Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/1m_VatYI4v1x_ABDSSOYw5pUwCo.roa
File:                     1m_VatYI4v1x_ABDSSOYw5pUwCo.roa (raw, json)
Hash identifier:          VT7STTjWv+IGmYJqLljCNoxMxSna7YHqkZh1lwJjQx4=
Subject key identifier:   D6:6F:D5:6A:D6:08:E2:FD:71:FC:00:43:49:23:98:C3:9A:54:C0:2A
Certificate issuer:       /CN=961b9df745c32df27df33ebcfd536f19e13474fe
Certificate serial:       A8B26B
Authority key identifier: 96:1B:9D:F7:45:C3:2D:F2:7D:F3:3E:BC:FD:53:6F:19:E1:34:74:FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lhud90XDLfJ98z68_VNvGeE0dP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/1m_VatYI4v1x_ABDSSOYw5pUwCo.roa
Signing time:             Sat 01 Jan 2022 12:55:10 +0000
ROA not before:           Sat 01 Jan 2022 12:55:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        193.100.64.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11055723 (0xa8b26b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=961b9df745c32df27df33ebcfd536f19e13474fe
        Validity
            Not Before: Jan  1 12:55:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d66fd56ad608e2fd71fc0043492398c39a54c02a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:04:dc:b1:4d:37:bb:bd:8d:97:04:9b:63:e4:
                    55:b9:46:d5:1b:1f:cc:7f:90:f0:47:e9:bb:f8:9b:
                    4c:06:03:e7:db:23:5d:e6:a8:34:d0:1d:9d:26:b2:
                    66:b6:63:bc:4f:85:7e:d6:79:5b:28:9d:cc:6b:6f:
                    97:b2:f9:06:c8:8c:52:fe:c5:ce:0c:e6:5d:38:29:
                    37:0e:c4:a9:f4:a4:6a:88:dd:3e:9c:78:07:c2:30:
                    cc:c8:4e:d9:c7:69:3a:43:53:35:a9:d3:95:f2:5f:
                    b2:3b:22:78:99:92:a0:99:a8:06:fb:b6:ff:a7:a7:
                    09:d1:0e:be:ce:21:d8:5f:48:31:13:b9:fc:66:64:
                    5d:28:19:3b:ab:b8:7c:e6:81:98:85:c8:d9:a4:5d:
                    aa:c1:9e:12:60:79:4f:42:6b:e0:c8:13:cf:0f:8f:
                    fa:34:c0:2d:0c:dd:29:35:77:9b:1b:42:bb:d2:ce:
                    be:76:4d:98:1d:e6:86:58:8d:08:d9:19:e9:59:c3:
                    e9:e3:28:5f:f1:be:47:b9:42:b2:d3:95:3d:da:73:
                    08:f0:4a:47:67:77:bc:0d:be:76:da:87:fd:d3:a8:
                    db:df:b7:21:3e:43:83:19:5b:fb:5b:77:83:23:28:
                    2e:2b:04:df:7e:84:2b:03:b1:d6:8b:94:f8:e9:6c:
                    0a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:6F:D5:6A:D6:08:E2:FD:71:FC:00:43:49:23:98:C3:9A:54:C0:2A
            X509v3 Authority Key Identifier:
                keyid:96:1B:9D:F7:45:C3:2D:F2:7D:F3:3E:BC:FD:53:6F:19:E1:34:74:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhud90XDLfJ98z68_VNvGeE0dP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/1m_VatYI4v1x_ABDSSOYw5pUwCo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/lhud90XDLfJ98z68_VNvGeE0dP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.100.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:62:c0:2a:57:58:25:bd:64:65:31:b4:1f:95:95:85:5d:76:
