Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/FqE6CtfFskJNzJyx6IMJrV0IFPQ.roa
File:                     FqE6CtfFskJNzJyx6IMJrV0IFPQ.roa (raw, json)
Hash identifier:          04GUWIqyFi/0H4xTt2OFeSjY8XlS+Aj3xxh2wuG3xFQ=
Subject key identifier:   16:A1:3A:0A:D7:C5:B2:42:4D:CC:9C:B1:E8:83:09:AD:5D:08:14:F4
Certificate issuer:       /CN=5f41c664c0c013dffb6e0dd1d73b369cba5fbd1c
Certificate serial:       06194BA4
Authority key identifier: 5F:41:C6:64:C0:C0:13:DF:FB:6E:0D:D1:D7:3B:36:9C:BA:5F:BD:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X0HGZMDAE9_7bg3R1zs2nLpfvRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/FqE6CtfFskJNzJyx6IMJrV0IFPQ.roa
Signing time:             Sat 01 Jan 2022 08:56:22 +0000
ROA not before:           Sat 01 Jan 2022 08:56:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.98.156.0/24 maxlen: 24
                          2a12:a900:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102321060 (0x6194ba4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f41c664c0c013dffb6e0dd1d73b369cba5fbd1c
        Validity
            Not Before: Jan  1 08:56:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=16a13a0ad7c5b2424dcc9cb1e88309ad5d0814f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b8:eb:df:8b:cd:4c:c4:d6:ec:40:cc:e5:ca:
                    6e:00:5e:da:89:3a:78:75:1d:52:9b:a9:7e:31:c9:
                    0f:d0:96:37:4b:40:51:81:4d:ac:d2:10:da:f7:39:
                    43:28:b5:c9:1a:ae:f5:bb:8b:62:56:4a:d3:c6:d9:
                    10:fc:e0:d0:68:5f:c0:3d:f2:bc:61:52:63:27:fb:
                    06:03:49:d7:b0:82:7d:8c:fb:5d:32:87:11:90:02:
                    9c:b7:8b:95:f0:49:14:fa:9e:56:d1:e9:d2:3f:fd:
                    e3:8b:79:c2:a7:9e:b5:5a:3f:36:2d:7c:6b:d8:df:
                    58:b0:bb:7d:76:16:25:f5:6b:d6:15:e6:73:70:57:
                    83:aa:3f:78:e4:ae:b8:bc:15:95:e9:75:02:1d:b5:
                    cd:ff:7b:42:e9:94:67:bb:83:5e:62:3b:87:db:2e:
                    01:db:4c:21:f0:9c:3d:0b:75:08:74:f9:63:8a:22:
                    7d:e7:62:c6:d4:01:7d:17:bd:dc:75:b2:6c:88:70:
                    3e:26:bb:c8:20:c4:f5:11:80:54:9d:9c:81:76:f3:
                    d9:cf:8d:15:37:97:dc:f0:87:b9:27:a2:85:c9:f0:
                    fa:ae:a8:a0:5f:88:e6:78:d5:d1:6b:df:78:a9:50:
                    15:2c:4a:d6:4b:24:56:cc:56:ff:b4:e7:9c:fa:c0:
                    d7:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:A1:3A:0A:D7:C5:B2:42:4D:CC:9C:B1:E8:83:09:AD:5D:08:14:F4
            X509v3 Authority Key Identifier:
                keyid:5F:41:C6:64:C0:C0:13:DF:FB:6E:0D:D1:D7:3B:36:9C:BA:5F:BD:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X0HGZMDAE9_7bg3R1zs2nLpfvRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/FqE6CtfFskJNzJyx6IMJrV0IFPQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/X0HGZMDAE9_7bg3R1zs2nLpfvRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.98.156.0/24
