Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/XMfaReroBRnIc5qMrSh2JjsTuag.roa
File:                     XMfaReroBRnIc5qMrSh2JjsTuag.roa (raw, json)
Hash identifier:          yOeC9QPtIgIfZjFDvQV4toIUQklzLQ5TsyUMXllOkXY=
Subject key identifier:   5C:C7:DA:45:EA:E8:05:19:C8:73:9A:8C:AD:28:76:26:3B:13:B9:A8
Certificate issuer:       /CN=b2d7f999838aa163bf344fc69917bb60d12fdfc3
Certificate serial:       0292229B
Authority key identifier: B2:D7:F9:99:83:8A:A1:63:BF:34:4F:C6:99:17:BB:60:D1:2F:DF:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/stf5mYOKoWO_NE_GmRe7YNEv38M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/XMfaReroBRnIc5qMrSh2JjsTuag.roa
Signing time:             Tue 01 Mar 2022 14:53:17 +0000
ROA not before:           Tue 01 Mar 2022 14:53:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41327
IP address blocks:        185.137.158.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 43131547 (0x292229b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2d7f999838aa163bf344fc69917bb60d12fdfc3
        Validity
            Not Before: Mar  1 14:53:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5cc7da45eae80519c8739a8cad2876263b13b9a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:09:45:80:08:5f:49:d8:0b:7b:3c:96:e5:66:
                    3f:36:13:3b:a9:52:77:64:e5:de:cb:a7:43:65:1f:
                    56:64:1c:42:b0:16:b9:28:c7:4b:4f:e3:6f:da:87:
                    14:9f:dd:82:20:62:81:4b:29:57:8d:60:68:c0:a4:
                    88:68:bb:67:03:40:54:e5:aa:ab:0c:d0:2a:fd:7c:
                    d0:2e:f1:54:41:12:17:6a:de:b2:fa:2e:33:a8:63:
                    97:01:f7:30:b3:53:63:bd:70:56:d7:3a:6f:ab:40:
                    13:a4:c7:a8:27:3e:43:27:07:93:ee:71:c0:34:a2:
                    a5:c3:ab:6b:d0:04:71:51:72:42:0b:ef:5f:c7:5f:
                    00:a7:36:2d:3e:9a:69:13:0c:56:a0:0d:44:3f:10:
                    eb:b2:31:fb:ed:84:15:88:fb:a6:b4:6d:5b:f5:0a:
                    1c:db:5b:b2:9f:72:dd:43:c1:66:53:40:d7:45:37:
                    a7:0c:f3:50:98:ce:6b:bd:7c:d9:47:8f:59:ec:cd:
                    a3:f1:e0:fe:d0:8b:1a:dc:d4:32:01:36:9f:cb:99:
                    11:af:ca:b8:05:59:02:3a:a6:29:4d:c2:76:a1:9f:
                    9c:c1:43:55:f8:a7:a6:64:39:90:7d:0d:da:5a:5c:
                    8f:12:e1:0d:75:7f:5c:fc:f0:24:79:d8:5b:48:df:
                    f3:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:C7:DA:45:EA:E8:05:19:C8:73:9A:8C:AD:28:76:26:3B:13:B9:A8
            X509v3 Authority Key Identifier:
                keyid:B2:D7:F9:99:83:8A:A1:63:BF:34:4F:C6:99:17:BB:60:D1:2F:DF:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stf5mYOKoWO_NE_GmRe7YNEv38M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/XMfaReroBRnIc5qMrSh2JjsTuag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/stf5mYOKoWO_NE_GmRe7YNEv38M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:2f:08:58:1d:21:6b:39:b8:ae:e7:4b:6f:96:9f:8b:b3:97:
         ba:f9:74:bd:1f:9b:0a:99:40:fc:4a:0f:7d:4d:6e:79:ab:3f:
         95:75:23:f7:c7:7c:0c:36:fd:dc:b4:e6:30:f6:1b:fe:42:d6:
         d2:8e:1d:71:e8:70:30:37:31:70:7f:78:68:a4:70:b1:70:c0:
         34:d1:c6:ce:e2:d3:f4:6b:9f:eb:4b:a1:f0:f4:d7:cd:cb:93:
         da:0b:da:df:21:1c:7f:16:43:65:93:3a:84:01:39:79:ad:bb:
         bf:2c:66:97:42:3a:c4:8b:b6:96:bf:a2:bd:5a:d4:e5:e2:14:
         ff:c5:46:9f:6e:d8:c7:15:1f:e5:46:69:7e:53:28:32:4f:af:
         c0:e9:17:49:31:36:c2:64:c0:32:e1:9a:b3:ef:46:bd:f4:62:
         81:11:98:76:93:9c:a5:e4:10:8b:92:a9:2e:38:04:5c:a3:19:
         1f:ab:54:75:f7:22:86:ff:f8:a8:f5:9d:84:20:7c:65:27:f0:
         20:18:8b:36:40:d0:30:d4:60:9b:92:97:0c:67:54:da:a1:74:
         f2:1f:9a:04:73:a5:d4:1c:ac:2d:fc:30:a2:52:3d:4f:d0:c0:
         1e:3f:27:b9:d7:94:5c:a1:64:30:32:c8:1f:c5:3f:59:51:97:
         20:20:bf:46
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEApIimzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmQ3Zjk5OTgzOGFhMTYzYmYzNDRmYzY5OTE3YmI2MGQxMmZkZmMzMB4XDTIyMDMw
MTE0NTMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNjN2RhNDVlYWU4
MDUxOWM4NzM5YThjYWQyODc2MjYzYjEzYjlhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8JRYAIX0nYC3s8luVmPzYTO6lSd2Tl3sunQ2UfVmQcQrAW
uSjHS0/jb9qHFJ/dgiBigUspV41gaMCkiGi7ZwNAVOWqqwzQKv180C7xVEESF2re
svouM6hjlwH3MLNTY71wVtc6b6tAE6THqCc+QycHk+5xwDSipcOra9AEcVFyQgvv
X8dfAKc2LT6aaRMMVqANRD8Q67Ix++2EFYj7prRtW/UKHNtbsp9y3UPBZlNA10U3
pwzzUJjOa7182UePWezNo/Hg/tCLGtzUMgE2n8uZEa/KuAVZAjqmKU3CdqGfnMFD
VfinpmQ5kH0N2lpcjxLhDXV/XPzwJHnYW0jf8w8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcx9pF6ugFGchzmoytKHYmOxO5qDAfBgNVHSMEGDAWgBSy1/mZg4qhY780
T8aZF7tg0S/fwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N0ZjVtWU9Lb1dPX05FX0dtUmU3WU5FdjM4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvNjk4ZWZiLWM2YjQtNGQyYy05MzY4LTdjZWMyZDUzNDViNC8x
L1hNZmFSZXJvQlJuSWM1cU1yU2gySmpzVHVhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
Njk4ZWZiLWM2YjQtNGQyYy05MzY4LTdjZWMyZDUzNDViNC8xL3N0ZjVtWU9Lb1dP
X05FX0dtUmU3WU5FdjM4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmJnjANBgkqhkiG9w0BAQsFAAOC
AQEAdS8IWB0hazm4rudLb5afi7OXuvl0vR+bCplA/EoPfU1ueas/lXUj98d8DDb9
3LTmMPYb/kLW0o4dcehwMDcxcH94aKRwsXDANNHGzuLT9Guf60uh8PTXzcuT2gva
3yEcfxZDZZM6hAE5ea27vyxml0I6xIu2lr+ivVrU5eIU/8VGn27YxxUf5UZpflMo
Mk+vwOkXSTE2wmTAMuGas+9GvfRigRGYdpOcpeQQi5KpLjgEXKMZH6tUdfcihv/4
qPWdhCB8ZSfwIBiLNkDQMNRgm5KXDGdU2qF08h+aBHOl1BysLfwwolI9T9DAHj8n
udeUXKFkMDLIH8U/WVGXICC/Rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:03 2024 by rpki-client on console-ams.rpki-client.org