Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/1-nZipqDbZ98zmQCIE5T3vFC7cno.roa
File:                     1-nZipqDbZ98zmQCIE5T3vFC7cno.roa (raw, json)
Hash identifier:          yRan+A2fJG0gXchODsgxvIER9kIA/5kRzdOa5a5/NUU=
Subject key identifier:   FA:76:62:A6:A0:DB:67:DF:33:99:00:88:13:94:F7:BC:50:BB:72:7A
Certificate issuer:       /CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Certificate serial:       03029C68
Authority key identifier: 92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/1-nZipqDbZ98zmQCIE5T3vFC7cno.roa
Signing time:             Sat 01 Jan 2022 00:56:27 +0000
ROA not before:           Sat 01 Jan 2022 00:56:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19905
IP address blocks:        185.119.10.0/24 maxlen: 24
                          185.119.11.0/24 maxlen: 24
                          2a10:80c0:1000::/36 maxlen: 36
                          2a10:80c0::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50502760 (0x3029c68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
        Validity
            Not Before: Jan  1 00:56:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa7662a6a0db67df339900881394f7bc50bb727a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f0:f4:e3:7e:02:5b:8e:44:fd:fc:06:d7:c9:
                    26:83:ff:ed:e2:9d:37:13:fd:6e:97:32:21:96:7a:
                    6a:3b:9d:68:22:49:1f:d2:7d:92:68:16:86:4a:42:
                    0e:01:ea:bb:fc:b9:13:d0:d5:14:77:0a:2b:07:cb:
                    2f:24:c3:d2:e5:c3:30:88:16:32:4e:99:c2:1c:e9:
                    09:90:4f:b6:8f:1e:27:30:2f:ec:fa:88:ca:65:5e:
                    ed:a8:35:1e:e0:27:10:c1:67:b1:fc:73:35:4c:d7:
                    b5:d6:f6:d3:76:29:f2:25:f6:28:94:74:53:c0:18:
                    62:69:40:c0:92:66:02:02:8b:e4:22:6c:3a:77:1d:
                    06:76:7b:81:3e:10:0a:cb:84:09:11:32:ce:5a:cb:
                    30:12:f0:31:54:02:ba:72:40:69:de:74:3e:7c:35:
                    73:02:9a:e2:8f:87:ae:62:99:b9:40:7c:9e:63:0e:
                    8d:b0:26:95:7c:1f:b2:df:7c:76:82:b2:0e:4d:81:
                    5c:e0:f9:6f:77:bc:93:c5:2c:19:14:56:44:69:00:
                    44:a7:94:d3:78:f9:d3:16:25:4a:94:ac:e1:27:ff:
                    c7:60:32:a6:61:81:d0:f4:38:8a:d9:a1:be:a6:8e:
                    1c:6e:be:a2:15:4d:42:9f:03:0f:f6:dc:ef:61:b5:
                    e5:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:76:62:A6:A0:DB:67:DF:33:99:00:88:13:94:F7:BC:50:BB:72:7A
            X509v3 Authority Key Identifier:
                keyid:92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/1-nZipqDbZ98zmQCIE5T3vFC7cno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.119.10.0/23
                IPv6:
                  2a10:80c0::/35

    Signature Algorithm: sha256WithRSAEncryption
