Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/_j-KbnvSP-H80OzSlmHtQGgbDGo.roa
File:                     _j-KbnvSP-H80OzSlmHtQGgbDGo.roa (raw, json)
Hash identifier:          ffJdnbeXZhi9hTCz1EMJ1AYkE+dAtT0neCi78YT49SY=
Subject key identifier:   FE:3F:8A:6E:7B:D2:3F:E1:FC:D0:EC:D2:96:61:ED:40:68:1B:0C:6A
Certificate issuer:       /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial:       0DE763ED
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/_j-KbnvSP-H80OzSlmHtQGgbDGo.roa
Signing time:             Sat 01 Jan 2022 10:54:10 +0000
ROA not before:           Sat 01 Jan 2022 10:54:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        185.100.58.0/24 maxlen: 24
                          2001:678:8b4::/48 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 233268205 (0xde763ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
        Validity
            Not Before: Jan  1 10:54:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fe3f8a6e7bd23fe1fcd0ecd29661ed40681b0c6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:20:01:15:d8:49:c8:c9:ad:32:1f:b7:8e:d4:
                    c8:0d:09:2a:85:0c:33:26:8e:36:ac:d7:ef:05:db:
                    d5:25:78:7b:3e:cd:42:4f:25:da:69:ae:a1:c7:81:
                    fc:1f:f8:f7:c7:14:19:28:a6:78:29:e7:f8:51:e2:
                    d8:2d:b3:5a:ea:21:88:7c:a3:7d:2e:7a:cf:5f:18:
                    9f:d9:df:89:85:f5:55:45:a9:13:3e:47:d4:2c:55:
                    ea:2f:55:06:e4:d7:a4:b1:f3:d3:4d:dc:a3:0b:a5:
                    29:18:ce:16:c3:e0:7d:33:fd:c3:c7:a6:65:2b:3b:
                    75:58:27:21:cb:14:da:0b:da:0b:71:8f:35:16:e9:
                    4c:a8:46:09:51:aa:03:78:2b:2e:6c:1b:44:98:f7:
                    63:02:f6:a8:6e:b6:e5:7f:ad:6e:cd:78:d8:3b:6e:
                    77:c4:e6:02:f4:b2:be:9b:c7:78:e0:b5:9c:0c:f2:
                    22:3b:4c:71:42:05:4a:b0:33:b0:f0:09:19:c4:ef:
                    9c:26:30:76:b6:dc:ca:a3:44:68:d6:e4:78:56:c9:
                    0a:1c:78:06:32:41:b0:70:63:00:e7:39:68:c5:41:
                    49:fa:05:3b:fc:51:38:6d:40:99:c6:cf:3b:d5:87:
                    06:da:98:db:96:15:70:61:f9:ae:d8:be:5c:b9:6c:
                    20:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:3F:8A:6E:7B:D2:3F:E1:FC:D0:EC:D2:96:61:ED:40:68:1B:0C:6A
            X509v3 Authority Key Identifier:
                keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/_j-KbnvSP-H80OzSlmHtQGgbDGo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.100.58.0/24
                IPv6:
                  2001:678:8b4::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:c8:cc:01:72:e8:fd:bc:18:a4:c9:6a:ba:3e:34:ba:7a:b0:
         98:ba:42:93:85:c6:b5:3b:e0:19:70:83:38:71:be:7a:98:0a:
         05:27:d1:e2:ed:46:c7:fb:12:9f:ac:68:3f:3c:2e:d2:dd:2c:
         9a:53:65:f5:1d:9d:3f:73:86:4f:2a:43:2d:ad:7a:d7:d6:b9:
         f0:f5:24:5c:ca:33:f0:7a:45:23:60:79:b5:e5:04:cb:71:60:
         1c:4a:87:06:17:34:76:3e:83:02:fb:50:8e:a6:e2:c6:7e:f0:
         2f:f5:a1:fc:cc:44:b3:00:e4:61:54:82:97:e3:89:b0:73:8d:
         c4:ac:62:51:9d:34:a6:87:54:42:26:2d:b0:01:cd:16:c7:01:
         62:f6:ea:be:ca:92:93:ad:0e:d8:db:36:0b:58:9a:d9:9c:c3:
         32:3f:a8:d6:82:7b:b7:07:e1:5b:d8:be:d0:55:8e:ca:4f:ef:
         24:9b:77:a7:8e:72:74:73:b8:49:39:16:ae:d0:27:3e:3d:7f:
         08:ce:0d:c5:37:1e:3d:b0:40:d7:0b:cc:46:67:70:a5:45:ed:
         2d:77:64:b7:7f:ee:6c:4e:fe:1f:09:de:18:dc:31:f4:9f:90:
         85:e6:c9:6f:9d:f1:16:f8:af:a0:d9:c1:18:ae:23:df:57:ee:
         ba:39:b3:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEDedj7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjY2MDViNGQyN2YxMzk2OGU4Nzk0ZTZlZjA5MTIyMzc0ODgxN2Q4MB4XDTIyMDEw
MTEwNTQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmUzZjhhNmU3YmQy
M2ZlMWZjZDBlY2QyOTY2MWVkNDA2ODFiMGM2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOsgARXYScjJrTIft47UyA0JKoUMMyaONqzX7wXb1SV4ez7N
Qk8l2mmuoceB/B/498cUGSimeCnn+FHi2C2zWuohiHyjfS56z18Yn9nfiYX1VUWp
Ez5H1CxV6i9VBuTXpLHz003cowulKRjOFsPgfTP9w8emZSs7dVgnIcsU2gvaC3GP
NRbpTKhGCVGqA3grLmwbRJj3YwL2qG625X+tbs142Dtud8TmAvSyvpvHeOC1nAzy
IjtMcUIFSrAzsPAJGcTvnCYwdrbcyqNEaNbkeFbJChx4BjJBsHBjAOc5aMVBSfoF
O/xROG1AmcbPO9WHBtqY25YVcGH5rti+XLlsIKECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT+P4pue9I/4fzQ7NKWYe1AaBsMajAfBgNVHSMEGDAWgBSCZgW00n8Tlo6H
lObvCRIjdIgX2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dtWUZ0TkpfRTVhT2g1VG03d2tTSTNTSUY5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8x
L19qLUtibnZTUC1IODBPelNsbUh0UUdnYkRHby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
ZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8xL2dtWUZ0TkpfRTVh
T2g1VG03d2tTSTNTSUY5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALlkOjAPBAIAAjAJAwcAIAEGeAi0
MA0GCSqGSIb3DQEBCwUAA4IBAQByyMwBcuj9vBikyWq6PjS6erCYukKThca1O+AZ
cIM4cb56mAoFJ9Hi7UbH+xKfrGg/PC7S3SyaU2X1HZ0/c4ZPKkMtrXrX1rnw9SRc
yjPwekUjYHm15QTLcWAcSocGFzR2PoMC+1COpuLGfvAv9aH8zESzAORhVIKX44mw
c43ErGJRnTSmh1RCJi2wAc0WxwFi9uq+ypKTrQ7Y2zYLWJrZnMMyP6jWgnu3B+Fb
2L7QVY7KT+8km3enjnJ0c7hJORau0Cc+PX8Izg3FNx49sEDXC8xGZ3ClRe0td2S3
f+5sTv4fCd4Y3DH0n5CF5slvnfEW+K+g2cEYriPfV+66ObPv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org