Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/N5TaHK6tb7rxUW_D74GMJKe3HBY.roa
File:                     N5TaHK6tb7rxUW_D74GMJKe3HBY.roa (raw, json)
Hash identifier:          E2alfi0zhCXZ6hSe3Y73XsRjWG8D9sVnMTN2ARxx4J0=
Subject key identifier:   37:94:DA:1C:AE:AD:6F:BA:F1:51:6F:C3:EF:81:8C:24:A7:B7:1C:16
Certificate issuer:       /CN=845d042f65e1b1303a44e43e0e02748a75837b44
Certificate serial:       0184386FEDF36D85C8F177AD7DA04B0053CD
Authority key identifier: 84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/N5TaHK6tb7rxUW_D74GMJKe3HBY.roa
Signing time:             Wed 02 Nov 2022 13:02:50 +0000
ROA not before:           Wed 02 Nov 2022 13:02:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207604
IP address blocks:        185.119.90.0/24 maxlen: 24
                          185.119.91.0/24 maxlen: 24
                          185.119.88.0/24 maxlen: 24
                          185.119.89.0/24 maxlen: 24
                          2a0c:bf80:5a::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:38:6f:ed:f3:6d:85:c8:f1:77:ad:7d:a0:4b:00:53:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=845d042f65e1b1303a44e43e0e02748a75837b44
        Validity
            Not Before: Nov  2 13:02:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3794da1caead6fbaf1516fc3ef818c24a7b71c16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:0f:a7:3c:be:f9:c9:03:25:2d:ea:a7:29:dc:
                    33:5d:8a:56:a1:37:6d:5b:ae:1a:86:ae:57:2b:1a:
                    52:be:02:41:23:22:ae:0b:95:3a:ba:c7:5e:1e:4d:
                    16:bf:34:d2:54:88:55:28:6f:c8:9b:10:47:c2:c8:
                    f5:c0:2b:74:00:75:1d:de:c4:25:cb:e5:67:6c:d8:
                    1b:c9:eb:36:36:87:74:70:1f:d0:dc:f0:b1:70:40:
                    07:46:8d:00:c0:96:e3:d7:3b:37:ec:69:5b:5c:b9:
                    3d:ac:9b:53:19:3d:3b:2f:1d:5b:4d:00:59:96:ae:
                    37:0c:4a:65:2c:6f:7f:7d:6c:2f:05:95:4d:c8:09:
                    c0:8a:8c:14:9b:62:48:f4:f6:62:24:8e:ad:92:74:
                    86:93:83:6e:cd:c6:bf:62:ca:39:20:00:0a:40:69:
                    a4:c7:8a:63:d9:d2:65:87:73:cc:f8:c5:37:c1:86:
                    eb:37:fa:97:06:0d:1d:1a:41:5c:26:bd:8d:01:80:
                    24:e5:41:2d:ac:57:cc:4f:b8:09:a4:a7:48:28:b4:
                    3f:9e:92:61:09:51:e7:d8:dd:72:eb:4b:db:52:66:
                    98:e1:da:f9:f4:74:b0:41:12:4e:86:39:c5:dc:96:
                    20:f5:c6:3a:b6:cf:7c:6d:58:b3:29:ab:ff:c6:30:
                    e8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:94:DA:1C:AE:AD:6F:BA:F1:51:6F:C3:EF:81:8C:24:A7:B7:1C:16
            X509v3 Authority Key Identifier:
                keyid:84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/N5TaHK6tb7rxUW_D74GMJKe3HBY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.119.88.0/22
                IPv6:
                  2a0c:bf80:5a::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:47:60:a9:09:3a:80:4c:a5:fb:8d:83:e5:2f:2d:71:4d:aa:
         75:f6:f5:16:96:6c:25:de:bb:97:a9:d5:62:c0:eb:65:0a:3c:
         69:21:e6:a7:92:6f:8c:6c:9d:fa:34:02:2e:d5:fa:75:20:c4:
         0f:57:47:10:1d:2a:88:41:be:fa:52:53:f3:bc:f8:7c:dd:21:
         19:b0:95:cc:81:21:d9:65:2c:67:24:96:b7:1f:a4:25:51:30:
         19:a7:b7:92:a1:ff:ff:f8:6b:f5:28:54:44:1a:2d:ba:69:c9:
         bb:85:de:10:79:8a:07:cb:23:da:7a:1d:80:64:5a:1e:3c:74:
         db:2c:f6:69:49:1b:06:16:40:28:3f:b1:67:85:53:30:b0:ef:
         1b:eb:a2:48:27:6e:b9:81:02:88:1c:ac:f0:4d:fe:af:4b:e3:
         9e:87:16:c4:70:eb:49:d4:95:25:64:95:40:3a:35:c1:51:5e:
         eb:42:03:7f:31:2d:4d:79:d6:b4:76:1f:2c:7a:d0:90:02:52:
         bc:7a:9d:f5:38:3f:6f:1b:af:39:0f:13:5c:76:83:62:8a:5a:
         e5:1e:c5:48:a5:ba:21:37:d9:e8:3e:ca:6c:8e:53:be:d5:b0:
         43:98:1f:af:cf:e4:8d:8b:0a:38:3a:d9:95:8d:6d:73:8b:a5:
         37:75:3b:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQ4b+3zbYXI8XetfaBLAFPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWQwNDJmNjVlMWIxMzAzYTQ0ZTQzZTBlMDI3NDhhNzU4
MzdiNDQwHhcNMjIxMTAyMTMwMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk0ZGExY2FlYWQ2ZmJhZjE1MTZmYzNlZjgxOGMyNGE3YjcxYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg+nPL75yQMlLeqnKdwzXYpWoTdt
W64ahq5XKxpSvgJBIyKuC5U6usdeHk0WvzTSVIhVKG/ImxBHwsj1wCt0AHUd3sQl
y+VnbNgbyes2Nod0cB/Q3PCxcEAHRo0AwJbj1zs37GlbXLk9rJtTGT07Lx1bTQBZ
lq43DEplLG9/fWwvBZVNyAnAiowUm2JI9PZiJI6tknSGk4Nuzca/Yso5IAAKQGmk
x4pj2dJlh3PM+MU3wYbrN/qXBg0dGkFcJr2NAYAk5UEtrFfMT7gJpKdIKLQ/npJh
CVHn2N1y60vbUmaY4dr59HSwQRJOhjnF3JYg9cY6ts98bVizKav/xjDoRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDeU2hyurW+68VFvw++BjCSntxwWMB8GA1UdIwQY
MBaAFIRdBC9l4bEwOkTkPg4CdIp1g3tEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgt
ZDhjMzUxZDkzZWM2LzEvTjVUYUhLNnRiN3J4VVdfRDc0R01KS2UzSEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgtZDhjMzUxZDkzZWM2
LzEvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuXdYMA8E
AgACMAkDBwAqDL+AAFowDQYJKoZIhvcNAQELBQADggEBAAJHYKkJOoBMpfuNg+Uv
LXFNqnX29RaWbCXeu5ep1WLA62UKPGkh5qeSb4xsnfo0Ai7V+nUgxA9XRxAdKohB
vvpSU/O8+HzdIRmwlcyBIdllLGcklrcfpCVRMBmnt5Kh///4a/UoVEQaLbppybuF
3hB5igfLI9p6HYBkWh48dNss9mlJGwYWQCg/sWeFUzCw7xvrokgnbrmBAogcrPBN
/q9L456HFsRw60nUlSVklUA6NcFRXutCA38xLU151rR2Hyx60JACUrx6nfU4P28b
rzkPE1x2g2KKWuUexUiluiE32eg+ymyOU77VsEOYH6/P5I2LCjg62ZWNbXOLpTd1
OwE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:56 2024 by rpki-client on console-fra.rpki-client.org