Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/hFEqVAb7yFzIyQdj6-Xr7fR7IYc.roa
File:                     hFEqVAb7yFzIyQdj6-Xr7fR7IYc.roa (raw, json)
Hash identifier:          YYVg4VkWovjsMZ+tI8qjseUwiA4nEjDYcm+LuFkjcO4=
Subject key identifier:   84:51:2A:54:06:FB:C8:5C:C8:C9:07:63:EB:E5:EB:ED:F4:7B:21:87
Certificate issuer:       /CN=0a73778fb1bec28c9982652aede86a004c2682f1
Certificate serial:       AC6763
Authority key identifier: 0A:73:77:8F:B1:BE:C2:8C:99:82:65:2A:ED:E8:6A:00:4C:26:82:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CnN3j7G-woyZgmUq7ehqAEwmgvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/hFEqVAb7yFzIyQdj6-Xr7fR7IYc.roa
Signing time:             Sat 01 Jan 2022 00:59:19 +0000
ROA not before:           Sat 01 Jan 2022 00:59:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        185.30.28.0/22 maxlen: 22
                          185.38.196.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11298659 (0xac6763)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a73778fb1bec28c9982652aede86a004c2682f1
        Validity
            Not Before: Jan  1 00:59:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=84512a5406fbc85cc8c90763ebe5ebedf47b2187
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e2:ef:17:0f:6f:4d:c3:f3:6c:3f:da:d7:f9:
                    9d:dc:db:ac:13:08:38:dd:96:d7:f1:dd:26:c6:40:
                    b9:2a:ca:65:4e:03:20:bf:0c:04:29:1e:ce:ab:f5:
                    ef:83:74:e4:13:23:18:81:d6:69:60:c2:fa:28:1e:
                    98:9f:bb:eb:6b:c5:ff:d5:10:81:af:1f:04:6b:00:
                    09:5e:ca:5f:3a:53:27:b8:99:00:6d:1b:e3:d8:61:
                    f2:91:7c:6d:84:48:c9:f8:e5:6f:c4:62:13:3b:ca:
                    9b:b9:dd:d2:d0:f0:3c:29:e4:26:ce:98:a7:1c:ba:
                    43:46:f0:39:63:d3:86:9a:f2:0d:95:a1:51:ae:61:
                    17:6e:b8:e2:c2:c2:18:45:70:b9:49:15:a9:da:73:
                    eb:24:79:15:86:e4:78:d4:33:63:76:a3:77:e3:91:
                    75:87:8a:d0:61:38:a8:6c:5d:5f:d7:7e:9f:91:34:
                    a0:48:8f:45:b7:cc:d7:0d:8d:79:8b:02:55:bd:11:
                    cc:46:b1:b4:3a:4d:53:42:96:e7:24:7f:1b:d3:63:
                    bc:06:28:ef:7b:bb:c6:ae:40:c8:6b:b9:3f:79:42:
                    ce:0c:03:e0:d6:c6:a0:0b:d8:b1:a1:76:60:98:23:
                    f4:cc:bb:bd:9f:1f:d5:bb:80:b9:00:26:77:83:62:
                    db:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:51:2A:54:06:FB:C8:5C:C8:C9:07:63:EB:E5:EB:ED:F4:7B:21:87
            X509v3 Authority Key Identifier:
                keyid:0A:73:77:8F:B1:BE:C2:8C:99:82:65:2A:ED:E8:6A:00:4C:26:82:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnN3j7G-woyZgmUq7ehqAEwmgvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/hFEqVAb7yFzIyQdj6-Xr7fR7IYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/CnN3j7G-woyZgmUq7ehqAEwmgvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.30.28.0/22
