Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/zbbred8bkVcxQUAwh-FZOn0twZc.roa
File:                     zbbred8bkVcxQUAwh-FZOn0twZc.roa (raw, json)
Hash identifier:          Btmh8YMmDZ7aqe5xZ581L2SPWv0gsgslV7TwOPg9xMw=
Subject key identifier:   CD:B6:EB:79:DF:1B:91:57:31:41:40:30:87:E1:59:3A:7D:2D:C1:97
Certificate issuer:       /CN=b79220a805e4378547e43bac731ce86fe01145c7
Certificate serial:       0A8F6537
Authority key identifier: B7:92:20:A8:05:E4:37:85:47:E4:3B:AC:73:1C:E8:6F:E0:11:45:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t5IgqAXkN4VH5Duscxzob-ARRcc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/zbbred8bkVcxQUAwh-FZOn0twZc.roa
Signing time:             Sat 01 Jan 2022 13:02:42 +0000
ROA not before:           Sat 01 Jan 2022 13:02:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205416
IP address blocks:        185.92.212.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 177169719 (0xa8f6537)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b79220a805e4378547e43bac731ce86fe01145c7
        Validity
            Not Before: Jan  1 13:02:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cdb6eb79df1b91573141403087e1593a7d2dc197
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:73:e4:19:4e:5f:8b:86:68:76:09:f6:b5:e8:
                    c7:39:db:0b:ba:52:9b:29:7f:69:f3:af:6f:9c:0e:
                    8c:1c:03:8a:b9:96:83:a0:4a:ad:3d:50:eb:37:14:
                    11:15:f7:60:84:51:ff:48:5f:b4:dc:24:bc:c7:57:
                    a0:3d:18:ed:73:ea:a9:e3:50:62:bd:a2:20:2b:02:
                    ae:c4:cb:a1:3a:3d:1a:8e:de:b9:ce:30:bc:91:e5:
                    59:8a:c9:56:35:78:c9:21:2d:02:23:04:fd:84:53:
                    a9:ac:62:01:bd:87:dd:70:f1:1b:0e:e5:43:95:e2:
                    37:a4:2a:fc:f4:2e:2f:b0:3e:4c:67:f5:4a:7e:1e:
                    66:8c:3f:ea:87:c2:27:9f:15:7e:5a:c4:38:a0:a7:
                    ee:0b:44:e7:d3:6f:23:64:18:cc:08:c0:06:6c:8c:
                    b8:6b:09:a3:bd:6a:1d:1a:1b:ec:65:7a:bb:e2:e1:
                    3d:a8:77:aa:fa:e0:01:9b:3c:7d:95:80:40:c6:0f:
                    f1:56:2c:81:35:37:e1:4d:fd:8d:0f:93:a1:ae:fe:
                    80:5f:75:0c:ec:f2:00:96:f8:da:16:bc:a9:de:5b:
                    89:0d:22:d7:ef:b9:35:f0:0a:6e:8b:28:cb:59:b5:
                    0f:8d:55:14:48:77:9f:0e:3c:a0:89:6c:6d:f3:91:
                    75:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:B6:EB:79:DF:1B:91:57:31:41:40:30:87:E1:59:3A:7D:2D:C1:97
            X509v3 Authority Key Identifier:
                keyid:B7:92:20:A8:05:E4:37:85:47:E4:3B:AC:73:1C:E8:6F:E0:11:45:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5IgqAXkN4VH5Duscxzob-ARRcc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/zbbred8bkVcxQUAwh-FZOn0twZc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/t5IgqAXkN4VH5Duscxzob-ARRcc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:fd:fa:e9:50:37:d2:80:24:41:21:76:02:7e:81:59:11:b5:
         1e:58:da:d9:d7:5c:62:f0:e5:83:81:41:2a:1b:0a:e2:cf:6e:
         f3:14:29:52:c4:b0:fa:b9:1e:71:71:bc:10:c0:9f:c7:8c:e4:
         8a:f3:ce:ae:22:f7:a1:82:81:86:8d:76:25:06:9c:66:b3:9c:
         db:a4:b9:5d:52:15:40:32:97:1f:03:67:64:cd:70:6d:23:6c:
         fe:01:7c:5a:ef:ce:38:3a:c0:e6:ae:91:ff:f9:bd:06:fc:51:
         c6:c7:19:1f:ba:24:08:f7:a4:72:f5:60:6b:f3:cf:a8:8a:25:
         2b:43:43:dc:05:20:72:f5:f2:a4:31:64:47:b7:5f:7e:ba:b7:
         bd:ec:d8:92:a6:a0:0f:a5:3b:af:63:3b:a9:21:3f:5f:cd:88:
         84:8d:26:d6:16:34:42:46:41:ef:02:81:18:f9:77:1f:73:f8:
         f8:f9:09:c7:9b:f6:a6:76:8c:6f:93:ce:e4:49:cf:79:25:0a:
         46:84:81:9b:97:0f:e2:e8:ba:56:fd:84:14:40:c0:d9:e1:b0:
         43:2f:1e:14:3d:30:27:4e:88:b2:0d:2c:cf:e3:0a:ec:83:aa:
         5a:40:80:80:5e:b4:b6:dc:79:84:88:53:51:9a:83:df:7e:47:
         42:26:a8:c7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECo9lNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzkyMjBhODA1ZTQzNzg1NDdlNDNiYWM3MzFjZTg2ZmUwMTE0NWM3MB4XDTIyMDEw
MTEzMDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RiNmViNzlkZjFi
OTE1NzMxNDE0MDMwODdlMTU5M2E3ZDJkYzE5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1z5BlOX4uGaHYJ9rXoxznbC7pSmyl/afOvb5wOjBwDirmW
g6BKrT1Q6zcUERX3YIRR/0hftNwkvMdXoD0Y7XPqqeNQYr2iICsCrsTLoTo9Go7e
uc4wvJHlWYrJVjV4ySEtAiME/YRTqaxiAb2H3XDxGw7lQ5XiN6Qq/PQuL7A+TGf1
Sn4eZow/6ofCJ58VflrEOKCn7gtE59NvI2QYzAjABmyMuGsJo71qHRob7GV6u+Lh
Pah3qvrgAZs8fZWAQMYP8VYsgTU34U39jQ+Toa7+gF91DOzyAJb42ha8qd5biQ0i
1++5NfAKbosoy1m1D41VFEh3nw48oIlsbfORdVUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTNtut53xuRVzFBQDCH4Vk6fS3BlzAfBgNVHSMEGDAWgBS3kiCoBeQ3hUfk
O6xzHOhv4BFFxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Q1SWdxQVhrTjRWSDVEdXNjeHpvYi1BUlJjYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvZTdmODg0LWNmN2ItNDkxYy05ZWQ5LTQyM2FmYzJiNjhiOC8x
L3piYnJlZDhia1ZjeFFVQXdoLUZaT24wdHdaYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
ZTdmODg0LWNmN2ItNDkxYy05ZWQ5LTQyM2FmYzJiNjhiOC8xL3Q1SWdxQVhrTjRW
SDVEdXNjeHpvYi1BUlJjYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlc1DANBgkqhkiG9w0BAQsFAAOC
AQEAp/366VA30oAkQSF2An6BWRG1Hlja2ddcYvDlg4FBKhsK4s9u8xQpUsSw+rke
cXG8EMCfx4zkivPOriL3oYKBho12JQacZrOc26S5XVIVQDKXHwNnZM1wbSNs/gF8
Wu/OODrA5q6R//m9BvxRxscZH7okCPekcvVga/PPqIolK0ND3AUgcvXypDFkR7df
frq3vezYkqagD6U7r2M7qSE/X82IhI0m1hY0QkZB7wKBGPl3H3P4+PkJx5v2pnaM
b5PO5EnPeSUKRoSBm5cP4ui6Vv2EFEDA2eGwQy8eFD0wJ06Isg0sz+MK7IOqWkCA
gF60ttx5hIhTUZqD335HQiaoxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:16 2024 by rpki-client on console-ams.rpki-client.org