Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/vTNGE5db-LoHyDkNBaVrCRpfVL0.roa
File:                     vTNGE5db-LoHyDkNBaVrCRpfVL0.roa (raw, json)
Hash identifier:          dCCRCbSzCTJfp5nKdDs9EP35VWoVy37ujejw6Np2FlE=
Subject key identifier:   BD:33:46:13:97:5B:F8:BA:07:C8:39:0D:05:A5:6B:09:1A:5F:54:BD
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       0A57C0CA
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/vTNGE5db-LoHyDkNBaVrCRpfVL0.roa
Signing time:             Tue 14 Jun 2022 14:00:45 +0000
ROA not before:           Tue 14 Jun 2022 14:00:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57152
IP address blocks:        185.73.128.0/22 maxlen: 24
                          185.137.215.0/24 maxlen: 24
                          2a03:a5a0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 173523146 (0xa57c0ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Jun 14 14:00:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bd334613975bf8ba07c8390d05a56b091a5f54bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:57:01:a1:f9:65:4f:ff:f4:66:5e:2a:72:bc:
                    23:11:bf:a8:55:5c:8b:f3:ad:db:54:4b:28:c6:df:
                    36:70:bf:4a:11:55:05:91:21:2b:15:a8:14:55:7f:
                    e2:da:31:aa:2c:69:63:dc:a4:af:68:b8:96:ed:e2:
                    e9:eb:c9:d4:86:b0:54:98:1c:ef:b0:b6:c1:dd:4e:
                    fc:8a:eb:4f:99:bc:ef:b8:d6:06:7c:18:eb:7c:dc:
                    80:f4:4b:e1:c0:35:08:ab:40:c9:ec:1d:2b:0c:08:
                    d3:2b:d3:b7:df:a4:e3:28:03:0c:90:7f:ac:04:5f:
                    98:38:d2:65:9e:6e:73:1a:e9:97:80:24:de:8f:1f:
                    54:fb:29:cd:71:7d:d7:ed:f9:79:91:a4:5b:9d:f3:
                    4a:6f:4f:b1:d6:88:92:47:60:ff:2b:bf:c3:56:b7:
                    c6:41:fa:54:85:4b:0b:85:38:77:08:84:c0:92:22:
                    f9:7c:f1:19:e1:7e:59:f1:cb:97:7a:4f:00:64:a4:
                    10:51:e9:93:0a:de:ed:9a:76:dd:17:75:83:45:b6:
                    3c:c5:92:12:3b:2f:73:fa:9d:6e:5e:e9:ca:98:15:
                    76:a1:7f:f4:be:52:38:c0:ec:43:38:5e:28:a0:a0:
                    09:77:95:34:96:8b:b2:31:85:a9:6a:5b:57:62:4f:
                    14:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:33:46:13:97:5B:F8:BA:07:C8:39:0D:05:A5:6B:09:1A:5F:54:BD
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/vTNGE5db-LoHyDkNBaVrCRpfVL0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.73.128.0/22
                  185.137.215.0/24
                IPv6:
                  2a03:a5a0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:f5:0e:9d:f1:46:4f:03:41:a2:02:07:68:b0:c2:91:06:b9:
         36:41:41:c6:d3:41:92:ef:af:ae:e4:cc:fe:ba:b0:27:fb:54:
         e5:d4:be:ba:8a:3d:cc:c0:b7:a8:1c:70:37:24:ac:91:08:5c:
         77:31:63:02:a4:81:d7:94:65:78:a8:ee:07:c6:d4:c0:7d:b7:
         ce:9f:cb:06:69:fd:68:ae:8b:b6:ac:6c:89:a4:d6:82:c4:ed:
         78:e4:36:c3:e4:fd:67:c9:f2:35:c5:d0:09:29:21:a2:26:b6:
         d7:e3:e2:16:f7:69:04:dc:65:f6:e3:13:a9:1e:c9:13:b7:be:
         01:ec:31:fc:e4:1e:8f:6d:17:20:8f:8d:5d:eb:ef:6c:0a:9f:
         80:cb:38:1d:67:da:53:ae:40:9d:27:41:fc:bc:04:9e:3c:5b:
         34:16:b6:89:ab:dd:cc:aa:b5:2e:c0:75:22:b9:dd:79:b0:12:
         a4:d4:d9:f3:39:c2:a5:26:db:2a:47:71:fa:1a:30:fe:11:77:
         b6:dd:b9:9e:61:95:5f:77:36:aa:8b:b2:78:e3:ee:ad:95:a9:
         1a:31:6a:1f:38:63:ee:15:70:c4:da:01:ad:22:5b:fb:b7:60:
         68:a6:20:81:a5:ca:ee:97:2d:8a:64:26:9e:2e:1c:b2:a5:52:
         8a:f2:b3:0f
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEClfAyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWEwMmIxOTdkYmFmN2RlYjc0ZTBhMjdkOWQ0ZWNkM2ZhZTFlOGVkMB4XDTIyMDYx
NDE0MDA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQzMzQ2MTM5NzVi
ZjhiYTA3YzgzOTBkMDVhNTZiMDkxYTVmNTRiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJhXAaH5ZU//9GZeKnK8IxG/qFVci/Ot21RLKMbfNnC/ShFV
BZEhKxWoFFV/4toxqixpY9ykr2i4lu3i6evJ1IawVJgc77C2wd1O/IrrT5m877jW
BnwY63zcgPRL4cA1CKtAyewdKwwI0yvTt9+k4ygDDJB/rARfmDjSZZ5ucxrpl4Ak
3o8fVPspzXF91+35eZGkW53zSm9PsdaIkkdg/yu/w1a3xkH6VIVLC4U4dwiEwJIi
+XzxGeF+WfHLl3pPAGSkEFHpkwre7Zp23Rd1g0W2PMWSEjsvc/qdbl7pypgVdqF/
9L5SOMDsQzheKKCgCXeVNJaLsjGFqWpbV2JPFAkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBS9M0YTl1v4ugfIOQ0FpWsJGl9UvTAfBgNVHSMEGDAWgBTuoCsZfbr33rdO
CifZ1OzT+uHo7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdxQXJHWDI2OTk2M1Rnb24yZFRzMF9yaDZPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvOTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8x
L3ZUTkdFNWRiLUxvSHlEa05CYVZyQ1JwZlZMMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
OTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8xLzdxQXJHWDI2OTk2
M1Rnb24yZFRzMF9yaDZPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEArlJgAMEALmJ1zAPBAIAAjAJAwcA
KgOloAABMA0GCSqGSIb3DQEBCwUAA4IBAQCR9Q6d8UZPA0GiAgdosMKRBrk2QUHG
00GS76+u5Mz+urAn+1Tl1L66ij3MwLeoHHA3JKyRCFx3MWMCpIHXlGV4qO4HxtTA
fbfOn8sGaf1orou2rGyJpNaCxO145DbD5P1nyfI1xdAJKSGiJrbX4+IW92kE3GX2
4xOpHskTt74B7DH85B6PbRcgj41d6+9sCp+AyzgdZ9pTrkCdJ0H8vASePFs0FraJ
q93MqrUuwHUiud15sBKk1NnzOcKlJtsqR3H6GjD+EXe23bmeYZVfdzaqi7J44+6t
lakaMWofOGPuFXDE2gGtIlv7t2BopiCBpcruly2KZCaeLhyypVKK8rMP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:55 2024 by rpki-client on console-ams.rpki-client.org