Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/b12604-b481-416d-b088-210767bd0ba2/1/Krj4qOAj0FmZX6QyCfxSTtpiDt8.roa
File:                     Krj4qOAj0FmZX6QyCfxSTtpiDt8.roa (raw, json)
Hash identifier:          /Cs5YiMNPWNRs2nNGrrOxF50JQt61tJAVQEPA7F8N0Q=
Subject key identifier:   2A:B8:F8:A8:E0:23:D0:59:99:5F:A4:32:09:FC:52:4E:DA:62:0E:DF
Certificate issuer:       /CN=2c37b4bec97d608abe23bc57ba398246ccc57760
Certificate serial:       0D4F3DF5
Authority key identifier: 2C:37:B4:BE:C9:7D:60:8A:BE:23:BC:57:BA:39:82:46:CC:C5:77:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LDe0vsl9YIq-I7xXujmCRszFd2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/b12604-b481-416d-b088-210767bd0ba2/1/Krj4qOAj0FmZX6QyCfxSTtpiDt8.roa
Signing time:             Sat 01 Jan 2022 03:51:05 +0000
ROA not before:           Sat 01 Jan 2022 03:51:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205671
IP address blocks:        185.210.124.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 223297013 (0xd4f3df5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c37b4bec97d608abe23bc57ba398246ccc57760
        Validity
            Not Before: Jan  1 03:51:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ab8f8a8e023d059995fa43209fc524eda620edf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d6:4a:5c:d7:10:a3:6a:b2:49:a3:51:d4:57:
                    72:e7:98:43:31:b6:9b:39:b6:0a:81:c5:49:1d:fe:
                    4c:10:24:4f:e6:50:57:e0:d1:d9:2b:07:ce:e2:72:
                    aa:9f:fb:00:4d:b9:ba:4f:64:a0:d9:62:7f:92:f6:
                    07:c6:20:4d:1d:3e:d4:63:7a:ea:59:41:e0:26:ca:
                    0d:a2:87:d5:e6:87:5f:07:98:8a:af:5b:1b:ea:5b:
                    f8:3d:67:38:98:e3:2e:01:44:87:eb:ac:8d:d1:64:
                    ef:d9:dd:de:91:88:a6:02:36:e4:6c:36:6b:f4:31:
                    c4:f2:98:f0:3e:3a:bf:c6:fd:e2:46:b0:7c:38:a8:
                    91:7a:5b:4f:01:29:43:40:14:f8:f4:41:09:af:2d:
                    db:22:0b:86:f1:86:8e:36:a5:0a:bf:c4:60:e2:1e:
                    d8:fd:70:7a:ed:d9:ca:b8:f9:55:c7:06:69:cd:8e:
                    fb:ca:bf:c5:a1:83:0c:68:20:43:7d:7c:ea:f0:f8:
                    52:ca:2f:eb:e6:f0:c9:26:de:08:e5:4a:e2:73:1c:
                    ea:dc:ad:c5:a3:10:7b:2f:d1:18:c0:48:2b:bb:2a:
                    a4:59:7c:02:ad:1f:7d:a9:5b:f1:82:20:27:52:28:
                    14:62:81:c3:fd:94:0a:74:39:ab:f7:dc:19:86:9c:
                    39:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:B8:F8:A8:E0:23:D0:59:99:5F:A4:32:09:FC:52:4E:DA:62:0E:DF
            X509v3 Authority Key Identifier:
