Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/b24b88-22f0-49b8-b2e3-731f47820b20/1/kdNQxaFKFHe1UkikBpiuDQU73oc.roa
File:                     kdNQxaFKFHe1UkikBpiuDQU73oc.roa (raw, json)
Hash identifier:          F8sfwpuCcFj/+9gI50AEsyZNXRuQM8WShyskP5doiWw=
Subject key identifier:   91:D3:50:C5:A1:4A:14:77:B5:52:48:A4:06:98:AE:0D:05:3B:DE:87
Certificate issuer:       /CN=fc57d7a2d57661f6c3c6ea7636ca0ff2300c146f
Certificate serial:       0610D367
Authority key identifier: FC:57:D7:A2:D5:76:61:F6:C3:C6:EA:76:36:CA:0F:F2:30:0C:14:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_FfXotV2YfbDxup2NsoP8jAMFG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/b24b88-22f0-49b8-b2e3-731f47820b20/1/kdNQxaFKFHe1UkikBpiuDQU73oc.roa
Signing time:             Sat 01 Jan 2022 03:55:21 +0000
ROA not before:           Sat 01 Jan 2022 03:55:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204818
IP address blocks:        185.245.92.0/23 maxlen: 23
                          185.245.94.0/23 maxlen: 23
                          2a0d:5380::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 101765991 (0x610d367)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc57d7a2d57661f6c3c6ea7636ca0ff2300c146f
        Validity
            Not Before: Jan  1 03:55:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=91d350c5a14a1477b55248a40698ae0d053bde87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:1b:58:77:f5:70:78:de:6e:2d:1d:6b:97:74:
                    8b:17:5f:26:04:ac:b3:07:0f:b2:3d:aa:7e:06:ee:
                    1e:f2:a6:5b:21:ff:4a:5d:17:7f:83:0e:8d:a3:fb:
                    ef:4d:48:26:2f:2a:57:50:5f:cc:1a:d5:29:2e:f2:
                    57:80:13:ab:2c:5a:76:07:63:06:fd:30:e4:34:44:
                    6b:c6:8c:bc:0d:bb:51:f4:62:6e:be:9d:2d:8d:a9:
                    e0:f8:f7:43:b5:bb:99:2c:94:df:d4:39:69:3d:69:
                    1a:86:73:b7:c7:f7:3c:9f:e6:8a:7f:a6:d7:76:77:
                    60:0c:6a:f5:33:21:80:da:f3:e9:dc:60:2a:66:ea:
                    18:c8:cd:a1:82:3f:3b:48:51:ef:3d:6c:a2:c0:b0:
                    de:a5:12:db:15:b8:21:f1:16:52:66:ce:f0:f2:c6:
                    64:1c:5c:cb:eb:2a:6b:b1:09:d7:63:c2:d4:5a:63:
                    34:45:c6:e3:fd:0c:8d:54:b4:16:06:62:87:05:bb:
                    d8:98:38:ff:88:68:8c:dd:cc:75:9c:78:67:a0:9d:
                    36:c7:72:ad:b0:9b:56:c8:f0:e7:b6:39:e9:77:63:
                    61:55:08:30:9e:1a:84:24:8b:61:e8:e1:af:77:73:
                    17:ca:dc:4e:2f:af:83:cb:3b:16:c6:37:c2:25:a5:
                    70:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D3:50:C5:A1:4A:14:77:B5:52:48:A4:06:98:AE:0D:05:3B:DE:87
            X509v3 Authority Key Identifier:
                keyid:FC:57:D7:A2:D5:76:61:F6:C3:C6:EA:76:36:CA:0F:F2:30:0C:14:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FfXotV2YfbDxup2NsoP8jAMFG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b24b88-22f0-49b8-b2e3-731f47820b20/1/kdNQxaFKFHe1UkikBpiuDQU73oc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b24b88-22f0-49b8-b2e3-731f47820b20/1/_FfXotV2YfbDxup2NsoP8jAMFG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.245.92.0/22
