Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/XjUiKTW_B128AlMGZtxKP9ydH94.roa
File:                     XjUiKTW_B128AlMGZtxKP9ydH94.roa (raw, json)
Hash identifier:          /H3FgYVWYhNanYeupHtHGNQARgT4eHSOIulRYnMfghE=
Subject key identifier:   5E:35:22:29:35:BF:07:5D:BC:02:53:06:66:DC:4A:3F:DC:9D:1F:DE
Certificate issuer:       /CN=238857660dc7fa60846f765b94cb69576255adb6
Certificate serial:       08B2CF07
Authority key identifier: 23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/XjUiKTW_B128AlMGZtxKP9ydH94.roa
Signing time:             Sat 01 Jan 2022 13:06:34 +0000
ROA not before:           Sat 01 Jan 2022 13:06:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57118
IP address blocks:        185.104.19.0/24 maxlen: 24
                          2a00:f740:400::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145936135 (0x8b2cf07)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=238857660dc7fa60846f765b94cb69576255adb6
        Validity
            Not Before: Jan  1 13:06:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e35222935bf075dbc02530666dc4a3fdc9d1fde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:64:b4:9e:62:f5:8c:40:b6:1d:14:71:e0:de:
                    96:f5:02:92:3f:65:5e:2f:d0:13:f6:91:cc:37:ed:
                    a1:b8:b1:19:34:f0:bf:19:48:d3:c9:f8:12:a0:4c:
                    fe:49:ac:72:d1:7e:9c:ce:e0:54:81:c0:52:79:3d:
                    83:7f:00:15:78:7a:0a:35:48:e0:94:aa:4c:1a:a9:
                    1b:78:fa:f5:d2:9f:68:ce:b3:33:26:8f:df:07:f8:
                    60:ba:de:cb:2c:fe:6d:01:d1:c7:6d:e7:bf:9a:0b:
                    e2:2f:32:73:f3:06:cc:a4:d0:de:df:1e:c9:cf:48:
                    cd:e7:78:c4:0d:83:17:e7:b6:ff:2d:aa:19:66:92:
                    72:64:53:eb:f6:9d:33:7c:49:25:d7:c1:95:b0:32:
                    da:f8:dd:71:b3:cd:cf:2d:ce:af:65:45:e4:8f:ec:
                    5a:9d:48:fd:61:dd:ce:1a:7c:1a:43:26:72:5a:c8:
                    36:90:67:05:0f:8a:c7:82:f8:99:d5:04:4e:22:b1:
                    f6:9b:b2:8f:fd:a5:1d:bb:af:c3:08:2f:a0:2f:93:
                    ba:24:3c:9b:4c:45:84:62:88:27:46:8a:23:c2:b7:
                    34:e6:b6:c7:a0:dd:e8:ca:a3:fb:0d:23:3f:19:62:
                    0e:1c:a4:50:04:7f:73:5f:9f:58:95:6c:48:ce:15:
                    d3:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:35:22:29:35:BF:07:5D:BC:02:53:06:66:DC:4A:3F:DC:9D:1F:DE
            X509v3 Authority Key Identifier:
                keyid:23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/XjUiKTW_B128AlMGZtxKP9ydH94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/I4hXZg3H-mCEb3ZblMtpV2JVrbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.104.19.0/24
                IPv6:
                  2a00:f740:400::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:5f:bb:88:24:5c:68:f1:bd:f7:b2:a4:1d:ac:ed:33:81:b0:
         c6:94:d5:32:72:46:1e:5e:f5:bd:8b:7e:3f:a1:ce:d9:34:ec:
         a8:c1:2c:8f:9e:49:35:71:fe:c4:30:a9:6d:45:85:d1:d5:a6:
         29:81:a0:dc:33:07:c2:d0:3a:49:b4:c3:98:6c:83:6b:73:5d:
         e9:4e:c3:0f:2d:1d:99:70:5e:26:ca:9f:8e:11:cb:8b:9c:42:
         94:9b:34:84:41:70:12:04:31:4f:7b:40:9f:df:f0:dd:02:e3:
         16:77:b1:18:6b:c0:bb:cd:07:ca:60:7d:81:11:97:4e:5c:67:
         3c:2b:bc:2f:1f:60:b8:e0:61:ea:b0:c0:36:62:5d:57:33:f9:
         52:4a:a2:a4:8a:ae:02:e4:b5:c4:a9:aa:be:f1:cf:d3:b4:a4:
         29:05:ad:c2:a0:ea:69:5f:80:84:f3:a1:aa:3f:1f:ad:aa:7a:
         33:ea:25:00:67:a2:a9:8c:1e:3f:0f:ed:7e:e6:db:8c:80:e3:
         85:f5:fd:a1:24:b7:99:a2:20:b3:12:20:89:c3:a0:f2:b3:8f:
         13:3f:7c:d1:91:76:5a:30:ec:62:58:8a:70:a9:c4:cd:de:a2:
         98:68:2a:1e:f1:3a:f3:cf:72:85:f4:cc:43:c5:b6:51:d3:4e:
         eb:25:07:e0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECLLPBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Mzg4NTc2NjBkYzdmYTYwODQ2Zjc2NWI5NGNiNjk1NzYyNTVhZGI2MB4XDTIyMDEw
MTEzMDYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUzNTIyMjkzNWJm
MDc1ZGJjMDI1MzA2NjZkYzRhM2ZkYzlkMWZkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJktJ5i9YxAth0UceDelvUCkj9lXi/QE/aRzDftobixGTTw
vxlI08n4EqBM/kmsctF+nM7gVIHAUnk9g38AFXh6CjVI4JSqTBqpG3j69dKfaM6z
MyaP3wf4YLreyyz+bQHRx23nv5oL4i8yc/MGzKTQ3t8eyc9Ized4xA2DF+e2/y2q
GWaScmRT6/adM3xJJdfBlbAy2vjdcbPNzy3Or2VF5I/sWp1I/WHdzhp8GkMmclrI
NpBnBQ+Kx4L4mdUETiKx9puyj/2lHbuvwwgvoC+TuiQ8m0xFhGKIJ0aKI8K3NOa2
x6Dd6Mqj+w0jPxliDhykUAR/c1+fWJVsSM4V0x0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBReNSIpNb8HXbwCUwZm3Eo/3J0f3jAfBgNVHSMEGDAWgBQjiFdmDcf6YIRv
dluUy2lXYlWttjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k0aFhaZzNILW1DRWIzWmJsTXRwVjJKVnJiWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvOTQ5MjdmLTdlMDgtNGYyMS05YmJhLTBmODc2YWJkMWUzMC8x
L1hqVWlLVFdfQjEyOEFsTUdadHhLUDl5ZEg5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
OTQ5MjdmLTdlMDgtNGYyMS05YmJhLTBmODc2YWJkMWUzMC8xL0k0aFhaZzNILW1D
RWIzWmJsTXRwVjJKVnJiWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALloEzAPBAIAAjAJAwcAKgD3QAQA
MA0GCSqGSIb3DQEBCwUAA4IBAQAzX7uIJFxo8b33sqQdrO0zgbDGlNUyckYeXvW9
i34/oc7ZNOyowSyPnkk1cf7EMKltRYXR1aYpgaDcMwfC0DpJtMOYbINrc13pTsMP
LR2ZcF4myp+OEcuLnEKUmzSEQXASBDFPe0Cf3/DdAuMWd7EYa8C7zQfKYH2BEZdO
XGc8K7wvH2C44GHqsMA2Yl1XM/lSSqKkiq4C5LXEqaq+8c/TtKQpBa3CoOppX4CE
86GqPx+tqnoz6iUAZ6KpjB4/D+1+5tuMgOOF9f2hJLeZoiCzEiCJw6Dys48TP3zR
kXZaMOxiWIpwqcTN3qKYaCoe8Trzz3KF9MxDxbZR007rJQfg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:57 2024 by rpki-client on console-ams.rpki-client.org