Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/sVqSMcY5VUQZwsLc3Nq-VccI_4Y.roa
File:                     sVqSMcY5VUQZwsLc3Nq-VccI_4Y.roa (raw, json)
Hash identifier:          5ZDw2f2h9VxSE05YXeCy80mlomtETbQKrFKcEUrlm9c=
Subject key identifier:   B1:5A:92:31:C6:39:55:44:19:C2:C2:DC:DC:DA:BE:55:C7:08:FF:86
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       0183F46F33F1D4B091F5408399A7B71A9C0B
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/sVqSMcY5VUQZwsLc3Nq-VccI_4Y.roa
Signing time:             Thu 20 Oct 2022 08:07:51 +0000
ROA not before:           Thu 20 Oct 2022 08:07:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211585
IP address blocks:        188.64.108.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f4:6f:33:f1:d4:b0:91:f5:40:83:99:a7:b7:1a:9c:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Oct 20 08:07:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b15a9231c639554419c2c2dcdcdabe55c708ff86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:6a:13:24:92:34:b0:ac:3f:c7:dd:e0:98:cd:
                    0c:6f:0a:a1:f6:35:38:23:96:85:93:d4:f3:36:7b:
                    0a:1d:9d:1b:96:ad:9d:40:31:49:49:8c:0b:10:b0:
                    05:0b:45:18:6b:94:74:cc:7f:ee:7d:1e:bb:34:9a:
                    7e:49:5b:14:71:b3:30:7d:91:03:e7:c8:d9:ba:1b:
                    c5:7a:2f:56:60:91:64:17:58:d7:b9:7c:8c:2b:b9:
                    04:28:e8:93:27:0f:ff:c9:bf:6c:af:7f:3e:2e:11:
                    f2:f4:67:f7:a6:88:d5:a3:2b:de:19:f0:cd:37:7b:
                    5e:c0:49:a1:40:12:e0:0d:b4:dd:ca:05:9b:22:ef:
                    a2:41:16:98:0b:c0:a2:e5:6f:90:d7:27:97:0b:ff:
                    ed:4a:7b:60:a7:6c:53:0a:10:9d:8f:69:81:6d:2f:
                    f2:96:96:48:c1:a6:02:43:da:21:ad:e3:fd:57:25:
                    d8:e5:b1:ae:14:93:27:61:c6:21:15:c6:a6:67:03:
                    dc:2f:50:70:3b:0d:4b:e0:b4:b4:21:a3:33:18:6a:
                    ea:d9:11:57:28:39:e8:3b:09:1b:d3:ac:bb:0b:84:
                    e0:1c:89:67:c2:0b:4c:c2:bd:1c:54:77:14:36:de:
                    80:18:34:62:0f:48:9f:a8:a9:3f:ad:2b:34:8f:12:
                    b7:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:5A:92:31:C6:39:55:44:19:C2:C2:DC:DC:DA:BE:55:C7:08:FF:86
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/sVqSMcY5VUQZwsLc3Nq-VccI_4Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:18:6b:38:64:a1:61:22:d3:d3:33:38:a6:19:08:b5:73:75:
         e0:57:b3:fd:ff:6f:7d:c2:66:08:3b:8b:f1:49:73:c5:bb:ba:
         6e:eb:11:94:92:4e:60:ba:87:17:8c:08:8e:e9:ab:be:ff:fc:
         0c:da:ac:37:88:68:90:f9:20:be:6a:04:af:e3:42:41:01:e1:
         9e:65:78:4c:88:09:7a:68:f0:6a:41:d8:c6:63:90:a5:af:c9:
         78:61:99:c3:d4:79:1c:cf:80:50:40:7f:17:9e:d9:de:e3:4b:
         66:99:f9:29:3c:0c:4f:01:ea:e9:55:d3:01:03:0a:81:22:28:
         40:05:06:da:fe:68:bd:1c:18:d8:cc:3d:14:42:c2:98:96:15:
         da:d8:0b:d5:c8:f8:bd:25:77:4a:1c:3c:ca:9d:ea:97:8f:bd:
         45:99:ac:fb:a8:09:73:f7:c6:c6:15:95:fe:05:d2:31:8a:26:
         af:e3:92:fa:de:74:bd:1f:15:01:d2:f8:ef:3e:6b:81:23:4c:
         41:3b:35:6e:3c:ee:0c:c5:c3:b3:b0:39:0e:99:e1:e7:c1:e3:
         34:26:53:1c:52:f1:8e:57:5f:78:86:5a:fd:21:fd:b3:dd:9c:
         9b:a9:1b:f0:62:58:9c:d5:40:5a:19:8b:fa:ee:d5:19:59:1e:
         2a:7b:d0:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP0bzPx1LCR9UCDmae3GpwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjIxMDIwMDgwNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTVhOTIzMWM2Mzk1NTQ0MTljMmMyZGNkY2RhYmU1NWM3MDhmZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GoTJJI0sKw/x93gmM0Mbwqh9jU4
I5aFk9TzNnsKHZ0blq2dQDFJSYwLELAFC0UYa5R0zH/ufR67NJp+SVsUcbMwfZED
58jZuhvFei9WYJFkF1jXuXyMK7kEKOiTJw//yb9sr38+LhHy9Gf3pojVoyveGfDN
N3tewEmhQBLgDbTdygWbIu+iQRaYC8Ci5W+Q1yeXC//tSntgp2xTChCdj2mBbS/y
lpZIwaYCQ9ohreP9VyXY5bGuFJMnYcYhFcamZwPcL1BwOw1L4LS0IaMzGGrq2RFX
KDnoOwkb06y7C4TgHIlnwgtMwr0cVHcUNt6AGDRiD0ifqKk/rSs0jxK32QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFakjHGOVVEGcLC3NzavlXHCP+GMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvc1ZxU01jWTVWVVFad3NMYzNOcS1WY2NJXzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEBsMA0G
CSqGSIb3DQEBCwUAA4IBAQA8GGs4ZKFhItPTMzimGQi1c3XgV7P9/299wmYIO4vx
SXPFu7pu6xGUkk5guocXjAiO6au+//wM2qw3iGiQ+SC+agSv40JBAeGeZXhMiAl6
aPBqQdjGY5Clr8l4YZnD1Hkcz4BQQH8Xntne40tmmfkpPAxPAerpVdMBAwqBIihA
BQba/mi9HBjYzD0UQsKYlhXa2AvVyPi9JXdKHDzKneqXj71Fmaz7qAlz98bGFZX+
BdIxiiav45L63nS9HxUB0vjvPmuBI0xBOzVuPO4MxcOzsDkOmeHnweM0JlMcUvGO
V194hlr9If2z3ZybqRvwYlic1UBaGYv67tUZWR4qe9C2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org