Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_ZFWXnYq3zpdR8XmBhGjMtReWJ0.roa
File:                     _ZFWXnYq3zpdR8XmBhGjMtReWJ0.roa (raw, json)
Hash identifier:          57V8/FBeCrQsazyoiI194pWvjVmoVjF5a7TP0XPNv2M=
Subject key identifier:   FD:91:56:5E:76:2A:DF:3A:5D:47:C5:E6:06:11:A3:32:D4:5E:58:9D
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0183229219871BFF04A17C1CD2D3E20429C4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_ZFWXnYq3zpdR8XmBhGjMtReWJ0.roa
Signing time:             Fri 09 Sep 2022 14:05:43 +0000
ROA not before:           Fri 09 Sep 2022 14:05:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39521
IP address blocks:        164.40.189.0/24 maxlen: 24
                          164.40.190.0/24 maxlen: 24
                          164.40.191.0/24 maxlen: 24
                          164.40.188.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:22:92:19:87:1b:ff:04:a1:7c:1c:d2:d3:e2:04:29:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Sep  9 14:05:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fd91565e762adf3a5d47c5e60611a332d45e589d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e8:20:12:b7:75:ca:47:af:da:83:fb:05:2f:
                    31:5b:86:fb:be:5d:43:9e:84:1a:20:03:f4:f2:58:
                    db:29:01:05:9a:1e:57:51:7e:bd:31:22:bb:00:2d:
                    f5:da:70:3b:42:50:4c:21:5e:a8:11:44:97:66:b3:
                    d6:40:ee:d3:33:b8:f0:5d:c1:78:c9:65:d2:f4:f2:
                    46:2b:99:bf:5c:eb:c7:b3:bb:25:58:4a:20:86:ab:
                    bd:83:45:4a:5d:06:d1:67:d4:34:da:a4:2a:8a:ee:
                    8d:37:e0:6a:42:ca:dc:bf:8e:00:01:8d:cd:45:ea:
                    c9:0e:66:87:c6:ba:bb:64:a4:90:01:6f:e5:4d:e9:
                    35:de:56:ad:a0:a1:38:ed:8b:5b:7c:68:0a:a2:60:
                    aa:20:64:db:89:fb:15:d4:eb:d0:a3:e5:16:e6:6c:
                    2a:fd:d9:7e:a0:c1:f6:2b:76:37:7d:af:78:43:4d:
                    25:98:8a:25:c5:a4:5d:d4:0d:28:a6:38:60:f7:02:
                    cc:08:00:59:7c:11:a0:73:e9:f3:61:58:cb:9b:21:
                    fa:de:a6:84:9c:11:18:22:7b:04:ca:5e:10:ef:d7:
                    a2:8c:08:65:8d:e2:4f:0e:94:ff:94:83:c7:a8:e6:
                    78:5a:ec:17:04:f6:ee:fb:72:20:00:9b:3e:59:fb:
                    b4:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:91:56:5E:76:2A:DF:3A:5D:47:C5:E6:06:11:A3:32:D4:5E:58:9D
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_ZFWXnYq3zpdR8XmBhGjMtReWJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.40.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:f5:f5:fe:a3:49:e7:96:29:88:68:14:21:e1:be:a3:fe:d3:
         06:da:9a:c3:c2:70:91:2e:58:2e:7a:ac:93:f4:68:5b:9b:8b:
         97:19:d4:0a:f2:b3:b4:ba:d0:01:99:34:7b:61:dd:ff:12:ef:
         f9:03:14:ca:bf:72:c9:2a:a1:f3:94:dc:98:95:46:a5:2e:b3:
         ee:07:fa:1d:ec:09:e3:83:da:50:18:d6:a1:3d:48:35:88:99:
         0c:26:d8:1e:3f:99:8f:a2:c2:dc:d4:5e:14:c0:14:72:3d:93:
         92:a7:05:e4:f9:12:e7:f4:dd:50:8e:48:fb:0b:ab:60:db:a1:
         3b:d7:77:8b:6a:9a:5a:93:e2:44:01:05:62:63:30:3f:92:a0:
         5c:39:31:c4:02:93:e5:9a:ec:f9:f3:74:fb:6c:42:19:ca:5f:
         64:b9:13:8b:ab:31:98:f1:21:f8:f5:7d:01:2f:4e:e4:3e:6a:
         13:fc:83:23:78:d8:4f:14:b0:9a:9d:c0:59:6b:38:74:b4:30:
         f6:7c:53:48:f4:28:05:d6:51:78:2e:ba:36:c4:e8:da:98:b8:
         43:d1:f9:db:a3:61:51:ab:89:0b:e1:3b:ef:ce:a9:86:d4:9f:
         f5:b9:50:c4:0e:13:f2:0a:dd:d1:5b:4b:f9:9e:67:94:86:a6:
         f7:98:4b:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMikhmHG/8EoXwc0tPiBCnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTA5MTQwNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDkxNTY1ZTc2MmFkZjNhNWQ0N2M1ZTYwNjExYTMzMmQ0NWU1ODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueggErd1ykev2oP7BS8xW4b7vl1D
noQaIAP08ljbKQEFmh5XUX69MSK7AC312nA7QlBMIV6oEUSXZrPWQO7TM7jwXcF4
yWXS9PJGK5m/XOvHs7slWEoghqu9g0VKXQbRZ9Q02qQqiu6NN+BqQsrcv44AAY3N
RerJDmaHxrq7ZKSQAW/lTek13latoKE47YtbfGgKomCqIGTbifsV1OvQo+UW5mwq
/dl+oMH2K3Y3fa94Q00lmIolxaRd1A0opjhg9wLMCABZfBGgc+nzYVjLmyH63qaE
nBEYInsEyl4Q79eijAhljeJPDpT/lIPHqOZ4WuwXBPbu+3IgAJs+Wfu0swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2RVl52Kt86XUfF5gYRozLUXlidMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX1pGV1huWXEzenBkUjhYbUJoR2pNdFJlV0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCpCi8MA0G
CSqGSIb3DQEBCwUAA4IBAQCj9fX+o0nnlimIaBQh4b6j/tMG2prDwnCRLlgueqyT
9Ghbm4uXGdQK8rO0utABmTR7Yd3/Eu/5AxTKv3LJKqHzlNyYlUalLrPuB/od7Anj
g9pQGNahPUg1iJkMJtgeP5mPosLc1F4UwBRyPZOSpwXk+RLn9N1Qjkj7C6tg26E7
13eLappak+JEAQViYzA/kqBcOTHEApPlmuz583T7bEIZyl9kuROLqzGY8SH49X0B
L07kPmoT/IMjeNhPFLCancBZazh0tDD2fFNI9CgF1lF4Lro2xOjamLhD0fnbo2FR
q4kL4TvvzqmG1J/1uVDEDhPyCt3RW0v5nmeUhqb3mEuO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org