Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/xplzWpNyknb2qNsdQsZ78nswAcg.roa
File:                     xplzWpNyknb2qNsdQsZ78nswAcg.roa (raw, json)
Hash identifier:          3Auei1nAMhKxFc9D2I1XcRp0aglMHSvIIhFrpujiwmQ=
Subject key identifier:   C6:99:73:5A:93:72:92:76:F6:A8:DB:1D:42:C6:7B:F2:7B:30:01:C8
Certificate issuer:       /CN=03090fac3cc42f1997455a12e643064637c69dc3
Certificate serial:       018355000D8A0F6A29079C937BE232C7EDB3
Authority key identifier: 03:09:0F:AC:3C:C4:2F:19:97:45:5A:12:E6:43:06:46:37:C6:9D:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AwkPrDzELxmXRVoS5kMGRjfGncM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/xplzWpNyknb2qNsdQsZ78nswAcg.roa
Signing time:             Mon 19 Sep 2022 09:06:50 +0000
ROA not before:           Mon 19 Sep 2022 09:06:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9121
IP address blocks:        185.96.114.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:55:00:0d:8a:0f:6a:29:07:9c:93:7b:e2:32:c7:ed:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03090fac3cc42f1997455a12e643064637c69dc3
        Validity
            Not Before: Sep 19 09:06:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c699735a93729276f6a8db1d42c67bf27b3001c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b5:e9:7f:5d:1e:5e:2f:a6:a4:8b:6f:73:c7:
                    5a:e6:96:73:96:27:4b:0a:78:62:ea:e0:db:c8:ce:
                    97:1f:a4:c4:c2:88:b9:34:7e:35:55:a9:d8:19:49:
                    8f:2f:ce:e4:55:8a:73:38:cd:c9:ce:15:24:70:df:
                    75:88:46:ac:f3:39:42:9c:99:d7:06:07:ed:af:2d:
                    a7:f4:c0:c8:c0:70:94:23:a5:bf:5a:78:57:6a:f8:
                    9b:51:9a:e8:12:a3:d6:77:7f:0b:c0:19:5c:41:54:
                    3b:14:5e:9d:01:21:6e:05:45:f4:f3:02:36:34:ef:
                    c8:4f:6b:88:4f:92:a5:27:97:1c:09:24:9b:45:7d:
                    c4:b7:92:f6:e4:21:9e:3c:ae:b9:06:4b:0c:b9:56:
                    0a:ac:e8:a1:84:09:ed:68:c6:17:19:79:b6:cb:e8:
                    e7:b9:d6:c2:63:0e:46:62:4a:8c:da:02:32:37:02:
                    a2:c2:3a:68:56:c5:c0:eb:f1:b4:13:5d:80:9f:13:
                    c4:70:2d:6a:5b:7f:4e:22:28:d3:7d:a2:cf:95:2e:
                    93:56:bb:7f:58:4f:42:ae:37:6a:95:c4:11:74:07:
                    8e:7d:c5:69:53:17:35:6e:12:0b:55:53:4f:e2:59:
                    30:09:82:b7:0a:90:58:15:17:23:ef:3e:7b:7e:1c:
                    b4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:99:73:5A:93:72:92:76:F6:A8:DB:1D:42:C6:7B:F2:7B:30:01:C8
            X509v3 Authority Key Identifier:
                keyid:03:09:0F:AC:3C:C4:2F:19:97:45:5A:12:E6:43:06:46:37:C6:9D:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AwkPrDzELxmXRVoS5kMGRjfGncM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/xplzWpNyknb2qNsdQsZ78nswAcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/AwkPrDzELxmXRVoS5kMGRjfGncM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.96.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:ff:99:d3:66:4a:32:60:0d:87:9c:39:61:26:58:82:fe:ef:
