Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/8BOCrYhl1H1_DZQdGFJGM7ErLhA.roa
File:                     8BOCrYhl1H1_DZQdGFJGM7ErLhA.roa (raw, json)
Hash identifier:          Q7ycLZJcwodPasLQ3SkCvj8LunE+U02G0iR9oG6CAzg=
Subject key identifier:   F0:13:82:AD:88:65:D4:7D:7F:0D:94:1D:18:52:46:33:B1:2B:2E:10
Certificate issuer:       /CN=042ac382689687b60fce5ce9db887b21d68a6abc
Certificate serial:       07531B3A
Authority key identifier: 04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/8BOCrYhl1H1_DZQdGFJGM7ErLhA.roa
Signing time:             Sat 01 Jan 2022 06:56:28 +0000
ROA not before:           Sat 01 Jan 2022 06:56:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     134094
IP address blocks:        185.226.94.0/24 maxlen: 24
                          185.226.93.0/24 maxlen: 24
                          185.226.95.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122886970 (0x7531b3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=042ac382689687b60fce5ce9db887b21d68a6abc
        Validity
            Not Before: Jan  1 06:56:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f01382ad8865d47d7f0d941d18524633b12b2e10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9d:b2:a8:3f:62:54:44:a4:f5:cb:0c:79:63:
                    42:38:7b:17:d6:8c:68:2c:58:07:e4:db:40:c2:e1:
                    9b:3f:8e:f1:33:06:43:fe:31:8a:2c:10:30:ba:08:
                    74:ca:13:78:09:70:d7:b4:41:06:a6:b3:20:db:df:
                    f1:28:b0:af:09:b0:03:a4:3e:b4:1c:41:b9:0a:59:
                    e6:5d:5c:39:33:7e:dc:66:c8:81:db:dd:7b:79:43:
                    22:28:b1:16:9e:dd:7b:52:9a:e1:c7:83:41:4a:66:
                    8e:2c:a0:e8:a7:91:f2:e7:d8:d9:aa:e4:f0:ac:1c:
                    53:ef:00:18:5a:d5:2b:09:cf:aa:51:f0:5c:d8:b0:
                    d2:7d:23:cc:b2:63:95:11:94:b9:a5:08:a9:62:58:
                    0a:b8:11:82:de:80:35:1a:ac:e1:67:20:ab:d1:81:
                    64:d0:fa:63:c2:28:e7:ba:61:b8:07:f6:6f:3c:06:
                    14:f9:89:1b:b1:06:c8:68:da:35:69:6f:5e:de:17:
                    f0:61:d1:30:17:a6:ca:88:a5:e9:0c:50:9b:eb:02:
                    1a:2e:e6:6e:8b:4e:d6:0a:2d:85:1a:21:49:8d:ed:
                    2d:d9:d3:d1:ff:45:6e:b4:a9:b0:82:67:2d:03:96:
                    48:4a:4c:70:61:64:ad:2b:9d:e2:46:31:a7:f5:cb:
                    58:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:13:82:AD:88:65:D4:7D:7F:0D:94:1D:18:52:46:33:B1:2B:2E:10
            X509v3 Authority Key Identifier:
                keyid:04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/8BOCrYhl1H1_DZQdGFJGM7ErLhA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/BCrDgmiWh7YPzlzp24h7IdaKarw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.93.0-185.226.95.255

