Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/hJaptg7FJs5LOzpr8LjdJv2Gle4.roa
File:                     hJaptg7FJs5LOzpr8LjdJv2Gle4.roa (raw, json)
Hash identifier:          kkPqfipIMeUv6giDpwBzsKIPil5Rv/BvIUA+YraSJLk=
Subject key identifier:   84:96:A9:B6:0E:C5:26:CE:4B:3B:3A:6B:F0:B8:DD:26:FD:86:95:EE
Certificate issuer:       /CN=090fac7852b42d1e6b1c3f0f29d13ce5e9ecb2d6
Certificate serial:       069CCF34
Authority key identifier: 09:0F:AC:78:52:B4:2D:1E:6B:1C:3F:0F:29:D1:3C:E5:E9:EC:B2:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CQ-seFK0LR5rHD8PKdE85ensstY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/hJaptg7FJs5LOzpr8LjdJv2Gle4.roa
Signing time:             Sat 01 Jan 2022 09:58:03 +0000
ROA not before:           Sat 01 Jan 2022 09:58:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24837
IP address blocks:        185.108.196.0/23 maxlen: 23
                          185.108.198.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 110939956 (0x69ccf34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=090fac7852b42d1e6b1c3f0f29d13ce5e9ecb2d6
        Validity
            Not Before: Jan  1 09:58:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8496a9b60ec526ce4b3b3a6bf0b8dd26fd8695ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d4:31:72:97:5c:de:8b:03:18:6b:91:26:d1:
                    39:bf:89:c3:5d:8d:87:77:0c:0c:aa:5a:d5:d0:26:
                    0a:ee:17:bf:e3:c3:93:5f:ee:00:bb:3f:29:1b:f3:
                    d3:45:f3:a8:ab:06:8c:68:df:94:1d:82:e4:64:87:
                    f7:46:e2:4d:e9:ff:8c:3b:5c:81:34:d5:58:d6:d8:
                    4b:5f:6f:4c:d6:d5:8b:97:1a:16:a2:fc:61:39:75:
                    9d:1d:6e:7b:53:f6:2b:c7:d7:b2:ed:60:7b:2e:e3:
                    5b:57:19:0b:9d:bb:5d:d5:ee:f9:d0:7e:0f:2c:f4:
                    4b:54:be:18:ee:27:05:d2:cc:de:44:bf:be:3d:92:
                    fe:9f:e2:d8:7a:55:a6:d2:99:b6:cc:02:0f:72:54:
                    29:2d:ad:10:a2:43:02:b0:e7:da:fa:bc:32:9c:29:
                    cd:04:19:22:fe:b5:d1:9b:12:e8:50:94:55:3d:c6:
                    cd:d6:32:46:ce:17:af:30:50:6d:44:5d:01:a3:e4:
                    a2:73:39:92:70:d8:70:fe:18:67:7a:78:e5:97:dd:
                    ca:68:d5:dd:f8:2b:f8:c3:71:68:9f:27:13:43:5f:
                    3d:1f:08:6a:88:10:11:da:a5:b7:14:c7:7b:ee:9d:
                    97:8c:6a:38:80:d9:33:71:86:cf:9c:77:e5:1c:94:
                    97:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:96:A9:B6:0E:C5:26:CE:4B:3B:3A:6B:F0:B8:DD:26:FD:86:95:EE
            X509v3 Authority Key Identifier:
