Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/cFnOi9hXXwM3Fa8Fb36gKafVvzw.roa
File:                     cFnOi9hXXwM3Fa8Fb36gKafVvzw.roa (raw, json)
Hash identifier:          76MvG575fZqMUMdORShQbecUpxuJ00QvgJxzgVqcOwk=
Subject key identifier:   70:59:CE:8B:D8:57:5F:03:37:15:AF:05:6F:7E:A0:29:A7:D5:BF:3C
Certificate issuer:       /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial:       018216CAC30E7A5E9023CFC1BF7BADF8294B
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/cFnOi9hXXwM3Fa8Fb36gKafVvzw.roa
Signing time:             Tue 19 Jul 2022 14:09:23 +0000
ROA not before:           Tue 19 Jul 2022 14:09:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204436
IP address blocks:        185.181.116.0/22 maxlen: 24
                          91.197.228.0/22 maxlen: 24
                          2a0a:cb80::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:16:ca:c3:0e:7a:5e:90:23:cf:c1:bf:7b:ad:f8:29:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
        Validity
            Not Before: Jul 19 14:09:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7059ce8bd8575f033715af056f7ea029a7d5bf3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:91:f6:6e:9d:b4:91:80:80:6f:51:bd:e8:46:
                    3a:d3:f3:73:f6:de:2b:d1:30:57:7c:9e:bd:5b:bd:
                    a3:c7:26:6f:aa:52:37:f3:35:91:4c:06:50:14:3b:
                    99:e4:8b:6a:72:ad:7d:3e:55:44:07:79:c3:bc:20:
                    ee:76:b6:0f:e8:e5:86:25:c5:ac:c5:63:ed:b9:e1:
                    f5:8d:e4:58:ec:de:71:8f:3e:0c:84:c4:8a:65:f1:
                    99:5d:47:f0:ec:37:ac:2a:17:a6:88:a9:3d:98:c2:
                    87:bf:63:be:1f:07:a8:2e:18:16:72:8d:b4:f9:8f:
                    72:66:a0:17:85:b1:d8:90:1f:ac:ae:12:d5:d7:be:
                    89:22:0f:17:32:30:d2:5e:dd:87:e3:5e:cd:e1:03:
                    0f:9b:d9:54:69:ca:9d:e0:82:ab:fc:36:16:8c:ab:
                    eb:ac:9b:0d:ed:a3:ac:27:3b:49:87:68:e6:f5:3c:
                    a4:98:d5:fa:c3:9f:8e:88:7a:59:15:c5:30:e4:3d:
                    fa:64:2a:34:d3:31:43:a4:f1:7b:f0:95:be:3f:9d:
                    83:45:a5:f7:8b:39:a4:d5:3e:08:3e:31:1d:1a:cb:
                    62:71:47:09:13:fc:28:6d:09:cc:6d:c9:98:9d:24:
                    60:db:bd:e8:d1:46:78:9c:25:dc:db:af:13:ac:64:
                    ec:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:59:CE:8B:D8:57:5F:03:37:15:AF:05:6F:7E:A0:29:A7:D5:BF:3C
            X509v3 Authority Key Identifier:
                keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/cFnOi9hXXwM3Fa8Fb36gKafVvzw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.197.228.0/22
                  185.181.116.0/22
                IPv6:
                  2a0a:cb80::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:0a:e7:c6:e7:af:52:dc:af:e4:ba:b1:15:b2:1a:f5:f5:44:
         2d:88:95:80:46:50:f6:f1:1a:e4:89:3b:4c:b7:1d:76:fb:05:
         03:21:63:d5:66:e8:03:a1:de:9e:aa:8a:4d:de:ab:1d:e3:43:
         71:e0:1a:d0:d8:68:aa:54:68:d6:e4:a6:3b:9d:c8:0f:ae:53:
         ac:7f:7e:8c:ab:a2:ef:80:fc:ff:88:2e:71:3b:fe:6f:55:ae:
         7a:5f:7d:f2:df:20:f0:8d:bc:a9:73:54:1a:44:9c:de:7b:cc:
         e0:08:3b:c2:a3:fe:c7:2e:b7:02:e4:0c:85:a6:67:6b:70:c9:
         52:5e:09:b2:ce:d4:17:77:15:85:31:9b:a6:5f:55:66:4b:14:
         32:d7:34:65:0a:6c:3a:f9:a7:ea:c2:53:d4:a2:a6:fa:9f:e4:
         56:14:f6:11:03:2b:14:62:ee:1d:3c:5e:c7:b4:33:89:3a:07:
         2a:e4:cb:1f:96:66:48:51:f1:ea:0b:42:5c:78:37:7e:05:d5:
         d0:49:e1:fa:02:52:81:e5:2d:91:4b:31:06:75:c2:e6:db:f9:
         26:b1:7b:cc:45:c6:e8:d8:7e:60:15:ca:85:c7:16:b3:8d:b6:
         14:d3:29:87:e4:2a:92:d5:7e:10:33:c8:b3:52:99:a9:90:f5:
         eb:7f:0f:1c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYIWysMOel6QI8/Bv3ut+ClLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjIwNzE5MTQwOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDU5Y2U4YmQ4NTc1ZjAzMzcxNWFmMDU2ZjdlYTAyOWE3ZDViZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZH2bp20kYCAb1G96EY60/Nz9t4r
0TBXfJ69W72jxyZvqlI38zWRTAZQFDuZ5Itqcq19PlVEB3nDvCDudrYP6OWGJcWs
xWPtueH1jeRY7N5xjz4MhMSKZfGZXUfw7DesKhemiKk9mMKHv2O+HweoLhgWco20
+Y9yZqAXhbHYkB+srhLV176JIg8XMjDSXt2H417N4QMPm9lUacqd4IKr/DYWjKvr
rJsN7aOsJztJh2jm9TykmNX6w5+OiHpZFcUw5D36ZCo00zFDpPF78JW+P52DRaX3
izmk1T4IPjEdGsticUcJE/wobQnMbcmYnSRg273o0UZ4nCXc268TrGTsnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHBZzovYV18DNxWvBW9+oCmn1b88MB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvY0ZuT2k5aFhYd00zRmE4RmIzNmdLYWZWdnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQBlCufG569S3K/k
urEVshr19UQtiJWARlD28RrkiTtMtx12+wUDIWPVZugDod6eqopN3qsd40Nx4BrQ
2GiqVGjW5KY7ncgPrlOsf36Mq6LvgPz/iC5xO/5vVa56X33y3yDwjbypc1QaRJze
e8zgCDvCo/7HLrcC5AyFpmdrcMlSXgmyztQXdxWFMZumX1VmSxQy1zRlCmw6+afq
wlPUoqb6n+RWFPYRAysUYu4dPF7HtDOJOgcq5MsflmZIUfHqC0JceDd+BdXQSeH6
AlKB5S2RSzEGdcLm2/kmsXvMRcbo2H5gFcqFxxazjbYU0ymH5CqS1X4QM8izUpmp
kPXrfw8c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org