Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/a1mWrBFVDvzDsi296ooX7rR4XVM.roa
File:                     a1mWrBFVDvzDsi296ooX7rR4XVM.roa (raw, json)
Hash identifier:          +Gyo6aubC9KMRO3In24mwaQ6iOCkt45tT9mnTJVU4j8=
Subject key identifier:   6B:59:96:AC:11:55:0E:FC:C3:B2:2D:BD:EA:8A:17:EE:B4:78:5D:53
Certificate issuer:       /CN=41e42d830eca98a533f4372da169c9c792c393b2
Certificate serial:       1312D2BE
Authority key identifier: 41:E4:2D:83:0E:CA:98:A5:33:F4:37:2D:A1:69:C9:C7:92:C3:93:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QeQtgw7KmKUz9DctoWnJx5LDk7I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/a1mWrBFVDvzDsi296ooX7rR4XVM.roa
Signing time:             Sat 01 Jan 2022 02:58:42 +0000
ROA not before:           Sat 01 Jan 2022 02:58:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29551
IP address blocks:        185.159.123.0/24 maxlen: 24
                          185.159.122.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 320000702 (0x1312d2be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41e42d830eca98a533f4372da169c9c792c393b2
        Validity
            Not Before: Jan  1 02:58:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b5996ac11550efcc3b22dbdea8a17eeb4785d53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:46:f4:f0:4d:7c:8f:d6:86:bd:6b:b8:52:92:
                    bf:e9:ea:0b:51:a3:c2:8d:85:73:f2:97:40:5e:3a:
                    c2:55:c7:a0:cd:7e:79:64:13:0c:19:04:58:27:94:
                    73:27:89:9f:bb:e0:38:8b:79:ab:2d:21:36:33:26:
                    98:42:30:fc:83:c6:1c:eb:e9:c8:7e:ce:2b:46:62:
                    c9:6c:82:4a:2a:da:e3:d5:66:86:15:a8:ec:30:fe:
                    cc:9b:67:44:51:ec:e4:c4:83:44:5d:62:95:ba:b4:
                    e6:23:7e:93:40:d3:d7:e3:02:fb:f3:fc:46:e6:4f:
                    9a:05:5e:24:9c:26:76:f7:ae:27:14:26:80:81:ee:
                    cc:46:34:b6:6d:9c:5d:f0:eb:35:f4:3c:bd:33:9b:
                    23:d9:ba:f3:d2:e2:bc:83:65:88:d5:54:f6:f0:94:
                    84:9c:80:60:38:48:e1:e8:00:01:3c:a1:7f:81:c7:
                    68:a1:2b:2e:77:19:8c:70:8e:6b:d6:84:8a:9d:60:
                    21:59:f0:16:2e:e8:f4:b5:dd:f8:00:18:3d:76:96:
                    2a:48:6d:7b:e9:f7:75:d1:e3:27:e8:6d:9a:4d:02:
                    81:80:b4:fb:b9:d8:68:11:75:50:38:70:17:12:46:
                    9c:fe:e8:0e:64:15:7b:e5:9e:37:a7:c4:ce:0d:31:
                    ce:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:59:96:AC:11:55:0E:FC:C3:B2:2D:BD:EA:8A:17:EE:B4:78:5D:53
            X509v3 Authority Key Identifier:
