Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/qZ9AJl8slkxeh5T9pRkTBSAIOJc.roa
File:                     qZ9AJl8slkxeh5T9pRkTBSAIOJc.roa (raw, json)
Hash identifier:          cG2bVrzulm87bGW3frRGOik7s+81L7RxOAUWNrWVty0=
Subject key identifier:   A9:9F:40:26:5F:2C:96:4C:5E:87:94:FD:A5:19:13:05:20:08:38:97
Certificate issuer:       /CN=e81074e32822c8bef3a7dcb31280825bd27545c9
Certificate serial:       0184C39A9F080933E53B88D62A4F5A766513
Authority key identifier: E8:10:74:E3:28:22:C8:BE:F3:A7:DC:B3:12:80:82:5B:D2:75:45:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6BB04ygiyL7zp9yzEoCCW9J1Rck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/qZ9AJl8slkxeh5T9pRkTBSAIOJc.roa
Signing time:             Tue 29 Nov 2022 13:36:41 +0000
ROA not before:           Tue 29 Nov 2022 13:36:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60815
IP address blocks:        185.20.24.0/23 maxlen: 23
                          185.20.24.0/22 maxlen: 22
                          185.20.24.0/24 maxlen: 24
                          185.20.27.0/24 maxlen: 24
                          185.20.26.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c3:9a:9f:08:09:33:e5:3b:88:d6:2a:4f:5a:76:65:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e81074e32822c8bef3a7dcb31280825bd27545c9
        Validity
            Not Before: Nov 29 13:36:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a99f40265f2c964c5e8794fda519130520083897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:7b:b8:f8:a5:de:01:60:96:58:d6:86:e4:2c:
                    71:e1:a4:0c:12:02:51:e2:6f:1f:c3:16:a0:1b:3a:
                    f9:bb:b1:78:aa:28:95:b7:39:fa:18:54:00:a5:cf:
                    62:79:eb:21:a8:c4:b7:b9:ff:a5:35:e7:da:e3:fc:
                    01:3e:1f:ec:fb:85:fd:cf:23:b0:48:43:5f:c4:f6:
                    91:64:39:73:77:3a:0a:8b:6b:e0:71:fb:24:63:48:
                    a5:b4:d0:5e:d6:bc:7b:2d:a7:16:2d:c9:66:84:bf:
                    e4:02:23:15:ce:8b:0e:ac:56:de:d4:9b:0c:3d:a2:
                    09:49:60:37:16:bb:85:3f:a5:dd:10:47:62:f7:31:
                    f6:27:04:18:8a:37:26:12:d1:c3:95:24:49:04:65:
                    11:71:a1:95:e9:44:3d:d7:ac:cd:06:46:19:07:d8:
                    29:7c:7e:87:32:94:94:63:e8:ad:c5:34:d5:6d:e5:
                    b0:07:46:e8:48:fd:4e:23:91:00:e2:02:75:9d:56:
                    43:9c:83:12:8f:00:78:66:29:01:7b:04:84:98:47:
                    24:c1:db:76:65:85:f8:ff:8f:de:87:88:d8:4d:e0:
                    93:72:4c:c0:11:fc:ec:13:28:12:03:f6:cb:38:11:
                    d2:78:93:20:ba:9f:45:61:30:35:1b:08:d8:35:eb:
                    81:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:9F:40:26:5F:2C:96:4C:5E:87:94:FD:A5:19:13:05:20:08:38:97
            X509v3 Authority Key Identifier:
                keyid:E8:10:74:E3:28:22:C8:BE:F3:A7:DC:B3:12:80:82:5B:D2:75:45:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6BB04ygiyL7zp9yzEoCCW9J1Rck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/qZ9AJl8slkxeh5T9pRkTBSAIOJc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/6BB04ygiyL7zp9yzEoCCW9J1Rck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.20.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:3a:e8:1c:ab:c1:e4:2e:fe:31:23:26:57:5f:64:bd:a2:35:
         0c:35:7a:f6:cc:71:f8:77:3a:a4:eb:84:4d:64:f5:f3:fc:e0:
         b4:98:0d:12:e3:50:2f:68:7b:a3:d1:e2:75:93:1a:12:e7:43:
         e5:c5:ba:6f:9b:1e:b8:ef:0a:87:83:0e:6d:a2:8e:bf:eb:f9:
         89:79:4f:8b:fd:9d:7d:09:cb:8a:e1:50:06:50:1e:26:31:b0:
         49:41:d1:a5:4f:3b:7f:be:95:59:db:b5:2b:69:81:db:50:b0:
         8a:f3:45:7b:a2:fc:0e:d4:83:c7:43:f5:89:52:50:98:e4:4e:
         48:9f:5c:85:46:45:8d:9a:d3:dd:6e:20:87:55:fe:10:58:4d:
         d6:5c:0b:58:74:d1:1a:b4:bd:b0:42:6c:de:e0:0b:78:bb:08:
         b4:56:5a:e6:c5:4d:da:e3:2b:7d:ac:e9:fa:d1:27:4e:9d:29:
         88:25:be:e7:b9:63:7c:13:dc:b8:a7:4c:98:79:47:2b:47:50:
         f3:62:9d:48:d6:db:9b:11:93:d0:c1:a2:a1:bf:07:29:ac:e2:
         ed:b6:0b:72:a2:8f:db:24:55:0b:e0:f3:2b:d0:a1:18:6e:57:
         32:bd:03:3d:69:0d:df:d2:12:6b:21:66:a0:db:b8:62:d9:1a:
         82:a1:74:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTDmp8ICTPlO4jWKk9admUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MTA3NGUzMjgyMmM4YmVmM2E3ZGNiMzEyODA4MjViZDI3
NTQ1YzkwHhcNMjIxMTI5MTMzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTlmNDAyNjVmMmM5NjRjNWU4Nzk0ZmRhNTE5MTMwNTIwMDgzODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3u4+KXeAWCWWNaG5Cxx4aQMEgJR
4m8fwxagGzr5u7F4qiiVtzn6GFQApc9ieeshqMS3uf+lNefa4/wBPh/s+4X9zyOw
SENfxPaRZDlzdzoKi2vgcfskY0iltNBe1rx7LacWLclmhL/kAiMVzosOrFbe1JsM
PaIJSWA3FruFP6XdEEdi9zH2JwQYijcmEtHDlSRJBGURcaGV6UQ916zNBkYZB9gp
fH6HMpSUY+itxTTVbeWwB0boSP1OI5EA4gJ1nVZDnIMSjwB4ZikBewSEmEckwdt2
ZYX4/4/eh4jYTeCTckzAEfzsEygSA/bLOBHSeJMgup9FYTA1GwjYNeuBiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKmfQCZfLJZMXoeU/aUZEwUgCDiXMB8GA1UdIwQY
MBaAFOgQdOMoIsi+86fcsxKAglvSdUXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkJCMDR5Z2l5TDd6cDl5ekVvQ0NXOUoxUmNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NzRkMjctZjJhYy00ODk3LTk2ZjQt
M2U0ZTg0ZjM1Y2QwLzEvcVo5QUpsOHNsa3hlaDVUOXBSa1RCU0FJT0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NzRkMjctZjJhYy00ODk3LTk2ZjQtM2U0ZTg0ZjM1Y2Qw
LzEvNkJCMDR5Z2l5TDd6cDl5ekVvQ0NXOUoxUmNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRQYMA0G
CSqGSIb3DQEBCwUAA4IBAQB2Ougcq8HkLv4xIyZXX2S9ojUMNXr2zHH4dzqk64RN
ZPXz/OC0mA0S41AvaHuj0eJ1kxoS50Plxbpvmx647wqHgw5too6/6/mJeU+L/Z19
CcuK4VAGUB4mMbBJQdGlTzt/vpVZ27UraYHbULCK80V7ovwO1IPHQ/WJUlCY5E5I
n1yFRkWNmtPdbiCHVf4QWE3WXAtYdNEatL2wQmze4At4uwi0VlrmxU3a4yt9rOn6
0SdOnSmIJb7nuWN8E9y4p0yYeUcrR1DzYp1I1tubEZPQwaKhvwcprOLttgtyoo/b
JFUL4PMr0KEYblcyvQM9aQ3f0hJrIWag27hi2RqCoXT3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:30 2024 by rpki-client on console-fra.rpki-client.org