Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/MFYjzejjVEA3-fzR8HLJervLtYg.roa
File:                     MFYjzejjVEA3-fzR8HLJervLtYg.roa (raw, json)
Hash identifier:          7O1q/qNBSAxNWML5Gk95GK2QyZ6a+TF6liwXEtKWAOk=
Subject key identifier:   30:56:23:CD:E8:E3:54:40:37:F9:FC:D1:F0:72:C9:7A:BB:CB:B5:88
Certificate issuer:       /CN=c017a4a82172b206afee1c13d296ee260385b571
Certificate serial:       0A72FADB
Authority key identifier: C0:17:A4:A8:21:72:B2:06:AF:EE:1C:13:D2:96:EE:26:03:85:B5:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wBekqCFysgav7hwT0pbuJgOFtXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/MFYjzejjVEA3-fzR8HLJervLtYg.roa
Signing time:             Sat 01 Jan 2022 03:57:36 +0000
ROA not before:           Sat 01 Jan 2022 03:57:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200874
IP address blocks:        185.89.116.0/22 maxlen: 24
                          2a03:8320::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 175307483 (0xa72fadb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c017a4a82172b206afee1c13d296ee260385b571
        Validity
            Not Before: Jan  1 03:57:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=305623cde8e3544037f9fcd1f072c97abbcbb588
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d6:68:72:ee:53:07:b9:3e:54:18:be:45:fd:
                    c0:d2:8a:9d:95:14:11:73:3f:0e:d2:8b:ab:e6:1d:
                    55:6a:09:c4:c7:84:89:49:87:40:d6:d7:38:43:77:
                    c5:d1:55:0f:b8:37:9d:31:a5:19:8f:68:11:62:62:
                    ef:e1:0f:0b:c9:56:06:4b:2b:a0:aa:84:3e:88:f9:
                    89:49:52:15:22:f6:fa:6a:23:97:64:30:cb:03:0e:
                    7d:7e:f9:ae:96:63:7f:c8:c0:73:5c:d1:ce:72:f3:
                    0b:b4:33:f8:b3:c1:6f:c1:81:3c:6e:34:87:4b:64:
                    de:31:0a:b0:f6:18:09:07:a8:3a:8e:20:5c:fe:36:
                    19:af:8a:1c:f1:b8:91:ca:7b:4e:90:76:8d:a0:a8:
                    ad:35:e7:fe:f2:8f:29:f5:a4:79:43:c9:84:3a:32:
                    77:2f:5e:79:9b:42:f7:4f:07:bf:7a:c3:28:d1:2f:
                    ea:7c:4c:8f:fb:df:5f:9a:d8:2d:67:a6:b6:16:96:
                    46:aa:8a:da:51:80:07:13:54:15:2d:00:53:07:6d:
                    bf:fb:9c:09:da:f0:c0:ee:2b:98:bd:cf:5f:ff:38:
                    f3:cd:66:2a:8e:53:87:02:79:d3:39:5b:ed:7c:99:
                    ed:7d:f5:15:f4:5d:19:d2:cc:23:72:99:46:f5:75:
                    80:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:56:23:CD:E8:E3:54:40:37:F9:FC:D1:F0:72:C9:7A:BB:CB:B5:88
            X509v3 Authority Key Identifier:
                keyid:C0:17:A4:A8:21:72:B2:06:AF:EE:1C:13:D2:96:EE:26:03:85:B5:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBekqCFysgav7hwT0pbuJgOFtXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/MFYjzejjVEA3-fzR8HLJervLtYg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/wBekqCFysgav7hwT0pbuJgOFtXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.89.116.0/22
