Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f76b1d-48cb-4ab1-90ec-e615f56f78b1/1/c8qZa6phvyk9NFH6gD4ait_eZoU.roa
File:                     c8qZa6phvyk9NFH6gD4ait_eZoU.roa (raw, json)
Hash identifier:          krHdL7MX+aP+o3+0jCrkx+bJXGE5fETqiR7Ke4eCfyw=
Subject key identifier:   73:CA:99:6B:AA:61:BF:29:3D:34:51:FA:80:3E:1A:8A:DF:DE:66:85
Certificate issuer:       /CN=5f2c7126bc8f39056744de213b2ce26b76bc9923
Certificate serial:       09CD042B
Authority key identifier: 5F:2C:71:26:BC:8F:39:05:67:44:DE:21:3B:2C:E2:6B:76:BC:99:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XyxxJryPOQVnRN4hOyzia3a8mSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f76b1d-48cb-4ab1-90ec-e615f56f78b1/1/c8qZa6phvyk9NFH6gD4ait_eZoU.roa
Signing time:             Sat 01 Jan 2022 02:57:23 +0000
ROA not before:           Sat 01 Jan 2022 02:57:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206589
IP address blocks:        185.182.96.0/22 maxlen: 22
                          2a0a:ea80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 164430891 (0x9cd042b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f2c7126bc8f39056744de213b2ce26b76bc9923
        Validity
            Not Before: Jan  1 02:57:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=73ca996baa61bf293d3451fa803e1a8adfde6685
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9f:f8:5f:ce:1d:8a:56:92:b3:90:75:6a:ab:
                    88:73:ee:c2:a0:fa:cb:fd:30:13:4b:f9:d3:75:d7:
                    ef:e9:a7:dc:b5:a8:46:27:2c:21:e2:75:19:0a:65:
                    49:b7:51:40:83:68:2c:43:a9:9a:e5:06:65:c0:14:
                    72:fa:81:f5:1e:3a:41:c5:2a:1b:7e:f4:80:d1:fe:
                    fc:c2:d5:ac:d6:22:a8:fd:27:93:76:c4:65:cf:2a:
                    0e:60:ad:72:4a:97:6c:c0:f3:d5:6e:62:65:d9:84:
                    14:17:0e:a5:99:e3:ba:e5:1f:af:99:9a:48:75:f7:
                    ef:af:31:1a:43:55:45:29:95:5c:32:5b:ca:12:75:
                    6c:fe:c5:ad:72:6f:f0:bb:a6:d5:bd:46:5a:f2:9a:
                    84:7c:f9:b2:69:1e:57:37:1b:56:71:f4:04:ca:5d:
                    b1:5b:da:2b:0f:3b:59:af:ec:6a:46:21:5a:88:a0:
                    ed:b8:b7:fb:58:80:d0:5f:c0:ed:a3:6a:d8:dc:52:
                    f9:98:1c:af:34:d6:fe:4a:0d:90:77:ec:5c:b3:32:
                    2d:a0:a0:ad:c4:f9:16:d4:bd:c5:22:a9:78:e8:e5:
                    ee:41:8c:47:ee:bb:3f:ce:0d:e2:85:c5:88:23:48:
                    cc:8f:75:26:e0:7b:ea:2f:3c:95:4b:af:60:67:83:
                    45:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:CA:99:6B:AA:61:BF:29:3D:34:51:FA:80:3E:1A:8A:DF:DE:66:85
            X509v3 Authority Key Identifier:
                keyid:5F:2C:71:26:BC:8F:39:05:67:44:DE:21:3B:2C:E2:6B:76:BC:99:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XyxxJryPOQVnRN4hOyzia3a8mSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f76b1d-48cb-4ab1-90ec-e615f56f78b1/1/c8qZa6phvyk9NFH6gD4ait_eZoU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f76b1d-48cb-4ab1-90ec-e615f56f78b1/1/XyxxJryPOQVnRN4hOyzia3a8mSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.182.96.0/22
