Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dMjqZweVhyB-zwN6PXnrdM0gF_0.roa
File:                     dMjqZweVhyB-zwN6PXnrdM0gF_0.roa (raw, json)
Hash identifier:          6jgUOlrLeeZBejL4YapgBiA688EE0epU2/t3XEdZrWA=
Subject key identifier:   74:C8:EA:67:07:95:87:20:7E:CF:03:7A:3D:79:EB:74:CD:20:17:FD
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       079FC7C6
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dMjqZweVhyB-zwN6PXnrdM0gF_0.roa
Signing time:             Sat 01 Jan 2022 08:01:43 +0000
ROA not before:           Sat 01 Jan 2022 08:01:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        185.254.72.0/24 maxlen: 24
                          185.213.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127911878 (0x79fc7c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  1 08:01:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74c8ea67079587207ecf037a3d79eb74cd2017fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:8b:fc:bf:77:89:aa:c0:19:ce:63:16:ca:63:
                    3a:7f:bc:10:a5:7a:11:3c:33:58:64:da:c4:0c:85:
                    74:61:d3:da:a5:23:ed:69:ad:29:94:2b:63:d2:7c:
                    77:82:d8:79:5f:65:1c:ed:b6:eb:bb:1d:aa:27:f8:
                    09:af:76:19:1a:81:f3:4d:be:9c:0e:54:4a:6e:65:
                    37:79:d4:de:5a:a1:10:cb:f1:7c:cb:1d:eb:74:33:
                    34:66:10:f3:c4:d9:4c:23:34:a3:e7:6a:e5:33:94:
                    85:fa:d1:56:5b:a2:fe:63:06:ae:0b:d6:4d:a4:7f:
                    80:95:7d:fa:06:a7:bc:d9:ab:8e:60:5d:db:4d:00:
                    ab:62:94:7d:f0:cb:89:a3:21:8b:b2:74:42:9b:d1:
                    8b:d6:03:7c:20:27:48:06:00:38:4e:f2:fb:f0:61:
                    1e:4d:79:ab:13:46:c9:9e:c7:ce:46:02:c8:54:85:
                    9e:5d:8e:85:86:7f:b6:84:26:47:dc:c3:38:1a:c5:
                    41:f9:27:fc:fb:be:46:db:f9:54:29:9c:c9:56:2e:
                    92:82:94:73:88:dd:e6:57:2a:57:d1:22:9b:80:88:
                    2a:03:1b:c4:8a:42:55:f0:1a:23:16:b4:0a:24:3a:
                    81:f0:bc:ac:19:cb:c8:e4:3a:b8:b1:3d:33:8a:af:
                    76:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:C8:EA:67:07:95:87:20:7E:CF:03:7A:3D:79:EB:74:CD:20:17:FD
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dMjqZweVhyB-zwN6PXnrdM0gF_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.213.150.0/24
                  185.254.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:b9:c1:c1:df:98:2e:a5:0d:27:4e:0a:4e:4c:58:77:c5:c4:
         dc:3d:35:3b:42:71:c5:f2:1e:dc:2c:9c:28:fc:9f:ed:a0:75:
         30:c2:e5:f0:e9:ea:db:0d:ef:9b:da:71:17:39:c4:2e:d0:77:
         92:84:cc:0a:50:b9:09:fd:fb:68:ef:57:9e:f7:b4:17:f7:ab:
         bd:bd:f4:3d:88:84:99:a4:5d:0d:6f:d0:46:48:8e:e1:59:9d:
         ac:a0:61:36:8a:39:7c:c8:a5:67:37:84:85:4e:13:00:fa:4a:
         71:69:0d:d7:96:70:84:96:13:66:d2:20:8e:34:b3:4e:6a:47:
         5e:77:dc:b7:2d:ff:3e:93:ef:7b:d2:31:74:5e:66:6d:5e:4b:
         07:56:ff:a5:3a:51:eb:9d:ff:57:23:71:e8:b4:19:4b:16:cb:
         95:86:33:c5:af:73:e2:46:3a:58:4e:8a:b4:d4:4c:41:5d:58:
         c3:84:61:a3:95:fd:1d:ef:2c:5f:a6:db:03:17:6a:f6:9f:39:
         ac:e5:eb:36:3e:f3:b1:85:1d:ff:57:6e:64:f6:a7:ec:a8:f3:
         25:b4:f1:d9:b0:71:41:53:ef:e1:61:62:0f:05:4c:5c:4d:71:
         57:32:72:81:54:55:c9:7e:a4:f6:ac:9b:14:1f:c2:5e:14:ad:
         8e:2c:95:e5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB5/HxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
MTA4MDE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRjOGVhNjcwNzk1
ODcyMDdlY2YwMzdhM2Q3OWViNzRjZDIwMTdmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqL/L93iarAGc5jFspjOn+8EKV6ETwzWGTaxAyFdGHT2qUj
7WmtKZQrY9J8d4LYeV9lHO2267sdqif4Ca92GRqB802+nA5USm5lN3nU3lqhEMvx
fMsd63QzNGYQ88TZTCM0o+dq5TOUhfrRVlui/mMGrgvWTaR/gJV9+ganvNmrjmBd
200Aq2KUffDLiaMhi7J0QpvRi9YDfCAnSAYAOE7y+/BhHk15qxNGyZ7HzkYCyFSF
nl2OhYZ/toQmR9zDOBrFQfkn/Pu+Rtv5VCmcyVYukoKUc4jd5lcqV9Eim4CIKgMb
xIpCVfAaIxa0CiQ6gfC8rBnLyOQ6uLE9M4qvdqECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR0yOpnB5WHIH7PA3o9eet0zSAX/TAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L2RNanFad2VWaHlCLXp3TjZQWG5yZE0wZ0ZfMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnVlgMEALn+SDANBgkqhkiG9w0B
AQsFAAOCAQEAVbnBwd+YLqUNJ04KTkxYd8XE3D01O0JxxfIe3CycKPyf7aB1MMLl
8Onq2w3vm9pxFznELtB3koTMClC5Cf37aO9Xnve0F/ervb30PYiEmaRdDW/QRkiO
4VmdrKBhNoo5fMilZzeEhU4TAPpKcWkN15ZwhJYTZtIgjjSzTmpHXnfcty3/PpPv
e9IxdF5mbV5LB1b/pTpR653/VyNx6LQZSxbLlYYzxa9z4kY6WE6KtNRMQV1Yw4Rh
o5X9He8sX6bbAxdq9p85rOXrNj7zsYUd/1duZPan7KjzJbTx2bBxQVPv4WFiDwVM
XE1xVzJygVRVyX6k9qybFB/CXhStjiyV5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org