Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/VrQgSJCGAz1Ihb4AMrhmt8yv82E.roa
File:                     VrQgSJCGAz1Ihb4AMrhmt8yv82E.roa (raw, json)
Hash identifier:          qnmnx0TJBgeGw3rNGC8q9Ggsk41bw3AqFTq++YRt+bo=
Subject key identifier:   56:B4:20:48:90:86:03:3D:48:85:BE:00:32:B8:66:B7:CC:AF:F3:61
Certificate issuer:       /CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
Certificate serial:       0A224D4C
Authority key identifier: 7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/VrQgSJCGAz1Ihb4AMrhmt8yv82E.roa
Signing time:             Fri 24 Jun 2022 09:21:47 +0000
ROA not before:           Fri 24 Jun 2022 09:21:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42978
IP address blocks:        185.117.13.0/24 maxlen: 24
                          2a06:8280:10::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 170020172 (0xa224d4c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
        Validity
            Not Before: Jun 24 09:21:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=56b420489086033d4885be0032b866b7ccaff361
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:62:ef:8f:87:69:5a:a6:78:40:9d:76:99:a5:
                    3b:99:aa:3f:89:68:23:b8:45:47:b3:d3:f1:5c:10:
                    c5:46:aa:cb:e4:63:7e:d3:7b:38:49:58:b8:01:1f:
                    f5:d3:fa:be:6b:df:d3:70:f3:df:b5:71:35:80:e8:
                    e4:f2:4c:62:0f:79:42:3d:11:47:fa:c1:d3:79:0a:
                    bb:9e:b4:28:71:90:7d:86:4f:a4:d0:4b:3a:fd:e4:
                    ca:63:5a:2f:f0:7a:9e:9e:30:4f:5b:be:14:12:41:
                    3a:2a:e5:1e:a8:ce:49:93:32:83:b2:56:97:48:40:
                    6f:10:08:df:9f:f2:2c:ed:da:91:da:01:cf:97:b8:
                    e9:b3:1f:ca:0c:7d:b9:d7:5d:2b:69:45:4e:0a:b0:
                    07:1a:01:10:dc:68:f5:6b:91:95:92:50:f0:b1:f5:
                    6d:93:b1:a7:62:e1:36:2e:a7:8b:1c:4b:b0:5e:de:
                    bb:d7:8d:97:06:0c:40:07:10:60:bc:dc:b7:2b:d8:
                    c3:fa:15:90:32:e5:41:b9:a3:4c:a4:3d:76:64:ca:
                    98:64:cc:f1:b7:5d:58:89:58:30:5b:23:39:32:fb:
                    2f:69:e6:e3:1e:2c:49:cb:5b:e5:67:8c:78:99:57:
                    d0:96:6e:1c:68:d9:66:f9:2f:0f:16:04:fd:3b:2e:
                    1b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:B4:20:48:90:86:03:3D:48:85:BE:00:32:B8:66:B7:CC:AF:F3:61
            X509v3 Authority Key Identifier:
                keyid:7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/VrQgSJCGAz1Ihb4AMrhmt8yv82E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/fEuRfckEagZWeK4N9NPjA2nFnGk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.13.0/24
                IPv6:
                  2a06:8280:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         a4:81:0d:61:44:10:d5:bf:b0:00:44:03:97:07:70:2d:c1:a8:
         23:62:22:5e:04:fe:c0:2c:05:11:67:cd:19:f2:f2:de:2f:45:
         e8:f6:c3:32:e3:a5:58:c2:5b:0a:fb:7f:6d:92:cb:aa:4e:18:
         97:be:6a:ad:8b:27:cc:50:f2:b8:b4:53:34:79:fd:9e:77:bd:
         b1:43:20:ae:0c:63:c5:9e:1d:09:3e:14:c6:d3:83:9d:79:d7:
         82:cd:b6:d8:b7:d3:83:1a:ca:b3:21:4b:87:b6:bd:c5:d3:2b:
         59:d8:f8:20:e5:b0:72:92:5e:ea:8e:93:09:67:ca:eb:35:0f:
         d6:9f:0a:c6:8c:00:cd:86:d6:95:11:06:11:cc:22:f2:3b:68:
         89:c7:f5:fe:cd:6a:c4:6b:51:df:36:a8:ad:7c:83:b6:05:73:
         ee:b3:37:4e:6c:bc:d8:d5:6d:ab:e5:4a:44:33:87:4a:cd:a5:
         d6:57:f0:51:96:a4:b4:59:41:7b:78:73:d3:94:c7:e7:b2:4d:
         e5:28:bd:db:73:1e:9a:d2:e3:40:41:3c:fc:fb:c6:41:d0:85:
         1a:eb:77:26:5c:47:55:3b:9f:67:7e:a8:73:7b:be:0f:f9:85:
         8b:78:82:73:ae:3d:b3:e8:b9:ca:1f:9c:2d:bf:1a:f3:a5:24:
         7f:f7:d8:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECiJNTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzRiOTE3ZGM5MDQ2YTA2NTY3OGFlMGRmNGQzZTMwMzY5YzU5YzY5MB4XDTIyMDYy
NDA5MjE0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTZiNDIwNDg5MDg2
MDMzZDQ4ODViZTAwMzJiODY2YjdjY2FmZjM2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIRi74+HaVqmeECddpmlO5mqP4loI7hFR7PT8VwQxUaqy+Rj
ftN7OElYuAEf9dP6vmvf03Dz37VxNYDo5PJMYg95Qj0RR/rB03kKu560KHGQfYZP
pNBLOv3kymNaL/B6np4wT1u+FBJBOirlHqjOSZMyg7JWl0hAbxAI35/yLO3akdoB
z5e46bMfygx9udddK2lFTgqwBxoBENxo9WuRlZJQ8LH1bZOxp2LhNi6nixxLsF7e
u9eNlwYMQAcQYLzctyvYw/oVkDLlQbmjTKQ9dmTKmGTM8bddWIlYMFsjOTL7L2nm
4x4sSctb5WeMeJlX0JZuHGjZZvkvDxYE/TsuG1sCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRWtCBIkIYDPUiFvgAyuGa3zK/zYTAfBgNVHSMEGDAWgBR8S5F9yQRqBlZ4
rg300+MDacWcaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZFdVJmY2tFYWdaV2VLNE45TlBqQTJuRm5Hay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvOGQ4NWQ3LTQwNDktNGI1YS05YmY3LTkxYzcwZjYxYTA2Ny8x
L1ZyUWdTSkNHQXoxSWhiNEFNcmhtdDh5djgyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
OGQ4NWQ3LTQwNDktNGI1YS05YmY3LTkxYzcwZjYxYTA2Ny8xL2ZFdVJmY2tFYWda
V2VLNE45TlBqQTJuRm5Hay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALl1DTAPBAIAAjAJAwcEKgaCgAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCkgQ1hRBDVv7AARAOXB3AtwagjYiJeBP7ALAUR
Z80Z8vLeL0Xo9sMy46VYwlsK+39tksuqThiXvmqtiyfMUPK4tFM0ef2ed72xQyCu
DGPFnh0JPhTG04OdedeCzbbYt9ODGsqzIUuHtr3F0ytZ2Pgg5bBykl7qjpMJZ8rr
NQ/WnwrGjADNhtaVEQYRzCLyO2iJx/X+zWrEa1HfNqitfIO2BXPuszdObLzY1W2r
5UpEM4dKzaXWV/BRlqS0WUF7eHPTlMfnsk3lKL3bcx6a0uNAQTz8+8ZB0IUa63cm
XEdVO59nfqhze74P+YWLeIJzrj2z6LnKH5wtvxrzpSR/99g3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:53 2024 by rpki-client on console-ams.rpki-client.org