Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/sde4gLcmzxeHKbu0CZtpUwEHO3c.roa
File:                     sde4gLcmzxeHKbu0CZtpUwEHO3c.roa (raw, json)
Hash identifier:          POvy3Lnu3Gu+8sf1fNKGlSo2RInvGuvUaaYRafvXdOQ=
Subject key identifier:   B1:D7:B8:80:B7:26:CF:17:87:29:BB:B4:09:9B:69:53:01:07:3B:77
Certificate issuer:       /CN=529343235581cf4104190da7a0ca174b9c0d0bd5
Certificate serial:       CE587F
Authority key identifier: 52:93:43:23:55:81:CF:41:04:19:0D:A7:A0:CA:17:4B:9C:0D:0B:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UpNDI1WBz0EEGQ2noMoXS5wNC9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/sde4gLcmzxeHKbu0CZtpUwEHO3c.roa
Signing time:             Thu 24 Mar 2022 09:37:10 +0000
ROA not before:           Thu 24 Mar 2022 09:37:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7155
IP address blocks:        185.84.124.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13523071 (0xce587f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=529343235581cf4104190da7a0ca174b9c0d0bd5
        Validity
            Not Before: Mar 24 09:37:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b1d7b880b726cf178729bbb4099b695301073b77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9b:a5:d5:bc:f5:21:eb:fe:0d:5a:44:e2:77:
                    95:a7:6a:86:49:28:07:48:f1:92:a5:7a:ab:b4:98:
                    ce:ae:7c:1d:2b:33:39:59:bb:93:ba:d9:f9:9e:3e:
                    7c:d8:da:57:12:61:d0:e9:cb:2a:63:72:07:10:a2:
                    dd:df:cf:96:4e:c8:1d:48:04:fc:09:df:7d:6e:38:
                    af:9a:d2:29:e6:11:36:87:3b:5f:66:22:11:af:5d:
                    2d:12:60:fb:82:a7:cc:e4:95:2d:a6:96:e7:7c:5b:
                    da:86:bb:18:0b:8b:84:34:1b:3e:e2:7b:e8:93:f1:
                    5d:cb:aa:43:db:58:f8:06:56:28:ca:8c:9f:83:32:
                    04:15:55:8a:f8:6f:e9:d0:fc:d5:47:57:b5:22:2e:
                    0c:61:a0:f7:e5:32:b1:4e:43:99:26:f5:81:03:86:
                    9b:df:8f:22:18:ac:0f:bc:b8:b1:73:3c:3e:d8:7b:
                    4c:c6:11:b7:af:18:19:8f:50:38:0d:3b:75:11:0f:
                    24:f0:76:0a:30:a0:3e:4b:0a:14:c9:19:0a:ef:c1:
                    c3:46:d7:b7:6f:34:fa:7c:0f:76:73:aa:84:02:7a:
                    b8:ab:b9:e4:78:24:93:2c:31:31:26:8e:25:4a:d6:
                    03:63:55:16:26:98:eb:de:3a:b1:56:0d:d2:6a:a5:
                    68:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:D7:B8:80:B7:26:CF:17:87:29:BB:B4:09:9B:69:53:01:07:3B:77
            X509v3 Authority Key Identifier:
                keyid:52:93:43:23:55:81:CF:41:04:19:0D:A7:A0:CA:17:4B:9C:0D:0B:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpNDI1WBz0EEGQ2noMoXS5wNC9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/sde4gLcmzxeHKbu0CZtpUwEHO3c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/UpNDI1WBz0EEGQ2noMoXS5wNC9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:84:c6:f7:46:ba:34:1d:8a:30:b6:ce:93:7c:1f:0d:7c:d6:
