Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/Fp4jw0Z8iLfKWbQzfsfPIGs_GJQ.roa
File:                     Fp4jw0Z8iLfKWbQzfsfPIGs_GJQ.roa (raw, json)
Hash identifier:          0o4anYpPmpZ5doR+CAIp5xR7TWXS0O3n4vF7s8MQgVM=
Subject key identifier:   16:9E:23:C3:46:7C:88:B7:CA:59:B4:33:7E:C7:CF:20:6B:3F:18:94
Certificate issuer:       /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial:       030EB94B
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/Fp4jw0Z8iLfKWbQzfsfPIGs_GJQ.roa
Signing time:             Sat 01 Jan 2022 01:02:03 +0000
ROA not before:           Sat 01 Jan 2022 01:02:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41015
IP address blocks:        185.90.84.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51296587 (0x30eb94b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
        Validity
            Not Before: Jan  1 01:02:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=169e23c3467c88b7ca59b4337ec7cf206b3f1894
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:60:19:06:29:62:64:3d:c9:9d:92:ff:5a:d1:
                    25:44:c2:12:4a:cb:71:8a:ec:7c:19:27:1f:56:6f:
                    d3:bb:4c:15:72:d5:b8:10:1e:2a:84:c4:52:21:f9:
                    2a:86:39:c8:db:28:67:af:64:e2:60:92:7b:3b:20:
                    48:4d:a9:fd:df:98:2d:65:f9:46:9f:ab:48:4a:ca:
                    05:e6:12:aa:a0:b6:e5:03:41:4a:c5:7f:45:26:ff:
                    f4:85:5a:1a:85:73:b4:37:a1:e4:9e:02:90:49:24:
                    b4:e5:1e:26:58:5b:80:bb:35:37:dc:44:93:a3:f6:
                    cc:fe:c6:f2:87:3f:c9:7d:b7:c6:c4:b1:75:a7:cf:
                    5d:8a:78:2b:a6:ee:70:ea:aa:93:29:9c:31:29:55:
                    cd:08:b9:13:57:28:64:d7:c7:ad:fc:5e:79:60:51:
                    a7:f9:bc:e3:31:0b:55:fc:6f:e1:2c:fc:fc:0c:69:
                    79:98:4c:5b:38:de:79:6a:f0:95:52:7d:3d:bb:e7:
                    93:18:2a:31:bd:3b:6a:51:6f:57:3a:c1:36:ee:56:
                    9d:81:ac:3e:58:59:e0:fa:05:f1:2b:70:36:10:00:
                    bf:bf:75:eb:d3:60:0e:f0:73:17:ff:8e:01:37:59:
                    26:a8:9f:e8:e6:a1:89:ac:5d:9e:16:81:4e:89:e1:
                    8a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:9E:23:C3:46:7C:88:B7:CA:59:B4:33:7E:C7:CF:20:6B:3F:18:94
            X509v3 Authority Key Identifier:
                keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/Fp4jw0Z8iLfKWbQzfsfPIGs_GJQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.90.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         43:1a:20:36:15:cc:8c:d1:94:90:c1:30:e2:72:99:0b:04:07:
         20:a8:ce:b8:63:77:89:81:56:26:c6:a1:33:2c:f6:04:49:df:
         98:6e:41:3d:4e:c1:c6:30:7b:33:db:87:df:4f:84:d4:29:96:
         71:cf:b5:58:63:1c:06:c1:9d:0c:5a:63:75:0d:f1:a8:b2:48:
         24:10:f6:c9:f4:fc:a9:3d:b7:12:93:47:43:a6:2e:eb:ba:45:
         f4:53:b1:93:ad:4c:02:b7:31:a1:45:ef:65:27:24:5d:32:47:
         56:3e:ca:16:f1:f8:c3:92:c5:87:fb:c5:fa:c4:4f:e9:3d:7d:
         40:b2:fb:a2:1a:1a:0c:67:fe:89:95:19:3f:e9:72:60:9c:2c:
         3b:e7:b1:c7:d4:aa:35:aa:4e:9b:41:bf:cc:cf:09:44:90:d4:
         0d:b1:d3:42:fd:df:ae:96:fb:48:02:44:86:b2:18:35:8e:ce:
         64:00:f6:57:00:fb:3f:e2:c7:af:7b:e8:0b:71:78:25:7d:22:
         d2:7e:eb:e9:1e:6c:47:0d:6b:4a:b3:60:5a:df:78:58:f7:43:
         f4:fa:64:41:13:f0:93:1e:1b:17:22:4c:02:a5:74:48:f9:30:
         80:43:84:0f:79:4a:7c:64:d1:46:c8:bd:f1:4e:9d:ce:69:05:
         02:b7:98:fc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAw65SzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGQyYzI1ZDA1MzRhNDAyN2M2OTU1NjJhOGNlNGYwMDFjZDUzOTZmMB4XDTIyMDEw
MTAxMDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY5ZTIzYzM0Njdj
ODhiN2NhNTliNDMzN2VjN2NmMjA2YjNmMTg5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9gGQYpYmQ9yZ2S/1rRJUTCEkrLcYrsfBknH1Zv07tMFXLV
uBAeKoTEUiH5KoY5yNsoZ69k4mCSezsgSE2p/d+YLWX5Rp+rSErKBeYSqqC25QNB
SsV/RSb/9IVaGoVztDeh5J4CkEkktOUeJlhbgLs1N9xEk6P2zP7G8oc/yX23xsSx
dafPXYp4K6bucOqqkymcMSlVzQi5E1coZNfHrfxeeWBRp/m84zELVfxv4Sz8/Axp
eZhMWzjeeWrwlVJ9PbvnkxgqMb07alFvVzrBNu5WnYGsPlhZ4PoF8StwNhAAv791
69NgDvBzF/+OATdZJqif6OahiaxdnhaBTonhiscCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQWniPDRnyIt8pZtDN+x88gaz8YlDAfBgNVHSMEGDAWgBRo0sJdBTSkAnxp
VWKozk8AHNU5bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FOTENYUVUwcEFKOGFWVmlxTTVQQUJ6Vk9XOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvYWQ5NzU2LTg0ZDEtNGFiOS05NmUxLTE0Nzk3ZWFjNTIyZS8x
L0ZwNGp3MFo4aUxmS1diUXpmc2ZQSUdzX0dKUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
YWQ5NzU2LTg0ZDEtNGFiOS05NmUxLTE0Nzk3ZWFjNTIyZS8xL2FOTENYUVUwcEFK
OGFWVmlxTTVQQUJ6Vk9XOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlaVDANBgkqhkiG9w0BAQsFAAOC
AQEAQxogNhXMjNGUkMEw4nKZCwQHIKjOuGN3iYFWJsahMyz2BEnfmG5BPU7BxjB7
M9uH30+E1CmWcc+1WGMcBsGdDFpjdQ3xqLJIJBD2yfT8qT23EpNHQ6Yu67pF9FOx
k61MArcxoUXvZSckXTJHVj7KFvH4w5LFh/vF+sRP6T19QLL7ohoaDGf+iZUZP+ly
YJwsO+exx9SqNapOm0G/zM8JRJDUDbHTQv3frpb7SAJEhrIYNY7OZAD2VwD7P+LH
r3voC3F4JX0i0n7r6R5sRw1rSrNgWt94WPdD9PpkQRPwkx4bFyJMAqV0SPkwgEOE
D3lKfGTRRsi98U6dzmkFAreY/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:47 2024 by rpki-client on console-fra.rpki-client.org