                keyid:09:0F:AC:78:52:B4:2D:1E:6B:1C:3F:0F:29:D1:3C:E5:E9:EC:B2:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ-seFK0LR5rHD8PKdE85ensstY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/hJaptg7FJs5LOzpr8LjdJv2Gle4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/CQ-seFK0LR5rHD8PKdE85ensstY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.108.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         73:cb:96:89:86:31:35:fc:87:4f:91:ea:fa:53:cf:a3:cb:37:
         b2:f1:c9:4c:ac:9b:48:cf:45:04:a5:22:3a:04:5b:21:43:f6:
         39:c7:fd:48:1b:d0:44:b6:72:47:93:4f:f6:48:0e:d2:a6:5d:
         9d:25:aa:47:7e:0c:c3:3e:b1:2d:8d:90:9b:91:e8:03:bc:c4:
         47:f3:04:ac:5c:96:d0:7c:09:6e:03:5c:9d:ab:e4:03:56:3e:
         fc:dd:a1:e8:7b:9c:c8:66:c7:ba:9d:fb:8f:e1:52:c7:05:cc:
         51:44:d2:1c:58:12:36:9e:6c:3e:82:59:98:d6:c0:01:8e:2b:
         a4:40:33:5f:44:c3:17:de:bf:35:50:37:d1:8d:a1:40:38:01:
         5c:7b:7c:9f:b8:51:6c:86:5e:e7:0e:59:a1:ba:56:19:2a:6f:
         b5:19:28:72:ab:51:07:b8:5f:c7:41:b4:43:3d:e1:ee:a8:b0:
         fd:88:75:e2:4c:95:0f:65:c4:94:76:73:3c:59:3b:8d:83:bd:
         70:2a:fc:c6:9d:d6:51:89:fe:f3:77:fb:02:cd:29:75:99:4a:
         e4:df:c5:b6:33:24:00:73:29:ce:dd:c9:37:2c:da:a8:86:30:
         70:a4:60:55:3c:57:c2:d8:ac:15:17:d3:35:89:73:21:b7:9e:
         a8:22:1e:92
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBpzPNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTBmYWM3ODUyYjQyZDFlNmIxYzNmMGYyOWQxM2NlNWU5ZWNiMmQ2MB4XDTIyMDEw
MTA5NTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ5NmE5YjYwZWM1
MjZjZTRiM2IzYTZiZjBiOGRkMjZmZDg2OTVlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIzUMXKXXN6LAxhrkSbROb+Jw12Nh3cMDKpa1dAmCu4Xv+PD
k1/uALs/KRvz00XzqKsGjGjflB2C5GSH90biTen/jDtcgTTVWNbYS19vTNbVi5ca
FqL8YTl1nR1ue1P2K8fXsu1gey7jW1cZC527XdXu+dB+Dyz0S1S+GO4nBdLM3kS/
vj2S/p/i2HpVptKZtswCD3JUKS2tEKJDArDn2vq8MpwpzQQZIv610ZsS6FCUVT3G
zdYyRs4XrzBQbURdAaPkonM5knDYcP4YZ3p45ZfdymjV3fgr+MNxaJ8nE0NfPR8I
aogQEdqltxTHe+6dl4xqOIDZM3GGz5x35RyUlyUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSElqm2DsUmzks7OmvwuN0m/YaV7jAfBgNVHSMEGDAWgBQJD6x4UrQtHmsc
Pw8p0Tzl6eyy1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NRLXNlRkswTFI1ckhEOFBLZEU4NWVuc3N0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvODcxMGJhLWZiNTktNDY2Yi05ZTZiLWU4OTg2ODFiYzg5ZS8x
L2hKYXB0ZzdGSnM1TE96cHI4TGpkSnYyR2xlNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ODcxMGJhLWZiNTktNDY2Yi05ZTZiLWU4OTg2ODFiYzg5ZS8xL0NRLXNlRkswTFI1
ckhEOFBLZEU4NWVuc3N0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlsxDANBgkqhkiG9w0BAQsFAAOC
AQEAc8uWiYYxNfyHT5Hq+lPPo8s3svHJTKybSM9FBKUiOgRbIUP2Ocf9SBvQRLZy
R5NP9kgO0qZdnSWqR34Mwz6xLY2Qm5HoA7zER/MErFyW0HwJbgNcnavkA1Y+/N2h
6HucyGbHup37j+FSxwXMUUTSHFgSNp5sPoJZmNbAAY4rpEAzX0TDF96/NVA30Y2h
QDgBXHt8n7hRbIZe5w5ZobpWGSpvtRkocqtRB7hfx0G0Qz3h7qiw/Yh14kyVD2XE
lHZzPFk7jYO9cCr8xp3WUYn+83f7As0pdZlK5N/FtjMkAHMpzt3JNyzaqIYwcKRg
VTxXwtisFRfTNYlzIbeeqCIekg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:34 2024 by rpki-client on console-ams.rpki-client.org