Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/9--K9kDNdwDh7s5fK6bJKId3Dcw.roa
File:                     9--K9kDNdwDh7s5fK6bJKId3Dcw.roa (raw, json)
Hash identifier:          jKG07HjzWgd7I6HLkfRv06IIEhQSlBWDAD+JXbvHGxs=
Subject key identifier:   F7:EF:8A:F6:40:CD:77:00:E1:EE:CE:5F:2B:A6:C9:28:87:77:0D:CC
Certificate issuer:       /CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Certificate serial:       01847A05134E469B8B34EFA5FCBC7DEEC2D4
Authority key identifier: 3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/9--K9kDNdwDh7s5fK6bJKId3Dcw.roa
Signing time:             Tue 15 Nov 2022 06:41:03 +0000
ROA not before:           Tue 15 Nov 2022 06:41:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42202
IP address blocks:        185.206.188.0/22 maxlen: 22
                          2a0b:1740::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7a:05:13:4e:46:9b:8b:34:ef:a5:fc:bc:7d:ee:c2:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
        Validity
            Not Before: Nov 15 06:41:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f7ef8af640cd7700e1eece5f2ba6c92887770dcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:86:d8:09:14:d4:da:5c:80:dc:f6:7d:0c:fb:
                    0b:b4:af:5a:51:a2:91:43:30:25:a9:56:fa:32:09:
                    bd:af:70:91:4a:7f:da:7b:b9:85:40:74:48:4d:4c:
                    9d:1f:f5:d6:f8:f5:44:82:50:d6:d4:db:2b:f4:71:
                    06:73:dc:88:9f:5b:84:f9:09:e3:b4:6b:a8:6c:18:
                    9d:30:72:89:58:ef:eb:0a:ae:8b:16:fd:d9:af:16:
                    26:8c:4b:b7:a4:51:7a:b3:3a:97:73:33:09:13:a2:
                    f0:79:d4:34:19:4f:6b:1d:1d:c7:c6:89:f9:79:ef:
                    69:5d:1a:3b:e8:83:24:2f:e7:07:63:f6:ca:cb:b4:
                    68:3d:72:90:6b:c8:b5:00:1e:60:b8:68:d2:f7:0c:
                    cc:fe:a6:87:67:ef:c1:48:f7:9d:0d:88:2e:96:c8:
                    c4:95:a0:f3:e7:3e:e4:81:34:2b:c5:85:a3:09:3a:
                    53:e7:bc:81:0c:48:40:ef:ec:86:34:f0:14:05:02:
                    bf:cd:44:be:e0:c9:c0:58:4e:62:bf:e9:7c:30:d4:
                    e4:62:f2:87:75:46:37:db:70:85:47:81:ae:58:6a:
                    6a:80:51:de:bc:a1:5b:1c:0b:62:63:59:e4:7d:a4:
                    47:8d:99:29:44:9e:33:b8:98:18:29:9d:be:92:0d:
                    f8:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:EF:8A:F6:40:CD:77:00:E1:EE:CE:5F:2B:A6:C9:28:87:77:0D:CC
            X509v3 Authority Key Identifier:
                keyid:3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/9--K9kDNdwDh7s5fK6bJKId3Dcw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/O9lDbSE1wISJe3TGrTbaFwCnqY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.188.0/22
                IPv6:
                  2a0b:1740::/29

    Signature Algorithm: sha256WithRSAEncryption
         68:23:20:d5:e4:10:43:2d:4b:0e:a2:54:14:75:23:95:be:21:
         d5:7b:20:1c:43:58:ee:31:9d:26:a2:f6:35:1d:75:1e:d6:3a:
         8a:48:53:46:96:52:fe:a6:fb:60:e5:39:a1:0f:bb:86:fa:3d:
         cd:9a:83:55:07:76:d9:81:ab:8a:17:51:fd:87:99:06:10:78:
         d9:2f:70:7f:68:5d:52:b3:09:90:8f:c0:45:e5:a2:e8:60:8a:
         6a:3e:fc:a6:ce:1d:4a:bc:d9:06:8c:2a:8d:f7:31:1d:c6:b6:
         cf:37:4e:22:94:aa:34:85:b3:26:89:b6:bc:c0:c2:c6:6d:64:
         2e:b8:e8:00:45:07:20:b9:16:7b:b7:29:d7:f1:00:47:34:fa:
         c1:0a:d8:f1:b4:a5:2c:d5:41:35:db:be:cc:c4:68:33:3b:16:
         f8:0e:55:c5:2f:a9:e0:f1:f7:54:37:db:4a:b2:4a:43:23:ba:
         1c:d8:f1:ec:0f:b9:1b:10:1d:91:1d:27:4f:51:36:3d:dc:c3:
         55:16:e8:db:06:70:03:fd:ca:cc:96:18:12:0e:fb:fc:d3:40:
         90:42:e3:65:09:8c:79:ca:b3:ba:a8:43:d3:f9:5d:93:c2:d2:
         8a:95:6e:8d:b9:ca:60:10:8d:07:c9:6e:4f:c4:aa:1a:99:3e:
         9e:28:3c:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYR6BRNORpuLNO+l/Lx97sLUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDk0MzZkMjEzNWMwODQ4OTdiNzRjNmFkMzZkYTE3MDBh
N2E5OGQwHhcNMjIxMTE1MDY0MTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2VmOGFmNjQwY2Q3NzAwZTFlZWNlNWYyYmE2YzkyODg3NzcwZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtobYCRTU2lyA3PZ9DPsLtK9aUaKR
QzAlqVb6Mgm9r3CRSn/ae7mFQHRITUydH/XW+PVEglDW1Nsr9HEGc9yIn1uE+Qnj
tGuobBidMHKJWO/rCq6LFv3ZrxYmjEu3pFF6szqXczMJE6LwedQ0GU9rHR3Hxon5
ee9pXRo76IMkL+cHY/bKy7RoPXKQa8i1AB5guGjS9wzM/qaHZ+/BSPedDYgulsjE
laDz5z7kgTQrxYWjCTpT57yBDEhA7+yGNPAUBQK/zUS+4MnAWE5iv+l8MNTkYvKH
dUY323CFR4GuWGpqgFHevKFbHAtiY1nkfaRHjZkpRJ4zuJgYKZ2+kg34vQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPfvivZAzXcA4e7OXyumySiHdw3MMB8GA1UdIwQY
MBaAFDvZQ20hNcCEiXt0xq022hcAp6mNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTIt
MjYzN2QxMzMzOGYxLzEvOS0tSzlrRE5kd0RoN3M1Zks2YkpLSWQzRGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTItMjYzN2QxMzMzOGYx
LzEvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc68MA0E
AgACMAcDBQMqCxdAMA0GCSqGSIb3DQEBCwUAA4IBAQBoIyDV5BBDLUsOolQUdSOV
viHVeyAcQ1juMZ0movY1HXUe1jqKSFNGllL+pvtg5TmhD7uG+j3NmoNVB3bZgauK
F1H9h5kGEHjZL3B/aF1SswmQj8BF5aLoYIpqPvymzh1KvNkGjCqN9zEdxrbPN04i
lKo0hbMmiba8wMLGbWQuuOgARQcguRZ7tynX8QBHNPrBCtjxtKUs1UE1277MxGgz
Oxb4DlXFL6ng8fdUN9tKskpDI7oc2PHsD7kbEB2RHSdPUTY93MNVFujbBnAD/crM
lhgSDvv800CQQuNlCYx5yrO6qEPT+V2TwtKKlW6NucpgEI0HyW5PxKoamT6eKDyX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:41 2024 by rpki-client on console-fra.rpki-client.org