Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/IkQchTM_gWzYZk33VqTYyX3tR_o.roa
File:                     IkQchTM_gWzYZk33VqTYyX3tR_o.roa (raw, json)
Hash identifier:          PVsBlb6aIV7F2fF98n7TbHTEs6z9MfU5dxulvh81zTQ=
Subject key identifier:   22:44:1C:85:33:3F:81:6C:D8:66:4D:F7:56:A4:D8:C9:7D:ED:47:FA
Certificate issuer:       /CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Certificate serial:       3747749F
Authority key identifier: 66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/IkQchTM_gWzYZk33VqTYyX3tR_o.roa
Signing time:             Sat 01 Jan 2022 08:53:23 +0000
ROA not before:           Sat 01 Jan 2022 08:53:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        188.92.136.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 927429791 (0x3747749f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6665dd97665a23b1b183e223822b66b5ae536a2f
        Validity
            Not Before: Jan  1 08:53:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22441c85333f816cd8664df756a4d8c97ded47fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5c:93:94:09:39:7d:e0:f5:57:59:fe:f2:05:
                    48:5d:40:4d:82:3d:dc:d2:8c:7a:9c:6e:0f:d2:0a:
                    93:67:b6:82:4d:36:6e:8c:fc:b6:ea:22:f7:08:35:
                    4d:b6:89:37:df:4f:4c:72:7b:b8:64:a7:d5:c3:db:
                    6e:0e:d3:d6:19:aa:21:f2:87:9e:36:ae:c8:76:1e:
                    75:ac:6d:0a:53:77:62:fb:70:84:0a:f5:f8:7f:84:
                    d1:1f:10:5a:e3:39:bc:85:0c:a0:ee:03:59:38:5e:
                    1a:96:89:af:d7:15:15:55:19:12:31:02:dd:8b:f2:
                    64:a2:11:70:7c:e6:a9:4f:15:da:45:57:5d:5a:c5:
                    a1:d9:27:ea:a6:e3:0e:4d:81:9d:da:23:a1:e8:28:
                    7a:c9:73:41:8e:9b:df:38:25:a5:6e:fa:54:da:88:
                    09:f5:02:8e:e3:21:fc:1d:2e:da:e6:cf:42:e9:73:
                    5c:a4:6d:8c:ca:97:5e:82:e3:77:32:75:ef:51:f0:
                    98:a2:2a:bc:5c:65:de:0f:a4:a9:b5:c7:51:cc:cc:
                    9a:ca:5e:c0:92:f9:b9:5e:50:6d:cc:93:0e:29:db:
                    c9:e8:39:07:31:a6:bb:c0:79:28:0a:c3:be:86:57:
                    b1:39:c0:2e:9f:c7:e7:4d:9d:95:20:09:5f:73:e3:
                    e5:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:44:1C:85:33:3F:81:6C:D8:66:4D:F7:56:A4:D8:C9:7D:ED:47:FA
            X509v3 Authority Key Identifier:
                keyid:66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/IkQchTM_gWzYZk33VqTYyX3tR_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.92.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:70:ee:d8:53:b2:19:77:7e:fd:a6:4f:40:ed:eb:a3:e7:a9:
         be:db:71:5e:32:33:87:36:76:a7:90:49:62:2d:88:f4:64:63:
         a3:54:67:11:32:ac:0b:b5:b5:b8:f2:98:66:1f:e1:b3:d4:4e:
         03:51:92:07:8d:57:d6:d7:b2:e1:16:26:56:f5:29:ed:24:31:
         25:78:57:ac:34:14:6a:54:72:2b:7a:9c:5e:cd:39:6b:67:01:
         9e:d0:9e:f1:f8:de:a2:30:a5:0a:88:81:cf:83:54:94:8d:de:
         b3:df:ac:7c:84:65:af:bb:52:2b:2d:f8:5f:f3:47:9b:ba:5c:
         c3:ca:2f:63:fa:92:fb:30:b5:3e:08:39:dc:dd:04:15:1c:bf:
         7f:74:be:4b:e1:6d:e5:c3:2f:d9:04:43:e1:e5:ae:44:41:8c:
         a4:d1:a3:1e:b8:c4:0e:d3:c5:75:4e:79:b1:bf:06:68:ee:9e:
         b7:95:ad:7e:9b:07:1e:e6:45:a1:aa:9d:d9:e5:ab:a9:8e:6d:
         f7:6a:12:63:c3:db:c7:e9:73:fc:8a:76:7c:d0:c4:c0:da:be:
         46:ed:5c:77:5c:84:e0:20:08:12:71:41:03:3d:26:2e:d4:34:
         28:46:86:d1:dd:63:7e:69:7e:9d:f3:bd:c1:b3:ce:a0:c3:24:
         20:9f:6d:47
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN0d0nzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjY1ZGQ5NzY2NWEyM2IxYjE4M2UyMjM4MjJiNjZiNWFlNTM2YTJmMB4XDTIyMDEw
MTA4NTMyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI0NDFjODUzMzNm
ODE2Y2Q4NjY0ZGY3NTZhNGQ4Yzk3ZGVkNDdmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRck5QJOX3g9VdZ/vIFSF1ATYI93NKMepxuD9IKk2e2gk02
boz8tuoi9wg1TbaJN99PTHJ7uGSn1cPbbg7T1hmqIfKHnjauyHYedaxtClN3Yvtw
hAr1+H+E0R8QWuM5vIUMoO4DWTheGpaJr9cVFVUZEjEC3YvyZKIRcHzmqU8V2kVX
XVrFodkn6qbjDk2BndojoegoeslzQY6b3zglpW76VNqICfUCjuMh/B0u2ubPQulz
XKRtjMqXXoLjdzJ171HwmKIqvFxl3g+kqbXHUczMmspewJL5uV5QbcyTDinbyeg5
BzGmu8B5KArDvoZXsTnALp/H502dlSAJX3Pj5ecCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQiRByFMz+BbNhmTfdWpNjJfe1H+jAfBgNVHSMEGDAWgBRmZd2XZlojsbGD
4iOCK2a1rlNqLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ptWGRsMlphSTdHeGctSWpnaXRtdGE1VGFpOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvMzEyNTI5LTczZjYtNDgwOS1hZjliLWU4ZDcwNzE3ZmY4YS8x
L0lrUWNoVE1fZ1d6WVprMzNWcVRZeVgzdFJfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
MzEyNTI5LTczZjYtNDgwOS1hZjliLWU4ZDcwNzE3ZmY4YS8xL1ptWGRsMlphSTdH
eGctSWpnaXRtdGE1VGFpOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxciDANBgkqhkiG9w0BAQsFAAOC
AQEAinDu2FOyGXd+/aZPQO3ro+epvttxXjIzhzZ2p5BJYi2I9GRjo1RnETKsC7W1
uPKYZh/hs9ROA1GSB41X1tey4RYmVvUp7SQxJXhXrDQUalRyK3qcXs05a2cBntCe
8fjeojClCoiBz4NUlI3es9+sfIRlr7tSKy34X/NHm7pcw8ovY/qS+zC1Pgg53N0E
FRy/f3S+S+Ft5cMv2QRD4eWuREGMpNGjHrjEDtPFdU55sb8GaO6et5WtfpsHHuZF
oaqd2eWrqY5t92oSY8Pbx+lz/Ip2fNDEwNq+Ru1cd1yE4CAIEnFBAz0mLtQ0KEaG
0d1jfml+nfO9wbPOoMMkIJ9tRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:59 2024 by rpki-client on console-ams.rpki-client.org