                IPv6:
                  2a0a:ea80::/29

    Signature Algorithm: sha256WithRSAEncryption
         4a:30:79:65:7b:30:22:7d:7e:38:22:f4:33:ba:32:35:3f:f3:
         96:23:9d:da:5f:fd:c1:f2:67:8e:ed:8a:1e:75:f5:4f:8b:bb:
         69:5c:81:ac:7e:94:85:3b:c2:96:6d:51:da:4d:56:1a:23:59:
         12:20:6e:31:4a:cc:a7:3a:b4:bb:88:61:0d:fa:f3:39:4c:85:
         41:aa:4f:38:56:51:bd:aa:5a:5a:14:7f:67:d9:00:b6:88:03:
         82:6b:c5:cd:b3:ec:89:c3:13:3c:0a:a5:40:b0:71:1b:e1:e9:
         a0:84:32:af:31:5c:44:5a:a9:35:2e:89:5f:f9:b0:cf:55:e5:
         8b:8c:c9:87:3e:e0:00:e4:6b:0d:df:e0:37:8f:de:46:b8:ba:
         ca:4b:1b:37:53:d1:9e:0a:5a:20:11:2d:0a:10:b8:b0:3f:5b:
         8f:27:0c:d9:5e:b2:a9:2d:01:2d:0f:06:f7:be:9a:91:d8:2f:
         18:d9:9b:9b:4c:06:f6:5e:64:34:77:57:cc:d1:3f:3e:fd:41:
         65:be:f3:72:95:c3:83:5b:72:a7:38:82:06:04:f5:ea:ab:21:
         cc:04:48:1a:3b:f8:f7:32:43:1a:c2:b8:a8:73:e3:18:cf:ab:
         83:83:f9:61:3b:ed:8f:b1:ae:90:88:45:f1:fe:27:d4:5a:8f:
         11:2d:e1:0b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECc0EKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZjJjNzEyNmJjOGYzOTA1Njc0NGRlMjEzYjJjZTI2Yjc2YmM5OTIzMB4XDTIyMDEw
MTAyNTcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzNjYTk5NmJhYTYx
YmYyOTNkMzQ1MWZhODAzZTFhOGFkZmRlNjY4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyf+F/OHYpWkrOQdWqriHPuwqD6y/0wE0v503XX7+mn3LWo
RicsIeJ1GQplSbdRQINoLEOpmuUGZcAUcvqB9R46QcUqG370gNH+/MLVrNYiqP0n
k3bEZc8qDmCtckqXbMDz1W5iZdmEFBcOpZnjuuUfr5maSHX3768xGkNVRSmVXDJb
yhJ1bP7FrXJv8Lum1b1GWvKahHz5smkeVzcbVnH0BMpdsVvaKw87Wa/sakYhWoig
7bi3+1iA0F/A7aNq2NxS+ZgcrzTW/koNkHfsXLMyLaCgrcT5FtS9xSKpeOjl7kGM
R+67P84N4oXFiCNIzI91JuB76i88lUuvYGeDRTUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRzyplrqmG/KT00UfqAPhqK395mhTAfBgNVHSMEGDAWgBRfLHEmvI85BWdE
3iE7LOJrdryZIzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1h5eHhKcnlQT1FWblJONGhPeXppYTNhOG1TTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvZjc2YjFkLTQ4Y2ItNGFiMS05MGVjLWU2MTVmNTZmNzhiMS8x
L2M4cVphNnBodnlrOU5GSDZnRDRhaXRfZVpvVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Zjc2YjFkLTQ4Y2ItNGFiMS05MGVjLWU2MTVmNTZmNzhiMS8xL1h5eHhKcnlQT1FW
blJONGhPeXppYTNhOG1TTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm2YDANBAIAAjAHAwUDKgrqgDAN
BgkqhkiG9w0BAQsFAAOCAQEASjB5ZXswIn1+OCL0M7oyNT/zliOd2l/9wfJnju2K
HnX1T4u7aVyBrH6UhTvClm1R2k1WGiNZEiBuMUrMpzq0u4hhDfrzOUyFQapPOFZR
vapaWhR/Z9kAtogDgmvFzbPsicMTPAqlQLBxG+HpoIQyrzFcRFqpNS6JX/mwz1Xl
i4zJhz7gAORrDd/gN4/eRri6yksbN1PRngpaIBEtChC4sD9bjycM2V6yqS0BLQ8G
976akdgvGNmbm0wG9l5kNHdXzNE/Pv1BZb7zcpXDg1typziCBgT16qshzARIGjv4
9zJDGsK4qHPjGM+rg4P5YTvtj7GukIhF8f4n1FqPES3hCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:42 2024 by rpki-client on console-fra.rpki-client.org