Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/ROJyLyuNaTHkXg-odGPA3N-5X-Q.roa
File:                     ROJyLyuNaTHkXg-odGPA3N-5X-Q.roa (raw, json)
Hash identifier:          9DygDOZy0ufmV6EosZlE1T/Is6w1pBmnkBewDNCLAMg=
Subject key identifier:   44:E2:72:2F:2B:8D:69:31:E4:5E:0F:A8:74:63:C0:DC:DF:B9:5F:E4
Certificate issuer:       /CN=aa9c9c95a58c3811bda95dc83c2e487a200c4c25
Certificate serial:       03276CC5
Authority key identifier: AA:9C:9C:95:A5:8C:38:11:BD:A9:5D:C8:3C:2E:48:7A:20:0C:4C:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qpyclaWMOBG9qV3IPC5IeiAMTCU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/ROJyLyuNaTHkXg-odGPA3N-5X-Q.roa
Signing time:             Thu 10 Feb 2022 10:50:06 +0000
ROA not before:           Thu 10 Feb 2022 10:50:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.55.188.0/24 maxlen: 24
                          185.55.190.0/24 maxlen: 24
                          185.55.191.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52915397 (0x3276cc5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa9c9c95a58c3811bda95dc83c2e487a200c4c25
        Validity
            Not Before: Feb 10 10:50:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=44e2722f2b8d6931e45e0fa87463c0dcdfb95fe4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:65:90:8b:85:df:a2:c7:99:1c:4f:45:53:60:
                    62:04:10:b6:be:f9:a0:a9:6c:b6:1b:aa:bc:2e:a0:
                    2b:fd:e7:c6:6c:b5:dd:61:ec:18:4f:22:aa:64:63:
                    a7:b0:55:90:bc:f6:3e:eb:24:fe:53:d2:a3:8e:37:
                    10:fd:f2:3c:4b:4b:40:b9:cb:3a:42:ee:f3:21:0d:
                    80:44:9c:83:63:10:9f:63:e4:31:6e:6a:b2:43:72:
                    94:84:97:8b:cb:2b:12:19:7d:af:2a:97:c4:89:60:
                    d2:0c:b6:c5:20:a7:c5:4c:d3:f4:d8:bc:b6:b7:87:
                    2e:15:3b:ba:a4:33:20:62:49:c6:e1:db:74:fb:bd:
                    6c:22:fc:79:74:e3:6b:a4:fb:a2:ea:0b:cf:ff:08:
                    49:b6:2a:0c:29:bb:29:ce:23:ed:10:16:d3:6d:c2:
                    9d:a6:e5:82:3a:84:88:e4:b3:9d:2b:3e:67:cc:54:
                    c4:b5:5a:53:52:59:d8:37:aa:7c:44:b2:fb:5f:07:
                    11:76:ca:37:ed:a4:d5:31:c2:1c:66:3b:0e:9f:5d:
                    27:5a:a0:8a:2d:e3:c1:15:f9:57:fc:79:18:52:22:
                    cd:32:b1:e5:9f:7f:7f:5f:ee:f7:b8:d0:f9:2c:96:
                    21:02:e9:7f:a4:da:0d:eb:9e:a9:23:98:81:ce:46:
                    73:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:E2:72:2F:2B:8D:69:31:E4:5E:0F:A8:74:63:C0:DC:DF:B9:5F:E4
            X509v3 Authority Key Identifier:
                keyid:AA:9C:9C:95:A5:8C:38:11:BD:A9:5D:C8:3C:2E:48:7A:20:0C:4C:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qpyclaWMOBG9qV3IPC5IeiAMTCU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/ROJyLyuNaTHkXg-odGPA3N-5X-Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/qpyclaWMOBG9qV3IPC5IeiAMTCU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.55.188.0/24
