Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/fFUjvaB7_gvEb8VYoCHpKxE3g_s.roa
File:                     fFUjvaB7_gvEb8VYoCHpKxE3g_s.roa (raw, json)
Hash identifier:          UrUL3uoofWhcJMc6xa+5oKoYTTqWerhyeU0Etcxy7ig=
Subject key identifier:   7C:55:23:BD:A0:7B:FE:0B:C4:6F:C5:58:A0:21:E9:2B:11:37:83:FB
Certificate issuer:       /CN=8cd9d61f83e0d7e8308a6cde4dd315dd75756c03
Certificate serial:       06C0DF03
Authority key identifier: 8C:D9:D6:1F:83:E0:D7:E8:30:8A:6C:DE:4D:D3:15:DD:75:75:6C:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNnWH4Pg1-gwimzeTdMV3XV1bAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/fFUjvaB7_gvEb8VYoCHpKxE3g_s.roa
Signing time:             Sat 01 Jan 2022 02:57:07 +0000
ROA not before:           Sat 01 Jan 2022 02:57:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205493
IP address blocks:        185.215.192.0/22 maxlen: 22
                          2a0b:ad40::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113303299 (0x6c0df03)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cd9d61f83e0d7e8308a6cde4dd315dd75756c03
        Validity
            Not Before: Jan  1 02:57:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7c5523bda07bfe0bc46fc558a021e92b113783fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:30:23:ab:b5:0f:1d:b4:9f:ac:04:90:44:ba:
                    53:66:c4:1e:37:05:51:d5:4e:1d:91:68:55:fb:e7:
                    cc:7a:97:67:33:8e:da:f4:6b:20:32:41:f8:78:77:
                    42:d3:9f:44:b6:e2:4a:3c:25:86:fa:08:63:db:8c:
                    b2:e1:91:26:58:b4:90:ac:3c:24:80:f3:0f:80:45:
                    68:93:13:8a:74:b0:d6:bf:10:a8:49:cf:19:27:71:
                    74:d2:8f:41:57:50:e5:8e:88:89:5e:53:74:a4:76:
                    ee:42:d3:1a:52:e6:46:cb:df:85:52:3b:32:cc:d9:
                    30:81:9b:3b:5f:e4:6a:8d:f5:38:72:4e:4f:9b:9d:
                    03:7c:e3:74:3e:6d:76:b8:02:e8:60:7f:e1:82:a0:
                    90:5a:0c:9a:17:8a:c7:74:a3:ed:58:14:d0:91:40:
                    2c:fa:41:00:f7:db:69:64:d4:75:9d:81:25:a0:d1:
                    a1:42:f4:03:da:80:5a:6e:bd:3d:ed:6e:24:5e:53:
                    cd:81:4e:39:dc:32:6d:a4:83:8f:18:29:b7:dd:43:
                    0a:15:c7:94:d2:8a:10:d8:35:8a:ba:0f:07:6a:dd:
                    e8:4b:f0:3c:b2:c0:2a:5f:81:10:42:e7:b8:53:ca:
                    f4:d5:a3:7d:62:3d:17:e5:9d:67:68:a0:05:39:cd:
                    80:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:55:23:BD:A0:7B:FE:0B:C4:6F:C5:58:A0:21:E9:2B:11:37:83:FB
            X509v3 Authority Key Identifier:
                keyid:8C:D9:D6:1F:83:E0:D7:E8:30:8A:6C:DE:4D:D3:15:DD:75:75:6C:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNnWH4Pg1-gwimzeTdMV3XV1bAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/fFUjvaB7_gvEb8VYoCHpKxE3g_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/jNnWH4Pg1-gwimzeTdMV3XV1bAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.215.192.0/22
