Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/e57dcf-36f9-4a4a-ae3c-0bb3affcc2d3/1/UAH8U5Z_Rxfv-uyZ1jYK24a-9Uk.roa
File:                     UAH8U5Z_Rxfv-uyZ1jYK24a-9Uk.roa (raw, json)
Hash identifier:          V6oTScslz2PNM0FRLJsq0WHgRhguWZGweL/kUsQUvSA=
Subject key identifier:   50:01:FC:53:96:7F:47:17:EF:FA:EC:99:D6:36:0A:DB:86:BE:F5:49
Certificate issuer:       /CN=919bf29e1aca23a515e11f66960b4eb95c80cfb9
Certificate serial:       D7A930
Authority key identifier: 91:9B:F2:9E:1A:CA:23:A5:15:E1:1F:66:96:0B:4E:B9:5C:80:CF:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kZvynhrKI6UV4R9mlgtOuVyAz7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/e57dcf-36f9-4a4a-ae3c-0bb3affcc2d3/1/UAH8U5Z_Rxfv-uyZ1jYK24a-9Uk.roa
Signing time:             Sat 01 Jan 2022 05:05:25 +0000
ROA not before:           Sat 01 Jan 2022 05:05:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        185.51.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14133552 (0xd7a930)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=919bf29e1aca23a515e11f66960b4eb95c80cfb9
        Validity
            Not Before: Jan  1 05:05:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5001fc53967f4717effaec99d6360adb86bef549
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a2:cc:65:03:f8:bb:e5:d4:30:3a:4f:00:bf:
                    7a:d8:1e:ad:19:41:27:37:64:57:dc:b4:e7:b1:eb:
                    21:88:99:a5:dc:43:f5:ff:d3:77:1f:f6:40:17:bb:
                    eb:87:b4:31:e2:e5:c2:96:82:b5:fb:5a:9f:30:3d:
                    7e:26:fc:70:3f:72:5c:4f:f8:7b:4b:0d:3f:2e:ec:
                    36:1b:36:3a:46:e0:08:89:a6:e7:4d:af:58:55:ca:
                    69:e7:d1:4d:a8:79:dc:d4:07:db:7d:db:b1:54:65:
                    b5:c2:be:2a:80:45:c5:ee:12:6a:76:17:18:ea:0c:
                    a7:0a:f7:f2:10:64:b2:db:46:5d:40:3b:4f:65:08:
                    b6:48:dc:66:de:7c:73:37:c0:fa:3b:4b:9a:8f:66:
                    6f:23:1c:49:dc:ce:a3:19:58:bd:57:a4:1a:c7:a4:
                    3a:03:df:17:3d:03:b3:b6:be:03:a6:d6:3a:c1:56:
                    53:ca:e3:81:84:e5:5e:2a:6c:28:57:b1:cd:ca:ed:
                    8c:53:07:59:f9:0c:57:7a:e7:67:a9:42:06:9a:87:
                    0f:72:3c:ab:af:44:c9:f7:43:0e:0e:ef:d0:66:db:
                    2a:7b:30:51:be:50:df:5b:73:97:fc:03:a3:37:3a:
                    aa:9c:39:85:e9:a1:3d:f4:59:3a:d2:6e:d2:17:e1:
                    27:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:01:FC:53:96:7F:47:17:EF:FA:EC:99:D6:36:0A:DB:86:BE:F5:49
            X509v3 Authority Key Identifier:
                keyid:91:9B:F2:9E:1A:CA:23:A5:15:E1:1F:66:96:0B:4E:B9:5C:80:CF:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kZvynhrKI6UV4R9mlgtOuVyAz7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/e57dcf-36f9-4a4a-ae3c-0bb3affcc2d3/1/UAH8U5Z_Rxfv-uyZ1jYK24a-9Uk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/e57dcf-36f9-4a4a-ae3c-0bb3affcc2d3/1/kZvynhrKI6UV4R9mlgtOuVyAz7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.51.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:81:8f:62:b6:fe:93:ad:05:fd:c4:dd:2b:4d:b3:f6:79:b3:
         2f:53:4b:52:ec:ab:7c:d8:46:0e:58:ef:01:15:c7:5e:a0:9e:
         8d:2c:7e:b1:f3:26:f2:f8:12:cb:ba:65:cc:66:df:11:93:d6:
         b5:0d:54:4f:dc:99:58:ea:d0:c7:dd:7a:e5:42:52:92:4b:18:
         54:5c:ad:04:35:72:0b:43:6b:34:b8:00:74:af:e3:58:62:70:
         d9:9f:18:74:35:f6:c8:c7:77:f9:00:04:6e:93:6c:9b:7b:b3:
         a9:6c:0d:d5:99:d5:b8:a1:be:11:6e:0e:e4:d5:ec:13:34:21:
         04:76:0c:69:e1:1f:05:6b:94:a0:17:af:a2:f7:5a:d6:f8:5b:
         41:a3:39:23:f5:2e:e8:4e:51:c1:cd:27:a3:8b:7d:95:a4:a4:
         5c:ce:f2:33:2f:f0:f7:e6:e6:7c:f5:3c:37:bc:c3:3d:50:17:
         c1:c4:92:c8:bb:e3:03:55:e2:b8:14:ed:9b:0a:56:69:79:3c:
         d5:e2:e7:0f:99:1f:83:ec:31:a8:92:d5:2d:04:a4:e1:ee:0d:
         09:1a:c4:31:cb:be:aa:f4:e0:b4:b3:2b:e7:a3:62:98:61:07:
         e0:62:d5:8d:7a:cc:6e:0d:2e:89:31:a2:ab:5e:2c:57:ef:05:
         ee:c8:a0:a9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANepMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MTliZjI5ZTFhY2EyM2E1MTVlMTFmNjY5NjBiNGViOTVjODBjZmI5MB4XDTIyMDEw
MTA1MDUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTAwMWZjNTM5Njdm
NDcxN2VmZmFlYzk5ZDYzNjBhZGI4NmJlZjU0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOizGUD+Lvl1DA6TwC/etgerRlBJzdkV9y057HrIYiZpdxD
9f/Tdx/2QBe764e0MeLlwpaCtftanzA9fib8cD9yXE/4e0sNPy7sNhs2OkbgCImm
502vWFXKaefRTah53NQH233bsVRltcK+KoBFxe4SanYXGOoMpwr38hBksttGXUA7
T2UItkjcZt58czfA+jtLmo9mbyMcSdzOoxlYvVekGsekOgPfFz0Ds7a+A6bWOsFW
U8rjgYTlXipsKFexzcrtjFMHWfkMV3rnZ6lCBpqHD3I8q69EyfdDDg7v0GbbKnsw
Ub5Q31tzl/wDozc6qpw5hemhPfRZOtJu0hfhJ6sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRQAfxTln9HF+/67JnWNgrbhr71STAfBgNVHSMEGDAWgBSRm/KeGsojpRXh
H2aWC065XIDPuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tadnluaHJLSTZVVjRSOW1sZ3RPdVZ5QXo3ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvZTU3ZGNmLTM2ZjktNGE0YS1hZTNjLTBiYjNhZmZjYzJkMy8x
L1VBSDhVNVpfUnhmdi11eVoxallLMjRhLTlVay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
ZTU3ZGNmLTM2ZjktNGE0YS1hZTNjLTBiYjNhZmZjYzJkMy8xL2tadnluaHJLSTZV
VjRSOW1sZ3RPdVZ5QXo3ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkzeDANBgkqhkiG9w0BAQsFAAOC
AQEAOYGPYrb+k60F/cTdK02z9nmzL1NLUuyrfNhGDljvARXHXqCejSx+sfMm8vgS
y7plzGbfEZPWtQ1UT9yZWOrQx9165UJSkksYVFytBDVyC0NrNLgAdK/jWGJw2Z8Y
dDX2yMd3+QAEbpNsm3uzqWwN1ZnVuKG+EW4O5NXsEzQhBHYMaeEfBWuUoBevovda
1vhbQaM5I/Uu6E5Rwc0no4t9laSkXM7yMy/w9+bmfPU8N7zDPVAXwcSSyLvjA1Xi
uBTtmwpWaXk81eLnD5kfg+wxqJLVLQSk4e4NCRrEMcu+qvTgtLMr56NimGEH4GLV
jXrMbg0uiTGiq14sV+8F7sigqQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:19 2023 by rpki-client on console-fra.rpki-client.org