Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/9gXUsMxRURGEooqJAmXLLZdIkEo.roa
File:                     9gXUsMxRURGEooqJAmXLLZdIkEo.roa (raw, json)
Hash identifier:          dv3+xazCoAC/hUzG3U75LqyuT1d4z9XdRu/9YS1m2Qc=
Subject key identifier:   F6:05:D4:B0:CC:51:51:11:84:A2:8A:89:02:65:CB:2D:97:48:90:4A
Certificate issuer:       /CN=ee37d34869bc60b7d9e78335f4a32381fb7210e5
Certificate serial:       1B777E61
Authority key identifier: EE:37:D3:48:69:BC:60:B7:D9:E7:83:35:F4:A3:23:81:FB:72:10:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7jfTSGm8YLfZ54M19KMjgftyEOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/9gXUsMxRURGEooqJAmXLLZdIkEo.roa
Signing time:             Wed 27 Apr 2022 09:49:06 +0000
ROA not before:           Wed 27 Apr 2022 09:49:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47187
IP address blocks:        185.29.144.0/24 maxlen: 24
                          185.29.145.0/24 maxlen: 24
                          185.29.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 460815969 (0x1b777e61)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee37d34869bc60b7d9e78335f4a32381fb7210e5
        Validity
            Not Before: Apr 27 09:49:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f605d4b0cc51511184a28a890265cb2d9748904a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:01:58:64:d6:68:1d:e6:37:4f:10:70:5d:39:
                    c6:4e:54:05:23:f6:1c:b5:4a:9f:bb:fe:59:2c:ed:
                    a3:09:94:98:2b:74:c5:f9:c2:4d:5d:15:f0:fa:17:
                    ca:40:1a:ba:a8:ff:7d:ff:de:f4:b9:56:3f:1f:cb:
                    19:d7:5b:70:3e:29:ef:4f:d1:f1:28:d4:37:5a:2e:
                    2e:d5:2b:ec:f5:ce:4d:bf:b0:f5:e4:47:d7:95:4b:
                    44:bb:52:05:fc:49:2a:ba:da:66:5c:96:c3:7b:38:
                    4e:a9:4a:1f:42:15:5a:e8:a4:29:0d:e6:e3:ae:0d:
                    0c:cf:6f:40:3f:fe:02:44:45:21:e0:c4:0b:d0:2a:
                    02:e3:cb:59:a3:c5:0a:cc:35:6f:43:48:75:b3:c9:
                    0b:db:fb:6d:c9:21:95:1b:dc:31:7e:14:90:e8:7a:
                    53:c3:3b:c2:e4:32:4d:08:c0:49:89:f0:8c:28:57:
                    8c:52:ec:1f:a3:23:0a:b3:56:52:19:b1:9d:48:21:
                    d5:51:8d:00:6e:a4:36:32:dd:a8:fe:3c:88:e9:43:
                    e7:6a:6d:3a:53:35:a3:49:ab:c2:da:ab:e5:1c:71:
                    1c:97:eb:cd:77:d6:49:72:32:b3:b0:5e:86:8d:7b:
                    b3:99:f5:f1:59:74:0b:96:e1:c9:95:b1:56:34:ea:
                    ec:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:05:D4:B0:CC:51:51:11:84:A2:8A:89:02:65:CB:2D:97:48:90:4A
            X509v3 Authority Key Identifier:
                keyid:EE:37:D3:48:69:BC:60:B7:D9:E7:83:35:F4:A3:23:81:FB:72:10:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jfTSGm8YLfZ54M19KMjgftyEOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/9gXUsMxRURGEooqJAmXLLZdIkEo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/7jfTSGm8YLfZ54M19KMjgftyEOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.29.144.0-185.29.146.255

