Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/yWN8JiqTiG3eQML9u6cP-Wihal0.roa
File:                     yWN8JiqTiG3eQML9u6cP-Wihal0.roa (raw, json)
Hash identifier:          Z0MCybwNjMMC6Ie7blcYteuUmOG5BuKkiY4FBAqT/jQ=
Subject key identifier:   C9:63:7C:26:2A:93:88:6D:DE:40:C2:FD:BB:A7:0F:F9:68:A1:6A:5D
Certificate issuer:       /CN=215a409d27b9a69346324004694da11beae02dbb
Certificate serial:       018E98F5
Authority key identifier: 21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/yWN8JiqTiG3eQML9u6cP-Wihal0.roa
Signing time:             Mon 09 May 2022 03:54:50 +0000
ROA not before:           Mon 09 May 2022 03:54:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50500
IP address blocks:        185.114.90.0/24 maxlen: 24
                          185.114.91.0/24 maxlen: 24
                          185.114.88.0/24 maxlen: 24
                          185.114.89.0/24 maxlen: 24
                          185.134.179.0/24 maxlen: 24
                          185.134.176.0/24 maxlen: 24
                          185.134.177.0/24 maxlen: 24
                          185.134.178.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26122485 (0x18e98f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=215a409d27b9a69346324004694da11beae02dbb
        Validity
            Not Before: May  9 03:54:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c9637c262a93886dde40c2fdbba70ff968a16a5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:98:84:7d:71:9f:33:a2:78:a8:af:ae:54:cd:
                    1a:4e:16:09:5e:e9:75:6b:17:9f:61:7e:1a:e5:b4:
                    e6:f9:d4:88:50:cb:d8:12:c6:79:d5:1c:dd:e0:97:
                    f2:41:08:1e:8f:2c:1b:d1:39:b2:de:b3:2b:dd:d5:
                    1e:ea:a2:46:a5:10:60:c9:0b:84:40:5e:a0:b3:2c:
                    cd:b6:f7:95:fe:dc:da:98:67:4c:13:b7:81:96:19:
                    97:1d:29:a9:2b:e5:84:8a:19:24:ee:8a:a8:5f:d6:
                    ca:ac:16:96:08:4c:6f:a5:bb:52:27:17:2f:1e:98:
                    42:1f:c6:98:c2:92:5b:ae:15:e0:ee:d9:f2:0a:93:
                    cb:51:b1:05:08:e3:62:ca:8d:27:c3:c3:66:3f:f6:
                    3c:8d:86:64:ec:12:59:1f:24:ad:e0:59:07:55:fe:
                    5b:81:15:f2:eb:a4:b3:5d:09:a2:67:b3:c5:5a:0c:
                    74:7c:1e:73:c0:db:8c:d7:17:17:d2:11:4b:59:75:
                    3a:25:21:bc:64:ee:7f:c2:b2:e3:54:85:5b:cf:2d:
                    a9:74:84:99:04:06:6d:b3:54:dc:9f:26:5d:38:35:
                    bb:a5:e1:ce:e9:99:75:73:2b:4a:b1:ed:85:66:56:
                    9c:cb:26:53:b3:18:ec:61:ea:2a:29:35:98:7e:20:
                    86:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:63:7C:26:2A:93:88:6D:DE:40:C2:FD:BB:A7:0F:F9:68:A1:6A:5D
            X509v3 Authority Key Identifier:
