Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/Y2XZUZK6q81JfVPcVs8NW8O7z4Y.roa
File:                     Y2XZUZK6q81JfVPcVs8NW8O7z4Y.roa (raw, json)
Hash identifier:          vouHA/TXmoOjEGTXKseVpkW0Gkj0XRdzuF3MCl4bbak=
Subject key identifier:   63:65:D9:51:92:BA:AB:CD:49:7D:53:DC:56:CF:0D:5B:C3:BB:CF:86
Certificate issuer:       /CN=1e952e883736f79cbd9c564704bf3c36621b8eca
Certificate serial:       01828C8634967156DF38B93C025939B8109D
Authority key identifier: 1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpUuiDc295y9nFZHBL88NmIbjso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/Y2XZUZK6q81JfVPcVs8NW8O7z4Y.roa
Signing time:             Thu 11 Aug 2022 10:49:41 +0000
ROA not before:           Thu 11 Aug 2022 10:49:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        185.124.132.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8c:86:34:96:71:56:df:38:b9:3c:02:59:39:b8:10:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e952e883736f79cbd9c564704bf3c36621b8eca
        Validity
            Not Before: Aug 11 10:49:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6365d95192baabcd497d53dc56cf0d5bc3bbcf86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:e6:aa:61:5e:10:1a:c3:9f:9a:cd:f0:f3:68:
                    ac:09:eb:fd:f6:0f:6c:be:b6:cd:04:01:33:29:f7:
                    6e:03:17:ca:65:c6:f0:d9:7e:96:3c:57:92:5b:fe:
                    00:b7:fe:fb:74:fe:4b:80:6e:da:16:7c:6e:36:a8:
                    75:8b:3a:a5:31:4a:90:66:da:2f:dc:00:0a:a5:97:
                    24:28:5c:9d:a6:ca:83:61:04:03:29:45:7e:08:fe:
                    6e:f8:8e:75:22:25:b3:35:b5:c4:66:51:ae:de:f4:
                    6b:68:f5:cd:f8:20:64:ac:d9:8d:63:73:43:90:43:
                    af:c0:81:40:02:62:08:99:32:ac:d2:17:49:ca:87:
                    d9:5b:96:c3:22:bc:f8:9c:c9:b6:06:3a:17:27:63:
                    2c:64:cc:5d:b0:72:b7:23:0e:71:9d:58:d5:c8:75:
                    d0:aa:51:e9:77:66:17:0b:42:c0:e3:e2:d0:bb:c5:
                    00:71:2b:b7:52:47:c6:d2:e4:33:94:76:7d:9e:ca:
                    c9:a6:e1:29:3e:83:d0:33:94:c2:56:b6:83:10:d4:
                    91:46:a3:1b:95:8c:a9:f3:e6:e2:c0:cc:97:28:62:
                    92:4b:11:0a:84:ce:87:93:5b:1e:fd:c1:9b:a9:4e:
                    9b:a8:c5:64:d7:27:90:c9:7f:67:66:6e:94:a0:d6:
                    0e:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:65:D9:51:92:BA:AB:CD:49:7D:53:DC:56:CF:0D:5B:C3:BB:CF:86
            X509v3 Authority Key Identifier:
                keyid:1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpUuiDc295y9nFZHBL88NmIbjso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/Y2XZUZK6q81JfVPcVs8NW8O7z4Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/HpUuiDc295y9nFZHBL88NmIbjso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.124.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:98:9e:0f:88:fd:cc:bf:2d:4b:bb:e9:4e:ad:39:71:c4:5f:
         e1:db:97:0a:33:8d:71:0f:67:79:b9:6b:d9:38:ed:90:04:ed:
         16:5a:82:10:84:0d:91:ca:6d:77:24:5f:0f:fb:8a:d4:ec:ad:
         7f:ab:7c:da:92:c2:6e:6e:03:4d:c5:67:e7:d7:18:26:4c:a2:
         d2:1f:ab:c3:4d:9a:e6:20:cf:b4:75:54:2a:ef:13:55:3f:0a:
         2b:ec:03:59:a7:a6:7b:3b:bc:c9:fb:b5:67:66:39:42:0b:80:
         b1:5c:c5:c1:4c:7c:ec:ed:bd:9e:59:ed:be:90:fc:7e:00:5f:
         ae:90:09:24:c1:78:8c:a7:af:6a:88:95:be:c7:83:0e:fe:b1:
         5d:1b:ef:d1:bf:95:8e:50:9a:71:c3:82:46:04:e0:1e:93:46:
         b9:83:f8:2c:34:e4:d2:ce:4b:32:7b:d5:de:4a:7e:89:39:df:
         66:83:0c:05:aa:d0:92:11:c0:3f:c8:1f:36:5b:66:07:9d:0c:
         9e:dd:1d:60:06:a8:42:28:8d:f9:0a:1f:7b:ee:39:af:f2:80:
         90:b1:35:df:14:08:af:b7:b0:5b:2f:9c:b7:27:ae:d8:8f:19:
         ce:1e:70:6e:3f:75:63:e3:9c:e0:a3:49:6c:28:08:63:6c:6e:
         63:7f:6b:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKMhjSWcVbfOLk8Alk5uBCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTUyZTg4MzczNmY3OWNiZDljNTY0NzA0YmYzYzM2NjIx
YjhlY2EwHhcNMjIwODExMTA0OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzY1ZDk1MTkyYmFhYmNkNDk3ZDUzZGM1NmNmMGQ1YmMzYmJjZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+aqYV4QGsOfms3w82isCev99g9s
vrbNBAEzKfduAxfKZcbw2X6WPFeSW/4At/77dP5LgG7aFnxuNqh1izqlMUqQZtov
3AAKpZckKFydpsqDYQQDKUV+CP5u+I51IiWzNbXEZlGu3vRraPXN+CBkrNmNY3ND
kEOvwIFAAmIImTKs0hdJyofZW5bDIrz4nMm2BjoXJ2MsZMxdsHK3Iw5xnVjVyHXQ
qlHpd2YXC0LA4+LQu8UAcSu3UkfG0uQzlHZ9nsrJpuEpPoPQM5TCVraDENSRRqMb
lYyp8+biwMyXKGKSSxEKhM6Hk1se/cGbqU6bqMVk1yeQyX9nZm6UoNYOiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNl2VGSuqvNSX1T3FbPDVvDu8+GMB8GA1UdIwQY
MBaAFB6VLog3NvecvZxWRwS/PDZiG47KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBVdWlEYzI5NXk5bkZaSEJMODhObUlianNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iMTQwYWUtYzA0Ny00ZmY2LTg2NGYt
MzU2MDM1NjU3MWE3LzEvWTJYWlVaSzZxODFKZlZQY1ZzOE5XOE83ejRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iMTQwYWUtYzA0Ny00ZmY2LTg2NGYtMzU2MDM1NjU3MWE3
LzEvSHBVdWlEYzI5NXk5bkZaSEJMODhObUlianNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXyEMA0G
CSqGSIb3DQEBCwUAA4IBAQBqmJ4PiP3Mvy1Lu+lOrTlxxF/h25cKM41xD2d5uWvZ
OO2QBO0WWoIQhA2Rym13JF8P+4rU7K1/q3zaksJubgNNxWfn1xgmTKLSH6vDTZrm
IM+0dVQq7xNVPwor7ANZp6Z7O7zJ+7VnZjlCC4CxXMXBTHzs7b2eWe2+kPx+AF+u
kAkkwXiMp69qiJW+x4MO/rFdG+/Rv5WOUJpxw4JGBOAek0a5g/gsNOTSzksye9Xe
Sn6JOd9mgwwFqtCSEcA/yB82W2YHnQye3R1gBqhCKI35Ch977jmv8oCQsTXfFAiv
t7BbL5y3J67YjxnOHnBuP3Vj45zgo0lsKAhjbG5jf2t1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:41 2023 by rpki-client on console-ams.rpki-client.org