Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/ENJv5nlCUEaz8L_eNLJZiJQT_Gw.roa
File:                     ENJv5nlCUEaz8L_eNLJZiJQT_Gw.roa (raw, json)
Hash identifier:          n0rQXof3hcfMCoTV5El5N7FldkfEyVT1BLPM85aiwL0=
Subject key identifier:   10:D2:6F:E6:79:42:50:46:B3:F0:BF:DE:34:B2:59:88:94:13:FC:6C
Certificate issuer:       /CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
Certificate serial:       0908A3EE
Authority key identifier: 7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/ENJv5nlCUEaz8L_eNLJZiJQT_Gw.roa
Signing time:             Sun 20 Feb 2022 21:51:55 +0000
ROA not before:           Sun 20 Feb 2022 21:51:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42978
IP address blocks:        185.117.14.0/24 maxlen: 24
                          2a06:8280:20::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 151561198 (0x908a3ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
        Validity
            Not Before: Feb 20 21:51:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=10d26fe679425046b3f0bfde34b259889413fc6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:18:35:70:f0:74:11:b4:fc:d4:02:ae:14:db:
                    ba:fe:03:26:f9:b9:8f:83:2b:4c:37:d7:87:fb:c8:
                    1f:8a:84:44:99:08:79:90:27:b0:17:c6:cd:e2:64:
                    e6:36:4d:ab:5a:ba:e7:7c:d8:46:30:51:ba:0b:7b:
                    53:df:38:78:36:ee:33:72:87:6d:c7:79:0e:e5:54:
                    9b:64:4b:01:e8:32:0b:0f:37:d6:57:d1:4c:63:9c:
                    8f:b0:32:7c:23:f3:0f:b4:8a:83:eb:1f:dc:df:d5:
                    b2:d8:cd:0f:a8:06:00:a7:b4:24:82:74:0c:92:6c:
                    cc:f9:7b:69:2e:c6:72:1c:14:f8:40:df:b2:ef:f0:
                    6c:cd:e1:fc:4a:66:3f:50:03:b6:43:93:e7:1a:79:
                    0e:2e:b6:2e:82:aa:b6:84:88:1e:a4:cc:18:54:11:
                    4e:eb:41:9e:d1:28:be:7b:b4:0c:e6:8c:79:b3:06:
                    d3:e9:67:e7:3f:b9:4f:52:9d:79:cc:4c:40:51:1c:
                    53:55:d9:54:eb:fa:2a:1b:41:9d:bb:32:2b:44:8b:
                    3f:44:86:01:f8:7f:ac:57:bc:44:2d:5c:bc:fd:44:
                    f9:07:49:57:7d:e5:df:00:03:d8:b5:c1:3a:ea:cd:
                    51:8a:29:11:05:d3:80:81:96:e9:0a:ad:c4:71:44:
                    e0:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:D2:6F:E6:79:42:50:46:B3:F0:BF:DE:34:B2:59:88:94:13:FC:6C
            X509v3 Authority Key Identifier:
                keyid:7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/ENJv5nlCUEaz8L_eNLJZiJQT_Gw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/fEuRfckEagZWeK4N9NPjA2nFnGk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.14.0/24
                IPv6:
                  2a06:8280:20::/44

