 by rpki-client on console-ams.rpki-client.org