Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/e-mWU1q_n6V_jiZn-eFjt8jB5KY.roa
File:                     e-mWU1q_n6V_jiZn-eFjt8jB5KY.roa (raw, json)
Hash identifier:          XWDG2Lr1K2/4YmdkVcRN7LAJMGkokQzk+A9GW8mt2Gw=
Subject key identifier:   7B:E9:96:53:5A:BF:9F:A5:7F:8E:26:67:F9:E1:63:B7:C8:C1:E4:A6
Certificate issuer:       /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial:       2DF7B5CE
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/e-mWU1q_n6V_jiZn-eFjt8jB5KY.roa
Signing time:             Sat 01 Jan 2022 14:58:13 +0000
ROA not before:           Sat 01 Jan 2022 14:58:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60772
IP address blocks:        185.32.40.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 771208654 (0x2df7b5ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
        Validity
            Not Before: Jan  1 14:58:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7be996535abf9fa57f8e2667f9e163b7c8c1e4a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:00:f9:aa:d0:0d:ef:ea:72:6e:7b:f5:cd:0e:
                    70:a8:d8:9f:93:60:37:3a:65:04:c3:d3:4d:c4:3f:
                    5a:66:94:75:ec:f5:83:e9:5b:bd:f5:f1:82:94:81:
                    65:4c:67:03:fb:50:3f:23:9c:3c:95:7b:49:d1:a6:
                    1c:87:32:54:86:a9:98:fa:b1:89:9a:6c:2b:b5:08:
                    ff:9c:23:67:36:2e:f1:85:30:f1:03:b8:85:74:2a:
                    2b:ab:b5:d4:95:fa:56:0f:3e:10:09:4e:50:16:b8:
                    22:ca:4d:05:32:74:f4:8d:99:da:a9:8e:ac:a3:e5:
                    69:d8:65:5d:7f:84:64:6e:75:b9:57:31:e9:37:26:
                    f9:fa:aa:fa:f8:77:8d:a5:9f:e0:f4:05:e8:0f:2f:
                    29:6f:db:75:96:88:ef:30:c4:3f:39:13:21:5d:6a:
                    0f:e7:f1:75:1b:4c:da:b3:9e:91:05:47:73:20:2e:
                    05:7f:6c:96:cb:b0:de:fc:49:3c:ec:1a:77:eb:2c:
                    af:ed:ce:d4:6c:53:04:83:d3:7b:85:d9:a9:6d:10:
                    51:ec:81:0f:0e:53:a4:b5:55:64:30:d5:11:94:52:
                    57:a2:cb:8f:d0:50:c2:cb:40:91:30:5c:59:55:cf:
                    77:90:4a:93:7a:22:f3:4f:97:15:47:9c:b8:97:7a:
                    0f:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:E9:96:53:5A:BF:9F:A5:7F:8E:26:67:F9:E1:63:B7:C8:C1:E4:A6
            X509v3 Authority Key Identifier:
                keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/e-mWU1q_n6V_jiZn-eFjt8jB5KY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.32.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:03:96:74:cc:44:b0:8c:f6:94:c5:fe:88:4c:d7:11:d6:c8:
         71:85:79:d9:29:67:9c:42:d2:6a:dd:89:6f:06:55:03:79:32:
         de:5b:e2:14:2f:8d:37:91:3c:6a:19:c7:06:37:cc:5f:55:00:
         d6:05:4a:bb:9e:c3:9a:31:45:ae:dc:7c:85:83:34:1e:f8:82:
         67:c5:1b:f6:50:2d:f0:72:08:20:3d:c5:6e:ea:9b:23:ec:0c:
         73:ff:54:8f:2e:b2:ac:51:ce:17:db:6d:5d:9e:aa:79:6e:4b:
         8e:b8:61:0f:e5:a7:bd:f6:83:88:0d:60:6f:6c:94:48:d5:99:
         db:1f:86:e6:4c:bf:9c:9c:a2:83:2b:15:8e:6b:ba:b4:d2:f8:
         cf:ce:a6:72:25:c2:07:bc:ed:e9:43:88:b0:27:bd:37:cf:72:
         d4:fc:da:da:06:6c:cd:bf:b1:d2:df:82:8c:63:0e:cc:d2:9c:
         e2:84:8c:30:86:83:2b:fe:20:9a:1f:c8:21:e9:12:c9:fe:aa:
         63:f6:22:8f:70:b9:1b:b7:d1:5b:ee:75:c0:62:4b:53:2c:ec:
         0c:b4:64:be:73:62:f0:65:80:ca:4d:bc:9c:4d:b4:2a:65:e7:
         55:8e:fb:1e:ca:69:4d:5d:3f:a8:db:32:be:43:7a:b5:19:14:
         46:8b:a3:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIELfe1zjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzFkNGE0Mzc0ZGYyMjJhYzMyMzViOTYwMjIwNmQ5NmJmMWRhYzgyMB4XDTIyMDEw
MTE0NTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JlOTk2NTM1YWJm
OWZhNTdmOGUyNjY3ZjllMTYzYjdjOGMxZTRhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8A+arQDe/qcm579c0OcKjYn5NgNzplBMPTTcQ/WmaUdez1
g+lbvfXxgpSBZUxnA/tQPyOcPJV7SdGmHIcyVIapmPqxiZpsK7UI/5wjZzYu8YUw
8QO4hXQqK6u11JX6Vg8+EAlOUBa4IspNBTJ09I2Z2qmOrKPladhlXX+EZG51uVcx
6Tcm+fqq+vh3jaWf4PQF6A8vKW/bdZaI7zDEPzkTIV1qD+fxdRtM2rOekQVHcyAu
BX9slsuw3vxJPOwad+ssr+3O1GxTBIPTe4XZqW0QUeyBDw5TpLVVZDDVEZRSV6LL
j9BQwstAkTBcWVXPd5BKk3oi80+XFUecuJd6D78CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR76ZZTWr+fpX+OJmf54WO3yMHkpjAfBgNVHSMEGDAWgBT3HUpDdN8iKsMj
W5YCIG2Wvx2sgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzl4MUtRM1RmSWlyREkxdVdBaUJ0bHI4ZHJJSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzczOWRjLTExMzItNDgzNy05Yjg1LWU5YWMyYjAwMzE2YS8x
L2UtbVdVMXFfbjZWX2ppWm4tZUZqdDhqQjVLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzczOWRjLTExMzItNDgzNy05Yjg1LWU5YWMyYjAwMzE2YS8xLzl4MUtRM1RmSWly
REkxdVdBaUJ0bHI4ZHJJSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkgKDANBgkqhkiG9w0BAQsFAAOC
AQEAUgOWdMxEsIz2lMX+iEzXEdbIcYV52SlnnELSat2JbwZVA3ky3lviFC+NN5E8
ahnHBjfMX1UA1gVKu57DmjFFrtx8hYM0HviCZ8Ub9lAt8HIIID3FbuqbI+wMc/9U
jy6yrFHOF9ttXZ6qeW5LjrhhD+WnvfaDiA1gb2yUSNWZ2x+G5ky/nJyigysVjmu6
tNL4z86mciXCB7zt6UOIsCe9N89y1Pza2gZszb+x0t+CjGMOzNKc4oSMMIaDK/4g
mh/IIekSyf6qY/Yij3C5G7fRW+51wGJLUyzsDLRkvnNi8GWAyk28nE20KmXnVY77
HsppTV0/qNsyvkN6tRkURoujBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:23 2024 by rpki-client on console-fra.rpki-client.org