Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/UOSu4Jf5yc7LnuQYZ9fPocHGksE.roa
File:                     UOSu4Jf5yc7LnuQYZ9fPocHGksE.roa (raw, json)
Hash identifier:          8QbzTRHn6PpV/Gnq76IhA/F4eFft9+uvxCR4CrePKL0=
Subject key identifier:   50:E4:AE:E0:97:F9:C9:CE:CB:9E:E4:18:67:D7:CF:A1:C1:C6:92:C1
Certificate issuer:       /CN=b1e8cf7386200dfda9b067db9c77d30660d74cda
Certificate serial:       0183F98080537BBB019F6CEC5DA7D627992F
Authority key identifier: B1:E8:CF:73:86:20:0D:FD:A9:B0:67:DB:9C:77:D3:06:60:D7:4C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sejPc4YgDf2psGfbnHfTBmDXTNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/UOSu4Jf5yc7LnuQYZ9fPocHGksE.roa
Signing time:             Fri 21 Oct 2022 07:44:51 +0000
ROA not before:           Fri 21 Oct 2022 07:44:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12384
IP address blocks:        185.173.196.0/22 maxlen: 22
                          77.235.224.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f9:80:80:53:7b:bb:01:9f:6c:ec:5d:a7:d6:27:99:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1e8cf7386200dfda9b067db9c77d30660d74cda
        Validity
            Not Before: Oct 21 07:44:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=50e4aee097f9c9cecb9ee41867d7cfa1c1c692c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:7a:2c:26:55:be:e9:37:f3:10:d4:93:c2:b0:
                    85:f9:37:2a:ca:47:a2:0a:67:06:97:98:8f:59:60:
                    b0:54:0e:4e:69:d4:0f:9a:dd:6c:4e:60:c1:bd:96:
                    fe:eb:bd:af:d4:88:4e:6f:ce:1e:72:2a:ea:3d:44:
                    db:e4:de:22:1e:02:06:ba:4b:7e:d5:74:10:d1:fb:
                    36:54:15:dd:30:28:81:aa:ea:4f:64:f8:44:5b:4b:
                    1c:a5:f8:6f:22:4e:b4:ee:0c:88:09:d9:5b:4b:72:
                    01:31:0d:23:63:2d:1b:74:87:be:d3:6f:08:1d:e8:
                    95:2f:6a:2c:4c:f2:e9:22:00:70:07:56:6e:30:69:
                    9e:b5:35:fa:32:04:f9:db:ce:01:48:a3:07:aa:a8:
                    fb:2e:f5:c7:66:d0:a3:6c:a3:49:89:13:d2:1c:b0:
                    cb:c0:e2:36:3a:53:58:78:e0:5f:46:a3:c4:09:8a:
                    e6:99:26:67:be:81:78:ac:33:ae:09:f9:23:26:49:
                    9a:c3:79:d2:cc:b6:61:34:aa:b1:30:63:d7:df:2c:
                    d2:d2:9f:e4:84:ec:cf:27:01:b3:d2:4f:e5:b8:b7:
                    63:06:9a:5d:2d:65:74:b7:bd:1b:29:28:cd:7b:a6:
                    0d:4c:aa:69:db:d9:a9:f2:28:4b:4b:58:87:f9:74:
                    b6:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:E4:AE:E0:97:F9:C9:CE:CB:9E:E4:18:67:D7:CF:A1:C1:C6:92:C1
            X509v3 Authority Key Identifier:
                keyid:B1:E8:CF:73:86:20:0D:FD:A9:B0:67:DB:9C:77:D3:06:60:D7:4C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sejPc4YgDf2psGfbnHfTBmDXTNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/UOSu4Jf5yc7LnuQYZ9fPocHGksE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/sejPc4YgDf2psGfbnHfTBmDXTNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.235.224.0/19