    Signature Algorithm: sha256WithRSAEncryption
         bd:a3:29:e8:b1:0b:9b:16:99:6e:8b:3c:1f:8f:4f:8a:9d:f0:
         87:61:d3:90:57:aa:5e:fe:b4:d2:c7:a8:8a:7c:23:81:f7:90:
         10:b6:00:14:45:9c:52:2d:a6:72:c5:05:5b:d3:ca:fc:98:e9:
         4b:0f:62:ac:b3:c8:85:7b:8e:b3:44:6b:b5:94:d9:41:5f:3d:
         36:00:f2:ff:ce:d4:29:91:35:1c:66:8e:2f:ea:ec:55:6a:7d:
         a7:8b:99:69:ae:99:80:c6:53:2e:e0:fb:8f:e7:d3:99:e9:48:
         72:0b:41:1d:7b:f5:22:0e:3d:21:2e:47:1f:24:d6:c1:5c:86:
         d2:ba:85:d9:b7:7a:dd:a1:28:9a:a0:93:04:1b:57:9e:4a:d9:
         f8:1c:d9:c5:7d:cf:4d:de:af:dc:91:9d:7d:e2:3e:56:4e:45:
         e1:52:98:52:1f:20:f0:2b:aa:be:38:6c:37:e5:79:67:69:8d:
         bf:95:9d:d1:f5:f4:83:25:a8:6e:37:90:a0:ab:6a:e9:0c:77:
         7c:75:cf:1e:f3:c5:15:74:2e:2a:fe:bc:88:b5:87:95:ff:0e:
         2a:ac:cd:d3:e3:b8:7a:f7:ce:63:d6:0a:56:b9:a3:82:d0:85:
         6e:7e:74:24:e9:96:06:80:de:5f:35:a9:be:18:f5:0d:6e:89:
         ff:6d:f2:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECQij7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzRiOTE3ZGM5MDQ2YTA2NTY3OGFlMGRmNGQzZTMwMzY5YzU5YzY5MB4XDTIyMDIy
MDIxNTE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTBkMjZmZTY3OTQy
NTA0NmIzZjBiZmRlMzRiMjU5ODg5NDEzZmM2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANsYNXDwdBG0/NQCrhTbuv4DJvm5j4MrTDfXh/vIH4qERJkI
eZAnsBfGzeJk5jZNq1q653zYRjBRugt7U984eDbuM3KHbcd5DuVUm2RLAegyCw83
1lfRTGOcj7AyfCPzD7SKg+sf3N/VstjND6gGAKe0JIJ0DJJszPl7aS7GchwU+EDf
su/wbM3h/EpmP1ADtkOT5xp5Di62LoKqtoSIHqTMGFQRTutBntEovnu0DOaMebMG
0+ln5z+5T1KdecxMQFEcU1XZVOv6KhtBnbsyK0SLP0SGAfh/rFe8RC1cvP1E+QdJ
V33l3wAD2LXBOurNUYopEQXTgIGW6QqtxHFE4B8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQQ0m/meUJQRrPwv940slmIlBP8bDAfBgNVHSMEGDAWgBR8S5F9yQRqBlZ4
rg300+MDacWcaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZFdVJmY2tFYWdaV2VLNE45TlBqQTJuRm5Hay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvOGQ4NWQ3LTQwNDktNGI1YS05YmY3LTkxYzcwZjYxYTA2Ny8x
L0VOSnY1bmxDVUVhejhMX2VOTEpaaUpRVF9Hdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
OGQ4NWQ3LTQwNDktNGI1YS05YmY3LTkxYzcwZjYxYTA2Ny8xL2ZFdVJmY2tFYWda
V2VLNE45TlBqQTJuRm5Hay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALl1DjAPBAIAAjAJAwcEKgaCgAAg
MA0GCSqGSIb3DQEBCwUAA4IBAQC9oynosQubFpluizwfj0+KnfCHYdOQV6pe/rTS
x6iKfCOB95AQtgAURZxSLaZyxQVb08r8mOlLD2Kss8iFe46zRGu1lNlBXz02APL/
ztQpkTUcZo4v6uxVan2ni5lprpmAxlMu4PuP59OZ6UhyC0Ede/UiDj0hLkcfJNbB
XIbSuoXZt3rdoSiaoJMEG1eeStn4HNnFfc9N3q/ckZ194j5WTkXhUphSHyDwK6q+
OGw35XlnaY2/lZ3R9fSDJahuN5Cgq2rpDHd8dc8e88UVdC4q/ryItYeV/w4qrM3T
47h6985j1gpWuaOC0IVufnQk6ZYGgN5fNam+GPUNbon/bfJ7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:53 2024 by rpki-client on console-ams.rpki-client.org