Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/1-imLzZA7kfS5bwR09HNRMghkSPM.roa
File:                     1-imLzZA7kfS5bwR09HNRMghkSPM.roa (raw, json)
Hash identifier:          vhD8vNE5ux+d6O7AFzGYcixQqzqPPo5tTv3nWVYy+2o=
Subject key identifier:   FA:29:8B:CD:90:3B:91:F4:B9:6F:04:74:F4:73:51:32:08:64:48:F3
Certificate issuer:       /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial:       0DEEDC7E
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/1-imLzZA7kfS5bwR09HNRMghkSPM.roa
Signing time:             Sat 01 Jan 2022 10:54:14 +0000
ROA not before:           Sat 01 Jan 2022 10:54:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210892
IP address blocks:        147.136.88.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 233757822 (0xdeedc7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
        Validity
            Not Before: Jan  1 10:54:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa298bcd903b91f4b96f0474f4735132086448f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:93:97:01:69:ec:22:3c:e5:1c:b9:48:04:4c:
                    ea:1a:e2:ad:2d:0d:34:1a:97:12:32:c5:24:52:62:
                    c4:00:17:c9:b6:f8:47:73:b3:6b:73:60:9d:12:0f:
                    2e:7c:f1:b4:6c:38:96:73:b7:eb:f7:ca:54:8c:ab:
                    4d:0c:bd:24:08:05:be:ac:7c:4d:f8:3d:70:2c:ed:
                    f0:b6:77:5c:ee:9b:71:a1:7d:40:f8:b6:28:a5:98:
                    df:fc:a6:28:1f:bd:a3:19:38:5f:43:38:c8:01:94:
                    f5:04:c7:a5:a3:d0:6f:61:83:9b:f3:dd:6e:e2:33:
                    c1:6a:d4:43:31:46:69:a7:55:be:db:51:07:c3:86:
                    05:ff:75:b8:e2:7f:d2:7a:af:52:b7:cc:49:c0:86:
                    60:25:8c:cb:19:48:f1:63:6c:6c:74:fe:25:45:0e:
                    29:21:c1:c5:9d:30:c3:cb:e6:b6:76:ad:fc:42:61:
                    b6:f9:c4:12:ac:8a:0e:ac:c8:03:01:a9:4f:90:6e:
                    df:b4:a9:1c:2d:28:c9:1b:b8:0a:2b:6d:2d:02:e2:
                    ca:5e:5b:24:1f:a4:14:68:69:79:3f:cd:92:fb:56:
                    9b:b9:35:0b:6c:7f:1d:c9:14:c0:81:6a:e2:a0:87:
                    71:22:af:a3:af:9a:f9:d0:55:29:27:0f:6d:dd:b6:
                    53:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:29:8B:CD:90:3B:91:F4:B9:6F:04:74:F4:73:51:32:08:64:48:F3
            X509v3 Authority Key Identifier:
                keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/1-imLzZA7kfS5bwR09HNRMghkSPM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.136.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9e:4c:76:22:5d:fa:73:68:c8:70:e3:31:7e:e0:7b:95:ad:d9:
         12:bc:93:9f:59:20:20:ae:75:5f:c4:3f:c3:2d:09:31:86:b6:
         6c:eb:a6:0d:8e:71:f1:89:72:9f:20:c8:56:ef:02:2d:20:6b:
         72:17:b6:e8:c0:dd:09:9c:10:c4:52:e6:1b:82:04:10:57:f4:
         20:57:68:d5:85:90:bc:f1:34:b3:8f:8e:45:9a:5e:c1:76:5b:
         66:cc:f5:09:61:50:fc:3b:31:87:10:5f:49:ae:c7:55:aa:a6:
         0e:81:5c:5e:8c:f1:e5:07:27:18:02:8b:dd:cd:05:6e:3a:a0:
         31:5b:58:81:69:18:93:a2:98:cf:37:d0:2b:f2:80:f4:c0:b6:
         c6:4f:fe:ab:7d:c2:3a:36:41:ee:5b:a0:ff:20:f4:03:13:b2:
         f0:b8:8c:ec:02:66:c9:ac:41:d0:00:6f:ac:17:94:58:5b:b4:
         56:87:ef:81:0a:3b:c4:6d:ea:53:e0:ae:f3:da:81:b6:36:f2:
         e5:27:12:09:04:41:0d:19:5d:ff:8d:ce:e2:1a:f3:d2:a0:27:
         71:f1:00:b4:c5:e8:8f:61:16:cb:65:0c:56:82:cf:59:5a:4f:
         c6:0b:ca:03:c0:ab:a9:3c:68:62:04:a7:a3:43:fe:88:db:6b:
         bd:9f:77:54
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEDe7cfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjY2MDViNGQyN2YxMzk2OGU4Nzk0ZTZlZjA5MTIyMzc0ODgxN2Q4MB4XDTIyMDEw
MTEwNTQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEyOThiY2Q5MDNi
OTFmNGI5NmYwNDc0ZjQ3MzUxMzIwODY0NDhmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+TlwFp7CI85Ry5SARM6hrirS0NNBqXEjLFJFJixAAXybb4
R3Oza3NgnRIPLnzxtGw4lnO36/fKVIyrTQy9JAgFvqx8Tfg9cCzt8LZ3XO6bcaF9
QPi2KKWY3/ymKB+9oxk4X0M4yAGU9QTHpaPQb2GDm/PdbuIzwWrUQzFGaadVvttR
B8OGBf91uOJ/0nqvUrfMScCGYCWMyxlI8WNsbHT+JUUOKSHBxZ0ww8vmtnat/EJh
tvnEEqyKDqzIAwGpT5Bu37SpHC0oyRu4CittLQLiyl5bJB+kFGhpeT/NkvtWm7k1
C2x/HckUwIFq4qCHcSKvo6+a+dBVKScPbd22U8UCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6KYvNkDuR9LlvBHT0c1EyCGRI8zAfBgNVHSMEGDAWgBSCZgW00n8Tlo6H
lObvCRIjdIgX2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dtWUZ0TkpfRTVhT2g1VG03d2tTSTNTSUY5Zy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8x
LzEtaW1MelpBN2tmUzVid1IwOUhOUk1naGtTUE0ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3
L2ZiY2MzMi0zM2M4LTQxZmYtODlmYS0yZDE5MThiYTFjMGUvMS9nbVlGdE5KX0U1
YU9oNVRtN3drU0kzU0lGOWcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOTiFgwDQYJKoZIhvcNAQELBQAD
ggEBAJ5MdiJd+nNoyHDjMX7ge5Wt2RK8k59ZICCudV/EP8MtCTGGtmzrpg2OcfGJ
cp8gyFbvAi0ga3IXtujA3QmcEMRS5huCBBBX9CBXaNWFkLzxNLOPjkWaXsF2W2bM
9QlhUPw7MYcQX0mux1Wqpg6BXF6M8eUHJxgCi93NBW46oDFbWIFpGJOimM830Cvy
gPTAtsZP/qt9wjo2Qe5boP8g9AMTsvC4jOwCZsmsQdAAb6wXlFhbtFaH74EKO8Rt
6lPgrvPagbY28uUnEgkEQQ0ZXf+NzuIa89KgJ3HxALTF6I9hFstlDFaCz1laT8YL
ygPAq6k8aGIEp6ND/ojba72fd1Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:50 2024 by rpki-client on console-ams.rpki-client.org