Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/f8cEnPRlA12v_Msfjv5rgy2sYwc.roa
File:                     f8cEnPRlA12v_Msfjv5rgy2sYwc.roa (raw, json)
Hash identifier:          eBXK1IT3ma7SWaMX5VvOwFS7+o54KsFijMJJJtenV+4=
Subject key identifier:   7F:C7:04:9C:F4:65:03:5D:AF:FC:CB:1F:8E:FE:6B:83:2D:AC:63:07
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       37050BFF
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/f8cEnPRlA12v_Msfjv5rgy2sYwc.roa
Signing time:             Sat 01 Jan 2022 11:00:20 +0000
ROA not before:           Sat 01 Jan 2022 11:00:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43060
IP address blocks:        188.130.236.0/23 maxlen: 24
                          188.130.244.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 923077631 (0x37050bff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan  1 11:00:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7fc7049cf465035daffccb1f8efe6b832dac6307
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:34:2c:4a:9d:f2:61:59:31:37:2b:9b:82:5a:
                    c6:34:bd:21:71:83:35:d7:cb:0e:e1:cc:e8:c8:03:
                    d7:fa:aa:51:a1:b4:f2:e2:de:f9:74:b8:01:d7:a3:
                    ff:ba:87:f8:44:4c:1b:13:13:ac:31:f6:53:51:dc:
                    b6:b4:fc:99:a4:cf:e8:8f:05:97:49:6c:de:83:b7:
                    75:af:3c:2e:51:18:48:0d:4e:e1:ba:a4:c5:e6:4c:
                    76:b1:3c:54:f8:ed:a3:49:75:8c:85:61:39:81:9b:
                    e5:6b:52:c6:10:76:81:48:c5:6b:9b:e1:44:5f:e9:
                    98:ed:2c:f0:cf:55:cf:d9:5b:23:0a:20:2d:f4:da:
                    b0:de:fc:d8:4b:a5:11:b2:bb:51:09:4d:f3:0c:28:
                    9a:d4:92:b8:c3:0f:a3:9f:60:74:c2:e5:07:e9:60:
                    2b:fa:ca:54:0f:df:c9:6e:96:33:cb:3c:74:dd:2f:
                    f6:a8:05:4a:e8:6c:a4:28:d7:1e:0b:65:3a:a4:c0:
                    90:bc:66:85:06:fa:7e:e7:08:04:61:0e:9e:ae:d4:
                    73:7d:68:aa:f3:ec:6d:d4:6e:a3:5c:14:e6:38:6d:
                    42:be:69:05:83:4c:cc:5f:e7:36:2c:32:d8:c3:68:
                    d2:bc:37:94:8c:93:ab:bc:80:ed:2a:12:b8:b0:b6:
                    8a:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:C7:04:9C:F4:65:03:5D:AF:FC:CB:1F:8E:FE:6B:83:2D:AC:63:07
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/f8cEnPRlA12v_Msfjv5rgy2sYwc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.130.236.0/23
                  188.130.244.0/23

    Signature Algorithm: sha256WithRSAEncryption
         45:83:fc:4a:db:bd:8b:f1:e4:1a:74:f0:58:81:c1:51:34:36:
         20:e8:08:cf:4c:28:46:48:f3:8a:aa:9d:8e:fc:c3:56:67:78:
         f1:28:2d:fd:98:73:d2:dc:5c:e6:24:a2:df:bb:c9:ec:19:09:
         c4:20:c7:1a:a3:61:9a:dc:b3:ea:38:a5:0b:93:f5:d2:51:03:
         94:cc:f5:8f:65:7f:04:8b:00:37:20:cd:f9:4a:4c:0e:29:ea:
         90:55:da:92:2c:15:a7:77:8e:43:e5:4d:42:0f:f4:46:2f:59:
         4c:2f:42:41:36:8d:4a:0e:49:2e:8a:8d:20:7c:70:a2:13:6f:
         8a:71:d5:99:6e:bd:ec:2e:e4:9d:35:20:52:a4:86:78:13:b5:
         ff:4f:84:bf:21:12:0d:4e:30:78:7a:69:6f:2e:d4:52:ac:a8:
         b2:d9:b2:1a:ef:62:eb:9c:b5:98:41:bb:24:7c:45:34:87:a2:
         97:18:bf:a9:47:06:92:f6:e4:d0:13:8a:03:70:22:27:8e:f2:
         e8:5f:df:2a:00:f7:ac:45:cf:2d:b9:84:5b:3b:6c:8f:58:7e:
         39:d7:96:c6:9f:50:97:01:c5:f5:7f:01:9f:bd:39:7e:d8:72:
         66:d1:65:a8:00:15:73:cf:5f:c8:e8:8f:08:bd:33:e5:11:33:
         bb:8b:4e:7c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENwUL/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODViODU3NzA2ZGFjNTRlMjBjYTBkMTFiZDY0MTZjYjYzNDIwM2I0MB4XDTIyMDEw
MTExMDAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZjNzA0OWNmNDY1
MDM1ZGFmZmNjYjFmOGVmZTZiODMyZGFjNjMwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKA0LEqd8mFZMTcrm4JaxjS9IXGDNdfLDuHM6MgD1/qqUaG0
8uLe+XS4Adej/7qH+ERMGxMTrDH2U1HctrT8maTP6I8Fl0ls3oO3da88LlEYSA1O
4bqkxeZMdrE8VPjto0l1jIVhOYGb5WtSxhB2gUjFa5vhRF/pmO0s8M9Vz9lbIwog
LfTasN782EulEbK7UQlN8wwomtSSuMMPo59gdMLlB+lgK/rKVA/fyW6WM8s8dN0v
9qgFSuhspCjXHgtlOqTAkLxmhQb6fucIBGEOnq7Uc31oqvPsbdRuo1wU5jhtQr5p
BYNMzF/nNiwy2MNo0rw3lIyTq7yA7SoSuLC2iq8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR/xwSc9GUDXa/8yx+O/muDLaxjBzAfBgNVHSMEGDAWgBSIW4V3BtrFTiDK
DRG9ZBbLY0IDtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lGdUZkd2JheFU0Z3lnMFJ2V1FXeTJOQ0E3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8x
L2Y4Y0VuUFJsQTEydl9Nc2ZqdjVyZ3kyc1l3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8xL2lGdUZkd2JheFU0
Z3lnMFJ2V1FXeTJOQ0E3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAbyC7AMEAbyC9DANBgkqhkiG9w0B
AQsFAAOCAQEARYP8Stu9i/HkGnTwWIHBUTQ2IOgIz0woRkjziqqdjvzDVmd48Sgt
/Zhz0txc5iSi37vJ7BkJxCDHGqNhmtyz6jilC5P10lEDlMz1j2V/BIsANyDN+UpM
DinqkFXakiwVp3eOQ+VNQg/0Ri9ZTC9CQTaNSg5JLoqNIHxwohNvinHVmW697C7k
nTUgUqSGeBO1/0+EvyESDU4weHppby7UUqyostmyGu9i65y1mEG7JHxFNIeilxi/
qUcGkvbk0BOKA3AiJ47y6F/fKgD3rEXPLbmEWztsj1h+OdeWxp9QlwHF9X8Bn705
fthyZtFlqAAVc89fyOiPCL0z5REzu4tOfA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org