Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/99beb5-4fd9-469e-9d7f-a3fd8f33fa74/1/q0ByP9FCXHWelKHkQimD35Bypp4.roa
File:                     q0ByP9FCXHWelKHkQimD35Bypp4.roa (raw, json)
Hash identifier:          /j3VqvQ+Wuj1RFCNdfh8FtUJtApAbPm+vffD/HMX5ro=
Subject key identifier:   AB:40:72:3F:D1:42:5C:75:9E:94:A1:E4:42:29:83:DF:90:72:A6:9E
Certificate issuer:       /CN=a5920dec6ff00949e82161721eb94cc645e34776
Certificate serial:       01E5F508
Authority key identifier: A5:92:0D:EC:6F:F0:09:49:E8:21:61:72:1E:B9:4C:C6:45:E3:47:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pZIN7G_wCUnoIWFyHrlMxkXjR3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/99beb5-4fd9-469e-9d7f-a3fd8f33fa74/1/q0ByP9FCXHWelKHkQimD35Bypp4.roa
Signing time:             Sat 01 Jan 2022 03:02:19 +0000
ROA not before:           Sat 01 Jan 2022 03:02:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59889
IP address blocks:        185.186.148.0/22 maxlen: 22
                          2a0b:7d80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 31847688 (0x1e5f508)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5920dec6ff00949e82161721eb94cc645e34776
        Validity
            Not Before: Jan  1 03:02:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ab40723fd1425c759e94a1e4422983df9072a69e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1a:2a:d1:3e:41:f4:64:aa:32:3a:0a:24:c6:
                    bd:75:77:49:3a:11:64:46:36:39:0c:db:37:21:d3:
                    58:57:9a:49:9b:85:9e:bf:16:13:9e:14:42:11:bc:
                    72:be:e3:38:0f:bf:4f:9b:65:61:11:eb:a8:ef:22:
                    a8:c4:25:a5:fa:5b:02:6d:58:d5:f1:29:24:c7:d4:
                    d2:56:d9:3d:25:54:25:1d:23:30:29:5d:31:70:ee:
                    87:f4:dc:45:ac:dc:b1:fa:07:de:60:b6:72:20:e1:
                    40:2a:59:98:6f:7c:a7:1c:bf:e4:ca:d6:fb:d1:2f:
                    35:df:65:c1:71:3b:f7:52:55:20:28:37:cc:5a:7b:
                    0d:cb:b2:95:ac:0e:f4:3e:72:39:f3:d0:a0:b8:09:
                    38:9f:1f:64:3f:63:a4:31:10:b9:fc:87:de:59:4d:
                    57:91:61:34:3b:f2:dd:07:88:86:54:9c:00:59:0a:
                    d4:d0:67:7d:b5:4a:17:50:7c:68:42:80:7c:4b:18:
                    9e:ca:f3:3d:51:38:df:f6:fc:a5:68:24:87:49:8e:
                    10:6f:b0:95:91:0f:a9:b5:a5:4c:97:0a:bc:c0:be:
                    75:06:a8:38:03:06:55:7c:25:b8:5f:2f:a0:c6:74:
                    07:ea:77:4b:07:2f:d2:0a:88:69:ba:65:6d:f3:ea:
                    1c:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:40:72:3F:D1:42:5C:75:9E:94:A1:E4:42:29:83:DF:90:72:A6:9E
            X509v3 Authority Key Identifier:
                keyid:A5:92:0D:EC:6F:F0:09:49:E8:21:61:72:1E:B9:4C:C6:45:E3:47:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZIN7G_wCUnoIWFyHrlMxkXjR3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/99beb5-4fd9-469e-9d7f-a3fd8f33fa74/1/q0ByP9FCXHWelKHkQimD35Bypp4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/99beb5-4fd9-469e-9d7f-a3fd8f33fa74/1/pZIN7G_wCUnoIWFyHrlMxkXjR3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.148.0/22
