Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/a7s2touq4CqMpjVG8zs_cU7lsnM.roa
File:                     a7s2touq4CqMpjVG8zs_cU7lsnM.roa (raw, json)
Hash identifier:          786GYisgrbFncVv7ywhXjcgdWYxpXPkDfne8B7uvOm4=
Subject key identifier:   6B:BB:36:B6:8B:AA:E0:2A:8C:A6:35:46:F3:3B:3F:71:4E:E5:B2:73
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       0181D00510AA1E59003D84FBB519DFE441D0
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/a7s2touq4CqMpjVG8zs_cU7lsnM.roa
Signing time:             Tue 05 Jul 2022 20:20:01 +0000
ROA not before:           Tue 05 Jul 2022 20:20:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20454
IP address blocks:        92.119.183.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:d0:05:10:aa:1e:59:00:3d:84:fb:b5:19:df:e4:41:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jul  5 20:20:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6bbb36b68baae02a8ca63546f33b3f714ee5b273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:21:7e:b1:99:be:51:e8:17:92:f0:9c:a1:ef:
                    68:5a:01:71:2e:1b:f9:26:a2:f0:e3:cc:f1:1e:19:
                    a2:26:fe:61:07:f2:e8:cb:00:fb:76:61:24:a9:97:
                    ff:28:1a:1f:88:c6:bc:7d:5f:d5:35:ca:32:55:07:
                    30:21:0c:fd:6b:24:1a:fa:57:c7:b6:a6:d5:6b:d6:
                    dc:7d:60:3a:5c:6f:71:87:b3:f5:d2:54:f4:9f:aa:
                    2e:63:aa:ec:4d:ef:55:a8:17:60:18:a5:47:ca:a3:
                    05:3e:27:6d:19:6f:aa:38:a4:4d:2b:a3:45:9e:57:
                    8e:da:8b:cc:f7:13:70:e8:dc:ef:c3:9d:3f:58:85:
                    07:6f:9d:6c:07:bb:ee:54:40:4f:a1:51:b1:61:6f:
                    d0:b7:0c:2a:08:6c:39:fa:d2:8e:fe:f8:fc:5a:ba:
                    04:d9:5f:92:fe:64:7b:98:f1:2d:6b:fa:64:65:75:
                    70:31:25:58:21:ba:fc:8c:b5:58:92:5d:24:55:bb:
                    46:74:50:52:c7:8e:4c:f9:d7:44:5b:ad:69:b9:a1:
                    7a:4c:dc:89:52:c0:ed:dd:f9:94:75:aa:6e:e6:d0:
                    1d:34:97:b3:d8:65:bd:60:f1:a5:86:da:97:b0:09:
                    64:59:30:a4:d4:68:ca:69:ba:db:31:66:74:21:f0:
                    d7:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:BB:36:B6:8B:AA:E0:2A:8C:A6:35:46:F3:3B:3F:71:4E:E5:B2:73
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/a7s2touq4CqMpjVG8zs_cU7lsnM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.119.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:06:cf:99:77:6c:8c:56:89:f0:b7:31:70:d8:c8:41:7e:54:
         d1:46:ef:4e:31:7f:cb:37:58:91:5b:b6:b0:f7:1d:cb:5f:68:
         52:76:10:1c:25:e3:e6:97:4b:fe:1b:35:9f:ab:15:c4:a4:37:
         14:5c:e9:ac:88:1a:a8:f2:c0:d2:ed:78:33:73:8f:00:56:6d:
         47:24:45:7d:bb:05:db:93:02:52:55:e5:01:5f:29:d5:24:ac:
         78:ae:39:80:36:3f:e4:97:5f:80:1a:f4:bd:72:21:70:95:eb:
         4e:d1:49:89:35:32:54:fe:34:ab:45:47:fc:a5:8e:12:28:6e:
         66:a3:70:22:6d:8d:39:c9:02:72:bf:53:86:82:af:ea:bf:4a:
         0e:f3:a9:9c:b0:fb:30:01:ee:6a:84:24:4e:f2:c3:37:e6:a2:
         d9:64:5f:bb:eb:39:aa:4c:77:99:c2:b0:82:84:d9:80:ca:80:
         21:67:21:2f:80:19:65:7b:a0:09:52:89:74:44:14:cc:9a:4b:
         67:2e:2a:70:ba:43:28:66:80:40:d3:08:7c:df:23:63:c9:6d:
         ac:68:b9:2f:c5:df:c5:e3:04:d9:41:98:9b:82:7f:ec:07:51:
         94:7e:5e:ed:e3:49:d5:83:ea:75:db:f8:d5:80:c4:db:0c:27:
         33:29:20:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHQBRCqHlkAPYT7tRnf5EHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjIwNzA1MjAyMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmJiMzZiNjhiYWFlMDJhOGNhNjM1NDZmMzNiM2Y3MTRlZTViMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyF+sZm+UegXkvCcoe9oWgFxLhv5
JqLw48zxHhmiJv5hB/LoywD7dmEkqZf/KBofiMa8fV/VNcoyVQcwIQz9ayQa+lfH
tqbVa9bcfWA6XG9xh7P10lT0n6ouY6rsTe9VqBdgGKVHyqMFPidtGW+qOKRNK6NF
nleO2ovM9xNw6Nzvw50/WIUHb51sB7vuVEBPoVGxYW/QtwwqCGw5+tKO/vj8WroE
2V+S/mR7mPEta/pkZXVwMSVYIbr8jLVYkl0kVbtGdFBSx45M+ddEW61puaF6TNyJ
UsDt3fmUdapu5tAdNJez2GW9YPGlhtqXsAlkWTCk1GjKabrbMWZ0IfDXfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGu7NraLquAqjKY1RvM7P3FO5bJzMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvYTdzMnRvdXE0Q3FNcGpWRzh6c19jVTdsc25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHe3MA0G
CSqGSIb3DQEBCwUAA4IBAQCIBs+Zd2yMVonwtzFw2MhBflTRRu9OMX/LN1iRW7aw
9x3LX2hSdhAcJePml0v+GzWfqxXEpDcUXOmsiBqo8sDS7Xgzc48AVm1HJEV9uwXb
kwJSVeUBXynVJKx4rjmANj/kl1+AGvS9ciFwletO0UmJNTJU/jSrRUf8pY4SKG5m
o3AibY05yQJyv1OGgq/qv0oO86mcsPswAe5qhCRO8sM35qLZZF+76zmqTHeZwrCC
hNmAyoAhZyEvgBlle6AJUol0RBTMmktnLipwukMoZoBA0wh83yNjyW2saLkvxd/F
4wTZQZibgn/sB1GUfl7t40nVg+p12/jVgMTbDCczKSA5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:54 2024 by rpki-client on console-fra.rpki-client.org