Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/n9RlVqxJVjOjhDahxElCDU07Lhk.roa
File:                     n9RlVqxJVjOjhDahxElCDU07Lhk.roa (raw, json)
Hash identifier:          z3iK4Z2MtS/c28zNEEkZ0tWlMC5+d9j0VnfW/gH6+Zk=
Subject key identifier:   9F:D4:65:56:AC:49:56:33:A3:84:36:A1:C4:49:42:0D:4D:3B:2E:19
Certificate issuer:       /CN=836528e152b6dcba1571241ac55be5bce01118b7
Certificate serial:       2390933F
Authority key identifier: 83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/n9RlVqxJVjOjhDahxElCDU07Lhk.roa
Signing time:             Sat 01 Jan 2022 16:10:43 +0000
ROA not before:           Sat 01 Jan 2022 16:10:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     265554
IP address blocks:        185.198.100.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 596677439 (0x2390933f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=836528e152b6dcba1571241ac55be5bce01118b7
        Validity
            Not Before: Jan  1 16:10:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9fd46556ac495633a38436a1c449420d4d3b2e19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f8:27:a0:97:aa:23:8a:17:52:5d:37:71:b8:
                    4f:b8:8c:cd:e9:a4:9d:50:8d:f5:ba:4f:ae:22:05:
                    f1:00:e8:67:1c:b6:f6:29:7f:a8:dd:a6:c3:8d:e3:
                    e1:be:10:30:4f:43:12:7a:78:47:17:08:c6:22:6c:
                    e8:92:48:01:a3:d4:d7:a8:e2:64:fd:7b:fb:09:5b:
                    48:28:13:f2:b1:c9:2e:2c:bb:99:27:67:34:26:8c:
                    95:15:f0:d4:a0:aa:b4:d5:b2:a7:b3:41:04:0f:ff:
                    99:b8:6c:47:2e:af:0e:eb:7b:ab:23:63:4e:f1:5a:
                    a3:74:92:6d:51:37:fa:e9:4c:2a:5f:2a:e2:b6:e8:
                    53:85:f5:f9:69:d8:d1:07:36:a8:19:d9:35:51:09:
                    f8:cf:66:cd:45:3d:7e:52:c7:69:c7:61:06:cf:30:
                    68:78:ab:46:4c:0b:14:d3:c9:59:76:59:5e:66:6e:
                    36:2d:9a:7b:a4:d2:b9:a2:1e:7f:fc:6f:17:3e:f5:
                    f8:b4:7d:db:03:ee:de:e0:4e:96:0d:09:42:19:f7:
                    af:96:cd:94:fc:2b:aa:64:dd:4c:14:b9:1c:a1:88:
                    e6:41:b8:93:c8:f9:8d:99:36:28:30:06:5a:f0:6e:
                    7c:72:4a:34:6d:15:a7:58:22:c2:d7:bf:6a:22:2b:
                    88:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:D4:65:56:AC:49:56:33:A3:84:36:A1:C4:49:42:0D:4D:3B:2E:19
            X509v3 Authority Key Identifier:
                keyid:83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/n9RlVqxJVjOjhDahxElCDU07Lhk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.198.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:5f:a3:fc:32:e3:82:19:7f:43:46:6e:9b:1b:9d:2c:a0:90:
         28:d0:0f:48:25:7d:c3:28:fb:1c:3c:c6:5e:f8:1f:67:04:11:
         42:0d:b7:5c:f6:c7:38:a6:44:5f:0a:67:83:cc:10:87:55:05:
         84:0d:d1:ff:cc:c0:56:23:2e:2a:cc:54:45:34:86:13:61:dd:
         98:66:23:67:c8:a1:03:da:42:61:8d:56:a8:e0:36:f4:e4:a5:
         d0:a1:e1:e4:c0:c2:81:95:1b:9e:de:01:3f:cb:de:d2:8f:34:
         80:db:4f:83:c9:a1:0c:94:9d:8b:79:ad:e7:84:de:e4:1a:04:
         a2:f2:a8:ed:f0:b9:ba:9d:80:ac:84:81:9f:01:37:53:79:a7:
         38:c2:8c:0a:cc:7c:0a:78:d6:44:bb:99:7a:1e:44:c0:ab:d9:
         8d:51:54:2d:f0:51:65:25:4d:58:c1:78:a0:f7:a1:13:68:d1:
         23:4f:ff:05:37:cf:b0:61:91:7f:d0:d6:11:68:eb:00:a9:2a:
         a5:37:2b:72:80:b4:a8:2f:d2:46:e8:52:98:22:69:fa:ad:15:
         a6:ee:27:78:c9:de:3e:69:cd:a9:7a:8e:23:cb:ba:c5:d2:8d:
         56:ff:6f:bb:d7:e2:17:77:b2:23:4c:d1:07:c9:cc:1c:5b:c9:
         74:43:36:2c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEI5CTPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzY1MjhlMTUyYjZkY2JhMTU3MTI0MWFjNTViZTViY2UwMTExOGI3MB4XDTIyMDEw
MTE2MTA0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZkNDY1NTZhYzQ5
NTYzM2EzODQzNmExYzQ0OTQyMGQ0ZDNiMmUxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMP4J6CXqiOKF1JdN3G4T7iMzemknVCN9bpPriIF8QDoZxy2
9il/qN2mw43j4b4QME9DEnp4RxcIxiJs6JJIAaPU16jiZP17+wlbSCgT8rHJLiy7
mSdnNCaMlRXw1KCqtNWyp7NBBA//mbhsRy6vDut7qyNjTvFao3SSbVE3+ulMKl8q
4rboU4X1+WnY0Qc2qBnZNVEJ+M9mzUU9flLHacdhBs8waHirRkwLFNPJWXZZXmZu
Ni2ae6TSuaIef/xvFz71+LR92wPu3uBOlg0JQhn3r5bNlPwrqmTdTBS5HKGI5kG4
k8j5jZk2KDAGWvBufHJKNG0Vp1giwte/aiIriMkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSf1GVWrElWM6OENqHESUINTTsuGTAfBgNVHSMEGDAWgBSDZSjhUrbcuhVx
JBrFW+W84BEYtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cyVW80VksyM0xvVmNTUWF4VnZsdk9BUkdMYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvN2M3MGY0LTVmM2EtNGZkMy04ODNjLWViOTQxNWVjNTQ4YS8x
L245UmxWcXhKVmpPamhEYWh4RWxDRFUwN0xoay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
N2M3MGY0LTVmM2EtNGZkMy04ODNjLWViOTQxNWVjNTQ4YS8xL2cyVW80VksyM0xv
VmNTUWF4VnZsdk9BUkdMYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnGZDANBgkqhkiG9w0BAQsFAAOC
AQEAYV+j/DLjghl/Q0ZumxudLKCQKNAPSCV9wyj7HDzGXvgfZwQRQg23XPbHOKZE
Xwpng8wQh1UFhA3R/8zAViMuKsxURTSGE2HdmGYjZ8ihA9pCYY1WqOA29OSl0KHh
5MDCgZUbnt4BP8ve0o80gNtPg8mhDJSdi3mt54Te5BoEovKo7fC5up2ArISBnwE3
U3mnOMKMCsx8CnjWRLuZeh5EwKvZjVFULfBRZSVNWMF4oPehE2jRI0//BTfPsGGR
f9DWEWjrAKkqpTcrcoC0qC/SRuhSmCJp+q0Vpu4neMnePmnNqXqOI8u6xdKNVv9v
u9fiF3eyI0zRB8nMHFvJdEM2LA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:29 2024 by rpki-client on console-fra.rpki-client.org