                IPv6:
                  2a0b:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         50:07:be:dd:b5:f5:8b:85:1d:b0:49:77:23:70:8e:96:9a:3e:
         cb:e7:35:fd:2b:f1:55:a3:b9:d9:5b:39:51:e5:19:60:de:82:
         62:41:11:92:ae:60:92:29:55:28:80:28:43:8f:6c:6d:20:66:
         6a:a8:6a:fe:3c:4d:1d:f2:8a:c2:21:6d:9a:1c:da:bf:ae:c7:
         ff:31:cc:12:fc:a5:7d:9a:17:7c:05:39:39:53:db:68:57:ea:
         9f:d1:53:e4:ee:72:e5:bb:6b:14:15:a3:93:d0:56:68:8a:93:
         aa:17:c4:e3:de:a0:69:aa:21:b0:e1:e0:1b:17:9b:62:c6:a4:
         62:21:85:0e:57:10:99:96:13:1c:d0:2f:77:22:44:08:2e:ab:
         5b:67:b8:fe:6f:64:bf:8a:9b:db:39:af:c9:eb:38:1a:f9:f7:
         87:38:3c:9f:49:fc:a0:41:c1:a6:a2:1a:d8:a8:88:21:72:7a:
         f2:1b:3a:24:6f:11:8e:38:3d:f1:2a:af:e5:b2:45:08:9d:84:
         e1:66:fe:af:a6:ee:78:62:86:23:7f:02:8a:6a:bc:59:7a:87:
         4d:d7:dd:dd:dc:41:d3:a0:0b:29:7e:00:38:17:1b:c8:87:07:
         92:5a:26:96:51:1d:15:75:c4:4d:6c:10:06:c3:96:f8:1b:44:
         73:8c:93:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAeX1CDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTkyMGRlYzZmZjAwOTQ5ZTgyMTYxNzIxZWI5NGNjNjQ1ZTM0Nzc2MB4XDTIyMDEw
MTAzMDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI0MDcyM2ZkMTQy
NWM3NTllOTRhMWU0NDIyOTgzZGY5MDcyYTY5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMaKtE+QfRkqjI6CiTGvXV3SToRZEY2OQzbNyHTWFeaSZuF
nr8WE54UQhG8cr7jOA+/T5tlYRHrqO8iqMQlpfpbAm1Y1fEpJMfU0lbZPSVUJR0j
MCldMXDuh/TcRazcsfoH3mC2ciDhQCpZmG98pxy/5MrW+9EvNd9lwXE791JVICg3
zFp7DcuylawO9D5yOfPQoLgJOJ8fZD9jpDEQufyH3llNV5FhNDvy3QeIhlScAFkK
1NBnfbVKF1B8aEKAfEsYnsrzPVE43/b8pWgkh0mOEG+wlZEPqbWlTJcKvMC+dQao
OAMGVXwluF8voMZ0B+p3Swcv0gqIabplbfPqHAcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSrQHI/0UJcdZ6UoeRCKYPfkHKmnjAfBgNVHSMEGDAWgBSlkg3sb/AJSegh
YXIeuUzGReNHdjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BaSU43R193Q1Vub0lXRnlIcmxNeGtYalIzWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvOTliZWI1LTRmZDktNDY5ZS05ZDdmLWEzZmQ4ZjMzZmE3NC8x
L3EwQnlQOUZDWEhXZWxLSGtRaW1EMzVCeXBwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
OTliZWI1LTRmZDktNDY5ZS05ZDdmLWEzZmQ4ZjMzZmE3NC8xL3BaSU43R193Q1Vu
b0lXRnlIcmxNeGtYalIzWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm6lDANBAIAAjAHAwUDKgt9gDAN
BgkqhkiG9w0BAQsFAAOCAQEAUAe+3bX1i4UdsEl3I3COlpo+y+c1/SvxVaO52Vs5
UeUZYN6CYkERkq5gkilVKIAoQ49sbSBmaqhq/jxNHfKKwiFtmhzav67H/zHMEvyl
fZoXfAU5OVPbaFfqn9FT5O5y5btrFBWjk9BWaIqTqhfE496gaaohsOHgGxebYsak
YiGFDlcQmZYTHNAvdyJECC6rW2e4/m9kv4qb2zmvyes4Gvn3hzg8n0n8oEHBpqIa
2KiIIXJ68hs6JG8Rjjg98Sqv5bJFCJ2E4Wb+r6bueGKGI38Cimq8WXqHTdfd3dxB
06ALKX4AOBcbyIcHklomllEdFXXETWwQBsOW+BtEc4yT3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:43 2024 by rpki-client on console-fra.rpki-client.org