                  185.55.190.0/23

    Signature Algorithm: sha256WithRSAEncryption
         00:66:a1:2c:0d:33:e3:0a:af:b6:13:90:db:1c:b8:9a:fb:ef:
         76:e3:fa:cc:36:42:6b:e3:08:41:57:6f:9d:a3:4e:f8:9a:65:
         80:29:92:87:91:3d:a1:ed:03:97:f2:50:a4:e1:20:d2:7c:ac:
         3e:50:e0:e5:32:d1:66:7b:73:d2:5e:27:b7:d6:b7:d6:0d:44:
         c8:6a:44:de:dd:3f:86:a9:d2:e0:fa:21:d6:31:88:90:f5:75:
         97:5e:7b:5f:21:91:f5:63:38:b6:4f:19:e5:20:a0:e0:28:9b:
         0e:de:35:02:a1:50:f1:0b:f8:c9:19:94:f8:99:fd:db:6f:3a:
         1f:ae:2b:59:24:f6:7f:fd:81:8c:d6:5e:72:55:8a:11:32:3f:
         fb:e3:16:3c:23:27:4e:3a:20:6f:bf:7b:e1:91:5f:e4:ca:d0:
         0b:82:f7:60:2c:c3:98:9e:83:b2:16:f5:87:de:3e:57:d3:be:
         8d:a5:6a:96:dc:47:3d:c2:4b:73:67:d0:12:a3:77:7f:7f:3e:
         99:23:fc:69:fb:2b:7f:c0:f3:b3:52:a6:04:40:55:1f:a1:8c:
         70:dc:9b:58:7b:9e:61:c8:12:92:c7:af:39:ec:f5:b2:e5:40:
         d4:1e:d9:c9:eb:45:8e:cd:35:25:10:f1:d0:4f:35:1c:22:d5:
         7c:0c:45:09
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAydsxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTljOWM5NWE1OGMzODExYmRhOTVkYzgzYzJlNDg3YTIwMGM0YzI1MB4XDTIyMDIx
MDEwNTAwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRlMjcyMmYyYjhk
NjkzMWU0NWUwZmE4NzQ2M2MwZGNkZmI5NWZlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZlkIuF36LHmRxPRVNgYgQQtr75oKlsthuqvC6gK/3nxmy1
3WHsGE8iqmRjp7BVkLz2Pusk/lPSo443EP3yPEtLQLnLOkLu8yENgEScg2MQn2Pk
MW5qskNylISXi8srEhl9ryqXxIlg0gy2xSCnxUzT9Ni8treHLhU7uqQzIGJJxuHb
dPu9bCL8eXTja6T7ouoLz/8ISbYqDCm7Kc4j7RAW023CnablgjqEiOSznSs+Z8xU
xLVaU1JZ2DeqfESy+18HEXbKN+2k1THCHGY7Dp9dJ1qgii3jwRX5V/x5GFIizTKx
5Z9/f1/u97jQ+SyWIQLpf6TaDeueqSOYgc5Gc58CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRE4nIvK41pMeReD6h0Y8Dc37lf5DAfBgNVHSMEGDAWgBSqnJyVpYw4Eb2p
Xcg8Lkh6IAxMJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FweWNsYVdNT0JHOXFWM0lQQzVJZWlBTVRDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvNzVhMjJlLWFlOTUtNGU5My05NDNhLTQxYTA2NzZlZGQ2MS8x
L1JPSnlMeXVOYVRIa1hnLW9kR1BBM04tNVgtUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
NzVhMjJlLWFlOTUtNGU5My05NDNhLTQxYTA2NzZlZGQ2MS8xL3FweWNsYVdNT0JH
OXFWM0lQQzVJZWlBTVRDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALk3vAMEAbk3vjANBgkqhkiG9w0B
AQsFAAOCAQEAAGahLA0z4wqvthOQ2xy4mvvvduP6zDZCa+MIQVdvnaNO+JplgCmS
h5E9oe0Dl/JQpOEg0nysPlDg5TLRZntz0l4nt9a31g1EyGpE3t0/hqnS4Poh1jGI
kPV1l157XyGR9WM4tk8Z5SCg4CibDt41AqFQ8Qv4yRmU+Jn92286H64rWST2f/2B
jNZeclWKETI/++MWPCMnTjogb7974ZFf5MrQC4L3YCzDmJ6Dshb1h94+V9O+jaVq
ltxHPcJLc2fQEqN3f38+mSP8afsrf8Dzs1KmBEBVH6GMcNybWHueYcgSksevOez1
suVA1B7ZyetFjs01JRDx0E81HCLVfAxFCQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:01 2023 by rpki-client on console-fra.rpki-client.org