Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/l2TitdrxmRAQKTcP9077g_Kmm_4.roa
File:                     l2TitdrxmRAQKTcP9077g_Kmm_4.roa (raw, json)
Hash identifier:          5li6RgPsph9TW5uQY3NE3OZHFekj3PpWLPp9n4dtNR4=
Subject key identifier:   97:64:E2:B5:DA:F1:99:10:10:29:37:0F:F7:4E:FB:83:F2:A6:9B:FE
Certificate issuer:       /CN=8260152edd476b31708404452958615b65ddcb0a
Certificate serial:       07AEBE6D
Authority key identifier: 82:60:15:2E:DD:47:6B:31:70:84:04:45:29:58:61:5B:65:DD:CB:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmAVLt1HazFwhARFKVhhW2Xdywo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/l2TitdrxmRAQKTcP9077g_Kmm_4.roa
Signing time:             Sat 01 Jan 2022 15:02:57 +0000
ROA not before:           Sat 01 Jan 2022 15:02:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25540
IP address blocks:        185.126.244.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128892525 (0x7aebe6d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8260152edd476b31708404452958615b65ddcb0a
        Validity
            Not Before: Jan  1 15:02:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9764e2b5daf199101029370ff74efb83f2a69bfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:0f:df:b1:7a:7b:27:65:b9:de:be:d3:20:04:
                    d9:5e:8e:f5:d3:4f:f3:c6:25:97:c9:3c:09:3a:a8:
                    0c:15:39:81:5b:c4:f5:f6:86:47:c6:c3:db:5c:09:
                    43:cf:26:0d:22:d6:66:a5:90:2f:7f:88:88:60:56:
                    68:11:7a:1b:3e:e3:fe:e8:82:b7:eb:ba:f9:dd:ae:
                    c3:cc:80:8c:ad:41:8c:a6:5f:db:af:ef:89:a7:e8:
                    ea:a1:7d:d4:c0:a0:9d:ab:0d:98:63:64:25:6f:09:
                    66:6d:f2:fc:d2:c3:d7:88:38:87:bb:44:42:ca:50:
                    7f:02:a0:b2:94:eb:36:fd:24:d9:25:57:b6:42:37:
                    8c:52:c2:f4:c5:1b:a9:c5:95:38:3e:1f:89:3f:cf:
                    e1:3f:f6:71:b6:16:44:43:d4:a3:56:7a:ee:6d:7a:
                    f7:6e:5d:d7:a5:9f:f6:cd:11:e1:5a:5e:29:b6:23:
                    42:4c:63:8f:65:0f:d7:2e:9e:f2:07:9c:59:ba:e0:
                    9c:9f:12:89:dd:29:8f:a4:fd:6a:09:b6:f5:25:08:
                    59:5a:1b:d6:3b:2b:70:6c:2e:02:2c:b3:7a:1d:0d:
                    a3:1f:81:e2:7c:c7:62:92:bf:c8:b7:56:f3:3b:99:
                    c8:fb:c1:4a:02:e1:5f:7c:a0:eb:ab:0f:19:60:2b:
                    30:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:64:E2:B5:DA:F1:99:10:10:29:37:0F:F7:4E:FB:83:F2:A6:9B:FE
            X509v3 Authority Key Identifier:
                keyid:82:60:15:2E:DD:47:6B:31:70:84:04:45:29:58:61:5B:65:DD:CB:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmAVLt1HazFwhARFKVhhW2Xdywo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/l2TitdrxmRAQKTcP9077g_Kmm_4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.126.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:d0:16:f5:54:3a:00:c3:1d:76:dd:95:1b:1f:c4:b9:b7:24:
         03:b2:94:d4:03:70:e9:99:f2:55:8f:a1:4d:b0:36:78:4d:fb:
         1f:de:41:8e:38:e7:06:46:b5:fb:78:9d:1e:e9:66:f4:ed:0b:
         4c:f8:6c:cb:93:96:2a:9b:d2:9c:7f:ef:c6:d9:0d:9b:45:59:
         8d:60:1a:82:a5:4b:c2:97:39:68:cf:f1:3c:e0:36:a8:e1:de:
         00:58:ea:93:2f:8a:0b:e7:18:0f:40:f1:b6:25:23:2a:e7:f3:
         17:a3:ea:61:3f:92:79:73:ab:3c:63:69:0a:9e:50:5e:94:dd:
         f0:72:c3:ec:a1:95:f8:b5:60:d8:85:c6:e9:92:d1:e8:78:de:
         af:21:ce:b9:15:fc:86:37:36:e8:d1:3d:f2:0a:87:7c:6f:e5:
         8e:a6:fe:ff:0a:9a:9a:36:91:3d:23:e1:3f:19:a7:27:53:87:
         4e:08:d0:0e:d7:7b:bb:fe:ed:74:22:46:49:ea:95:a1:1f:d3:
         2f:40:0b:65:5f:ac:fc:2d:51:c4:7c:5d:f9:2a:0a:a2:cb:d0:
         22:e6:0b:92:fa:b7:e9:bc:b0:08:b9:7f:b6:af:f3:ef:26:9e:
         93:a2:65:fc:3b:c9:af:1d:12:9a:be:7c:b2:63:f8:ac:cf:c5:
         fd:f0:ac:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB66+bTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjYwMTUyZWRkNDc2YjMxNzA4NDA0NDUyOTU4NjE1YjY1ZGRjYjBhMB4XDTIyMDEw
MTE1MDI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc2NGUyYjVkYWYx
OTkxMDEwMjkzNzBmZjc0ZWZiODNmMmE2OWJmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4P37F6eydlud6+0yAE2V6O9dNP88Yll8k8CTqoDBU5gVvE
9faGR8bD21wJQ88mDSLWZqWQL3+IiGBWaBF6Gz7j/uiCt+u6+d2uw8yAjK1BjKZf
26/viafo6qF91MCgnasNmGNkJW8JZm3y/NLD14g4h7tEQspQfwKgspTrNv0k2SVX
tkI3jFLC9MUbqcWVOD4fiT/P4T/2cbYWREPUo1Z67m16925d16Wf9s0R4VpeKbYj
Qkxjj2UP1y6e8gecWbrgnJ8Sid0pj6T9agm29SUIWVob1jsrcGwuAiyzeh0Nox+B
4nzHYpK/yLdW8zuZyPvBSgLhX3yg66sPGWArMHUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXZOK12vGZEBApNw/3TvuD8qab/jAfBgNVHSMEGDAWgBSCYBUu3UdrMXCE
BEUpWGFbZd3LCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dtQVZMdDFIYXpGd2hBUkZLVmhoVzJYZHl3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvNDlmNDBjLTU0NDgtNDIxNy05NTZmLWNjZjliMGYwZTIyNy8x
L2wyVGl0ZHJ4bVJBUUtUY1A5MDc3Z19LbW1fNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
NDlmNDBjLTU0NDgtNDIxNy05NTZmLWNjZjliMGYwZTIyNy8xL2dtQVZMdDFIYXpG
d2hBUkZLVmhoVzJYZHl3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl+9DANBgkqhkiG9w0BAQsFAAOC
AQEAaNAW9VQ6AMMddt2VGx/EubckA7KU1ANw6ZnyVY+hTbA2eE37H95BjjjnBka1
+3idHulm9O0LTPhsy5OWKpvSnH/vxtkNm0VZjWAagqVLwpc5aM/xPOA2qOHeAFjq
ky+KC+cYD0DxtiUjKufzF6PqYT+SeXOrPGNpCp5QXpTd8HLD7KGV+LVg2IXG6ZLR
6HjeryHOuRX8hjc26NE98gqHfG/ljqb+/wqamjaRPSPhPxmnJ1OHTgjQDtd7u/7t
dCJGSeqVoR/TL0ALZV+s/C1RxHxd+SoKosvQIuYLkvq36bywCLl/tq/z7yaek6Jl
/DvJrx0Smr58smP4rM/F/fCsdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:44 2024 by rpki-client on console-ams.rpki-client.org