                  185.173.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:f9:b3:e5:3e:0f:6e:fb:a3:f8:0e:1c:27:27:57:33:5c:34:
         a0:ed:89:50:a0:83:82:2e:46:0b:65:7a:e2:d7:be:2e:6b:88:
         7d:21:c8:5e:ce:d6:eb:58:bf:ac:30:86:ac:16:91:e4:2a:11:
         70:40:28:03:c1:d4:d9:e0:45:2d:63:70:f9:cb:e5:bb:c5:87:
         fd:de:64:2d:cc:ba:00:dc:e5:36:19:84:e2:20:fd:b4:52:26:
         47:92:90:aa:d6:13:9e:09:74:09:a9:30:10:60:5d:93:f8:2b:
         e2:74:ba:f7:d8:7d:7b:be:ea:e5:af:cb:4c:bf:16:e2:7b:be:
         43:ba:4c:08:ee:9f:1b:aa:d6:6b:18:3d:57:27:95:f3:1b:4a:
         d2:a9:75:f6:4d:c7:0a:46:f7:72:57:f6:17:fb:b0:ee:37:93:
         94:78:81:70:fe:72:ee:30:1f:35:d2:a9:b2:5f:d5:08:3d:b1:
         e9:32:bc:a7:ff:dd:5a:f2:34:79:ec:3a:7a:f1:cc:90:b9:59:
         b0:83:de:ee:4a:0e:de:b1:be:22:57:42:4d:8e:9e:63:0d:1c:
         2b:14:f6:90:5c:11:08:fe:80:dc:1e:c8:79:ee:af:28:af:8c:
         d3:b3:3e:c5:29:f9:e7:3f:f0:eb:f8:33:24:99:c8:7f:9a:a7:
         1c:28:4a:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP5gIBTe7sBn2zsXafWJ5kvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZThjZjczODYyMDBkZmRhOWIwNjdkYjljNzdkMzA2NjBk
NzRjZGEwHhcNMjIxMDIxMDc0NDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGU0YWVlMDk3ZjljOWNlY2I5ZWU0MTg2N2Q3Y2ZhMWMxYzY5MmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHosJlW+6TfzENSTwrCF+Tcqykei
CmcGl5iPWWCwVA5OadQPmt1sTmDBvZb+672v1IhOb84ecirqPUTb5N4iHgIGukt+
1XQQ0fs2VBXdMCiBqupPZPhEW0scpfhvIk607gyICdlbS3IBMQ0jYy0bdIe+028I
HeiVL2osTPLpIgBwB1ZuMGmetTX6MgT5284BSKMHqqj7LvXHZtCjbKNJiRPSHLDL
wOI2OlNYeOBfRqPECYrmmSZnvoF4rDOuCfkjJkmaw3nSzLZhNKqxMGPX3yzS0p/k
hOzPJwGz0k/luLdjBppdLWV0t70bKSjNe6YNTKpp29mp8ihLS1iH+XS20wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFDkruCX+cnOy57kGGfXz6HBxpLBMB8GA1UdIwQY
MBaAFLHoz3OGIA39qbBn25x30wZg10zaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2VqUGM0WWdEZjJwc0dmYm5IZlRCbURYVE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mNDk5Y2QtZmFkNi00ZmIwLTliZTct
NGE3OTA0ZmZjOGUxLzEvVU9TdTRKZjV5YzdMbnVRWVo5ZlBvY0hHa3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mNDk5Y2QtZmFkNi00ZmIwLTliZTctNGE3OTA0ZmZjOGUx
LzEvc2VqUGM0WWdEZjJwc0dmYm5IZlRCbURYVE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFTevgAwQC
ua3EMA0GCSqGSIb3DQEBCwUAA4IBAQBO+bPlPg9u+6P4DhwnJ1czXDSg7YlQoIOC
LkYLZXri174ua4h9IcheztbrWL+sMIasFpHkKhFwQCgDwdTZ4EUtY3D5y+W7xYf9
3mQtzLoA3OU2GYTiIP20UiZHkpCq1hOeCXQJqTAQYF2T+CvidLr32H17vurlr8tM
vxbie75DukwI7p8bqtZrGD1XJ5XzG0rSqXX2TccKRvdyV/YX+7DuN5OUeIFw/nLu
MB810qmyX9UIPbHpMryn/91a8jR57Dp68cyQuVmwg97uSg7esb4iV0JNjp5jDRwr
FPaQXBEI/oDcHsh57q8or4zTsz7FKfnnP/Dr+DMkmch/mqccKEo6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:02 2024 by rpki-client on console-fra.rpki-client.org