                IPv6:
                  2a0d:5380::/29

    Signature Algorithm: sha256WithRSAEncryption
         09:cd:f0:4e:03:56:98:b1:d0:52:5e:06:ed:32:d5:ae:54:71:
         b6:d7:68:27:72:73:71:9c:42:23:34:36:dd:02:cd:be:81:2a:
         ac:1d:93:3c:d8:3e:c8:e9:af:02:ff:6e:af:6e:37:41:f0:22:
         ab:83:6b:14:6d:ab:4a:cd:1f:01:af:8f:d0:0e:a5:4e:4a:de:
         de:5e:85:23:b0:d3:a6:e0:0b:f5:5c:80:5c:88:ae:10:ac:f0:
         5d:d5:49:ee:be:98:cf:2a:92:39:7f:e7:0e:67:46:9a:27:9e:
         8a:5b:f8:7a:e9:1d:eb:9b:b7:79:a4:57:fa:33:66:60:6e:ad:
         ea:98:99:4e:19:05:8c:79:17:e2:1b:88:46:f2:4d:01:15:87:
         27:cb:16:89:50:94:ba:e7:51:07:44:58:3e:a6:7d:4f:31:d7:
         9b:d2:28:dc:97:43:f6:88:35:1d:13:25:44:44:2e:bf:36:cf:
         92:48:cd:6e:64:b4:fd:6b:71:ea:8a:d0:9b:1e:f0:e5:94:a2:
         d1:16:0e:49:f9:9a:de:10:85:d3:56:98:ff:30:0e:77:c9:16:
         ac:c7:bd:e5:83:29:0c:57:96:f9:2a:94:a8:81:ca:08:61:2d:
         c2:58:03:ad:67:47:85:93:a9:ae:01:a5:bb:54:88:ce:7d:10:
         ae:51:57:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBhDTZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzU3ZDdhMmQ1NzY2MWY2YzNjNmVhNzYzNmNhMGZmMjMwMGMxNDZmMB4XDTIyMDEw
MTAzNTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFkMzUwYzVhMTRh
MTQ3N2I1NTI0OGE0MDY5OGFlMGQwNTNiZGU4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANcbWHf1cHjebi0da5d0ixdfJgSsswcPsj2qfgbuHvKmWyH/
Sl0Xf4MOjaP7701IJi8qV1BfzBrVKS7yV4ATqyxadgdjBv0w5DREa8aMvA27UfRi
br6dLY2p4Pj3Q7W7mSyU39Q5aT1pGoZzt8f3PJ/min+m13Z3YAxq9TMhgNrz6dxg
KmbqGMjNoYI/O0hR7z1sosCw3qUS2xW4IfEWUmbO8PLGZBxcy+sqa7EJ12PC1Fpj
NEXG4/0MjVS0FgZihwW72Jg4/4hojN3MdZx4Z6CdNsdyrbCbVsjw57Y56XdjYVUI
MJ4ahCSLYejhr3dzF8rcTi+vg8s7FsY3wiWlcBsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSR01DFoUoUd7VSSKQGmK4NBTvehzAfBgNVHSMEGDAWgBT8V9ei1XZh9sPG
6nY2yg/yMAwUbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19GZlhvdFYyWWZiRHh1cDJOc29QOGpBTUZHOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvYjI0Yjg4LTIyZjAtNDliOC1iMmUzLTczMWY0NzgyMGIyMC8x
L2tkTlF4YUZLRkhlMVVraWtCcGl1RFFVNzNvYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
YjI0Yjg4LTIyZjAtNDliOC1iMmUzLTczMWY0NzgyMGIyMC8xL19GZlhvdFYyWWZi
RHh1cDJOc29QOGpBTUZHOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArn1XDANBAIAAjAHAwUDKg1TgDAN
BgkqhkiG9w0BAQsFAAOCAQEACc3wTgNWmLHQUl4G7TLVrlRxttdoJ3JzcZxCIzQ2
3QLNvoEqrB2TPNg+yOmvAv9ur243QfAiq4NrFG2rSs0fAa+P0A6lTkre3l6FI7DT
puAL9VyAXIiuEKzwXdVJ7r6YzyqSOX/nDmdGmieeilv4eukd65u3eaRX+jNmYG6t
6piZThkFjHkX4huIRvJNARWHJ8sWiVCUuudRB0RYPqZ9TzHXm9Io3JdD9og1HRMl
REQuvzbPkkjNbmS0/Wtx6orQmx7w5ZSi0RYOSfma3hCF01aY/zAOd8kWrMe95YMp
DFeW+SqUqIHKCGEtwlgDrWdHhZOprgGlu1SIzn0QrlFXBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:33 2024 by rpki-client on console-ams.rpki-client.org