Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/vbufmCJxW1kjk10_A5JB1Eqh8Qg.roa
File:                     vbufmCJxW1kjk10_A5JB1Eqh8Qg.roa (raw, json)
Hash identifier:          1OStJ2kTmGh7Za0uRmvd7sNn1V8/87x5Iap3mRM9XyI=
Subject key identifier:   BD:BB:9F:98:22:71:5B:59:23:93:5D:3F:03:92:41:D4:4A:A1:F1:08
Certificate issuer:       /CN=41e42d830eca98a533f4372da169c9c792c393b2
Certificate serial:       131421E9
Authority key identifier: 41:E4:2D:83:0E:CA:98:A5:33:F4:37:2D:A1:69:C9:C7:92:C3:93:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QeQtgw7KmKUz9DctoWnJx5LDk7I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/vbufmCJxW1kjk10_A5JB1Eqh8Qg.roa
Signing time:             Sat 01 Jan 2022 02:58:42 +0000
ROA not before:           Sat 01 Jan 2022 02:58:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31400
IP address blocks:        185.159.120.0/24 maxlen: 24
                          185.159.121.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 320086505 (0x131421e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41e42d830eca98a533f4372da169c9c792c393b2
        Validity
            Not Before: Jan  1 02:58:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bdbb9f9822715b5923935d3f039241d44aa1f108
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ff:23:79:2d:a6:c8:7b:84:ff:a3:9d:94:7d:
                    f0:c2:19:6f:78:5c:a8:bd:d0:c9:a6:5f:c4:03:fd:
                    9b:6e:0c:e2:bd:7c:09:db:3e:e0:29:17:84:67:9e:
                    37:1f:70:67:ec:33:dc:fb:4b:a3:4f:2a:e2:23:53:
                    d4:e0:d2:14:e9:8a:3e:d8:b6:de:47:ec:6e:cf:b3:
                    f6:90:48:00:aa:7f:df:a5:f6:1c:bd:85:45:a8:42:
                    49:7a:5c:bb:01:a9:6a:1f:39:09:81:1a:c5:5c:53:
                    d0:d5:7f:5d:7a:1d:79:c1:bd:77:bc:57:f2:3a:f7:
                    fd:38:49:ef:1c:1e:af:16:05:9d:5e:06:a2:9f:9f:
                    d5:63:90:26:13:d1:fd:be:33:49:a8:ca:3f:ad:f5:
                    ba:53:78:e3:f6:8f:dc:6f:c3:1a:85:8d:e5:59:26:
                    07:8a:03:07:a6:9d:18:e0:64:9c:96:50:00:cb:3a:
                    6e:2b:6a:bf:d6:d4:ba:af:25:27:60:94:2f:b3:71:
                    5f:12:0e:39:c5:21:84:52:1f:fb:da:4f:40:37:f0:
                    82:20:6a:e3:15:6f:7d:dd:db:b5:3a:d3:93:67:80:
                    8b:c9:0a:e4:4f:b9:57:bf:8a:92:86:61:71:9c:a4:
                    40:d9:6e:32:9f:6f:ac:b9:00:95:4b:07:4a:88:11:
                    c6:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:BB:9F:98:22:71:5B:59:23:93:5D:3F:03:92:41:D4:4A:A1:F1:08
            X509v3 Authority Key Identifier:
                keyid:41:E4:2D:83:0E:CA:98:A5:33:F4:37:2D:A1:69:C9:C7:92:C3:93:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QeQtgw7KmKUz9DctoWnJx5LDk7I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/vbufmCJxW1kjk10_A5JB1Eqh8Qg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/QeQtgw7KmKUz9DctoWnJx5LDk7I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.159.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1a:a7:a4:f8:f6:6d:76:04:38:15:bc:36:ac:04:7c:0e:a2:e5:
         b1:ee:0c:01:63:58:99:cc:7e:3b:56:f6:3c:cd:3a:12:03:9a:
         2b:14:eb:80:6e:57:81:b6:b7:9f:01:d8:9d:d5:38:ef:c4:73:
         dd:31:f9:d1:28:dd:4f:40:2f:ad:12:84:c3:47:a2:c1:15:d0:
         99:6a:a4:5a:01:ee:0c:bb:99:33:2a:0e:e6:65:f1:c3:c6:ad:
         58:db:1a:e4:af:59:40:0a:7e:10:0a:bd:e3:fc:74:3e:40:09:
         c8:42:b9:8b:42:81:d9:a5:97:91:3e:23:77:f5:6d:df:97:df:
         b3:26:2b:63:e8:7f:67:fb:b7:2a:e4:7f:72:52:b5:37:e1:d3:
         9b:03:93:4a:6b:15:a3:32:46:82:c7:d2:83:e2:6f:d8:6e:b0:
         83:fc:eb:ab:3c:fd:63:0d:31:54:51:31:e1:ff:67:be:58:9a:
         cb:ba:98:b2:f8:c2:c4:77:9a:e1:11:2f:a5:b2:f9:73:07:71:
         d6:78:0d:cb:0e:bd:ad:d7:4c:13:d7:e7:e1:bf:da:08:ce:b7:
         83:16:29:6f:9a:73:9a:5e:43:bb:90:0f:59:bc:73:00:91:e2:
         0e:8c:b7:ae:56:3e:a9:fc:73:b9:ca:53:e1:b1:8f:92:6c:6e:
         5e:ff:cb:10
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEExQh6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWU0MmQ4MzBlY2E5OGE1MzNmNDM3MmRhMTY5YzljNzkyYzM5M2IyMB4XDTIyMDEw
MTAyNTg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmRiYjlmOTgyMjcx
NWI1OTIzOTM1ZDNmMDM5MjQxZDQ0YWExZjEwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIn/I3ktpsh7hP+jnZR98MIZb3hcqL3QyaZfxAP9m24M4r18
Cds+4CkXhGeeNx9wZ+wz3PtLo08q4iNT1ODSFOmKPti23kfsbs+z9pBIAKp/36X2
HL2FRahCSXpcuwGpah85CYEaxVxT0NV/XXodecG9d7xX8jr3/ThJ7xwerxYFnV4G
op+f1WOQJhPR/b4zSajKP631ulN44/aP3G/DGoWN5VkmB4oDB6adGOBknJZQAMs6
bitqv9bUuq8lJ2CUL7NxXxIOOcUhhFIf+9pPQDfwgiBq4xVvfd3btTrTk2eAi8kK
5E+5V7+KkoZhcZykQNluMp9vrLkAlUsHSogRxrkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS9u5+YInFbWSOTXT8DkkHUSqHxCDAfBgNVHSMEGDAWgBRB5C2DDsqYpTP0
Ny2hacnHksOTsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FlUXRndzdLbUtVejlEY3RvV25KeDVMRGs3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvNDk1NmRmLTkxZGMtNDQ5MC04MzMzLTFhZDYxZWRlMGE0YS8x
L3ZidWZtQ0p4VzFramsxMF9BNUpCMUVxaDhRZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
NDk1NmRmLTkxZGMtNDQ5MC04MzMzLTFhZDYxZWRlMGE0YS8xL1FlUXRndzdLbUtV
ejlEY3RvV25KeDVMRGs3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmfeDANBgkqhkiG9w0BAQsFAAOC
AQEAGqek+PZtdgQ4Fbw2rAR8DqLlse4MAWNYmcx+O1b2PM06EgOaKxTrgG5Xgba3
nwHYndU478Rz3TH50SjdT0AvrRKEw0eiwRXQmWqkWgHuDLuZMyoO5mXxw8atWNsa
5K9ZQAp+EAq94/x0PkAJyEK5i0KB2aWXkT4jd/Vt35ffsyYrY+h/Z/u3KuR/clK1
N+HTmwOTSmsVozJGgsfSg+Jv2G6wg/zrqzz9Yw0xVFEx4f9nvliay7qYsvjCxHea
4REvpbL5cwdx1ngNyw69rddME9fn4b/aCM63gxYpb5pzml5Du5APWbxzAJHiDoy3
rlY+qfxzucpT4bGPkmxuXv/LEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:33 2024 by rpki-client on console-fra.rpki-client.org