                IPv6:
                  2a0b:ad40::/29

    Signature Algorithm: sha256WithRSAEncryption
         88:22:96:6b:44:b0:c0:36:dc:9c:cd:41:95:97:bc:7d:28:de:
         a4:18:9f:6e:74:ff:80:8d:6b:2f:0f:8e:69:4c:ba:88:bd:82:
         27:88:3a:01:90:45:f6:2a:cf:fc:87:51:bd:ff:f0:30:a7:9e:
         a2:e9:f2:3b:3c:45:bf:d1:db:92:17:56:9f:d0:95:7a:8b:84:
         28:41:37:37:09:38:7f:6e:02:57:79:92:da:60:97:cf:ea:8f:
         8c:2b:9c:57:2a:ac:31:40:d5:bc:91:0c:37:34:15:b7:aa:7a:
         8d:0d:f0:ef:49:9f:58:af:ed:81:cb:f9:3d:10:81:5f:53:8f:
         3a:e6:38:13:a6:77:88:75:34:a4:04:b1:1b:fb:97:3f:e9:58:
         6c:ce:4f:11:57:f0:49:80:95:2f:c0:99:fd:f4:b5:54:19:82:
         13:bf:3f:b5:96:8c:4b:55:d5:30:0a:9e:c5:50:0c:e1:98:83:
         fd:3a:9a:44:b6:67:b8:38:fb:b5:31:11:e2:01:2b:be:dc:fc:
         05:c8:fd:37:3f:3a:3e:f3:1e:1a:3f:cf:d1:ff:eb:f1:2b:3f:
         47:25:22:f4:7c:f3:bd:b0:b3:2c:90:bb:8c:9c:70:c5:44:e0:
         1f:c6:54:57:00:fc:5a:02:24:9c:ed:ec:b7:0e:0a:4d:a3:ba:
         b8:08:d4:f6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBsDfAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Y2Q5ZDYxZjgzZTBkN2U4MzA4YTZjZGU0ZGQzMTVkZDc1NzU2YzAzMB4XDTIyMDEw
MTAyNTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M1NTIzYmRhMDdi
ZmUwYmM0NmZjNTU4YTAyMWU5MmIxMTM3ODNmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMowI6u1Dx20n6wEkES6U2bEHjcFUdVOHZFoVfvnzHqXZzOO
2vRrIDJB+Hh3QtOfRLbiSjwlhvoIY9uMsuGRJli0kKw8JIDzD4BFaJMTinSw1r8Q
qEnPGSdxdNKPQVdQ5Y6IiV5TdKR27kLTGlLmRsvfhVI7MszZMIGbO1/kao31OHJO
T5udA3zjdD5tdrgC6GB/4YKgkFoMmheKx3Sj7VgU0JFALPpBAPfbaWTUdZ2BJaDR
oUL0A9qAWm69Pe1uJF5TzYFOOdwybaSDjxgpt91DChXHlNKKENg1iroPB2rd6Evw
PLLAKl+BEELnuFPK9NWjfWI9F+WdZ2igBTnNgKECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR8VSO9oHv+C8RvxVigIekrETeD+zAfBgNVHSMEGDAWgBSM2dYfg+DX6DCK
bN5N0xXddXVsAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pObldINFBnMS1nd2ltemVUZE1WM1hWMWJBTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvODZjOTQ2LTE0Y2ItNDkzNS04OGUzLWQyZDU3ODQzYTI3ZC8x
L2ZGVWp2YUI3X2d2RWI4VllvQ0hwS3hFM2dfcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
ODZjOTQ2LTE0Y2ItNDkzNS04OGUzLWQyZDU3ODQzYTI3ZC8xL2pObldINFBnMS1n
d2ltemVUZE1WM1hWMWJBTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnXwDANBAIAAjAHAwUDKgutQDAN
BgkqhkiG9w0BAQsFAAOCAQEAiCKWa0SwwDbcnM1BlZe8fSjepBifbnT/gI1rLw+O
aUy6iL2CJ4g6AZBF9irP/IdRvf/wMKeeounyOzxFv9HbkhdWn9CVeouEKEE3Nwk4
f24CV3mS2mCXz+qPjCucVyqsMUDVvJEMNzQVt6p6jQ3w70mfWK/tgcv5PRCBX1OP
OuY4E6Z3iHU0pASxG/uXP+lYbM5PEVfwSYCVL8CZ/fS1VBmCE78/tZaMS1XVMAqe
xVAM4ZiD/TqaRLZnuDj7tTER4gErvtz8Bcj9Nz86PvMeGj/P0f/r8Ss/RyUi9Hzz
vbCzLJC7jJxwxUTgH8ZUVwD8WgIknO3stw4KTaO6uAjU9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:20 2024 by rpki-client on console-fra.rpki-client.org