                keyid:41:E4:2D:83:0E:CA:98:A5:33:F4:37:2D:A1:69:C9:C7:92:C3:93:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QeQtgw7KmKUz9DctoWnJx5LDk7I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/a1mWrBFVDvzDsi296ooX7rR4XVM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/QeQtgw7KmKUz9DctoWnJx5LDk7I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.159.122.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2c:e9:1e:a9:12:f2:0d:05:07:0e:f1:76:bc:5c:d5:39:e5:d5:
         5b:6e:69:53:b7:d4:2a:9b:fe:d7:31:c5:cb:4b:0b:4f:ab:0a:
         97:57:7f:b7:1a:f0:b7:df:2c:4a:c9:0b:1e:ca:1c:1d:65:27:
         0c:83:b4:77:8e:04:b0:ea:ba:b7:bf:5c:54:93:b5:cf:c7:c6:
         30:86:11:f1:3b:7b:32:97:af:53:0c:36:3d:c1:ac:b8:c7:ed:
         c6:27:4e:de:36:f0:b0:0d:fa:a3:5a:6c:ff:1e:8f:17:f5:23:
         21:54:a0:c1:54:b2:bd:f6:c1:82:7f:a4:49:5c:17:71:33:82:
         26:e3:0d:10:c8:82:4d:5d:84:0a:fc:0c:0c:12:2b:44:ac:60:
         9c:95:2a:0b:84:53:b7:52:32:fc:a4:00:19:c4:b4:ed:8a:61:
         09:c5:1e:cd:9f:ff:d3:c9:4e:b1:e1:3f:26:12:03:38:94:95:
         f8:3d:e8:1e:95:ce:67:e5:3c:70:22:3e:51:f1:64:bb:cf:96:
         07:c3:91:d9:35:b2:ff:9b:00:74:0b:a2:36:e6:77:40:3f:86:
         a7:df:a1:f1:8f:de:cf:94:00:6a:fb:ad:c1:7c:b6:18:b2:a5:
         8f:9b:c4:d9:5e:1b:93:6f:5e:a1:13:db:2d:dd:e9:7f:65:33:
         8d:43:af:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEExLSvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWU0MmQ4MzBlY2E5OGE1MzNmNDM3MmRhMTY5YzljNzkyYzM5M2IyMB4XDTIyMDEw
MTAyNTg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI1OTk2YWMxMTU1
MGVmY2MzYjIyZGJkZWE4YTE3ZWViNDc4NWQ1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtG9PBNfI/Whr1ruFKSv+nqC1Gjwo2Fc/KXQF46wlXHoM1+
eWQTDBkEWCeUcyeJn7vgOIt5qy0hNjMmmEIw/IPGHOvpyH7OK0ZiyWyCSira49Vm
hhWo7DD+zJtnRFHs5MSDRF1ilbq05iN+k0DT1+MC+/P8RuZPmgVeJJwmdveuJxQm
gIHuzEY0tm2cXfDrNfQ8vTObI9m689LivINliNVU9vCUhJyAYDhI4egAATyhf4HH
aKErLncZjHCOa9aEip1gIVnwFi7o9LXd+AAYPXaWKkhte+n3ddHjJ+htmk0CgYC0
+7nYaBF1UDhwFxJGnP7oDmQVe+WeN6fEzg0xziMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRrWZasEVUO/MOyLb3qihfutHhdUzAfBgNVHSMEGDAWgBRB5C2DDsqYpTP0
Ny2hacnHksOTsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FlUXRndzdLbUtVejlEY3RvV25KeDVMRGs3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvNDk1NmRmLTkxZGMtNDQ5MC04MzMzLTFhZDYxZWRlMGE0YS8x
L2ExbVdyQkZWRHZ6RHNpMjk2b29YN3JSNFhWTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
NDk1NmRmLTkxZGMtNDQ5MC04MzMzLTFhZDYxZWRlMGE0YS8xL1FlUXRndzdLbUtV
ejlEY3RvV25KeDVMRGs3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmfejANBgkqhkiG9w0BAQsFAAOC
AQEALOkeqRLyDQUHDvF2vFzVOeXVW25pU7fUKpv+1zHFy0sLT6sKl1d/txrwt98s
SskLHsocHWUnDIO0d44EsOq6t79cVJO1z8fGMIYR8Tt7MpevUww2PcGsuMftxidO
3jbwsA36o1ps/x6PF/UjIVSgwVSyvfbBgn+kSVwXcTOCJuMNEMiCTV2ECvwMDBIr
RKxgnJUqC4RTt1Iy/KQAGcS07YphCcUezZ//08lOseE/JhIDOJSV+D3oHpXOZ+U8
cCI+UfFku8+WB8OR2TWy/5sAdAuiNuZ3QD+Gp9+h8Y/ez5QAavutwXy2GLKlj5vE
2V4bk29eoRPbLd3pf2UzjUOvtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:33 2024 by rpki-client on console-fra.rpki-client.org