                keyid:21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/yWN8JiqTiG3eQML9u6cP-Wihal0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.114.88.0/22
                  185.134.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:3f:ba:d5:6a:6f:aa:42:04:a6:4d:10:82:cc:b5:67:61:4b:
         90:c8:ea:cc:da:e2:51:a7:20:df:3d:eb:b4:48:d8:d7:3d:29:
         46:7f:38:d7:36:c2:06:bb:76:2a:1f:b9:f8:06:c1:b2:7f:50:
         4e:77:52:c3:8b:9e:93:f0:c1:6a:05:37:77:a6:e4:d6:8b:35:
         72:c9:a9:ac:d3:a1:12:28:e9:77:c4:a0:fd:7f:9a:25:44:54:
         87:d9:48:e8:e6:65:0f:c9:48:1a:f1:3c:85:ae:db:dc:62:12:
         b3:56:3c:80:b8:c9:66:74:24:45:65:76:3e:e2:4d:02:13:d0:
         37:4d:58:c7:b1:9c:32:3a:8c:ee:85:49:2a:94:24:9d:5f:7e:
         b8:49:09:c4:e2:d7:8f:69:0b:cd:b2:f2:7e:7d:8c:e1:3d:5e:
         ec:58:af:15:b1:e5:29:12:d1:cd:1f:fc:d3:9c:7b:51:34:03:
         ba:dd:dd:df:cd:ed:99:e1:a5:92:ac:75:73:fd:34:98:aa:b1:
         66:66:19:a4:ca:7e:66:17:b8:b3:df:ee:6b:fb:c4:09:ba:39:
         19:a8:c0:ff:97:f3:4e:36:16:f9:bc:e3:48:29:57:3c:99:2d:
         33:f4:26:92:be:d3:b6:a3:0e:d3:33:df:2a:20:3b:76:12:eb:
         28:e8:96:01
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAY6Y9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTVhNDA5ZDI3YjlhNjkzNDYzMjQwMDQ2OTRkYTExYmVhZTAyZGJiMB4XDTIyMDUw
OTAzNTQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk2MzdjMjYyYTkz
ODg2ZGRlNDBjMmZkYmJhNzBmZjk2OGExNmE1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeYhH1xnzOieKivrlTNGk4WCV7pdWsXn2F+GuW05vnUiFDL
2BLGedUc3eCX8kEIHo8sG9E5st6zK93VHuqiRqUQYMkLhEBeoLMszbb3lf7c2phn
TBO3gZYZlx0pqSvlhIoZJO6KqF/WyqwWlghMb6W7UicXLx6YQh/GmMKSW64V4O7Z
8gqTy1GxBQjjYsqNJ8PDZj/2PI2GZOwSWR8kreBZB1X+W4EV8uuks10JomezxVoM
dHwec8DbjNcXF9IRS1l1OiUhvGTuf8Ky41SFW88tqXSEmQQGbbNU3J8mXTg1u6Xh
zumZdXMrSrHthWZWnMsmU7MY7GHqKik1mH4ghh0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTJY3wmKpOIbd5Awv27pw/5aKFqXTAfBgNVHSMEGDAWgBQhWkCdJ7mmk0Yy
QARpTaEb6uAtuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lWcEFuU2U1cHBOR01rQUVhVTJoRy1yZ0xicy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvZjBjOWUzLTFjNDAtNGYzMy05NWNlLTk4ZDJmZWUwZjg3YS8x
L3lXTjhKaXFUaUczZVFNTDl1NmNQLVdpaGFsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
ZjBjOWUzLTFjNDAtNGYzMy05NWNlLTk4ZDJmZWUwZjg3YS8xL0lWcEFuU2U1cHBO
R01rQUVhVTJoRy1yZ0xicy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlyWAMEArmGsDANBgkqhkiG9w0B
AQsFAAOCAQEAdT+61WpvqkIEpk0Qgsy1Z2FLkMjqzNriUacg3z3rtEjY1z0pRn84
1zbCBrt2Kh+5+AbBsn9QTndSw4uek/DBagU3d6bk1os1csmprNOhEijpd8Sg/X+a
JURUh9lI6OZlD8lIGvE8ha7b3GISs1Y8gLjJZnQkRWV2PuJNAhPQN01Yx7GcMjqM
7oVJKpQknV9+uEkJxOLXj2kLzbLyfn2M4T1e7FivFbHlKRLRzR/805x7UTQDut3d
383tmeGlkqx1c/00mKqxZmYZpMp+Zhe4s9/ua/vECbo5GajA/5fzTjYW+bzjSClX
PJktM/Qmkr7TtqMO0zPfKiA7dhLrKOiWAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org