         0e:58:06:5a:2c:e7:a8:fb:2b:a5:f8:bb:b5:0a:0a:ea:5a:85:
         94:f7:a1:b4:67:ac:fc:d6:6b:70:4d:6b:74:69:ad:85:2a:cd:
         61:cb:23:95:db:e1:d5:2c:85:a5:d2:a1:90:e3:82:06:77:82:
         39:5f:f1:ff:83:b6:2b:eb:06:1a:b1:41:4f:fc:68:6a:89:74:
         31:13:8c:d9:89:60:96:05:62:31:f9:7a:a9:f2:6e:56:fc:23:
         3a:3d:10:51:cb:d9:8a:5f:59:38:2f:4a:b4:0b:7e:49:e6:9b:
         7d:d4:0c:98:b3:0d:a7:1f:95:53:60:52:e0:d5:32:fd:89:4d:
         a9:0b:79:48:47:f4:8d:0d:31:3c:db:a5:2a:58:41:fc:b7:a5:
         15:34:f8:39:bc:12:fe:f2:f2:f4:e6:4b:55:3b:a3:57:52:ca:
         fb:39:6a:f8:b0:7b:7c:3f:45:f3:c7:07:e3:01:3b:ea:9c:66:
         4e:26:06:56:20:b3:53:c2:be:db:f8:6b:1d:30:14:3d:d5:6d:
         b7:01:13:bb:41:25:aa:80:76:f7:49:19:4e:3c:5e:5e:32:7d:
         21:46:a4:ff:59:b7:2c:33:32:13:48:ab:7e:c2:70:6a:43:f0:
         5f:ef:46:59:ff:4b:78:a9:c3:af:14:0f:12:00:69:e1:bb:6d:
         9b:0a:c7:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAwKcaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmZiOGZhMTBkZmYzNDczZTY1M2RiZjYxYzlhODY0MzIxODBhNWM3MB4XDTIyMDEw
MTAwNTYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE3NjYyYTZhMGRi
NjdkZjMzOTkwMDg4MTM5NGY3YmM1MGJiNzI3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrw9ON+AluORP38BtfJJoP/7eKdNxP9bpcyIZZ6ajudaCJJ
H9J9kmgWhkpCDgHqu/y5E9DVFHcKKwfLLyTD0uXDMIgWMk6ZwhzpCZBPto8eJzAv
7PqIymVe7ag1HuAnEMFnsfxzNUzXtdb203Yp8iX2KJR0U8AYYmlAwJJmAgKL5CJs
OncdBnZ7gT4QCsuECREyzlrLMBLwMVQCunJAad50Pnw1cwKa4o+HrmKZuUB8nmMO
jbAmlXwfst98doKyDk2BXOD5b3e8k8UsGRRWRGkARKeU03j50xYlSpSs4Sf/x2Ay
pmGB0PQ4itmhvqaOHG6+ohVNQp8DD/bc72G15VMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT6dmKmoNtn3zOZAIgTlPe8ULtyejAfBgNVHSMEGDAWgBSS+4+hDf80c+ZT
2/YcmoZDIYClxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t2dVBvUTNfTkhQbVU5djJISnFHUXlHQXBjYy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvYzY0ZDUwLWZjZGQtNGE5Zi05MDQ3LTI5M2Y2MTIyYTE5ZC8x
LzEtblppcHFEYlo5OHptUUNJRTVUM3ZGQzdjbm8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQz
L2M2NGQ1MC1mY2RkLTRhOWYtOTA0Ny0yOTNmNjEyMmExOWQvMS9rdnVQb1EzX05I
UG1VOXYySEpxR1F5R0FwY2MuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
LwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBAG5dwowDgQCAAIwCAMGBSoQgMAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAOWAZaLOeo+yul+Lu1CgrqWoWU96G0Z6z81mtw
TWt0aa2FKs1hyyOV2+HVLIWl0qGQ44IGd4I5X/H/g7Yr6wYasUFP/GhqiXQxE4zZ
iWCWBWIx+Xqp8m5W/CM6PRBRy9mKX1k4L0q0C35J5pt91AyYsw2nH5VTYFLg1TL9
iU2pC3lIR/SNDTE826UqWEH8t6UVNPg5vBL+8vL05ktVO6NXUsr7OWr4sHt8P0Xz
xwfjATvqnGZOJgZWILNTwr7b+GsdMBQ91W23ARO7QSWqgHb3SRlOPF5eMn0hRqT/
WbcsMzITSKt+wnBqQ/Bf70ZZ/0t4qcOvFA8SAGnhu22bCseZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:14 2024 by rpki-client on console-fra.rpki-client.org