Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/9UYaqXmKLsG9nHFICdYGbYOLRrE.roa
File:                     9UYaqXmKLsG9nHFICdYGbYOLRrE.roa (raw, json)
Hash identifier:          mMMPD86325npb8XyfoQrtGlCVCDo3c9kddS54j3zO4s=
Subject key identifier:   F5:46:1A:A9:79:8A:2E:C1:BD:9C:71:48:09:D6:06:6D:83:8B:46:B1
Certificate issuer:       /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial:       0AFDE11D
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/9UYaqXmKLsG9nHFICdYGbYOLRrE.roa
Signing time:             Sat 01 Jan 2022 13:02:48 +0000
ROA not before:           Sat 01 Jan 2022 13:02:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49154
IP address blocks:        212.188.64.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 184410397 (0xafde11d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
        Validity
            Not Before: Jan  1 13:02:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f5461aa9798a2ec1bd9c714809d6066d838b46b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0e:4b:66:c0:d4:08:62:e5:d9:d2:56:a2:b7:
                    30:5d:47:8d:87:c2:1e:e1:aa:0e:48:78:8b:26:58:
                    12:31:03:68:4f:ef:1f:3e:9b:47:5a:59:47:75:f8:
                    f7:0f:8c:93:b5:a6:f5:84:cb:33:16:36:a9:7d:f1:
                    3e:15:24:e3:e5:49:40:5a:b7:66:bc:77:43:9e:54:
                    76:d9:af:98:c1:21:bf:c8:9d:e0:99:92:21:dc:a7:
                    b9:c4:d6:48:60:72:3c:e3:62:0f:fc:93:25:f8:a0:
                    81:3c:6c:38:50:bc:df:f4:f8:13:d3:f6:1f:aa:57:
                    01:86:a9:85:fe:06:65:cd:04:a8:18:33:04:aa:e3:
                    42:d7:58:e6:38:a0:2f:4f:ae:c6:ae:25:48:39:32:
                    94:77:9d:48:ea:47:96:a3:dd:0a:cc:fd:0c:18:cd:
                    0f:dc:19:60:59:cb:5b:5d:99:31:44:82:7f:61:60:
                    cb:47:98:8f:67:67:89:50:de:be:65:8b:2a:6f:16:
                    6f:d6:4a:eb:59:6c:66:a5:3a:d5:05:50:c4:e2:7f:
                    d1:89:ec:8e:65:ed:e2:ff:a3:83:87:9a:ef:a5:89:
                    6f:33:de:5e:37:5b:b6:c2:92:a8:3d:0e:33:9e:74:
                    1d:3a:f5:89:e2:6e:9b:17:1c:51:c2:b9:b2:79:64:
                    95:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:46:1A:A9:79:8A:2E:C1:BD:9C:71:48:09:D6:06:6D:83:8B:46:B1
            X509v3 Authority Key Identifier:
                keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/9UYaqXmKLsG9nHFICdYGbYOLRrE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.188.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:1d:b7:88:4d:e2:c7:72:d9:89:d6:3a:54:d7:8b:28:5e:43:
         ff:07:3c:11:f9:ef:f5:28:de:00:80:51:d3:2e:ae:11:0c:46:
         e0:91:d0:d2:3b:14:5f:0a:93:58:74:68:44:ed:99:ad:15:72:
         0e:d2:31:3d:ca:ce:03:68:fc:57:41:84:ec:af:0d:16:2e:a3:
         1f:e8:5c:6a:ee:e1:17:b3:94:1b:05:3d:5b:ba:12:c3:8e:80:
         57:1d:98:57:61:e4:c8:93:73:86:59:74:9d:23:ea:43:b5:29:
         ed:12:be:30:fb:00:ed:30:ea:19:59:3b:64:6f:42:bf:17:17:
         f2:c5:e7:84:b2:62:b3:16:4c:43:84:d7:74:79:08:91:fd:63:
         14:e0:ae:39:3c:83:0d:95:ac:a3:db:1c:40:9e:82:42:a9:92:
         09:03:a9:a9:6c:9b:6c:5b:3d:c0:75:e0:fe:bf:ce:5f:9e:fa:
         3f:28:31:bc:17:cc:0f:8c:d3:41:73:67:53:e8:30:81:2c:22:
         14:9f:c5:a9:11:3a:0e:4e:e8:f1:2b:1a:43:d3:18:d6:64:15:
         ed:87:df:26:08:7b:eb:aa:26:84:ca:9f:87:14:99:f3:56:a7:
         3c:c2:85:c9:b8:a5:52:fe:cf:8d:66:e1:a6:e7:9e:03:8c:0e:
         7c:db:91:f3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECv3hHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWZlMWM4NTk0MDlhYzVkZTc0MTRjNDhmODY3Mzk5MTNiZTZiN2U1MB4XDTIyMDEw
MTEzMDI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjU0NjFhYTk3OThh
MmVjMWJkOWM3MTQ4MDlkNjA2NmQ4MzhiNDZiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIOS2bA1Ahi5dnSVqK3MF1HjYfCHuGqDkh4iyZYEjEDaE/v
Hz6bR1pZR3X49w+Mk7Wm9YTLMxY2qX3xPhUk4+VJQFq3Zrx3Q55UdtmvmMEhv8id
4JmSIdynucTWSGByPONiD/yTJfiggTxsOFC83/T4E9P2H6pXAYaphf4GZc0EqBgz
BKrjQtdY5jigL0+uxq4lSDkylHedSOpHlqPdCsz9DBjND9wZYFnLW12ZMUSCf2Fg
y0eYj2dniVDevmWLKm8Wb9ZK61lsZqU61QVQxOJ/0YnsjmXt4v+jg4ea76WJbzPe
XjdbtsKSqD0OM550HTr1ieJumxccUcK5snlklQ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT1RhqpeYouwb2ccUgJ1gZtg4tGsTAfBgNVHSMEGDAWgBSu/hyFlAmsXedB
TEj4ZzmRO+a35TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J2NGNoWlFKckYzblFVeEktR2M1a1R2bXQtVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvNDUxZjA0LWUzYzktNDRlYS1hNmExLTQyODQ1ODY3OWNlNC8x
LzlVWWFxWG1LTHNHOW5IRklDZFlHYllPTFJyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
NDUxZjA0LWUzYzktNDRlYS1hNmExLTQyODQ1ODY3OWNlNC8xL3J2NGNoWlFKckYz
blFVeEktR2M1a1R2bXQtVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtS8QDANBgkqhkiG9w0BAQsFAAOC
AQEAJR23iE3ix3LZidY6VNeLKF5D/wc8Efnv9SjeAIBR0y6uEQxG4JHQ0jsUXwqT
WHRoRO2ZrRVyDtIxPcrOA2j8V0GE7K8NFi6jH+hcau7hF7OUGwU9W7oSw46AVx2Y
V2HkyJNzhll0nSPqQ7Up7RK+MPsA7TDqGVk7ZG9CvxcX8sXnhLJisxZMQ4TXdHkI
kf1jFOCuOTyDDZWso9scQJ6CQqmSCQOpqWybbFs9wHXg/r/OX576PygxvBfMD4zT
QXNnU+gwgSwiFJ/FqRE6Dk7o8SsaQ9MY1mQV7YffJgh766omhMqfhxSZ81anPMKF
ybilUv7PjWbhpueeA4wOfNuR8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:30 2024 by rpki-client on console-ams.rpki-client.org