         43:ea:b7:12:ca:6d:55:92:c4:a5:12:51:60:71:88:5d:d1:7d:
         b4:8d:6a:af:02:7c:36:59:bf:b8:97:c0:6a:e7:2e:1d:fd:e0:
         43:cb:92:1b:d5:68:2e:a8:3d:cf:d7:6f:84:93:8b:0e:7f:0e:
         fd:9b:1e:db:67:48:04:ee:33:70:44:d0:b2:40:35:60:35:d5:
         e6:eb:59:a4:66:cc:dd:3c:0b:f5:de:13:c4:fb:41:80:f5:b6:
         76:59:71:e4:f9:af:fb:f1:6b:63:cc:30:12:71:6a:d8:e5:dd:
         db:6f:57:68:8d:e8:a6:fb:39:96:e1:c4:a1:a4:61:11:b3:98:
         57:10:ca:d0:28:1a:a5:c2:ec:e1:16:17:fa:e5:03:8a:51:8a:
         c6:b6:8e:dd:0b:e6:89:d6:e3:b2:6d:db:5a:ec:4a:b7:48:86:
         8d:6f:e6:f9:4f:49:35:86:30:b4:b1:04:6c:47:f3:60:fc:39:
         60:79:f2:6d:f3:f1:04:35:9c:40:ad:b6:7c:9b:86:ff:1c:86:
         a1:e8:af:4d:c7:98:91:7b:7f:19:a6:d8:af:e8:bb:15:29:7f:
         9c:ab:25:56:e8:68:61:4b:bc:95:d2:f0:cf:55:df:e8:e8:1e:
         2f:6c:b1:c7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKiyazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NjFiOWRmNzQ1YzMyZGYyN2RmMzNlYmNmZDUzNmYxOWUxMzQ3NGZlMB4XDTIyMDEw
MTEyNTUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY2ZmQ1NmFkNjA4
ZTJmZDcxZmMwMDQzNDkyMzk4YzM5YTU0YzAyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0E3LFNN7u9jZcEm2PkVblG1RsfzH+Q8Efpu/ibTAYD59sj
XeaoNNAdnSayZrZjvE+FftZ5WyidzGtvl7L5BsiMUv7FzgzmXTgpNw7EqfSkaojd
Ppx4B8IwzMhO2cdpOkNTNanTlfJfsjsieJmSoJmoBvu2/6enCdEOvs4h2F9IMRO5
/GZkXSgZO6u4fOaBmIXI2aRdqsGeEmB5T0Jr4MgTzw+P+jTALQzdKTV3mxtCu9LO
vnZNmB3mhliNCNkZ6VnD6eMoX/G+R7lCstOVPdpzCPBKR2d3vA2+dtqH/dOo29+3
IT5Dgxlb+1t3gyMoLisE336EKwOx1ouU+OlsCoECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTWb9Vq1gji/XH8AENJI5jDmlTAKjAfBgNVHSMEGDAWgBSWG533RcMt8n3z
Prz9U28Z4TR0/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xodWQ5MFhETGZKOTh6NjhfVk52R2VFMGRQNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvZTg0OTIwLWY1Y2ItNDZkNy1iYzk5LWZlNTMyMTBiNTdiNi8x
LzFtX1ZhdFlJNHYxeF9BQkRTU09ZdzVwVXdDby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
ZTg0OTIwLWY1Y2ItNDZkNy1iYzk5LWZlNTMyMTBiNTdiNi8xL2xodWQ5MFhETGZK
OTh6NjhfVk52R2VFMGRQNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFkQDANBgkqhkiG9w0BAQsFAAOC
AQEAHmLAKldYJb1kZTG0H5WVhV12Q+q3EsptVZLEpRJRYHGIXdF9tI1qrwJ8Nlm/
uJfAaucuHf3gQ8uSG9VoLqg9z9dvhJOLDn8O/Zse22dIBO4zcETQskA1YDXV5utZ
pGbM3TwL9d4TxPtBgPW2dllx5Pmv+/FrY8wwEnFq2OXd229XaI3opvs5luHEoaRh
EbOYVxDK0CgapcLs4RYX+uUDilGKxraO3Qvmidbjsm3bWuxKt0iGjW/m+U9JNYYw
tLEEbEfzYPw5YHnybfPxBDWcQK22fJuG/xyGoeivTceYkXt/GabYr+i7FSl/nKsl
VuhoYUu8ldLwz1Xf6OgeL2yxxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:50 2024 by rpki-client on console-fra.rpki-client.org