                keyid:2C:37:B4:BE:C9:7D:60:8A:BE:23:BC:57:BA:39:82:46:CC:C5:77:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDe0vsl9YIq-I7xXujmCRszFd2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/b12604-b481-416d-b088-210767bd0ba2/1/Krj4qOAj0FmZX6QyCfxSTtpiDt8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/b12604-b481-416d-b088-210767bd0ba2/1/LDe0vsl9YIq-I7xXujmCRszFd2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.210.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:90:50:57:f6:a0:be:68:cd:c0:f9:11:66:d8:ba:36:f1:0f:
         7c:16:4e:ce:46:13:3b:45:6f:fe:16:fd:44:4e:96:0f:6a:b6:
         05:08:4f:c1:e1:fd:76:81:0d:2d:dd:23:cc:ce:ae:21:84:6b:
         79:d1:71:d8:5f:5d:0f:6f:4d:10:7c:41:07:8a:bb:5e:a4:4d:
         80:70:96:6d:38:30:71:34:86:cd:64:53:37:24:ea:38:bc:4a:
         68:96:e6:80:8f:4c:6a:81:19:49:67:c3:bf:e2:14:f6:b5:7e:
         f1:5a:d2:6f:82:6c:70:4a:5e:e4:64:de:7d:83:8c:68:b5:7f:
         41:e5:24:c2:6d:c0:83:57:ac:7a:13:b4:2e:f1:9b:d8:88:3f:
         b9:9e:64:4f:37:e6:d4:19:bc:39:42:ae:09:82:f6:86:ee:67:
         9a:db:e9:5f:fd:28:07:8f:28:16:82:1b:ea:2a:38:52:0f:63:
         3d:18:91:f9:5c:20:29:bc:a9:9a:9a:f2:88:df:bd:1a:41:32:
         87:08:a7:b7:af:95:b5:85:5d:e4:e2:74:8e:98:af:dc:75:7d:
         39:08:f2:8a:e1:e4:be:71:5e:a9:b7:54:3d:cc:6e:96:67:ef:
         56:38:94:28:d1:71:1a:fd:83:6e:22:2d:38:d5:00:d4:68:7d:
         7f:17:da:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDU899TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YzM3YjRiZWM5N2Q2MDhhYmUyM2JjNTdiYTM5ODI0NmNjYzU3NzYwMB4XDTIyMDEw
MTAzNTEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFiOGY4YThlMDIz
ZDA1OTk5NWZhNDMyMDlmYzUyNGVkYTYyMGVkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJTWSlzXEKNqskmjUdRXcueYQzG2mzm2CoHFSR3+TBAkT+ZQ
V+DR2SsHzuJyqp/7AE25uk9koNlif5L2B8YgTR0+1GN66llB4CbKDaKH1eaHXweY
iq9bG+pb+D1nOJjjLgFEh+usjdFk79nd3pGIpgI25Gw2a/QxxPKY8D46v8b94kaw
fDiokXpbTwEpQ0AU+PRBCa8t2yILhvGGjjalCr/EYOIe2P1weu3Zyrj5VccGac2O
+8q/xaGDDGggQ3186vD4Usov6+bwySbeCOVK4nMc6tytxaMQey/RGMBIK7sqpFl8
Aq0ffalb8YIgJ1IoFGKBw/2UCnQ5q/fcGYacOQcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQquPio4CPQWZlfpDIJ/FJO2mIO3zAfBgNVHSMEGDAWgBQsN7S+yX1gir4j
vFe6OYJGzMV3YDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xEZTB2c2w5WUlxLUk3eFh1am1DUnN6RmQyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvYjEyNjA0LWI0ODEtNDE2ZC1iMDg4LTIxMDc2N2JkMGJhMi8x
L0tyajRxT0FqMEZtWlg2UXlDZnhTVHRwaUR0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
YjEyNjA0LWI0ODEtNDE2ZC1iMDg4LTIxMDc2N2JkMGJhMi8xL0xEZTB2c2w5WUlx
LUk3eFh1am1DUnN6RmQyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnSfDANBgkqhkiG9w0BAQsFAAOC
AQEAaZBQV/agvmjNwPkRZti6NvEPfBZOzkYTO0Vv/hb9RE6WD2q2BQhPweH9doEN
Ld0jzM6uIYRredFx2F9dD29NEHxBB4q7XqRNgHCWbTgwcTSGzWRTNyTqOLxKaJbm
gI9MaoEZSWfDv+IU9rV+8VrSb4JscEpe5GTefYOMaLV/QeUkwm3Ag1esehO0LvGb
2Ig/uZ5kTzfm1Bm8OUKuCYL2hu5nmtvpX/0oB48oFoIb6io4Ug9jPRiR+VwgKbyp
mpryiN+9GkEyhwint6+VtYVd5OJ0jpiv3HV9OQjyiuHkvnFeqbdUPcxulmfvVjiU
KNFxGv2DbiItONUA1Gh9fxfaBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:18 2024 by rpki-client on console-fra.rpki-client.org