Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/yRnz5vuZndJtyNtY85xRbko2iWQ.roa
File:                     yRnz5vuZndJtyNtY85xRbko2iWQ.roa (raw, json)
Hash identifier:          ZT+148I2irCIcxPx0om8BZ6gWHymNTbwCxBkPdVV+Gc=
Subject key identifier:   C9:19:F3:E6:FB:99:9D:D2:6D:C8:DB:58:F3:9C:51:6E:4A:36:89:64
Certificate issuer:       /CN=93b474d05571df3d44f63cca21b40b6e12c392d9
Certificate serial:       01A8A0
Authority key identifier: 93:B4:74:D0:55:71:DF:3D:44:F6:3C:CA:21:B4:0B:6E:12:C3:92:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k7R00FVx3z1E9jzKIbQLbhLDktk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/yRnz5vuZndJtyNtY85xRbko2iWQ.roa
Signing time:             Wed 27 Apr 2022 11:18:56 +0000
ROA not before:           Wed 27 Apr 2022 11:18:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20860
IP address blocks:        185.182.230.0/24 maxlen: 24
                          185.182.228.0/24 maxlen: 24
                          185.182.231.0/24 maxlen: 24
                          185.182.229.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 108704 (0x1a8a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93b474d05571df3d44f63cca21b40b6e12c392d9
        Validity
            Not Before: Apr 27 11:18:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c919f3e6fb999dd26dc8db58f39c516e4a368964
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:bc:f8:53:91:7c:81:fc:95:56:1c:8d:2f:2e:
                    5d:98:0e:6a:26:0a:07:d9:b5:52:0b:41:b4:78:51:
                    4e:4d:66:99:98:e1:fc:bc:63:79:0c:4c:19:64:53:
                    4f:4b:78:69:4d:c5:39:a6:e7:6f:16:6d:19:85:ae:
                    9b:7c:16:db:e5:8e:65:89:cf:e7:3c:4e:9e:b7:37:
                    07:a3:80:75:ec:be:d1:86:a9:cb:41:e7:1a:bb:df:
                    f7:a8:91:c1:81:4e:da:b2:bb:ad:79:fe:75:90:22:
                    81:cc:8f:78:0f:f1:d9:88:b6:cb:5b:ef:80:c7:32:
                    97:44:d8:1c:23:c9:4c:b3:3f:1d:a3:d7:12:a5:73:
                    aa:14:e9:5b:84:06:b5:fa:fd:c3:72:5b:38:f7:54:
                    4b:44:43:42:92:68:af:bd:a6:d8:4d:32:30:90:89:
                    fb:b3:e3:8a:76:2e:0c:7c:7a:f0:3b:87:2f:a2:73:
                    e2:4c:b3:49:d1:8e:cb:c2:25:7c:70:33:4e:dc:c8:
                    b7:a5:b6:52:df:0d:5a:96:73:23:33:25:23:ac:64:
                    b9:8b:11:fe:9a:a3:32:88:bb:00:cb:b5:98:26:c5:
                    a0:be:6b:c3:c6:51:eb:6c:c1:59:7d:44:bb:9b:10:
                    33:de:31:49:45:7b:ab:a1:32:c8:b4:5c:47:29:fd:
                    66:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:19:F3:E6:FB:99:9D:D2:6D:C8:DB:58:F3:9C:51:6E:4A:36:89:64
            X509v3 Authority Key Identifier:
                keyid:93:B4:74:D0:55:71:DF:3D:44:F6:3C:CA:21:B4:0B:6E:12:C3:92:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7R00FVx3z1E9jzKIbQLbhLDktk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/yRnz5vuZndJtyNtY85xRbko2iWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/k7R00FVx3z1E9jzKIbQLbhLDktk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.182.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:0c:96:df:72:65:4d:77:28:7d:3f:df:b5:6d:46:a0:19:60:
         d5:5f:72:4b:43:02:28:47:6d:55:40:a3:af:95:7e:c7:03:c8:
         aa:83:6f:45:15:80:dc:f9:6a:f9:e2:77:9e:45:d3:81:8b:7f:
         ec:6c:05:5b:94:59:94:31:df:75:30:67:8c:45:c7:73:f0:f2:
         5b:eb:0c:16:ee:4c:1c:bf:39:00:2e:9c:08:22:8d:32:d8:95:
         57:21:eb:1b:08:c7:76:47:89:51:eb:92:68:95:b9:49:8f:47:
         b5:ec:9a:10:be:df:a5:b0:f9:ac:4a:cf:16:53:38:41:9e:67:
         5b:e8:08:d0:cf:da:55:37:e8:3d:db:77:db:18:80:2a:26:dd:
         3e:07:7d:a6:c8:6e:42:8b:b6:99:45:b6:86:41:7a:2c:ae:1e:
         ae:2b:c8:51:ac:cd:aa:f3:68:b9:54:78:7d:82:12:bb:d2:b8:
         85:8b:51:cf:53:16:95:6f:94:03:03:23:c8:cb:8e:1f:f3:e3:
         34:5f:24:fc:4d:b6:a1:00:ae:98:87:71:f8:42:e4:6f:38:71:
         db:b4:cc:d7:f5:c2:01:44:3a:d0:9b:d4:46:39:dd:ef:6d:83:
         47:b1:7f:b0:be:6d:66:ed:5b:30:fc:45:12:25:c6:36:18:4b:
         23:a3:d9:a5
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAaigMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkz
YjQ3NGQwNTU3MWRmM2Q0NGY2M2NjYTIxYjQwYjZlMTJjMzkyZDkwHhcNMjIwNDI3
MTExODU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjOTE5ZjNlNmZiOTk5
ZGQyNmRjOGRiNThmMzljNTE2ZTRhMzY4OTY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4bz4U5F8gfyVVhyNLy5dmA5qJgoH2bVSC0G0eFFOTWaZmOH8
vGN5DEwZZFNPS3hpTcU5pudvFm0Zha6bfBbb5Y5lic/nPE6etzcHo4B17L7RhqnL
Qecau9/3qJHBgU7asrutef51kCKBzI94D/HZiLbLW++AxzKXRNgcI8lMsz8do9cS
pXOqFOlbhAa1+v3Dcls491RLRENCkmivvabYTTIwkIn7s+OKdi4MfHrwO4cvonPi
TLNJ0Y7LwiV8cDNO3Mi3pbZS3w1alnMjMyUjrGS5ixH+mqMyiLsAy7WYJsWgvmvD
xlHrbMFZfUS7mxAz3jFJRXuroTLItFxHKf1meQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMkZ8+b7mZ3SbcjbWPOcUW5KNolkMB8GA1UdIwQYMBaAFJO0dNBVcd89RPY8
yiG0C24Sw5LZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
azdSMDBGVngzejFFOWp6S0liUUxiaExEa3RrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80MC84ZGE2MjQtMzFjNS00NTA5LWJjNWEtMjA0OWY2YWJmZDlkLzEv
eVJuejV2dVpuZEp0eU50WTg1eFJia28yaVdRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84
ZGE2MjQtMzFjNS00NTA5LWJjNWEtMjA0OWY2YWJmZDlkLzEvazdSMDBGVngzejFF
OWp6S0liUUxiaExEa3RrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubbkMA0GCSqGSIb3DQEBCwUAA4IB
AQBsDJbfcmVNdyh9P9+1bUagGWDVX3JLQwIoR21VQKOvlX7HA8iqg29FFYDc+Wr5
4neeRdOBi3/sbAVblFmUMd91MGeMRcdz8PJb6wwW7kwcvzkALpwIIo0y2JVXIesb
CMd2R4lR65JolblJj0e17JoQvt+lsPmsSs8WUzhBnmdb6AjQz9pVN+g923fbGIAq
Jt0+B32myG5Ci7aZRbaGQXosrh6uK8hRrM2q82i5VHh9ghK70riFi1HPUxaVb5QD
AyPIy44f8+M0XyT8TbahAK6Yh3H4QuRvOHHbtMzX9cIBRDrQm9RGOd3vbYNHsX+w
vm1m7Vsw/EUSJcY2GEsjo9ml
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:50 2024 by rpki-client on console-fra.rpki-client.org