Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kwAOKyTuiTAno7MQdwGpqIvW-Ds.roa
File:                     kwAOKyTuiTAno7MQdwGpqIvW-Ds.roa (raw, json)
Hash identifier:          jvYToF7GPxGe4fgFo4ogCAVoi6i89QznQBV/MnL9tSA=
Subject key identifier:   93:00:0E:2B:24:EE:89:30:27:A3:B3:10:77:01:A9:A8:8B:D6:F8:3B
Certificate issuer:       /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial:       280AFDE0
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kwAOKyTuiTAno7MQdwGpqIvW-Ds.roa
Signing time:             Sat 01 Jan 2022 16:09:29 +0000
ROA not before:           Sat 01 Jan 2022 16:09:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62083
IP address blocks:        92.38.6.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 671808992 (0x280afde0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
        Validity
            Not Before: Jan  1 16:09:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=93000e2b24ee893027a3b3107701a9a88bd6f83b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:af:05:da:c7:86:de:1a:c3:2b:c5:84:52:d8:
                    55:06:ad:62:3f:33:90:df:f2:74:20:51:42:bb:84:
                    39:96:87:52:e4:3a:ae:b6:18:e0:d2:68:ef:b6:0c:
                    c2:58:df:6c:d6:68:0d:2b:02:6f:3d:ce:53:65:b3:
                    a0:dc:0d:62:e9:f3:1e:b4:fc:23:80:5e:58:e0:2d:
                    57:1d:88:5a:68:3f:8b:d1:40:38:9c:44:af:52:45:
                    e2:d6:b5:ed:2c:c6:e8:b9:c1:9e:d7:6d:81:ab:c5:
                    9d:e2:97:2c:ed:a1:6e:3e:22:a0:76:ab:a7:b6:d2:
                    84:61:3a:8c:ca:1a:17:0d:d3:73:18:70:fd:48:d7:
                    5e:82:70:cd:01:79:52:d1:e5:63:64:1a:17:ea:2c:
                    96:94:78:c7:49:3e:0d:f9:08:33:6c:63:e4:8c:12:
                    6e:99:a6:cf:0b:8e:6e:56:14:a0:d9:93:a8:2c:af:
                    b9:83:17:36:02:c8:4d:bd:d9:8d:43:44:a8:99:0b:
                    85:b5:b0:0a:53:7b:f9:37:04:0d:2a:8c:c6:6a:ae:
                    0d:11:9f:1e:ee:46:fd:fb:da:6a:4d:dc:17:db:fc:
                    f0:b7:6e:2d:98:e9:4e:43:f3:bf:0b:67:17:09:1b:
                    b5:0c:12:9a:c5:5c:85:d6:68:2a:ab:30:15:5b:86:
                    87:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:00:0E:2B:24:EE:89:30:27:A3:B3:10:77:01:A9:A8:8B:D6:F8:3B
            X509v3 Authority Key Identifier:
                keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kwAOKyTuiTAno7MQdwGpqIvW-Ds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.38.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5a:db:ea:3b:ba:b9:da:62:80:93:29:55:28:4c:f5:cf:ca:f2:
         02:41:16:f6:59:50:74:f7:c1:cf:b2:b2:3f:80:d8:7a:23:86:
         92:72:93:c1:ea:a2:74:cd:2f:ad:63:40:52:bc:41:9b:35:dc:
         69:1c:06:cb:1a:7d:23:0e:8a:b1:30:f5:47:96:5e:37:02:71:
         be:55:62:e2:65:ff:f1:f4:5d:ee:be:27:95:84:12:82:c2:51:
         c6:64:24:55:cd:ea:e4:59:ee:b4:2c:2d:30:be:19:61:7d:58:
         7d:32:ab:a7:94:98:7a:e9:ee:e5:0c:fe:c1:2c:ad:ff:59:25:
         ae:26:0f:5f:3a:4f:7e:0d:01:9c:c0:d2:0c:58:92:2a:c1:45:
         69:05:11:25:d0:cd:6b:dd:b4:78:c1:43:f9:58:fb:42:4d:ac:
         a6:bd:4a:ea:46:d3:fb:80:c9:07:74:39:0b:2a:f9:3d:fa:34:
         35:18:1e:54:11:df:9b:11:c2:65:08:1a:2c:b3:6b:aa:59:fc:
         db:40:84:11:14:76:97:dc:2c:df:0a:40:ae:72:2a:27:26:70:
         60:c2:b5:3c:62:47:01:d1:18:c8:0b:d7:61:8d:7a:52:83:02:
         49:dc:13:bc:d2:b3:c4:ec:1e:cd:22:34:38:bc:b9:10:71:08:
         c7:2e:c9:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKAr94DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMwMDBlMmIyNGVl
ODkzMDI3YTNiMzEwNzcwMWE5YTg4YmQ2ZjgzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyvBdrHht4awyvFhFLYVQatYj8zkN/ydCBRQruEOZaHUuQ6
rrYY4NJo77YMwljfbNZoDSsCbz3OU2WzoNwNYunzHrT8I4BeWOAtVx2IWmg/i9FA
OJxEr1JF4ta17SzG6LnBntdtgavFneKXLO2hbj4ioHarp7bShGE6jMoaFw3Tcxhw
/UjXXoJwzQF5UtHlY2QaF+oslpR4x0k+DfkIM2xj5IwSbpmmzwuOblYUoNmTqCyv
uYMXNgLITb3ZjUNEqJkLhbWwClN7+TcEDSqMxmquDRGfHu5G/fvaak3cF9v88Ldu
LZjpTkPzvwtnFwkbtQwSmsVchdZoKqswFVuGh/0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSTAA4rJO6JMCejsxB3Aamoi9b4OzAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L2t3QU9LeVR1aVRBbm83TVFkd0dwcUl2Vy1Ecy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVwmBjANBgkqhkiG9w0BAQsFAAOC
AQEAWtvqO7q52mKAkylVKEz1z8ryAkEW9llQdPfBz7KyP4DYeiOGknKTweqidM0v
rWNAUrxBmzXcaRwGyxp9Iw6KsTD1R5ZeNwJxvlVi4mX/8fRd7r4nlYQSgsJRxmQk
Vc3q5FnutCwtML4ZYX1YfTKrp5SYeunu5Qz+wSyt/1klriYPXzpPfg0BnMDSDFiS
KsFFaQURJdDNa920eMFD+Vj7Qk2spr1K6kbT+4DJB3Q5Cyr5Pfo0NRgeVBHfmxHC
ZQgaLLNrqln820CEERR2l9ws3wpArnIqJyZwYMK1PGJHAdEYyAvXYY16UoMCSdwT
vNKzxOwezSI0OLy5EHEIxy7JpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:37 2024 by rpki-client on console-fra.rpki-client.org