Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/rA6VF3dWTrjfImgDEWgF9mR7QgU.roa
File:                     rA6VF3dWTrjfImgDEWgF9mR7QgU.roa (raw, json)
Hash identifier:          0mND9GTOu9SzZItMWWR+IyFzYQiepk72oFN8ZnCJqsU=
Subject key identifier:   AC:0E:95:17:77:56:4E:B8:DF:22:68:03:11:68:05:F6:64:7B:42:05
Certificate issuer:       /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial:       04432F6C
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/rA6VF3dWTrjfImgDEWgF9mR7QgU.roa
Signing time:             Sat 01 Jan 2022 05:55:40 +0000
ROA not before:           Sat 01 Jan 2022 05:55:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39216
IP address blocks:        185.21.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 71511916 (0x4432f6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
        Validity
            Not Before: Jan  1 05:55:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ac0e951777564eb8df226803116805f6647b4205
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:be:db:31:56:1f:36:6c:69:65:d1:a3:bf:c5:
                    16:17:57:01:c4:78:a4:f7:2a:98:fc:6d:12:15:36:
                    42:16:74:3d:8c:ac:83:30:99:59:ba:81:8a:c9:67:
                    49:76:a9:5f:98:ee:d6:34:be:4a:45:c7:52:0d:48:
                    c7:0a:83:b3:d6:6d:cf:d3:81:4d:4e:ae:63:45:d4:
                    12:35:14:c2:e0:85:84:80:19:ca:02:11:62:18:0f:
                    0a:32:0d:84:39:58:92:33:cc:51:36:7b:78:d8:d2:
                    16:a8:e5:de:7c:88:c0:a6:42:d8:70:03:03:9f:b4:
                    39:50:0e:9c:1b:26:3f:ff:86:11:2b:4f:07:b9:ae:
                    69:dc:64:6b:b7:2a:8b:a9:b0:0e:45:80:48:d2:8d:
                    3c:38:63:36:69:48:57:7a:db:d7:f7:d3:4b:5f:3a:
                    af:b1:cc:0f:e7:df:89:38:3a:e9:be:02:21:24:5a:
                    27:cc:89:02:15:f4:e6:6b:ea:cb:2b:c1:38:cd:e9:
                    50:eb:00:63:e0:8d:c0:25:f9:46:d8:0c:c0:f1:0c:
                    dc:96:7c:59:5b:0f:16:57:11:e9:23:b9:fb:28:b0:
                    f5:05:f3:1a:8c:48:e0:54:6f:55:72:b9:0f:ff:59:
                    a2:a6:93:99:e8:d4:06:de:e0:99:df:4b:93:d7:08:
                    b6:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:0E:95:17:77:56:4E:B8:DF:22:68:03:11:68:05:F6:64:7B:42:05
            X509v3 Authority Key Identifier:
                keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/rA6VF3dWTrjfImgDEWgF9mR7QgU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.21.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:1a:8f:62:e3:65:06:1b:b3:d3:3d:a4:c3:4e:de:3d:66:80:
         91:7b:7e:c5:c0:40:e0:82:4b:8f:ab:3c:53:83:48:ec:1e:90:
         d6:aa:41:e2:54:6b:04:b1:6d:45:33:f8:21:f9:1f:d0:60:67:
         ff:f7:31:f0:17:4b:bc:10:da:d7:5e:8a:ae:2f:8f:c5:7a:6d:
         18:3a:5d:47:3c:79:68:fe:73:b7:59:33:5b:28:a6:2b:66:8b:
         80:99:6b:4f:09:87:55:f8:df:19:6a:4d:28:0c:2e:e6:23:79:
         44:a4:62:e3:24:b0:32:21:f9:97:a6:c3:5c:54:c4:65:33:05:
         4b:fa:df:03:2b:24:fa:78:f7:19:29:56:97:50:5c:da:c9:a4:
         7b:99:f6:ac:3c:a8:1e:a1:00:f1:8b:e4:7b:a4:1b:1a:21:e8:
         10:60:0f:65:06:2d:8d:b6:1e:05:f1:ae:e8:80:23:75:6d:2e:
         42:bd:a8:61:52:7c:56:2d:be:f3:41:f6:8f:9c:af:b7:bb:f2:
         5c:ea:bb:1c:c8:8d:84:89:49:b4:b3:0c:58:46:1e:49:d5:98:
         7c:18:fe:f1:0f:ab:5a:49:6e:3c:33:1e:16:c5:62:cf:88:a3:
         c8:2e:c4:ba:e7:b5:7c:cc:98:a7:60:74:5f:0b:c0:46:1c:f2:
         16:d8:52:3b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEBEMvbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OThhMDJkMjBjNmI3ZGUzNTcxMjVmMzhiMTczNWNhMWI5MWY4N2IzMB4XDTIyMDEw
MTA1NTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWMwZTk1MTc3NzU2
NGViOGRmMjI2ODAzMTE2ODA1ZjY2NDdiNDIwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM++2zFWHzZsaWXRo7/FFhdXAcR4pPcqmPxtEhU2QhZ0PYys
gzCZWbqBislnSXapX5ju1jS+SkXHUg1IxwqDs9Ztz9OBTU6uY0XUEjUUwuCFhIAZ
ygIRYhgPCjINhDlYkjPMUTZ7eNjSFqjl3nyIwKZC2HADA5+0OVAOnBsmP/+GEStP
B7muadxka7cqi6mwDkWASNKNPDhjNmlIV3rb1/fTS186r7HMD+ffiTg66b4CISRa
J8yJAhX05mvqyyvBOM3pUOsAY+CNwCX5RtgMwPEM3JZ8WVsPFlcR6SO5+yiw9QXz
GoxI4FRvVXK5D/9ZoqaTmejUBt7gmd9Lk9cItgkCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSsDpUXd1ZOuN8iaAMRaAX2ZHtCBTAfBgNVHSMEGDAWgBT5igLSDGt941cS
Xzixc1yhuR+HszAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzdiL2E5MjA2ZS1jMWUxLTRjMTUtOTUzMy1hY2UzZDY3NWQzY2Qv
MS9yQTZWRjNkV1RyamZJbWdERVdnRjltUjdRZ1Uucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdi
L2E5MjA2ZS1jMWUxLTRjMTUtOTUzMy1hY2UzZDY3NWQzY2QvMS8xLVlvQzBneHJm
ZU5YRWw4NHNYTmNvYmtmaDdNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRWLMA0GCSqGSIb3DQEBCwUA
A4IBAQBbGo9i42UGG7PTPaTDTt49ZoCRe37FwEDggkuPqzxTg0jsHpDWqkHiVGsE
sW1FM/gh+R/QYGf/9zHwF0u8ENrXXoquL4/Fem0YOl1HPHlo/nO3WTNbKKYrZouA
mWtPCYdV+N8Zak0oDC7mI3lEpGLjJLAyIfmXpsNcVMRlMwVL+t8DKyT6ePcZKVaX
UFzayaR7mfasPKgeoQDxi+R7pBsaIegQYA9lBi2Nth4F8a7ogCN1bS5CvahhUnxW
Lb7zQfaPnK+3u/Jc6rscyI2EiUm0swxYRh5J1Zh8GP7xD6taSW48Mx4WxWLPiKPI
LsS657V8zJinYHRfC8BGHPIW2FI7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:09 2024 by rpki-client on console-fra.rpki-client.org