         a4:20:45:1d:94:7e:99:dc:14:97:0e:2d:ed:8d:70:95:bf:a5:
         dd:86:99:5e:70:99:39:a9:4a:d6:77:a1:6a:b9:79:76:1e:ef:
         30:c9:8b:3d:9a:38:6c:63:8f:52:07:37:52:3d:7f:b8:d7:f0:
         43:40:e5:f8:da:54:a3:97:8a:8e:56:d2:0d:0e:66:8f:81:06:
         e9:f9:f4:3e:3b:34:f2:26:89:07:de:38:07:23:71:51:b3:b9:
         1b:c0:37:6a:1e:50:b6:8f:d4:e5:97:25:14:bf:94:b4:0e:de:
         d3:98:3d:16:e5:f3:0e:b8:ad:a2:5b:ac:83:0a:8a:8a:a4:f2:
         30:50:d5:ad:cb:cd:64:f1:ff:f5:0e:6e:55:30:99:c6:84:01:
         fe:1c:17:36:8e:31:24:67:17:a8:bc:a6:49:bc:2c:eb:a4:58:
         92:45:50:48:5c:c7:44:74:63:e9:ff:09:ce:a3:ab:3a:22:1c:
         a7:61:b4:d1:04:6c:d8:2f:9d:f4:f2:fc:ed:d3:40:48:3b:ae:
         30:b8:33:b5:82:a1:bb:11:22:7d:8b:4f:54:f7:ef:3b:f6:48:
         d5:9a:47:aa:bd:d1:59:36:5f:62:f6:18:be:6a:d3:1d:49:7a:
         d1:cd:59:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNVAA2KD2opB5yTe+Iyx+2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMDkwZmFjM2NjNDJmMTk5NzQ1NWExMmU2NDMwNjQ2Mzdj
NjlkYzMwHhcNMjIwOTE5MDkwNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjk5NzM1YTkzNzI5Mjc2ZjZhOGRiMWQ0MmM2N2JmMjdiMzAwMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLXpf10eXi+mpItvc8da5pZzlidL
Cnhi6uDbyM6XH6TEwoi5NH41VanYGUmPL87kVYpzOM3JzhUkcN91iEas8zlCnJnX
Bgftry2n9MDIwHCUI6W/WnhXavibUZroEqPWd38LwBlcQVQ7FF6dASFuBUX08wI2
NO/IT2uIT5KlJ5ccCSSbRX3Et5L25CGePK65BksMuVYKrOihhAntaMYXGXm2y+jn
udbCYw5GYkqM2gIyNwKiwjpoVsXA6/G0E12AnxPEcC1qW39OIijTfaLPlS6TVrt/
WE9CrjdqlcQRdAeOfcVpUxc1bhILVVNP4lkwCYK3CpBYFRcj7z57fhy0mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMaZc1qTcpJ29qjbHULGe/J7MAHIMB8GA1UdIwQY
MBaAFAMJD6w8xC8Zl0VaEuZDBkY3xp3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXdrUHJEekVMeG1YUlZvUzVrTUdSamZHbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81YzI4NjgtM2EyNy00ZGY0LThmMDAt
ZmRkMjNiNDNjNTJlLzEveHBseldwTnlrbmIycU5zZFFzWjc4bnN3QWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81YzI4NjgtM2EyNy00ZGY0LThmMDAtZmRkMjNiNDNjNTJl
LzEvQXdrUHJEekVMeG1YUlZvUzVrTUdSamZHbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWByMA0G
CSqGSIb3DQEBCwUAA4IBAQBF/5nTZkoyYA2HnDlhJliC/u+kIEUdlH6Z3BSXDi3t
jXCVv6XdhplecJk5qUrWd6FquXl2Hu8wyYs9mjhsY49SBzdSPX+41/BDQOX42lSj
l4qOVtINDmaPgQbp+fQ+OzTyJokH3jgHI3FRs7kbwDdqHlC2j9TllyUUv5S0Dt7T
mD0W5fMOuK2iW6yDCoqKpPIwUNWty81k8f/1Dm5VMJnGhAH+HBc2jjEkZxeovKZJ
vCzrpFiSRVBIXMdEdGPp/wnOo6s6IhynYbTRBGzYL5308vzt00BIO64wuDO1gqG7
ESJ9i09U9+879kjVmkeqvdFZNl9i9hi+atMdSXrRzVkS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:46 2023 by rpki-client on console-ams.rpki-client.org