Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/uYo8AaXyFM3xJEpXGuwsGz6NuM8.roa
File:                     uYo8AaXyFM3xJEpXGuwsGz6NuM8.roa (raw, json)
Hash identifier:          /3BD9jFAKiSPoHl26uPXuqdv4Lk9W6KS+BvomfMHYzU=
Subject key identifier:   B9:8A:3C:01:A5:F2:14:CD:F1:24:4A:57:1A:EC:2C:1B:3E:8D:B8:CF
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       0667DA5E
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/uYo8AaXyFM3xJEpXGuwsGz6NuM8.roa
Signing time:             Thu 10 Mar 2022 17:02:25 +0000
ROA not before:           Thu 10 Mar 2022 17:02:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        185.179.218.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107469406 (0x667da5e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Mar 10 17:02:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b98a3c01a5f214cdf1244a571aec2c1b3e8db8cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:dd:a3:1d:6a:75:09:29:b8:87:97:70:70:d3:
                    22:1e:bd:0c:ca:54:18:ac:a2:54:70:1a:4a:24:89:
                    01:ab:cf:30:21:85:13:33:29:5d:51:d4:ee:3f:ad:
                    78:d7:b4:7b:71:f2:91:05:97:72:69:b6:53:d7:f4:
                    67:df:0b:c2:c6:80:d3:60:74:23:49:77:df:79:8a:
                    a4:50:36:9e:cb:38:a0:d9:1b:e1:57:95:37:7c:a2:
                    17:85:f2:4c:ba:aa:5f:e9:ad:58:30:b6:68:53:36:
                    9d:63:86:26:0d:17:ac:06:0c:92:60:a3:7c:09:68:
                    1e:94:3e:b9:5e:6e:13:af:77:b4:52:09:52:19:84:
                    74:97:ff:89:cd:75:0b:75:c1:cd:04:25:8d:cb:df:
                    8c:30:76:58:9d:42:c5:90:be:4a:2e:0b:54:9c:44:
                    3b:42:10:05:e6:32:f5:77:a7:61:29:37:45:42:50:
                    46:94:f0:51:24:93:5b:10:be:81:eb:6b:c0:af:10:
                    a3:f7:97:5d:b4:89:44:ec:84:a5:bc:31:27:3a:7c:
                    b2:6e:45:2d:8a:fa:a9:21:e5:fe:33:fc:b2:f5:d3:
                    1a:98:65:7e:e5:62:05:b7:af:f5:a7:fa:60:9c:51:
                    a7:97:ee:a3:2b:40:a2:0d:3f:db:30:a8:3d:13:17:
                    f8:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:8A:3C:01:A5:F2:14:CD:F1:24:4A:57:1A:EC:2C:1B:3E:8D:B8:CF
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/uYo8AaXyFM3xJEpXGuwsGz6NuM8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.179.218.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:c6:f2:d0:52:6c:7c:df:b9:06:6a:2f:d2:71:53:22:16:02:
         cb:3d:ad:dc:a1:6b:40:e2:f1:f7:3e:ac:34:1d:d7:5c:24:5a:
         48:c8:96:40:ed:f7:38:6e:c3:ab:66:59:03:fc:d2:59:d8:47:
         a2:48:cd:53:29:55:2e:19:81:7a:df:83:95:52:86:76:24:82:
         a2:aa:2b:69:41:48:e6:de:6b:81:15:1c:e3:18:13:cf:be:39:
         cb:2f:e7:c3:70:29:ab:6a:e4:5d:a9:91:b4:86:ad:05:18:01:
         12:6d:af:4c:e0:d2:5c:0a:d5:c6:23:73:47:a9:78:84:4a:b3:
         f4:7a:ee:f2:88:88:9e:7b:37:5c:95:55:d5:b1:92:f3:9d:04:
         00:41:09:c2:0d:71:75:3b:80:85:de:98:f3:5c:48:0b:ae:09:
         b2:cb:ed:28:37:84:f6:8b:7c:57:e0:f9:2d:b9:12:fd:aa:fa:
         7f:31:7e:66:ff:d4:ee:d2:b5:ca:8f:6c:21:a3:30:de:ac:2a:
         75:96:6f:f9:9f:1b:7c:c2:48:97:78:3b:0d:f6:b4:0f:ce:21:
         1e:5f:a6:14:b9:98:2f:82:45:c5:b8:f6:58:51:be:d0:d6:32:
         66:5c:94:7f:3a:76:a2:c2:b6:f5:0a:a5:75:5e:3a:4b:7d:2a:
         d8:c2:68:f3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBmfaXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDMx
MDE3MDIyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjk4YTNjMDFhNWYy
MTRjZGYxMjQ0YTU3MWFlYzJjMWIzZThkYjhjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzdox1qdQkpuIeXcHDTIh69DMpUGKyiVHAaSiSJAavPMCGF
EzMpXVHU7j+teNe0e3HykQWXcmm2U9f0Z98LwsaA02B0I0l333mKpFA2nss4oNkb
4VeVN3yiF4XyTLqqX+mtWDC2aFM2nWOGJg0XrAYMkmCjfAloHpQ+uV5uE693tFIJ
UhmEdJf/ic11C3XBzQQljcvfjDB2WJ1CxZC+Si4LVJxEO0IQBeYy9XenYSk3RUJQ
RpTwUSSTWxC+getrwK8Qo/eXXbSJROyEpbwxJzp8sm5FLYr6qSHl/jP8svXTGphl
fuViBbev9af6YJxRp5fuoytAog0/2zCoPRMX+GECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS5ijwBpfIUzfEkSlca7CwbPo24zzAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
L3VZbzhBYVh5Rk0zeEpFcFhHdXdzR3o2TnVNOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmz2jANBgkqhkiG9w0BAQsFAAOC
AQEAlcby0FJsfN+5Bmov0nFTIhYCyz2t3KFrQOLx9z6sNB3XXCRaSMiWQO33OG7D
q2ZZA/zSWdhHokjNUylVLhmBet+DlVKGdiSCoqoraUFI5t5rgRUc4xgTz745yy/n
w3Apq2rkXamRtIatBRgBEm2vTODSXArVxiNzR6l4hEqz9Hru8oiInns3XJVV1bGS
850EAEEJwg1xdTuAhd6Y81xIC64JssvtKDeE9ot8V+D5LbkS/ar6fzF+Zv/U7tK1
yo9sIaMw3qwqdZZv+Z8bfMJIl3g7Dfa0D84hHl+mFLmYL4JFxbj2WFG+0NYyZlyU
fzp2osK29QqldV46S30q2MJo8w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:40 2023 by rpki-client on console-fra.rpki-client.org