Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b984d6-167a-4c0d-b544-58d5bb71c2a1/1/9_5c4CiJ6SMxCeOLW8r3tZ1PB5c.roa
File:                     9_5c4CiJ6SMxCeOLW8r3tZ1PB5c.roa (raw, json)
Hash identifier:          IT31bxT7zef9fA5VDi1oF7+4WTTD5cJHKU1fGYk9WLs=
Subject key identifier:   F7:FE:5C:E0:28:89:E9:23:31:09:E3:8B:5B:CA:F7:B5:9D:4F:07:97
Certificate issuer:       /CN=8ddc04351c858a6a7fe0f90812bb10655e5af8ca
Certificate serial:       06DACE49
Authority key identifier: 8D:DC:04:35:1C:85:8A:6A:7F:E0:F9:08:12:BB:10:65:5E:5A:F8:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jdwENRyFimp_4PkIErsQZV5a-Mo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/b984d6-167a-4c0d-b544-58d5bb71c2a1/1/9_5c4CiJ6SMxCeOLW8r3tZ1PB5c.roa
Signing time:             Sat 01 Jan 2022 15:55:11 +0000
ROA not before:           Sat 01 Jan 2022 15:55:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51560
IP address blocks:        185.139.208.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115002953 (0x6dace49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ddc04351c858a6a7fe0f90812bb10655e5af8ca
        Validity
            Not Before: Jan  1 15:55:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f7fe5ce02889e9233109e38b5bcaf7b59d4f0797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:83:94:06:7e:42:f9:a6:28:2c:e0:14:f3:53:
                    eb:56:ff:86:75:78:0b:a2:06:71:fe:85:cc:90:ea:
                    0f:29:d9:47:01:e8:23:37:44:f4:34:2a:86:05:19:
                    75:e9:ee:d7:aa:af:58:80:9e:19:39:0f:2e:ac:d5:
                    bc:75:7f:2a:5d:2d:28:23:a6:ac:2e:2e:f7:f8:bf:
                    85:3a:27:97:cb:4d:c1:19:0e:41:c0:c5:a9:a1:ba:
                    a8:84:2c:23:a7:d6:f0:58:0f:e8:fc:e6:61:68:21:
                    5d:5c:10:e4:df:6b:94:d4:08:65:6b:36:9a:66:6e:
                    c7:73:07:d9:19:40:d4:c2:86:21:72:c4:3e:b4:83:
                    32:22:57:4e:02:21:e2:fd:e1:2b:a6:91:1c:16:c4:
                    e5:9d:20:85:02:7b:a0:b2:f2:6d:3e:a2:34:ab:87:
                    63:a6:70:87:f6:0d:ef:03:88:8e:77:97:6e:85:c3:
                    3f:70:32:7d:ff:f8:09:b7:18:cb:5d:97:c0:bc:1e:
                    4b:ca:df:ff:f8:5e:f3:c1:9e:4c:c9:64:df:19:5d:
                    92:a2:61:9b:7b:5b:d8:c5:43:08:0e:f4:3c:59:b6:
                    69:d4:66:30:70:d0:92:ff:04:a4:e3:87:75:01:d2:
                    78:5d:f8:f5:94:fc:93:63:ba:dc:2f:24:28:1a:d1:
                    34:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:FE:5C:E0:28:89:E9:23:31:09:E3:8B:5B:CA:F7:B5:9D:4F:07:97
            X509v3 Authority Key Identifier:
                keyid:8D:DC:04:35:1C:85:8A:6A:7F:E0:F9:08:12:BB:10:65:5E:5A:F8:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jdwENRyFimp_4PkIErsQZV5a-Mo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b984d6-167a-4c0d-b544-58d5bb71c2a1/1/9_5c4CiJ6SMxCeOLW8r3tZ1PB5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b984d6-167a-4c0d-b544-58d5bb71c2a1/1/jdwENRyFimp_4PkIErsQZV5a-Mo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.139.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2b:ae:1a:40:e9:c2:20:0d:e3:3a:74:f4:04:1d:52:8c:35:74:
         27:d5:26:34:da:51:45:c4:20:82:d9:1b:bb:92:6b:5c:40:2c:
         68:38:f8:e1:ae:76:c3:a6:a0:ed:7f:15:94:0c:f3:eb:58:87:
         c7:1d:db:4e:52:39:36:40:5d:8c:cc:fe:3d:d3:18:2a:da:c9:
         12:c4:d1:1b:ca:07:a5:b3:bc:dd:24:b4:d8:00:09:0f:af:13:
         44:7e:af:89:8e:a1:80:b3:53:fd:68:ea:04:73:6d:3c:2b:56:
         1b:e7:f1:74:2d:cc:18:46:41:8b:40:4e:da:6d:bf:61:53:b3:
         40:79:bf:ea:ae:5f:01:cf:e0:0d:52:a0:72:7a:1c:fb:b8:4e:
         2c:f0:4b:dd:aa:6f:e9:fc:da:a8:8a:e7:1b:b7:f2:39:b4:8f:
         d4:7c:f0:ab:a8:64:6c:d2:d5:83:29:4e:ea:d7:41:cb:3b:0f:
         1e:cb:bb:8e:e2:6a:d7:27:90:7b:35:f6:d8:89:71:9e:32:2c:
         f1:56:c0:c1:57:e0:c3:8c:20:d4:4b:9a:5c:a0:29:dc:40:22:
         3c:73:b6:2b:c2:19:b2:a3:d8:a0:d5:26:ab:34:b5:87:85:c6:
         73:d4:65:a7:be:16:7e:41:3a:c3:ef:d9:db:a7:97:34:54:35:
         b7:1f:3f:95
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBtrOSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGRjMDQzNTFjODU4YTZhN2ZlMGY5MDgxMmJiMTA2NTVlNWFmOGNhMB4XDTIyMDEw
MTE1NTUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdmZTVjZTAyODg5
ZTkyMzMxMDllMzhiNWJjYWY3YjU5ZDRmMDc5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeDlAZ+QvmmKCzgFPNT61b/hnV4C6IGcf6FzJDqDynZRwHo
IzdE9DQqhgUZdenu16qvWICeGTkPLqzVvHV/Kl0tKCOmrC4u9/i/hTonl8tNwRkO
QcDFqaG6qIQsI6fW8FgP6PzmYWghXVwQ5N9rlNQIZWs2mmZux3MH2RlA1MKGIXLE
PrSDMiJXTgIh4v3hK6aRHBbE5Z0ghQJ7oLLybT6iNKuHY6Zwh/YN7wOIjneXboXD
P3Ayff/4CbcYy12XwLweS8rf//he88GeTMlk3xldkqJhm3tb2MVDCA70PFm2adRm
MHDQkv8EpOOHdQHSeF349ZT8k2O63C8kKBrRNNUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT3/lzgKInpIzEJ44tbyve1nU8HlzAfBgNVHSMEGDAWgBSN3AQ1HIWKan/g
+QgSuxBlXlr4yjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pkd0VOUnlGaW1wXzRQa0lFcnNRWlY1YS1Nby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvYjk4NGQ2LTE2N2EtNGMwZC1iNTQ0LTU4ZDViYjcxYzJhMS8x
LzlfNWM0Q2lKNlNNeENlT0xXOHIzdFoxUEI1Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
Yjk4NGQ2LTE2N2EtNGMwZC1iNTQ0LTU4ZDViYjcxYzJhMS8xL2pkd0VOUnlGaW1w
XzRQa0lFcnNRWlY1YS1Nby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmL0DANBgkqhkiG9w0BAQsFAAOC
AQEAK64aQOnCIA3jOnT0BB1SjDV0J9UmNNpRRcQggtkbu5JrXEAsaDj44a52w6ag
7X8VlAzz61iHxx3bTlI5NkBdjMz+PdMYKtrJEsTRG8oHpbO83SS02AAJD68TRH6v
iY6hgLNT/WjqBHNtPCtWG+fxdC3MGEZBi0BO2m2/YVOzQHm/6q5fAc/gDVKgcnoc
+7hOLPBL3apv6fzaqIrnG7fyObSP1Hzwq6hkbNLVgylO6tdByzsPHsu7juJq1yeQ
ezX22IlxnjIs8VbAwVfgw4wg1EuaXKAp3EAiPHO2K8IZsqPYoNUmqzS1h4XGc9Rl
p74WfkE6w+/Z26eXNFQ1tx8/lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:05 2024 by rpki-client on console-ams.rpki-client.org