Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2d783a-1cbc-40d4-b011-e085275aa364/1/Nq30xwSdEwciraQWVB1WH0k4d8o.roa
File:                     Nq30xwSdEwciraQWVB1WH0k4d8o.roa (raw, json)
Hash identifier:          rH87E+ISbmjg3N0k89GmFe3egXsZQivQlceqYMr0FSg=
Subject key identifier:   36:AD:F4:C7:04:9D:13:07:22:AD:A4:16:54:1D:56:1F:49:38:77:CA
Certificate issuer:       /CN=034b0eed2c5a787ad87fb49f04d3fdf3d0f49d4c
Certificate serial:       193F1360
Authority key identifier: 03:4B:0E:ED:2C:5A:78:7A:D8:7F:B4:9F:04:D3:FD:F3:D0:F4:9D:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A0sO7SxaeHrYf7SfBNP989D0nUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/2d783a-1cbc-40d4-b011-e085275aa364/1/Nq30xwSdEwciraQWVB1WH0k4d8o.roa
Signing time:             Sat 01 Jan 2022 11:02:52 +0000
ROA not before:           Sat 01 Jan 2022 11:02:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57428
IP address blocks:        185.57.44.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 423564128 (0x193f1360)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=034b0eed2c5a787ad87fb49f04d3fdf3d0f49d4c
        Validity
            Not Before: Jan  1 11:02:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=36adf4c7049d130722ada416541d561f493877ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:91:dd:5f:ff:30:b6:a3:b1:63:ab:d4:78:f0:
                    87:24:25:3a:73:ce:2a:f2:a3:9f:41:bf:64:3d:74:
                    84:ad:16:ef:a2:d5:7f:34:c6:f0:b4:c0:88:ff:7b:
                    7c:aa:c4:bb:c0:4f:36:13:b7:ef:27:9a:fe:35:61:
                    e6:b5:71:0b:b0:27:51:3d:43:90:ce:f3:34:e5:49:
                    71:02:20:55:97:6c:88:12:7c:9b:7d:fa:a0:89:04:
                    83:30:89:80:aa:26:11:b8:e5:06:6b:97:44:2d:b6:
                    ac:34:1a:8a:f3:ab:6e:50:aa:75:70:e8:11:e7:c2:
                    62:38:83:0c:c0:b6:1d:85:ec:3b:70:b7:7b:95:63:
                    bf:e0:14:b3:f7:20:1f:90:69:d1:3a:25:bf:9b:4d:
                    8b:31:84:7f:d3:6d:6f:a2:55:1a:61:29:28:ef:6d:
                    fc:c2:ca:2f:c3:aa:ec:40:b7:35:f1:0f:cf:8a:3d:
                    66:41:bb:c8:16:70:75:a1:1c:ee:55:85:26:63:f7:
                    84:82:49:11:aa:3a:86:25:62:fd:6b:d3:05:87:9f:
                    b2:c8:67:2b:c5:69:66:80:82:fb:16:70:62:07:4f:
                    2f:80:7f:09:a2:78:78:ca:73:86:bc:51:4f:71:d5:
                    c7:bf:58:cb:6f:d8:e9:85:86:81:a9:5a:d7:0f:d8:
                    63:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:AD:F4:C7:04:9D:13:07:22:AD:A4:16:54:1D:56:1F:49:38:77:CA
            X509v3 Authority Key Identifier:
                keyid:03:4B:0E:ED:2C:5A:78:7A:D8:7F:B4:9F:04:D3:FD:F3:D0:F4:9D:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0sO7SxaeHrYf7SfBNP989D0nUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2d783a-1cbc-40d4-b011-e085275aa364/1/Nq30xwSdEwciraQWVB1WH0k4d8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2d783a-1cbc-40d4-b011-e085275aa364/1/A0sO7SxaeHrYf7SfBNP989D0nUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.57.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         00:9e:37:c8:04:64:72:fc:83:8c:2f:08:82:15:3a:6f:a8:72:
         2f:5d:0b:d2:b8:4c:e7:b0:2d:f4:b5:36:10:1b:fc:19:05:10:
         d4:61:97:d0:88:20:e6:fa:00:76:d8:00:9d:7e:9f:c1:46:d3:
         73:e4:67:83:5d:57:41:76:43:c3:6d:b6:20:28:02:1d:7f:0d:
         61:d9:a8:e1:99:a3:24:ff:d0:e8:15:53:7f:b3:6f:95:3f:1c:
         ed:d0:ef:98:99:05:2e:1d:db:e8:6f:82:9c:9b:2e:d2:44:64:
         a7:0b:50:bb:5a:b9:00:85:51:a0:2c:f5:b1:0e:b5:45:21:fb:
         83:34:86:b7:33:ed:06:09:c5:72:79:c9:8a:cf:55:62:29:96:
         11:97:95:0e:ac:d3:48:8f:11:37:e4:bc:1f:5f:04:a5:82:e2:
         e6:00:00:83:c9:c6:cc:16:c7:b9:e9:74:84:1c:15:cc:12:41:
         56:56:0b:92:e2:5f:e3:bf:1f:9f:cd:0d:b9:8d:ec:91:ff:62:
         29:50:9a:0e:6f:19:dd:e1:fb:c3:d8:b8:70:78:f3:47:42:3a:
         9e:ff:8f:1b:cf:95:c8:a9:8b:61:c4:37:bc:29:5d:8a:e4:9a:
         b1:8d:d5:fa:1b:27:ab:22:55:b3:19:43:57:b2:63:d9:3f:7a:
         8b:34:db:92
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGT8TYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzRiMGVlZDJjNWE3ODdhZDg3ZmI0OWYwNGQzZmRmM2QwZjQ5ZDRjMB4XDTIyMDEw
MTExMDI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZhZGY0YzcwNDlk
MTMwNzIyYWRhNDE2NTQxZDU2MWY0OTM4NzdjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqR3V//MLajsWOr1HjwhyQlOnPOKvKjn0G/ZD10hK0W76LV
fzTG8LTAiP97fKrEu8BPNhO37yea/jVh5rVxC7AnUT1DkM7zNOVJcQIgVZdsiBJ8
m336oIkEgzCJgKomEbjlBmuXRC22rDQaivOrblCqdXDoEefCYjiDDMC2HYXsO3C3
e5Vjv+AUs/cgH5Bp0Tolv5tNizGEf9Ntb6JVGmEpKO9t/MLKL8Oq7EC3NfEPz4o9
ZkG7yBZwdaEc7lWFJmP3hIJJEao6hiVi/WvTBYefsshnK8VpZoCC+xZwYgdPL4B/
CaJ4eMpzhrxRT3HVx79Yy2/Y6YWGgala1w/YYwcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ2rfTHBJ0TByKtpBZUHVYfSTh3yjAfBgNVHSMEGDAWgBQDSw7tLFp4eth/
tJ8E0/3z0PSdTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Ewc083U3hhZUhyWWY3U2ZCTlA5ODlEMG5Vdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMmQ3ODNhLTFjYmMtNDBkNC1iMDExLWUwODUyNzVhYTM2NC8x
L05xMzB4d1NkRXdjaXJhUVdWQjFXSDBrNGQ4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
MmQ3ODNhLTFjYmMtNDBkNC1iMDExLWUwODUyNzVhYTM2NC8xL0Ewc083U3hhZUhy
WWY3U2ZCTlA5ODlEMG5Vdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArk5LDANBgkqhkiG9w0BAQsFAAOC
AQEAAJ43yARkcvyDjC8IghU6b6hyL10L0rhM57At9LU2EBv8GQUQ1GGX0Igg5voA
dtgAnX6fwUbTc+Rng11XQXZDw222ICgCHX8NYdmo4ZmjJP/Q6BVTf7NvlT8c7dDv
mJkFLh3b6G+CnJsu0kRkpwtQu1q5AIVRoCz1sQ61RSH7gzSGtzPtBgnFcnnJis9V
YimWEZeVDqzTSI8RN+S8H18EpYLi5gAAg8nGzBbHuel0hBwVzBJBVlYLkuJf478f
n80NuY3skf9iKVCaDm8Z3eH7w9i4cHjzR0I6nv+PG8+VyKmLYcQ3vCldiuSasY3V
+hsnqyJVsxlDV7Jj2T96izTbkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:59 2024 by rpki-client on console-fra.rpki-client.org