                IPv6:
                  2a12:a900:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         2a:75:3a:9a:0b:42:2d:ca:93:4e:c2:9a:73:56:72:aa:e3:f4:
         2c:b1:a7:14:6b:d3:cd:ac:dc:39:95:ee:22:79:5f:aa:5c:70:
         d3:14:46:16:84:07:6b:59:ac:66:9c:45:52:8c:8b:f6:50:65:
         13:3a:d8:36:ea:2d:46:57:7c:85:75:28:c7:f2:97:d8:58:b6:
         80:6e:6b:f3:f7:d5:7f:7e:ef:b4:39:e9:5c:de:f6:d7:78:3c:
         6d:9e:90:b0:79:d2:8c:19:6c:da:1b:de:77:db:18:61:2b:c3:
         54:83:36:ce:9c:4d:4c:ee:e6:3d:23:de:76:91:b8:27:d9:b3:
         33:13:85:ed:25:0b:8b:70:ff:6b:fc:9e:38:6c:b5:7c:a0:87:
         43:02:ca:94:49:c4:df:02:db:53:6c:ed:c2:09:86:bb:51:5d:
         10:f7:8e:a7:d2:c9:ab:d4:27:6b:14:68:48:85:b0:8c:ea:f0:
         51:6c:8b:21:09:d1:3a:20:5e:c2:b5:07:8f:10:d6:e0:5e:86:
         71:7c:13:7d:ad:b2:47:02:c9:49:ba:d7:39:e1:b9:1f:6f:75:
         a1:a1:51:ca:f5:a6:91:e2:0a:0a:a5:a7:87:e0:e8:99:6b:06:
         5f:08:f5:f6:11:cb:61:e7:8c:be:d4:59:9d:54:1a:d2:fb:85:
         aa:72:6f:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBhlLpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZjQxYzY2NGMwYzAxM2RmZmI2ZTBkZDFkNzNiMzY5Y2JhNWZiZDFjMB4XDTIyMDEw
MTA4NTYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZhMTNhMGFkN2M1
YjI0MjRkY2M5Y2IxZTg4MzA5YWQ1ZDA4MTRmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALK469+LzUzE1uxAzOXKbgBe2ok6eHUdUpupfjHJD9CWN0tA
UYFNrNIQ2vc5Qyi1yRqu9buLYlZK08bZEPzg0GhfwD3yvGFSYyf7BgNJ17CCfYz7
XTKHEZACnLeLlfBJFPqeVtHp0j/944t5wqeetVo/Ni18a9jfWLC7fXYWJfVr1hXm
c3BXg6o/eOSuuLwVlel1Ah21zf97QumUZ7uDXmI7h9suAdtMIfCcPQt1CHT5Y4oi
fedixtQBfRe93HWybIhwPia7yCDE9RGAVJ2cgXbz2c+NFTeX3PCHuSeihcnw+q6o
oF+I5njV0WvfeKlQFSxK1kskVsxW/7TnnPrA11ECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQWoToK18WyQk3MnLHogwmtXQgU9DAfBgNVHSMEGDAWgBRfQcZkwMAT3/tu
DdHXOzacul+9HDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1gwSEdaTURBRTlfN2JnM1IxenMybkxwZnZSdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMzc5YTFkLTUyYjktNDY2OS05NjI1LTYyMzA2YWJkZmEwMy8x
L0ZxRTZDdGZGc2tKTnpKeXg2SU1KclYwSUZQUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
Mzc5YTFkLTUyYjktNDY2OS05NjI1LTYyMzA2YWJkZmEwMy8xL1gwSEdaTURBRTlf
N2JnM1IxenMybkxwZnZSdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALlinDAPBAIAAjAJAwcAKhKpAAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAqdTqaC0ItypNOwppzVnKq4/QssacUa9PNrNw5
le4ieV+qXHDTFEYWhAdrWaxmnEVSjIv2UGUTOtg26i1GV3yFdSjH8pfYWLaAbmvz
99V/fu+0Oelc3vbXeDxtnpCwedKMGWzaG9532xhhK8NUgzbOnE1M7uY9I952kbgn
2bMzE4XtJQuLcP9r/J44bLV8oIdDAsqUScTfAttTbO3CCYa7UV0Q946n0smr1Cdr
FGhIhbCM6vBRbIshCdE6IF7CtQePENbgXoZxfBN9rbJHAslJutc54bkfb3WhoVHK
9aaR4goKpaeH4OiZawZfCPX2Ecth54y+1FmdVBrS+4Wqcm/M
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:38 2023 by rpki-client on console-fra.rpki-client.org