         75:b9:07:97:6c:b6:32:78:43:cb:be:94:d5:99:03:5e:5b:b1:
         f9:51:ce:63:8f:34:7d:da:06:06:d5:d5:f6:bc:bc:5e:ae:5d:
         71:92:ce:e8:b2:da:c7:34:66:a0:2e:68:f6:3c:21:f6:49:a1:
         3b:cc:1b:8d:28:fd:38:da:af:82:7a:65:b9:4e:d6:a6:76:51:
         e2:f2:1b:63:09:7f:ea:be:a6:9f:18:88:35:3d:31:45:e2:ef:
         b1:f9:18:28:77:4f:9d:d2:4c:86:db:37:09:0b:7b:a1:46:c6:
         0d:d1:f2:84:e6:3c:e6:42:24:6d:c9:df:2f:9a:12:d3:12:b1:
         c8:52:a8:37:5e:30:68:90:5c:d1:75:73:5e:92:86:87:2b:df:
         69:0e:c2:10:bb:97:e0:eb:15:2d:8e:70:15:38:ba:2d:3f:c2:
         f3:0f:68:b2:c3:ac:60:e7:0f:df:03:5e:7a:aa:ba:03:11:28:
         89:62:bf:e1:b5:8e:66:ef:6d:34:20:3e:9d:18:c9:d7:a0:b5:
         de:97:1e:7f:66:d8:ce:fb:13:14:17:ce:b6:a4:b9:46:89:48:
         62:4b:95:23:c5:00:72:67:db:71:64:11:2b:52:c5:12:bb:d9:
         ac:d2:a9:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAM5YfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjkzNDMyMzU1ODFjZjQxMDQxOTBkYTdhMGNhMTc0YjljMGQwYmQ1MB4XDTIyMDMy
NDA5MzcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFkN2I4ODBiNzI2
Y2YxNzg3MjliYmI0MDk5YjY5NTMwMTA3M2I3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALibpdW89SHr/g1aROJ3ladqhkkoB0jxkqV6q7SYzq58HSsz
OVm7k7rZ+Z4+fNjaVxJh0OnLKmNyBxCi3d/Plk7IHUgE/AnffW44r5rSKeYRNoc7
X2YiEa9dLRJg+4KnzOSVLaaW53xb2oa7GAuLhDQbPuJ76JPxXcuqQ9tY+AZWKMqM
n4MyBBVVivhv6dD81UdXtSIuDGGg9+UysU5DmSb1gQOGm9+PIhisD7y4sXM8Pth7
TMYRt68YGY9QOA07dREPJPB2CjCgPksKFMkZCu/Bw0bXt280+nwPdnOqhAJ6uKu5
5HgkkywxMSaOJUrWA2NVFiaY6946sVYN0mqlaOMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSx17iAtybPF4cpu7QJm2lTAQc7dzAfBgNVHSMEGDAWgBRSk0MjVYHPQQQZ
DaegyhdLnA0L1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VwTkRJMVdCejBFRUdRMm5vTW9YUzV3TkM5VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvZmJiZjhkLTJjNDMtNDI5ZC1iNWNkLWZjYzIyMDY0NDU1OC8x
L3NkZTRnTGNtenhlSEtidTBDWnRwVXdFSE8zYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
ZmJiZjhkLTJjNDMtNDI5ZC1iNWNkLWZjYzIyMDY0NDU1OC8xL1VwTkRJMVdCejBF
RUdRMm5vTW9YUzV3TkM5VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlUfDANBgkqhkiG9w0BAQsFAAOC
AQEAWoTG90a6NB2KMLbOk3wfDXzWdbkHl2y2MnhDy76U1ZkDXlux+VHOY480fdoG
BtXV9ry8Xq5dcZLO6LLaxzRmoC5o9jwh9kmhO8wbjSj9ONqvgnpluU7WpnZR4vIb
Ywl/6r6mnxiINT0xReLvsfkYKHdPndJMhts3CQt7oUbGDdHyhOY85kIkbcnfL5oS
0xKxyFKoN14waJBc0XVzXpKGhyvfaQ7CELuX4OsVLY5wFTi6LT/C8w9ossOsYOcP
3wNeeqq6AxEoiWK/4bWOZu9tNCA+nRjJ16C13pcef2bYzvsTFBfOtqS5RolIYkuV
I8UAcmfbcWQRK1LFErvZrNKptg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:15 2024 by rpki-client on console-ams.rpki-client.org