Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/Pw7HWIiWRdAcEyBp2nEitTmNzp0.roa
File:                     Pw7HWIiWRdAcEyBp2nEitTmNzp0.roa (raw, json)
Hash identifier:          IQUB68Yak9eD7oxT56YMBm8gzToTKNyKHqL9u+KqhjI=
Subject key identifier:   3F:0E:C7:58:88:96:45:D0:1C:13:20:69:DA:71:22:B5:39:8D:CE:9D
Certificate issuer:       /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial:       0182119BF600683C9B9F0CD06FD545C1130A
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/Pw7HWIiWRdAcEyBp2nEitTmNzp0.roa
Signing time:             Mon 18 Jul 2022 14:00:09 +0000
ROA not before:           Mon 18 Jul 2022 14:00:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19324
IP address blocks:        185.181.116.0/22 maxlen: 24
                          91.197.228.0/22 maxlen: 24
                          2a0a:cb80::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:11:9b:f6:00:68:3c:9b:9f:0c:d0:6f:d5:45:c1:13:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
        Validity
            Not Before: Jul 18 14:00:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3f0ec758889645d01c132069da7122b5398dce9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:87:ab:13:0f:87:75:95:d5:23:57:98:09:88:
                    58:07:9a:20:7a:4a:5e:eb:b3:89:73:5f:46:34:c2:
                    d5:0d:e8:1f:3e:c0:27:14:12:16:3d:87:14:f0:08:
                    07:56:89:2c:ec:12:73:7a:36:5a:b5:04:88:31:2b:
                    17:a1:3a:32:31:6a:b1:d3:db:ea:2c:e7:cf:69:ba:
                    15:cc:07:85:b9:fa:28:37:fb:b5:89:ca:65:56:01:
                    43:3b:8e:1d:09:9d:5d:7b:39:08:53:bf:48:60:4f:
                    41:85:b2:24:26:c9:c5:bd:1c:55:aa:f8:f7:23:02:
                    11:fe:58:41:5d:87:f0:f4:9d:25:6e:fa:69:2e:2d:
                    12:31:73:d3:89:7b:2f:ef:c4:49:a8:6d:ab:0a:89:
                    e0:48:5f:9e:1d:6e:1c:75:8c:71:9c:17:58:c3:ed:
                    c2:d4:53:29:6d:3f:9a:e5:88:16:e6:17:6f:ec:90:
                    f6:ad:cd:8a:b4:16:09:d3:4c:2d:8f:44:46:cb:37:
                    97:a0:1f:22:5a:74:d1:d0:b7:8d:20:27:25:1a:0c:
                    40:2b:c1:fd:7f:34:5e:55:04:10:76:4f:b7:7e:28:
                    06:25:9c:ee:cf:5d:59:a0:d1:94:dd:f8:10:43:eb:
                    d0:5d:3b:c7:2b:0b:16:17:20:58:b2:21:d1:2c:1e:
                    7d:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:0E:C7:58:88:96:45:D0:1C:13:20:69:DA:71:22:B5:39:8D:CE:9D
            X509v3 Authority Key Identifier:
                keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/Pw7HWIiWRdAcEyBp2nEitTmNzp0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.197.228.0/22
                  185.181.116.0/22
                IPv6:
                  2a0a:cb80::/32

    Signature Algorithm: sha256WithRSAEncryption
         34:14:7d:d0:f6:d1:3d:ea:ce:7d:86:3c:bd:43:b4:0b:ec:94:
         06:1e:50:66:37:01:b7:f6:bd:3b:12:8e:03:3c:51:34:ed:bb:
         72:8a:a8:7b:c0:bb:1f:40:28:e7:f8:40:26:01:c3:58:da:4f:
         4b:37:89:b7:03:fc:68:da:a1:88:cb:b5:6a:79:15:b8:66:db:
         95:d5:b6:af:a2:ab:a6:02:8d:1a:1d:ce:c1:9e:47:cf:a4:5c:
         bf:17:92:4d:0f:77:82:01:b7:df:89:ef:67:d1:48:c6:5f:cd:
         07:c9:05:ee:4b:2a:a3:29:8a:0d:a6:c6:82:60:fa:79:dc:b9:
         7a:24:67:1e:8f:89:10:88:0e:78:88:cb:8d:1f:00:2f:f2:b1:
         da:b8:e9:ab:cc:d2:f3:69:37:02:32:57:72:8b:60:f9:6b:30:
         23:d8:cc:f1:aa:72:22:a5:a3:51:4d:ea:66:80:77:7b:cd:8a:
         21:2e:c4:7c:a2:78:ce:eb:05:69:8b:79:25:f5:37:9c:f1:20:
         6f:28:ea:5a:d7:db:22:a8:1b:58:f8:a3:1f:f9:b0:ab:87:9d:
         75:e8:e3:72:b8:20:a1:a5:e8:80:a7:2b:02:92:92:1a:3f:05:
         31:e8:93:e6:c4:da:db:16:41:82:57:5e:d5:bd:cc:2e:29:03:
         dc:10:8a:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYIRm/YAaDybnwzQb9VFwRMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjIwNzE4MTQwMDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBlYzc1ODg4OTY0NWQwMWMxMzIwNjlkYTcxMjJiNTM5OGRjZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4erEw+HdZXVI1eYCYhYB5ogekpe
67OJc19GNMLVDegfPsAnFBIWPYcU8AgHVoks7BJzejZatQSIMSsXoToyMWqx09vq
LOfPaboVzAeFufooN/u1icplVgFDO44dCZ1dezkIU79IYE9BhbIkJsnFvRxVqvj3
IwIR/lhBXYfw9J0lbvppLi0SMXPTiXsv78RJqG2rCongSF+eHW4cdYxxnBdYw+3C
1FMpbT+a5YgW5hdv7JD2rc2KtBYJ00wtj0RGyzeXoB8iWnTR0LeNICclGgxAK8H9
fzReVQQQdk+3figGJZzuz11ZoNGU3fgQQ+vQXTvHKwsWFyBYsiHRLB59owIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD8Ox1iIlkXQHBMgadpxIrU5jc6dMB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvUHc3SFdJaVdSZEFjRXlCcDJuRWl0VG1OenAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQA0FH3Q9tE96s59
hjy9Q7QL7JQGHlBmNwG39r07Eo4DPFE07btyiqh7wLsfQCjn+EAmAcNY2k9LN4m3
A/xo2qGIy7VqeRW4ZtuV1bavoqumAo0aHc7BnkfPpFy/F5JND3eCAbffie9n0UjG
X80HyQXuSyqjKYoNpsaCYPp53Ll6JGcej4kQiA54iMuNHwAv8rHauOmrzNLzaTcC
Mldyi2D5azAj2MzxqnIipaNRTepmgHd7zYohLsR8onjO6wVpi3kl9Tec8SBvKOpa
19siqBtY+KMf+bCrh5116ONyuCChpeiApysCkpIaPwUx6JPmxNrbFkGCV17Vvcwu
KQPcEIqA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org