                  185.38.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         24:67:13:74:49:d1:a0:90:5c:3f:95:db:53:ef:50:32:c3:cc:
         e9:25:18:dc:28:c9:38:f4:6f:22:7d:3c:4f:70:b2:2a:da:6d:
         8c:06:0a:b9:3e:91:83:a9:4b:61:0a:6a:04:12:76:a0:69:60:
         7d:f8:33:ee:f2:f9:c0:3a:4e:d1:4e:2e:e6:75:57:0f:06:d3:
         e3:77:86:da:d9:58:b8:0c:e7:c8:58:19:8e:50:6c:58:43:bb:
         47:a6:ba:e1:98:e7:cd:29:ae:f9:a5:89:e3:9b:f4:eb:c4:b3:
         73:53:30:c6:3d:b9:fc:e5:a3:ad:9f:13:28:5d:d5:54:a1:85:
         ff:0a:0b:4f:47:48:16:75:05:ab:b2:80:81:06:42:f1:02:6a:
         e6:f9:6d:17:c6:b0:d9:b5:88:b2:90:b8:be:73:89:bf:25:7f:
         1c:10:d1:c0:bd:28:fb:e0:1f:61:35:63:07:d3:1c:30:eb:f1:
         1d:2b:fe:a3:27:51:ac:5f:2c:d2:2f:30:e7:61:4b:6b:d6:9c:
         c1:d2:27:f5:e9:c3:67:e5:a3:b4:82:4d:13:d6:dd:9f:14:1d:
         b0:6b:b1:f4:c4:a9:30:82:ae:34:58:82:ca:3b:f7:5e:17:f8:
         16:d0:ba:b5:1a:02:86:e0:a5:b6:39:c8:ea:55:01:fc:d4:fb:
         c5:75:45:57
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAKxnYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTczNzc4ZmIxYmVjMjhjOTk4MjY1MmFlZGU4NmEwMDRjMjY4MmYxMB4XDTIyMDEw
MTAwNTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ1MTJhNTQwNmZi
Yzg1Y2M4YzkwNzYzZWJlNWViZWRmNDdiMjE4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7i7xcPb03D82w/2tf5ndzbrBMION2W1/HdJsZAuSrKZU4D
IL8MBCkezqv174N05BMjGIHWaWDC+igemJ+762vF/9UQga8fBGsACV7KXzpTJ7iZ
AG0b49hh8pF8bYRIyfjlb8RiEzvKm7nd0tDwPCnkJs6Ypxy6Q0bwOWPThpryDZWh
Ua5hF2644sLCGEVwuUkVqdpz6yR5FYbkeNQzY3ajd+ORdYeK0GE4qGxdX9d+n5E0
oEiPRbfM1w2NeYsCVb0RzEaxtDpNU0KW5yR/G9NjvAYo73u7xq5AyGu5P3lCzgwD
4NbGoAvYsaF2YJgj9My7vZ8f1buAuQAmd4Ni2/kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSEUSpUBvvIXMjJB2Pr5evt9HshhzAfBgNVHSMEGDAWgBQKc3ePsb7CjJmC
ZSrt6GoATCaC8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NuTjNqN0ctd295WmdtVXE3ZWhxQUV3bWd2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvZTZlMTVjLTEyYjAtNDBiZS04YmMxLTU3MDhmNTgwZTM2YS8x
L2hGRXFWQWI3eUZ6SXlRZGo2LVhyN2ZSN0lZYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
ZTZlMTVjLTEyYjAtNDBiZS04YmMxLTU3MDhmNTgwZTM2YS8xL0NuTjNqN0ctd295
WmdtVXE3ZWhxQUV3bWd2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkeHAMEArkmxDANBgkqhkiG9w0B
AQsFAAOCAQEAJGcTdEnRoJBcP5XbU+9QMsPM6SUY3CjJOPRvIn08T3CyKtptjAYK
uT6Rg6lLYQpqBBJ2oGlgffgz7vL5wDpO0U4u5nVXDwbT43eG2tlYuAznyFgZjlBs
WEO7R6a64ZjnzSmu+aWJ45v068Szc1Mwxj25/OWjrZ8TKF3VVKGF/woLT0dIFnUF
q7KAgQZC8QJq5vltF8aw2bWIspC4vnOJvyV/HBDRwL0o++AfYTVjB9McMOvxHSv+
oydRrF8s0i8w52FLa9acwdIn9enDZ+WjtIJNE9bdnxQdsGux9MSpMIKuNFiCyjv3
Xhf4FtC6tRoChuCltjnI6lUB/NT7xXVFVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:30 2024 by rpki-client on console-ams.rpki-client.org