Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/z5V82w068Q2xtFVJui9NhkZpgSY.roa
File:                     z5V82w068Q2xtFVJui9NhkZpgSY.roa (raw, json)
Hash identifier:          J2utN5gnw/PchBsQK0lvt1Zu1w6FXGkFrxkAm9L7+mg=
Subject key identifier:   CF:95:7C:DB:0D:3A:F1:0D:B1:B4:55:49:BA:2F:4D:86:46:69:81:26
Certificate issuer:       /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial:       0181F1FBFADB86C02F5A7E747AA4CCD1FB61
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/z5V82w068Q2xtFVJui9NhkZpgSY.roa
Signing time:             Tue 12 Jul 2022 10:37:11 +0000
ROA not before:           Tue 12 Jul 2022 10:37:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     5503
IP address blocks:        185.192.228.0/22 maxlen: 24
                          2a02:fb0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f1:fb:fa:db:86:c0:2f:5a:7e:74:7a:a4:cc:d1:fb:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
        Validity
            Not Before: Jul 12 10:37:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cf957cdb0d3af10db1b45549ba2f4d8646698126
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:65:31:44:24:a8:0d:3b:52:63:94:81:17:82:
                    0a:57:5a:08:ed:e4:12:d6:46:14:d5:2a:f6:14:59:
                    38:50:69:17:06:74:ae:23:18:51:42:a6:bf:14:dc:
                    6f:33:69:b3:3e:79:6e:53:6e:f5:e1:b6:fa:36:b4:
                    1a:b7:19:8a:f3:53:cb:52:5e:23:72:99:14:69:8c:
                    3e:e4:3c:72:fb:8a:c2:fc:f2:fc:d1:5d:f4:11:5c:
                    07:9f:4b:b5:4d:37:9a:e4:ae:1e:e6:3f:c9:2a:83:
                    e9:2c:86:a6:dc:eb:67:0a:f5:b4:21:e5:58:23:b3:
                    e4:28:ed:8c:1d:30:fb:cc:49:e8:1b:a2:c6:76:2c:
                    37:0c:19:de:29:7a:a6:33:08:9b:f4:31:29:20:d3:
                    92:85:c6:dc:66:40:5c:a8:86:98:c7:8f:e1:6e:7c:
                    eb:79:cd:ca:5b:3f:79:8a:31:27:f3:a3:65:87:f1:
                    96:22:a7:1b:f9:3f:e4:52:3e:7e:45:cf:a8:2c:5c:
                    0c:2b:5d:2f:32:81:b6:5e:e9:2e:de:b9:d0:76:d8:
                    7d:37:f0:3b:16:7e:25:9b:84:33:7a:85:7c:5a:35:
                    88:d6:1f:f2:54:3e:76:6c:7a:ac:4a:7e:5b:fd:fe:
                    91:2b:ea:83:f4:85:2a:4d:df:81:95:35:c5:83:ae:
                    9a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:95:7C:DB:0D:3A:F1:0D:B1:B4:55:49:BA:2F:4D:86:46:69:81:26
            X509v3 Authority Key Identifier:
                keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/z5V82w068Q2xtFVJui9NhkZpgSY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.228.0/22
                IPv6:
                  2a02:fb0::/32

    Signature Algorithm: sha256WithRSAEncryption
         7f:04:79:42:91:cf:00:dc:66:1c:7e:31:2e:ff:38:20:1f:f9:
         34:54:23:f7:9d:a9:ec:03:2c:e1:47:42:54:7f:30:2a:8a:f2:
         12:36:0c:fe:9a:1e:d9:9d:f3:2c:d2:d9:55:7a:dc:67:06:2d:
         ea:68:93:d1:d1:53:68:f4:e0:81:1f:48:9c:38:e1:db:4b:9b:
         e3:00:44:0b:80:0e:d3:2e:82:65:ff:03:52:90:09:a2:0e:46:
         a4:70:55:df:5a:b2:40:7c:fb:20:ac:61:5c:d6:f3:4f:63:34:
         fa:fb:47:4e:56:78:bc:d1:83:a2:a9:fd:e7:35:b7:ed:7b:6a:
         cc:1b:e8:eb:85:d5:1b:08:3e:c7:c3:36:65:fb:23:c8:42:b4:
         bf:07:09:34:43:63:f4:5a:5a:5f:de:d8:b2:31:d7:c5:79:2e:
         ab:90:92:29:d4:70:a8:4d:d2:f7:93:85:15:be:da:ec:ce:ed:
         8e:fc:72:fe:9a:7b:fa:15:81:1f:a5:c5:b4:b8:c3:d5:c5:0d:
         a5:02:dc:e2:2c:2c:1f:37:d1:c6:c4:89:d3:1a:e0:c8:fd:25:
         8b:4d:17:6b:af:ca:38:15:50:85:3c:40:6e:ba:d5:17:45:df:
         b8:cf:34:b6:53:35:4b:61:2e:b1:26:29:0c:87:be:b5:c1:45:
         d1:2e:4c:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYHx+/rbhsAvWn50eqTM0fthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjIwNzEyMTAzNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjk1N2NkYjBkM2FmMTBkYjFiNDU1NDliYTJmNGQ4NjQ2Njk4MTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWUxRCSoDTtSY5SBF4IKV1oI7eQS
1kYU1Sr2FFk4UGkXBnSuIxhRQqa/FNxvM2mzPnluU2714bb6NrQatxmK81PLUl4j
cpkUaYw+5Dxy+4rC/PL80V30EVwHn0u1TTea5K4e5j/JKoPpLIam3OtnCvW0IeVY
I7PkKO2MHTD7zEnoG6LGdiw3DBneKXqmMwib9DEpINOShcbcZkBcqIaYx4/hbnzr
ec3KWz95ijEn86Nlh/GWIqcb+T/kUj5+Rc+oLFwMK10vMoG2Xuku3rnQdth9N/A7
Fn4lm4QzeoV8WjWI1h/yVD52bHqsSn5b/f6RK+qD9IUqTd+BlTXFg66acQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM+VfNsNOvENsbRVSbovTYZGaYEmMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvejVWODJ3MDY4UTJ4dEZWSnVpOU5oa1pwZ1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucDkMA0E
AgACMAcDBQAqAg+wMA0GCSqGSIb3DQEBCwUAA4IBAQB/BHlCkc8A3GYcfjEu/zgg
H/k0VCP3nansAyzhR0JUfzAqivISNgz+mh7ZnfMs0tlVetxnBi3qaJPR0VNo9OCB
H0icOOHbS5vjAEQLgA7TLoJl/wNSkAmiDkakcFXfWrJAfPsgrGFc1vNPYzT6+0dO
Vni80YOiqf3nNbfte2rMG+jrhdUbCD7HwzZl+yPIQrS/Bwk0Q2P0Wlpf3tiyMdfF
eS6rkJIp1HCoTdL3k4UVvtrszu2O/HL+mnv6FYEfpcW0uMPVxQ2lAtziLCwfN9HG
xInTGuDI/SWLTRdrr8o4FVCFPEBuutUXRd+4zzS2UzVLYS6xJikMh761wUXRLkxl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:08 2024 by rpki-client on console-fra.rpki-client.org