Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/h5mbvRWewJ9midDbrzuH2So3SIo.roa
File:                     h5mbvRWewJ9midDbrzuH2So3SIo.roa (raw, json)
Hash identifier:          rhjly3W4d+TfpjD8qidqfCktJMIOTDQVJcRMf4oodFY=
Subject key identifier:   87:99:9B:BD:15:9E:C0:9F:66:89:D0:DB:AF:3B:87:D9:2A:37:48:8A
Certificate issuer:       /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial:       43CEA3
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/h5mbvRWewJ9midDbrzuH2So3SIo.roa
Signing time:             Sat 01 Jan 2022 01:51:44 +0000
ROA not before:           Sat 01 Jan 2022 01:51:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200896
IP address blocks:        185.92.85.0/24 maxlen: 24
                          185.92.84.0/24 maxlen: 24
                          185.92.87.0/24 maxlen: 24
                          185.92.86.0/24 maxlen: 24
                          2a05:f140::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4443811 (0x43cea3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
        Validity
            Not Before: Jan  1 01:51:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=87999bbd159ec09f6689d0dbaf3b87d92a37488a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0c:32:04:02:56:a9:1a:19:f2:ac:93:a4:ab:
                    6e:82:37:01:c8:0c:03:b8:f6:66:93:87:a2:4b:c6:
                    24:a2:93:24:e4:ed:99:11:ed:78:d4:3b:1a:59:ee:
                    6c:0a:ed:46:1d:1a:cb:66:eb:0c:32:cd:1d:13:e5:
                    22:2d:ca:14:41:6e:ae:cd:96:2b:99:aa:e0:e1:25:
                    21:c0:5a:f4:78:ff:80:10:41:18:a2:ea:01:d4:ca:
                    e3:e7:d6:e7:18:61:78:5c:9f:b1:3e:ec:d9:5a:61:
                    7d:6d:3c:89:d8:3d:ed:90:eb:47:a9:a4:1f:bb:05:
                    4a:6f:45:52:9f:ac:f4:e0:79:d2:c7:df:30:95:30:
                    92:e6:13:f4:e6:b0:80:d7:20:72:df:29:9c:9b:f2:
                    22:b7:39:fc:8f:a4:48:69:8a:c3:23:97:17:b8:45:
                    03:04:a7:da:9d:9a:8d:26:54:48:b6:96:2f:1e:89:
                    9a:f4:a5:8c:59:70:2f:3c:8c:4e:f5:5b:87:af:4b:
                    dd:bc:f3:c7:77:c2:eb:c3:76:0b:19:35:22:78:cb:
                    7c:ca:08:75:8a:ad:0e:ae:66:55:90:59:5d:e2:2e:
                    ab:50:e5:e9:c3:af:4f:2f:c0:a8:22:01:e2:0e:23:
                    21:26:64:75:e4:6f:e5:5e:8c:02:8e:3f:ad:d8:3a:
                    aa:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:99:9B:BD:15:9E:C0:9F:66:89:D0:DB:AF:3B:87:D9:2A:37:48:8A
            X509v3 Authority Key Identifier:
                keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/h5mbvRWewJ9midDbrzuH2So3SIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.84.0/22
                IPv6:
                  2a05:f140::/29

    Signature Algorithm: sha256WithRSAEncryption
         76:a5:c8:1a:b0:96:ec:ff:4f:b7:d8:7c:46:e8:8b:7e:53:85:
         76:02:88:93:96:e2:01:ab:4c:47:ea:ab:b0:02:9a:31:d6:de:
         d0:8a:d7:18:a3:9e:60:ac:51:6f:0b:2d:74:b9:50:5b:02:e5:
         a5:a5:07:5f:0e:aa:ee:07:2f:50:2b:03:d8:6d:02:97:47:bd:
         2c:d7:43:97:92:13:b1:8a:d1:d5:64:65:ec:5e:a0:b1:93:a7:
         ca:55:55:a7:3d:cf:9a:f2:40:db:1b:03:10:a3:ac:84:37:3a:
         b2:80:de:20:9e:6b:e5:b8:e9:74:24:b8:df:01:43:62:35:2b:
         77:94:6a:01:72:69:b8:b6:55:92:bb:1e:01:55:aa:15:21:6a:
         a6:73:38:a0:6d:e9:e3:61:0c:21:b1:aa:e7:22:8a:41:a4:a2:
         b6:ce:7c:54:80:0d:d0:e0:83:60:b3:83:23:4a:3b:d1:ed:60:
         c9:2a:7e:d0:4a:50:16:be:04:04:a6:01:e2:b2:8f:a9:3c:f5:
         92:51:c1:5f:83:22:56:ea:4a:85:13:5f:50:1a:85:d6:da:5f:
         68:14:cd:67:23:e1:18:92:e6:3f:71:f1:dc:4a:79:db:d1:0f:
         6f:81:d1:82:87:01:fc:a5:fa:f8:e2:d6:81:ab:a7:e6:db:fe:
         5c:ca:23:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDQ86jMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThlYmY5MzQwHhcNMjIwMTAx
MDE1MTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4Nzk5OWJiZDE1OWVj
MDlmNjY4OWQwZGJhZjNiODdkOTJhMzc0ODhhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuAwyBAJWqRoZ8qyTpKtugjcByAwDuPZmk4eiS8YkopMk5O2Z
Ee141DsaWe5sCu1GHRrLZusMMs0dE+UiLcoUQW6uzZYrmarg4SUhwFr0eP+AEEEY
ouoB1Mrj59bnGGF4XJ+xPuzZWmF9bTyJ2D3tkOtHqaQfuwVKb0VSn6z04HnSx98w
lTCS5hP05rCA1yBy3ymcm/Iitzn8j6RIaYrDI5cXuEUDBKfanZqNJlRItpYvHoma
9KWMWXAvPIxO9VuHr0vdvPPHd8Lrw3YLGTUieMt8ygh1iq0OrmZVkFld4i6rUOXp
w69PL8CoIgHiDiMhJmR15G/lXowCjj+t2DqqkwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFIeZm70VnsCfZonQ2687h9kqN0iKMB8GA1UdIwQYMBaAFDTQ7HrEw5Hk7Lqd
CjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Tk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUwLzEv
aDVtYnZSV2V3SjltaWREYnJ6dUgyU28zU0lvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9m
N2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUwLzEvTk5Ec2VzVERrZVRz
dXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVxUMA0EAgACMAcDBQMqBfFAMA0G
CSqGSIb3DQEBCwUAA4IBAQB2pcgasJbs/0+32HxG6It+U4V2AoiTluIBq0xH6quw
Apox1t7QitcYo55grFFvCy10uVBbAuWlpQdfDqruBy9QKwPYbQKXR70s10OXkhOx
itHVZGXsXqCxk6fKVVWnPc+a8kDbGwMQo6yENzqygN4gnmvluOl0JLjfAUNiNSt3
lGoBcmm4tlWSux4BVaoVIWqmczigbenjYQwhsarnIopBpKK2znxUgA3Q4INgs4Mj
SjvR7WDJKn7QSlAWvgQEpgHiso+pPPWSUcFfgyJW6kqFE19QGoXW2l9oFM1nI+EY
kuY/cfHcSnnb0Q9vgdGChwH8pfr44taBq6fm2/5cyiPD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:59 2024 by rpki-client on console-ams.rpki-client.org