Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9FQjn8vXkPFQZSjPzhiImtAqxSc.roa
File:                     9FQjn8vXkPFQZSjPzhiImtAqxSc.roa (raw, json)
Hash identifier:          44XRlAL64tmxfK3iAQn5yy0JComfodYwj9QJYvqsYb0=
Subject key identifier:   F4:54:23:9F:CB:D7:90:F1:50:65:28:CF:CE:18:88:9A:D0:2A:C5:27
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0AD2E410
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9FQjn8vXkPFQZSjPzhiImtAqxSc.roa
Signing time:             Tue 14 Jun 2022 20:02:44 +0000
ROA not before:           Tue 14 Jun 2022 20:02:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13627
IP address blocks:        85.202.160.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 181593104 (0xad2e410)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jun 14 20:02:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f454239fcbd790f1506528cfce18889ad02ac527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:cb:9c:39:20:52:75:aa:27:36:24:82:80:dc:
                    0c:df:05:90:3f:59:0e:30:14:3a:20:75:01:bc:02:
                    ff:2a:83:2d:db:95:30:fd:c5:c7:c0:a5:d7:ad:8b:
                    45:88:97:de:72:a7:66:ea:47:c5:98:55:24:3b:77:
                    83:46:60:f9:9e:86:e1:da:1d:e7:e0:c9:44:32:a9:
                    02:3d:46:d0:63:f3:21:48:08:9d:0a:c6:0e:17:d4:
                    82:e0:3a:ab:f3:1b:1f:a8:89:10:91:36:2b:2e:4d:
                    30:16:6f:0e:87:24:f4:82:ba:75:e6:55:44:ef:f6:
                    ad:00:e6:59:75:a1:25:4d:b7:54:12:63:42:cd:5e:
                    06:6d:ff:3f:b2:69:63:96:42:6d:ff:a5:ab:99:e5:
                    ef:fc:a8:69:48:a6:44:83:69:ec:3f:6b:3e:61:e3:
                    3a:07:6f:10:15:0b:de:e5:32:b2:0f:97:e9:48:0b:
                    4f:c0:07:06:23:fa:16:28:10:9d:2f:44:be:e7:46:
                    15:39:d1:9f:7e:29:b5:b7:1a:de:98:76:cf:ce:89:
                    e4:4d:36:d5:c2:f0:45:1d:50:b8:d9:d0:7c:6f:dc:
                    58:7f:cb:14:8d:94:3f:11:11:68:19:d4:63:e1:a3:
                    06:31:2d:34:8d:30:67:7c:c7:bf:21:7c:69:c8:63:
                    8a:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:54:23:9F:CB:D7:90:F1:50:65:28:CF:CE:18:88:9A:D0:2A:C5:27
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9FQjn8vXkPFQZSjPzhiImtAqxSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.202.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:d3:22:07:ba:0f:32:eb:d4:5e:95:2a:27:a8:9f:0f:4e:66:
         4a:27:9c:c8:20:94:f6:d9:ee:93:e7:0f:45:bf:a3:01:0d:2c:
         05:44:bf:32:40:9f:40:c9:56:5e:c0:7c:93:f6:d5:a5:28:ae:
         86:e7:4a:c4:3a:d2:4d:b6:7d:1f:91:cd:8a:4d:e2:db:58:bf:
         24:8a:25:c5:e5:ce:b2:43:88:52:2c:4c:4a:a3:3c:87:2c:5e:
         77:5b:8b:5a:1b:2f:1b:3d:55:f2:cd:f6:f9:69:2d:45:7b:cf:
         68:17:71:33:6d:0b:a3:66:43:83:64:89:36:da:38:44:bd:cc:
         f8:05:10:1c:c2:7a:16:e8:54:e2:8b:ce:1c:1d:a8:75:2f:c4:
         31:4f:f1:06:c8:56:a9:04:91:60:6e:6e:b9:b0:87:81:fe:e8:
         40:aa:36:6b:fb:7e:9f:a9:f6:50:6c:7e:e3:95:10:ac:40:56:
         35:c0:78:f4:d4:22:86:43:ca:9d:62:4b:b4:9f:22:a4:39:e7:
         98:72:b9:af:31:f3:32:be:ee:d1:fa:13:99:34:1a:3d:db:94:
         32:ba:87:a6:40:7f:33:20:6b:86:80:ec:96:a7:74:5d:73:e3:
         fd:26:0f:4a:d6:8f:5a:0b:ae:7e:0f:a3:8f:6a:33:56:eb:91:
         67:12:f0:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECtLkEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDYx
NDIwMDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ1NDIzOWZjYmQ3
OTBmMTUwNjUyOGNmY2UxODg4OWFkMDJhYzUyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPLnDkgUnWqJzYkgoDcDN8FkD9ZDjAUOiB1AbwC/yqDLduV
MP3Fx8Cl162LRYiX3nKnZupHxZhVJDt3g0Zg+Z6G4dod5+DJRDKpAj1G0GPzIUgI
nQrGDhfUguA6q/MbH6iJEJE2Ky5NMBZvDock9IK6deZVRO/2rQDmWXWhJU23VBJj
Qs1eBm3/P7JpY5ZCbf+lq5nl7/yoaUimRINp7D9rPmHjOgdvEBUL3uUysg+X6UgL
T8AHBiP6FigQnS9EvudGFTnRn34ptbca3ph2z86J5E021cLwRR1QuNnQfG/cWH/L
FI2UPxERaBnUY+GjBjEtNI0wZ3zHvyF8achjiiMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0VCOfy9eQ8VBlKM/OGIia0CrFJzAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
LzlGUWpuOHZYa1BGUVpTalB6aGlJbXRBcXhTYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXKoDANBgkqhkiG9w0BAQsFAAOC
AQEAqtMiB7oPMuvUXpUqJ6ifD05mSiecyCCU9tnuk+cPRb+jAQ0sBUS/MkCfQMlW
XsB8k/bVpSiuhudKxDrSTbZ9H5HNik3i21i/JIolxeXOskOIUixMSqM8hyxed1uL
WhsvGz1V8s32+WktRXvPaBdxM20Lo2ZDg2SJNto4RL3M+AUQHMJ6FuhU4ovOHB2o
dS/EMU/xBshWqQSRYG5uubCHgf7oQKo2a/t+n6n2UGx+45UQrEBWNcB49NQihkPK
nWJLtJ8ipDnnmHK5rzHzMr7u0foTmTQaPduUMrqHpkB/MyBrhoDslqd0XXPj/SYP
StaPWguufg+jj2ozVuuRZxLw9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org