Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/XAlgqqsw1g8dbJiJeTzz_H_oE_8.roa
File:                     XAlgqqsw1g8dbJiJeTzz_H_oE_8.roa (raw, json)
Hash identifier:          mE9Kdj4dqjrVd8e+cAohikGJOmog+X7kGW9z7/E6tE8=
Subject key identifier:   5C:09:60:AA:AB:30:D6:0F:1D:6C:98:89:79:3C:F3:FC:7F:E8:13:FF
Certificate issuer:       /CN=d4f92129df7aaa7157e15973c24753e118c9057d
Certificate serial:       092D6BE8
Authority key identifier: D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1PkhKd96qnFX4VlzwkdT4RjJBX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/XAlgqqsw1g8dbJiJeTzz_H_oE_8.roa
Signing time:             Sat 01 Jan 2022 11:05:25 +0000
ROA not before:           Sat 01 Jan 2022 11:05:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204631
IP address blocks:        185.136.120.0/22 maxlen: 22
                          193.27.218.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153971688 (0x92d6be8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4f92129df7aaa7157e15973c24753e118c9057d
        Validity
            Not Before: Jan  1 11:05:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5c0960aaab30d60f1d6c9889793cf3fc7fe813ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:1a:2b:cd:7c:e6:df:1a:83:bb:48:fb:c1:42:
                    92:b6:4a:c8:cc:78:55:e3:94:40:54:b6:04:0e:0d:
                    be:ea:21:ce:73:39:5d:34:20:5f:1d:4d:44:81:88:
                    27:ee:5a:5d:1c:c5:15:a0:46:52:b0:f5:26:a1:0d:
                    35:5d:be:73:e2:8a:35:12:a3:2d:e6:0f:f5:31:d1:
                    d9:04:11:80:45:c7:10:15:84:c7:31:80:ac:fe:16:
                    d9:59:05:59:a1:7b:1e:73:5b:b9:79:c7:73:a6:57:
                    99:1c:c7:b1:85:c1:63:5c:4c:0c:5e:96:4d:18:21:
                    84:46:cc:4f:d9:0c:bc:98:7d:ef:98:73:52:6c:29:
                    2a:fe:ec:24:eb:98:e9:3c:a1:68:4c:ce:95:a6:1c:
                    1f:91:f1:0b:b4:6a:4c:32:f1:28:13:c7:84:fd:6d:
                    44:f8:36:ae:83:9b:b9:93:7e:bd:d9:12:dd:78:10:
                    31:a7:38:f3:91:87:61:84:c9:7d:24:0e:6d:00:11:
                    92:5e:aa:bc:b4:79:83:16:d3:d0:e9:71:cb:b7:24:
                    01:a5:9e:db:a8:98:d1:28:67:92:b3:5d:ab:49:f7:
                    1a:21:f0:22:42:07:e4:b6:1c:3f:2c:ab:77:af:52:
                    49:a3:90:c4:a9:ec:e1:e7:30:fd:ff:07:c4:59:1c:
                    b3:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:09:60:AA:AB:30:D6:0F:1D:6C:98:89:79:3C:F3:FC:7F:E8:13:FF
            X509v3 Authority Key Identifier:
                keyid:D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PkhKd96qnFX4VlzwkdT4RjJBX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/XAlgqqsw1g8dbJiJeTzz_H_oE_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/1PkhKd96qnFX4VlzwkdT4RjJBX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.136.120.0/22