    Signature Algorithm: sha256WithRSAEncryption
         6b:24:a8:85:28:a7:1c:47:ec:b8:65:b9:0d:7a:af:17:6c:9a:
         ee:83:2c:b3:4c:f8:5c:b2:a4:38:e5:b0:89:e7:99:11:dd:eb:
         33:a3:a6:74:7c:4d:1f:70:7e:57:07:6e:ea:e0:91:02:d1:b2:
         16:b2:e0:a8:e7:53:f1:9d:5a:86:06:a9:e2:71:e0:3a:ff:39:
         08:56:35:49:5d:4c:e1:d4:ae:a6:a5:fd:ff:8e:36:4c:b2:ed:
         03:9d:99:86:60:31:2a:07:08:9c:a3:46:c7:d4:70:f9:92:22:
         e0:52:77:97:b4:4d:de:93:cf:0b:ca:50:58:c6:00:46:d4:8f:
         3b:94:c5:19:fe:b6:bd:3d:86:e0:1f:63:37:f4:2f:3c:3e:bd:
         fa:c5:8d:cf:2f:9a:23:ce:74:75:28:b4:87:3e:b7:71:ce:2a:
         17:7e:32:5b:9d:85:28:77:78:f0:06:46:b7:be:f1:ca:6b:e6:
         f5:44:d8:d1:2b:eb:4a:4e:08:6f:29:19:05:3f:cd:f8:6b:08:
         73:8a:bb:4f:db:74:c9:1e:dd:b3:27:58:e0:49:d5:1f:50:8c:
         93:1a:75:28:dd:8d:50:03:5b:2a:53:4d:ac:5c:c0:0f:a0:71:
         46:b7:91:15:f7:61:25:61:9d:58:25:46:de:82:42:0c:88:86:
         e4:b7:5b:05
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEG3d+YTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTM3ZDM0ODY5YmM2MGI3ZDllNzgzMzVmNGEzMjM4MWZiNzIxMGU1MB4XDTIyMDQy
NzA5NDkwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjYwNWQ0YjBjYzUx
NTExMTg0YTI4YTg5MDI2NWNiMmQ5NzQ4OTA0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUBWGTWaB3mN08QcF05xk5UBSP2HLVKn7v+WSztowmUmCt0
xfnCTV0V8PoXykAauqj/ff/e9LlWPx/LGddbcD4p70/R8SjUN1ouLtUr7PXOTb+w
9eRH15VLRLtSBfxJKrraZlyWw3s4TqlKH0IVWuikKQ3m464NDM9vQD/+AkRFIeDE
C9AqAuPLWaPFCsw1b0NIdbPJC9v7bckhlRvcMX4UkOh6U8M7wuQyTQjASYnwjChX
jFLsH6MjCrNWUhmxnUgh1VGNAG6kNjLdqP48iOlD52ptOlM1o0mrwtqr5RxxHJfr
zXfWSXIys7Beho17s5n18Vl0C5bhyZWxVjTq7H0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBT2BdSwzFFREYSiiokCZcstl0iQSjAfBgNVHSMEGDAWgBTuN9NIabxgt9nn
gzX0oyOB+3IQ5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdqZlRTR204WUxmWjU0TTE5S01qZ2Z0eUVPVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvYzhjNWU0LTIyNWEtNDg5ZS05MTAwLWFiMmNlOTRjMTQyMy8x
LzlnWFVzTXhSVVJHRW9vcUpBbVhMTFpkSWtFby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
YzhjNWU0LTIyNWEtNDg5ZS05MTAwLWFiMmNlOTRjMTQyMy8xLzdqZlRTR204WUxm
WjU0TTE5S01qZ2Z0eUVPVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQEuR2QAwQAuR2SMA0GCSqGSIb3
DQEBCwUAA4IBAQBrJKiFKKccR+y4ZbkNeq8XbJrugyyzTPhcsqQ45bCJ55kR3esz
o6Z0fE0fcH5XB27q4JEC0bIWsuCo51PxnVqGBqniceA6/zkIVjVJXUzh1K6mpf3/
jjZMsu0DnZmGYDEqBwico0bH1HD5kiLgUneXtE3ek88LylBYxgBG1I87lMUZ/ra9
PYbgH2M39C88Pr36xY3PL5ojznR1KLSHPrdxzioXfjJbnYUod3jwBka3vvHKa+b1
RNjRK+tKTghvKRkFP834awhzirtP23TJHt2zJ1jgSdUfUIyTGnUo3Y1QA1sqU02s
XMAPoHFGt5EV92ElYZ1YJUbegkIMiIbkt1sF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:59 2024 by rpki-client on console-ams.rpki-client.org