Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/l0QyTQDlkdZIMN5v-rKMa0TyOdM.roa
File:                     l0QyTQDlkdZIMN5v-rKMa0TyOdM.roa (raw, json)
Hash identifier:          TOkxeHGpYwKSrv6LG+/VhJV4HEQJQ3FpEIJBD7XtCJ4=
Subject key identifier:   97:44:32:4D:00:E5:91:D6:48:30:DE:6F:FA:B2:8C:6B:44:F2:39:D3
Certificate issuer:       /CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Certificate serial:       3889B0CE
Authority key identifier: B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/l0QyTQDlkdZIMN5v-rKMa0TyOdM.roa
Signing time:             Sat 01 Jan 2022 12:00:56 +0000
ROA not before:           Sat 01 Jan 2022 12:00:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62081
IP address blocks:        185.48.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 948547790 (0x3889b0ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
        Validity
            Not Before: Jan  1 12:00:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9744324d00e591d64830de6ffab28c6b44f239d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:73:30:ba:80:03:cf:e1:59:c7:d2:70:cb:b4:
                    46:d2:aa:ee:4a:d1:a4:eb:4f:e8:a4:e5:2c:ba:5c:
                    2a:9a:d0:c5:07:ca:1f:8b:fa:49:6c:a3:72:f9:0a:
                    c2:37:28:b5:48:8b:93:7a:59:e7:12:03:5b:82:1a:
                    3e:ba:54:75:ea:70:32:3b:b1:27:9b:0d:b2:3e:46:
                    45:f9:f0:43:77:91:9b:97:e9:17:63:74:31:ee:b0:
                    1c:b3:7e:30:2b:11:ab:bf:55:36:9b:67:85:6a:fe:
                    24:70:9e:85:fd:18:b0:4f:c8:7e:05:8b:a5:59:38:
                    26:0b:fe:b6:61:97:cb:71:d6:1b:bd:a1:2e:88:24:
                    1f:1b:84:7d:1f:56:d6:d0:03:8f:05:dc:16:16:7a:
                    ae:90:b2:a9:a2:8a:0e:76:51:ca:46:46:db:f7:d2:
                    d4:d7:3b:de:0d:18:b7:ad:48:cc:c7:cd:64:df:a9:
                    39:1f:56:d6:19:28:83:af:cc:09:41:f2:7c:1d:8b:
                    21:8c:7a:ab:f4:a5:21:c9:1c:5f:18:91:23:ed:33:
                    63:2e:ed:b4:73:e7:70:c3:77:61:f4:29:e6:2f:80:
                    39:e9:75:37:db:03:2b:2b:57:98:3f:1f:40:d2:fb:
                    0d:0d:f6:33:46:a8:55:18:4c:83:c1:ea:3a:ab:0b:
                    ce:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:44:32:4D:00:E5:91:D6:48:30:DE:6F:FA:B2:8C:6B:44:F2:39:D3
            X509v3 Authority Key Identifier:
                keyid:B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/l0QyTQDlkdZIMN5v-rKMa0TyOdM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.48.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:29:0c:60:49:f5:0a:98:11:d2:79:f9:8b:07:e5:2d:bf:3c:
         8a:0a:8f:40:2b:19:df:f7:d0:37:82:d8:09:24:c8:9c:a4:c1:
         50:cd:29:c9:30:49:ea:4e:d7:36:77:b3:10:2a:ae:39:6a:d4:
         2d:9b:60:b7:2d:d5:ae:9d:8b:ff:1b:de:e0:49:e2:6e:dd:bc:
         b7:9e:17:cf:7e:1c:b7:c9:49:58:5a:01:3a:76:b7:42:a4:73:
         fb:9a:3a:23:19:57:84:b5:0e:5e:2d:cf:d6:b4:46:a0:98:a9:
         c3:1f:60:e1:b8:47:61:72:1a:0f:56:8c:b1:c2:96:c0:10:9c:
         23:3d:91:63:c7:90:04:14:b4:15:58:c8:5c:18:41:24:54:41:
         0c:6a:d9:5e:cc:b4:1e:a2:36:dc:dd:48:9d:77:09:14:fa:ec:
         2e:f5:94:56:77:eb:25:4a:20:94:74:87:a1:08:1b:9e:ea:2c:
         4b:70:4d:c0:8d:8f:1e:63:b0:15:5e:92:7c:94:3e:c9:32:cb:
         5e:66:a5:3a:37:7a:b3:6b:1e:2b:1e:5b:8e:16:6f:24:a2:91:
         78:10:6a:61:66:3a:03:b8:3a:c6:ab:b1:6e:43:6b:36:4a:98:
         1e:cb:f4:cb:9c:1e:89:21:17:37:1e:58:6e:37:e0:b8:91:31:
         d1:90:a4:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOImwzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWI4N2IzYjA5Y2NiNjlhNmRlMjA0NjhlOTBlY2JiMThmNWVjYmI2MB4XDTIyMDEw
MTEyMDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc0NDMyNGQwMGU1
OTFkNjQ4MzBkZTZmZmFiMjhjNmI0NGYyMzlkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBzMLqAA8/hWcfScMu0RtKq7krRpOtP6KTlLLpcKprQxQfK
H4v6SWyjcvkKwjcotUiLk3pZ5xIDW4IaPrpUdepwMjuxJ5sNsj5GRfnwQ3eRm5fp
F2N0Me6wHLN+MCsRq79VNptnhWr+JHCehf0YsE/IfgWLpVk4Jgv+tmGXy3HWG72h
LogkHxuEfR9W1tADjwXcFhZ6rpCyqaKKDnZRykZG2/fS1Nc73g0Yt61IzMfNZN+p
OR9W1hkog6/MCUHyfB2LIYx6q/SlIckcXxiRI+0zYy7ttHPncMN3YfQp5i+AOel1
N9sDKytXmD8fQNL7DQ32M0aoVRhMg8HqOqsLzpcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXRDJNAOWR1kgw3m/6soxrRPI50zAfBgNVHSMEGDAWgBS5uHs7Ccy2mm3i
BGjpDsuxj17LtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ViaDdPd25NdHBwdDRnUm82UTdMc1k5ZXk3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvMDBkZGFmLTNiZTUtNDIwZC05MTlmLTNiNGNiOTc1YTliYy8x
L2wwUXlUUURsa2RaSU1ONXYtcktNYTBUeU9kTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
MDBkZGFmLTNiZTUtNDIwZC05MTlmLTNiNGNiOTc1YTliYy8xL3ViaDdPd25NdHBw
dDRnUm82UTdMc1k5ZXk3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkwCDANBgkqhkiG9w0BAQsFAAOC
AQEAgCkMYEn1CpgR0nn5iwflLb88igqPQCsZ3/fQN4LYCSTInKTBUM0pyTBJ6k7X
NnezECquOWrULZtgty3Vrp2L/xve4Enibt28t54Xz34ct8lJWFoBOna3QqRz+5o6
IxlXhLUOXi3P1rRGoJipwx9g4bhHYXIaD1aMscKWwBCcIz2RY8eQBBS0FVjIXBhB
JFRBDGrZXsy0HqI23N1InXcJFPrsLvWUVnfrJUoglHSHoQgbnuosS3BNwI2PHmOw
FV6SfJQ+yTLLXmalOjd6s2seKx5bjhZvJKKReBBqYWY6A7g6xquxbkNrNkqYHsv0
y5weiSEXNx5YbjfguJEx0ZCk5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:38 2024 by rpki-client on console-ams.rpki-client.org