                  193.27.218.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c8:7f:a4:c1:92:a5:cb:7c:fd:7e:09:91:a6:20:d8:5b:67:22:
         ed:7f:a4:de:58:0c:c1:93:54:09:84:71:a4:a3:ce:79:79:f7:
         b0:b9:33:84:a1:c2:47:24:15:48:dc:ed:b3:a2:79:48:5f:0f:
         87:a2:47:87:78:eb:de:34:c0:77:07:c3:3e:6f:2f:2c:04:25:
         ec:ba:32:7f:1e:33:63:2a:b1:eb:0a:75:83:ed:20:cb:07:eb:
         4d:9a:fc:0b:33:72:a5:79:8d:fe:2f:97:a8:99:f5:01:b9:9c:
         cd:41:e0:7e:44:75:5e:f3:8f:a3:31:e3:60:c5:e2:99:f2:af:
         2a:67:6f:d3:02:bd:d3:a2:69:3d:7b:98:2c:fe:71:c6:b5:98:
         e3:44:74:e2:bf:29:ea:71:f5:fd:c4:c0:d5:44:9e:77:63:81:
         f1:36:66:e7:1a:4f:98:4d:0f:2b:9c:5e:f2:14:74:7d:ac:27:
         8d:8f:26:fb:c9:74:0a:2d:d7:bc:39:4c:1c:a5:a5:61:05:52:
         b0:33:b7:16:a0:dc:2f:df:5c:98:12:17:9e:96:98:44:8b:3e:
         d9:ff:71:72:81:0b:25:e3:dd:5e:2e:c9:3b:fb:28:7f:80:e8:
         d1:1c:c4:25:6b:52:4b:44:87:d7:ef:a8:bc:82:67:2d:68:a9:
         4f:ba:4b:91
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECS1r6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGY5MjEyOWRmN2FhYTcxNTdlMTU5NzNjMjQ3NTNlMTE4YzkwNTdkMB4XDTIyMDEw
MTExMDUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMwOTYwYWFhYjMw
ZDYwZjFkNmM5ODg5NzkzY2YzZmM3ZmU4MTNmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8aK8185t8ag7tI+8FCkrZKyMx4VeOUQFS2BA4NvuohznM5
XTQgXx1NRIGIJ+5aXRzFFaBGUrD1JqENNV2+c+KKNRKjLeYP9THR2QQRgEXHEBWE
xzGArP4W2VkFWaF7HnNbuXnHc6ZXmRzHsYXBY1xMDF6WTRghhEbMT9kMvJh975hz
UmwpKv7sJOuY6TyhaEzOlaYcH5HxC7RqTDLxKBPHhP1tRPg2roObuZN+vdkS3XgQ
Mac485GHYYTJfSQObQARkl6qvLR5gxbT0Olxy7ckAaWe26iY0ShnkrNdq0n3GiHw
IkIH5LYcPyyrd69SSaOQxKns4ecw/f8HxFkcsxECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRcCWCqqzDWDx1smIl5PPP8f+gT/zAfBgNVHSMEGDAWgBTU+SEp33qqcVfh
WXPCR1PhGMkFfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFQa2hLZDk2cW5GWDRWbHp3a2RUNFJqSkJYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvOWNmZTVkLTU3NzAtNGI1ZC04OTM1LTlmMzhjOGI4YTkyOC8x
L1hBbGdxcXN3MWc4ZGJKaUplVHp6X0hfb0VfOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
OWNmZTVkLTU3NzAtNGI1ZC04OTM1LTlmMzhjOGI4YTkyOC8xLzFQa2hLZDk2cW5G
WDRWbHp3a2RUNFJqSkJYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArmIeAMEAcEb2jANBgkqhkiG9w0B
AQsFAAOCAQEAyH+kwZKly3z9fgmRpiDYW2ci7X+k3lgMwZNUCYRxpKPOeXn3sLkz
hKHCRyQVSNzts6J5SF8Ph6JHh3jr3jTAdwfDPm8vLAQl7Loyfx4zYyqx6wp1g+0g
ywfrTZr8CzNypXmN/i+XqJn1AbmczUHgfkR1XvOPozHjYMXimfKvKmdv0wK906Jp
PXuYLP5xxrWY40R04r8p6nH1/cTA1USed2OB8TZm5xpPmE0PK5xe8hR0fawnjY8m
+8l0Ci3XvDlMHKWlYQVSsDO3FqDcL99cmBIXnpaYRIs+2f9xcoELJePdXi7JO/so
f4Do0RzEJWtSS0SH1++ovIJnLWipT7pLkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:49 2024 by rpki-client on console-ams.rpki-client.org