Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/RZ9UWOeQS6QBYXYUHJAH78EY7RA.roa
File:                     RZ9UWOeQS6QBYXYUHJAH78EY7RA.roa (raw, json)
Hash identifier:          CZ2/3fN/GxtEU47VpF/HIgzWGLLYASrAnySujYo/KMI=
Subject key identifier:   45:9F:54:58:E7:90:4B:A4:01:61:76:14:1C:90:07:EF:C1:18:ED:10
Certificate issuer:       /CN=0502861f923c7ec1132b548f7abb861baca1f406
Certificate serial:       0182F8983BF0AF3DC15DF12B376F3EC58EF8
Authority key identifier: 05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/RZ9UWOeQS6QBYXYUHJAH78EY7RA.roa
Signing time:             Thu 01 Sep 2022 10:28:22 +0000
ROA not before:           Thu 01 Sep 2022 10:28:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12859
IP address blocks:        185.104.28.0/22 maxlen: 24
                          2a06:2ec0::/29 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:f8:98:3b:f0:af:3d:c1:5d:f1:2b:37:6f:3e:c5:8e:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0502861f923c7ec1132b548f7abb861baca1f406
        Validity
            Not Before: Sep  1 10:28:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=459f5458e7904ba4016176141c9007efc118ed10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:5e:fd:1e:4c:20:81:a0:50:ec:49:60:c2:78:
                    2e:7b:51:5c:33:98:d6:da:c9:36:de:c1:d6:3a:a2:
                    3b:31:d7:35:ed:51:04:4b:bd:27:96:73:3e:73:3c:
                    ba:d8:6f:56:7c:8e:7a:83:6b:c0:e6:6a:d7:06:b7:
                    9e:4a:dc:8c:d2:d2:3a:32:be:ca:78:47:fb:1b:65:
                    c1:77:