    Signature Algorithm: sha256WithRSAEncryption
         85:4c:eb:c8:32:11:f4:54:c6:b8:e3:55:28:fa:8e:3c:2a:09:
         0e:d4:da:f8:f3:3f:b0:3c:a3:f0:38:d8:d8:87:92:e8:dd:d2:
         9e:15:15:80:26:46:d3:b6:4b:16:00:9d:d1:35:8e:9f:17:c5:
         0d:05:f3:36:96:72:37:65:5e:c4:ff:73:52:ce:e7:e4:ed:36:
         e2:ee:dd:c8:a5:c6:d3:53:36:59:14:16:31:65:e2:bb:1f:fb:
         e0:e7:5b:8d:b2:27:2d:54:56:d1:b3:66:f8:ef:81:e3:2c:15:
         66:59:84:af:1e:a9:97:c9:e9:d3:f5:76:e7:d2:d7:be:06:fc:
         4c:ae:9c:a8:47:d3:92:ae:23:03:46:9f:70:0c:f0:c5:0d:a5:
         c4:22:58:d7:f0:81:c1:3f:50:7e:71:2d:79:0d:36:6d:2b:00:
         cc:fb:ba:63:b1:5d:d1:11:07:c0:65:0a:6d:02:2c:70:2b:c7:
         84:be:8d:66:50:4c:51:54:3a:ed:e0:23:20:2b:5e:76:55:46:
         88:bf:cf:ca:d7:bf:a4:bc:c8:a7:83:e5:f3:f9:49:3c:50:1a:
         85:3e:a0:37:84:75:db:66:98:26:f2:d3:ea:79:d5:95:76:c4:
         84:32:88:20:ab:d6:3b:81:07:ca:3b:7e:19:e0:d6:f4:c7:7c:
         57:cd:cf:59
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEB1MbOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDJhYzM4MjY4OTY4N2I2MGZjZTVjZTlkYjg4N2IyMWQ2OGE2YWJjMB4XDTIyMDEw
MTA2NTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjAxMzgyYWQ4ODY1
ZDQ3ZDdmMGQ5NDFkMTg1MjQ2MzNiMTJiMmUxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKdsqg/YlREpPXLDHljQjh7F9aMaCxYB+TbQMLhmz+O8TMG
Q/4xiiwQMLoIdMoTeAlw17RBBqazINvf8SiwrwmwA6Q+tBxBuQpZ5l1cOTN+3GbI
gdvde3lDIiixFp7de1Ka4ceDQUpmjiyg6KeR8ufY2ark8KwcU+8AGFrVKwnPqlHw
XNiw0n0jzLJjlRGUuaUIqWJYCrgRgt6ANRqs4Wcgq9GBZND6Y8Io57phuAf2bzwG
FPmJG7EGyGjaNWlvXt4X8GHRMBemyoil6QxQm+sCGi7mbotO1gothRohSY3tLdnT
0f9FbrSpsIJnLQOWSEpMcGFkrSud4kYxp/XLWBECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTwE4KtiGXUfX8NlB0YUkYzsSsuEDAfBgNVHSMEGDAWgBQEKsOCaJaHtg/O
XOnbiHsh1opqvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JDckRnbWlXaDdZUHpsenAyNGg3SWRhS2Fydy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvNDY2M2JiLWM1MDktNGE5YS1iY2FlLTcwYmM2Njg5M2U1Yy8x
LzhCT0NyWWhsMUgxX0RaUWRHRkpHTTdFckxoQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
NDY2M2JiLWM1MDktNGE5YS1iY2FlLTcwYmM2Njg5M2U1Yy8xL0JDckRnbWlXaDdZ
UHpsenAyNGg3SWRhS2Fydy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAueJdAwQFueJAMA0GCSqGSIb3
DQEBCwUAA4IBAQCFTOvIMhH0VMa441Uo+o48KgkO1Nr48z+wPKPwONjYh5Lo3dKe
FRWAJkbTtksWAJ3RNY6fF8UNBfM2lnI3ZV7E/3NSzufk7Tbi7t3IpcbTUzZZFBYx
ZeK7H/vg51uNsictVFbRs2b474HjLBVmWYSvHqmXyenT9Xbn0te+BvxMrpyoR9OS
riMDRp9wDPDFDaXEIljX8IHBP1B+cS15DTZtKwDM+7pjsV3REQfAZQptAixwK8eE
vo1mUExRVDrt4CMgK152VUaIv8/K17+kvMing+Xz+Uk8UBqFPqA3hHXbZpgm8tPq
edWVdsSEMoggq9Y7gQfKO34Z4Nb0x3xXzc9Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:39 2024 by rpki-client on console-ams.rpki-client.org