Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/bQ7xZYBm542BC53ljL8nLOrWHWQ.roa
File:                     bQ7xZYBm542BC53ljL8nLOrWHWQ.roa (raw, json)
Hash identifier:          SR7eDF4kozanQOHNuE5uFWJPnd3JL7+GME7rFawOuOM=
Subject key identifier:   6D:0E:F1:65:80:66:E7:8D:81:0B:9D:E5:8C:BF:27:2C:EA:D6:1D:64
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       0183CC43EE0ACDFAE13D53549DE023865A1D
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/bQ7xZYBm542BC53ljL8nLOrWHWQ.roa
Signing time:             Wed 12 Oct 2022 12:55:47 +0000
ROA not before:           Wed 12 Oct 2022 12:55:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50832
IP address blocks:        188.64.108.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:cc:43:ee:0a:cd:fa:e1:3d:53:54:9d:e0:23:86:5a:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Oct 12 12:55:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d0ef1658066e78d810b9de58cbf272cead61d64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:d0:72:de:dd:d3:bb:51:81:85:9a:cb:15:da:
                    8e:ab:4c:11:a2:d6:84:f4:e9:09:34:a2:96:b3:04:
                    48:92:fc:76:b1:a8:5c:2d:fd:f1:75:46:7f:2d:4e:
                    27:39:2d:e2:91:fa:a6:ac:70:ab:25:1a:2c:93:da:
                    db:a6:ac:54:23:01:73:1b:53:3f:d5:c5:10:34:68:
                    95:1f:58:1c:cb:7e:fa:3c:15:56:d4:dc:3e:79:79:
                    44:e1:30:a3:5f:c3:24:89:7c:e9:f9:0a:93:53:69:
                    58:be:15:2c:59:78:e8:80:70:12:6b:29:c2:d5:84:
                    d8:71:bf:48:06:36:92:ec:6c:7e:97:4f:3a:27:02:
                    95:08:d4:02:cf:f0:fb:17:dc:b5:97:6f:5e:c2:b0:
                    fa:5f:f4:77:f3:d1:ce:51:5a:69:7c:9f:dd:c5:21:
                    ca:a9:ee:06:ce:a3:ec:77:46:e3:44:a7:42:d6:51:
                    af:27:d7:cd:7b:72:61:a9:a7:ab:ee:43:fe:9c:33:
                    0e:22:b4:4b:93:95:b1:ba:73:52:11:94:bd:30:bf:
                    7b:ce:71:2a:48:f9:cd:2e:0c:9d:ab:45:7b:41:78:
                    3e:ff:b2:18:e3:ac:5d:72:7e:6a:2e:63:67:db:b4:
                    62:1c:35:1f:f1:8d:cd:1e:48:b9:c0:8b:96:fd:ef:
                    35:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:0E:F1:65:80:66:E7:8D:81:0B:9D:E5:8C:BF:27:2C:EA:D6:1D:64
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/bQ7xZYBm542BC53ljL8nLOrWHWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         96:d8:2f:0f:b7:aa:4f:2b:ea:b5:9e:4f:3e:29:b0:c1:07:07:
         50:2d:1a:00:e7:e6:cd:f4:89:ff:fd:32:48:4e:a9:78:19:6a:
         1b:0a:78:73:15:d4:ac:0f:5d:f8:d7:b0:7d:f4:91:9e:9b:60:
         82:d6:da:aa:24:18:f0:28:70:17:6c:2c:26:f2:9b:dc:aa:a4:
         cb:a5:75:6a:fa:da:85:d0:02:bb:85:71:e8:3c:6c:0f:2f:48:
         34:b9:03:6c:3c:59:7e:15:74:b4:91:74:6c:9d:9d:f2:5c:29:
         74:f0:54:a0:6f:82:b3:15:a9:7f:e2:18:40:a8:38:e5:35:20:
         6c:cb:f7:49:d1:e4:12:7a:9c:6e:9d:a3:5f:90:8b:9d:18:da:
         23:00:8b:e9:74:60:f7:cd:d7:77:af:40:43:e7:9d:19:9e:3e:
         6d:44:9b:09:70:e2:e0:61:cb:14:dc:57:57:50:15:91:89:4c:
         f0:cc:6e:5d:a4:b3:be:8a:3c:10:31:73:16:f4:fa:ed:f4:f7:
         c1:9b:45:aa:1d:ee:fc:02:d9:39:32:26:0a:f6:d6:e1:eb:7f:
         11:69:2d:af:eb:81:00:80:6c:83:ec:b4:0e:78:e9:32:71:e8:
         e9:da:74:4c:ac:9b:e0:86:f6:73:63:09:1b:69:38:d5:28:01:
         ba:a4:16:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPMQ+4KzfrhPVNUneAjhlodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjIxMDEyMTI1NTQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDBlZjE2NTgwNjZlNzhkODEwYjlkZTU4Y2JmMjcyY2VhZDYxZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodBy3t3Tu1GBhZrLFdqOq0wRotaE
9OkJNKKWswRIkvx2sahcLf3xdUZ/LU4nOS3ikfqmrHCrJRosk9rbpqxUIwFzG1M/
1cUQNGiVH1gcy376PBVW1Nw+eXlE4TCjX8MkiXzp+QqTU2lYvhUsWXjogHASaynC
1YTYcb9IBjaS7Gx+l086JwKVCNQCz/D7F9y1l29ewrD6X/R389HOUVppfJ/dxSHK
qe4GzqPsd0bjRKdC1lGvJ9fNe3Jhqaer7kP+nDMOIrRLk5WxunNSEZS9ML97znEq
SPnNLgydq0V7QXg+/7IY46xdcn5qLmNn27RiHDUf8Y3NHki5wIuW/e81cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0O8WWAZueNgQud5Yy/Jyzq1h1kMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvYlE3eFpZQm01NDJCQzUzbGpMOG5MT3JXSFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEBsMA0G
CSqGSIb3DQEBCwUAA4IBAQCW2C8Pt6pPK+q1nk8+KbDBBwdQLRoA5+bN9In//TJI
Tql4GWobCnhzFdSsD13417B99JGem2CC1tqqJBjwKHAXbCwm8pvcqqTLpXVq+tqF
0AK7hXHoPGwPL0g0uQNsPFl+FXS0kXRsnZ3yXCl08FSgb4KzFal/4hhAqDjlNSBs
y/dJ0eQSepxunaNfkIudGNojAIvpdGD3zdd3r0BD550Znj5tRJsJcOLgYcsU3FdX
UBWRiUzwzG5dpLO+ijwQMXMW9Prt9PfBm0WqHe78Atk5MiYK9tbh638RaS2v64EA
gGyD7LQOeOkycejp2nRMrJvghvZzYwkbaTjVKAG6pBY1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org