                IPv6:
                  2a03:8320::/32

    Signature Algorithm: sha256WithRSAEncryption
         22:d5:ed:2a:5c:cb:9c:5c:48:54:20:39:32:44:d7:c2:ab:86:
         dc:26:27:6b:c1:6c:4a:5f:86:c9:35:6a:11:61:99:50:34:e9:
         7f:43:8c:89:af:49:56:44:92:0d:39:67:32:e2:6b:b8:06:f7:
         4d:c6:c6:2e:ab:e5:40:a4:fb:24:d1:5a:21:97:36:27:60:37:
         16:e8:3e:0a:81:f2:6a:17:b0:f8:40:4c:d7:b4:06:36:0f:64:
         36:e5:3b:72:46:4a:8b:36:cd:eb:10:d6:1e:0f:3d:be:f4:e3:
         52:d5:9a:c0:ce:e3:12:28:a8:a1:85:db:17:e2:62:39:95:46:
         32:e9:fc:8d:2f:2d:46:41:bc:80:f1:84:8d:4c:33:71:5c:c8:
         d0:48:ab:ba:c7:45:20:c6:de:c5:37:5b:83:70:79:5c:85:13:
         60:1a:74:8f:e7:1f:e6:11:ae:3c:b9:71:16:e9:c1:ac:b5:24:
         c4:08:c5:f3:10:4f:4b:7f:af:3b:17:e8:42:45:75:c3:31:25:
         f5:a5:72:60:0d:a2:88:ee:a1:3b:14:2f:2d:fe:0e:96:d9:f9:
         e1:28:aa:a0:78:f9:cf:31:64:c8:39:13:02:08:e8:14:4d:7c:
         6b:a4:a1:31:30:4f:25:c1:89:40:f7:4e:b9:60:72:70:73:51:
         cb:57:5d:b0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECnL62zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDE3YTRhODIxNzJiMjA2YWZlZTFjMTNkMjk2ZWUyNjAzODViNTcxMB4XDTIyMDEw
MTAzNTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA1NjIzY2RlOGUz
NTQ0MDM3ZjlmY2QxZjA3MmM5N2FiYmNiYjU4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7WaHLuUwe5PlQYvkX9wNKKnZUUEXM/DtKLq+YdVWoJxMeE
iUmHQNbXOEN3xdFVD7g3nTGlGY9oEWJi7+EPC8lWBksroKqEPoj5iUlSFSL2+moj
l2QwywMOfX75rpZjf8jAc1zRznLzC7Qz+LPBb8GBPG40h0tk3jEKsPYYCQeoOo4g
XP42Ga+KHPG4kcp7TpB2jaCorTXn/vKPKfWkeUPJhDoydy9eeZtC908Hv3rDKNEv
6nxMj/vfX5rYLWemthaWRqqK2lGABxNUFS0AUwdtv/ucCdrwwO4rmL3PX/84881m
Ko5ThwJ50zlb7XyZ7X31FfRdGdLMI3KZRvV1gBMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQwViPN6ONUQDf5/NHwcsl6u8u1iDAfBgNVHSMEGDAWgBTAF6SoIXKyBq/u
HBPSlu4mA4W1cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dCZWtxQ0Z5c2dhdjdod1QwcGJ1SmdPRnRYRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvMzMwNTFkLWMyYTAtNGFjNy1iN2YzLTkwYWRlYzg1ZGQ4NS8x
L01GWWp6ZWpqVkVBMy1melI4SExKZXJ2THRZZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
MzMwNTFkLWMyYTAtNGFjNy1iN2YzLTkwYWRlYzg1ZGQ4NS8xL3dCZWtxQ0Z5c2dh
djdod1QwcGJ1SmdPRnRYRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlZdDANBAIAAjAHAwUAKgODIDAN
BgkqhkiG9w0BAQsFAAOCAQEAItXtKlzLnFxIVCA5MkTXwquG3CYna8FsSl+GyTVq
EWGZUDTpf0OMia9JVkSSDTlnMuJruAb3TcbGLqvlQKT7JNFaIZc2J2A3Fug+CoHy
ahew+EBM17QGNg9kNuU7ckZKizbN6xDWHg89vvTjUtWawM7jEiiooYXbF+JiOZVG
Mun8jS8tRkG8gPGEjUwzcVzI0EirusdFIMbexTdbg3B5XIUTYBp0j+cf5hGuPLlx
FunBrLUkxAjF8xBPS3+vOxfoQkV1wzEl9aVyYA2iiO6hOxQvLf4Oltn54SiqoHj5
zzFkyDkTAgjoFE18a6ShMTBPJcGJQPdOuWBycHNRy1ddsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:10 2024 by rpki-client on console-ams.rpki-client.org