Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/YOmrfQZAfSvTwZk4iMSndh2UkE4.roa
File:                     YOmrfQZAfSvTwZk4iMSndh2UkE4.roa (raw, json)
Hash identifier:          B1r/c1W/QRO9HLqN8ksZNsOj6Qc45Xh0+Z8BnjbX7z8=
Subject key identifier:   60:E9:AB:7D:06:40:7D:2B:D3:C1:99:38:88:C4:A7:76:1D:94:90:4E
Certificate issuer:       /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial:       88B3AE
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/YOmrfQZAfSvTwZk4iMSndh2UkE4.roa
Signing time:             Fri 08 Apr 2022 08:58:58 +0000
ROA not before:           Fri 08 Apr 2022 08:58:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3356
IP address blocks:        193.42.214.0/24 maxlen: 24
                          193.42.217.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8958894 (0x88b3ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
        Validity
            Not Before: Apr  8 08:58:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=60e9ab7d06407d2bd3c1993888c4a7761d94904e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a3:dc:cf:2b:27:85:79:45:e8:0b:df:da:e1:
                    0f:f3:12:6d:46:eb:36:e5:19:17:8c:56:31:63:80:
                    f3:cd:b7:ed:e7:c6:10:04:c6:6d:12:f3:e6:fe:87:
                    d2:16:6c:08:78:d8:1d:ae:c6:99:75:ed:e9:90:06:
                    15:f1:18:d0:b7:2d:b8:e2:10:96:06:a7:02:6a:05:
                    06:a8:44:15:a8:17:9a:0b:8a:53:5e:4a:08:b3:c6:
                    85:ee:78:35:f0:94:d6:73:ff:04:08:f6:9f:ac:5a:
                    ff:89:61:9b:24:cd:cf:a9:79:44:d4:13:95:2d:3e:
                    25:3c:3a:b1:a7:96:56:1c:7a:76:45:8b:2c:5d:03:
                    e7:44:75:52:ba:ec:e4:0d:0b:e4:33:94:a2:9a:b0:
                    77:9e:02:9c:ed:23:24:da:23:33:b6:73:c8:d9:70:
                    f8:dc:99:a3:a6:58:4d:7a:ce:9d:2d:50:36:1a:2e:
                    4d:a1:6d:fc:59:57:16:78:28:33:a8:f7:6a:ca:da:
                    7c:c1:1d:3e:58:c7:cf:75:8e:65:c9:fc:46:b0:ff:
                    74:a3:b3:cd:24:39:ec:9f:57:5d:37:9b:e3:ad:9d:
                    e5:36:56:30:5b:5c:a8:30:38:0a:9b:fa:ed:57:3f:
                    9a:a9:fc:f2:24:c1:32:a5:38:eb:38:d3:53:50:60:
                    b3:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:E9:AB:7D:06:40:7D:2B:D3:C1:99:38:88:C4:A7:76:1D:94:90:4E
            X509v3 Authority Key Identifier:
                keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/YOmrfQZAfSvTwZk4iMSndh2UkE4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.42.214.0/24
                  193.42.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:d5:43:49:0a:0f:4c:76:b8:f8:6c:be:7f:80:2b:f3:7f:68:
         b5:df:f6:f8:f7:44:dd:ac:ec:06:1d:b3:21:4c:7b:00:a7:58:
         ad:23:74:e2:20:a3:8c:8f:43:9c:60:15:b5:5a:cf:da:3e:fc:
         ce:8b:2d:66:9f:46:a5:8d:b5:df:60:96:8e:37:fa:39:ed:4a:
         2f:c3:0a:0e:a0:a7:1d:0f:d4:04:c1:f3:2f:f8:22:19:17:83:
         99:bc:8d:4f:3f:da:de:ed:0a:61:d3:4a:18:6a:35:1b:14:f7:
         08:fb:a9:f2:90:a8:3d:52:8e:7c:25:ea:cb:e3:e4:43:3e:6e:
         ac:b1:37:f1:82:a8:c7:62:4e:b5:cf:23:a6:18:52:a9:2a:4b:
         aa:ed:9a:d5:c9:9b:4e:af:06:5f:71:0c:26:28:c9:0c:be:a8:
         81:ba:b0:ab:3e:34:56:57:ac:6e:6d:60:34:0f:fb:35:4a:66:
         d4:e0:82:ca:9c:bd:4e:12:22:68:87:40:96:5f:82:9e:d6:26:
         76:59:1e:c3:ae:6f:56:20:50:22:38:3c:d6:b3:43:16:bc:47:
         53:3d:7d:7a:0b:2d:ab:a4:6d:32:62:81:05:0a:b5:c2:04:b6:
         4f:f1:c6:e1:b4:b5:fb:98:90:2d:bd:95:03:0c:ef:0e:fa:24:
         d5:31:cf:08
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAIizrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODUzMTBmNTAzMTM3YWU4YjM1ZDRmMzI5ZjQ2ZjA2OWRkNzAzODE1MB4XDTIyMDQw
ODA4NTg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBlOWFiN2QwNjQw
N2QyYmQzYzE5OTM4ODhjNGE3NzYxZDk0OTA0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuj3M8rJ4V5RegL39rhD/MSbUbrNuUZF4xWMWOA88237efG
EATGbRLz5v6H0hZsCHjYHa7GmXXt6ZAGFfEY0LctuOIQlganAmoFBqhEFagXmguK
U15KCLPGhe54NfCU1nP/BAj2n6xa/4lhmyTNz6l5RNQTlS0+JTw6saeWVhx6dkWL
LF0D50R1Urrs5A0L5DOUopqwd54CnO0jJNojM7ZzyNlw+NyZo6ZYTXrOnS1QNhou
TaFt/FlXFngoM6j3asrafMEdPljHz3WOZcn8RrD/dKOzzSQ57J9XXTeb462d5TZW
MFtcqDA4Cpv67Vc/mqn88iTBMqU46zjTU1Bgs48CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRg6at9BkB9K9PBmTiIxKd2HZSQTjAfBgNVHSMEGDAWgBSoUxD1AxN66LNd
TzKfRvBp3XA4FTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FGTVE5UU1UZXVpelhVOHluMGJ3YWQxd09CVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvYjQyOTQ5LWVlMGEtNDEyMy04N2JmLTMwMTg5YTVhNGViYS8x
L1lPbXJmUVpBZlN2VHdaazRpTVNuZGgyVWtFNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
YjQyOTQ5LWVlMGEtNDEyMy04N2JmLTMwMTg5YTVhNGViYS8xL3FGTVE5UU1UZXVp
elhVOHluMGJ3YWQxd09CVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMEq1gMEAMEq2TANBgkqhkiG9w0B
AQsFAAOCAQEAAdVDSQoPTHa4+Gy+f4Ar839otd/2+PdE3azsBh2zIUx7AKdYrSN0
4iCjjI9DnGAVtVrP2j78zostZp9GpY2132CWjjf6Oe1KL8MKDqCnHQ/UBMHzL/gi
GReDmbyNTz/a3u0KYdNKGGo1GxT3CPup8pCoPVKOfCXqy+PkQz5urLE38YKox2JO
tc8jphhSqSpLqu2a1cmbTq8GX3EMJijJDL6ogbqwqz40Vlesbm1gNA/7NUpm1OCC
ypy9ThIiaIdAll+CntYmdlkew65vViBQIjg81rNDFrxHUz19egstq6RtMmKBBQq1
wgS2T/HG4bS1+5iQLb2VAwzvDvok1THPCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:03 2024 by rpki-client on console-ams.rpki-client.org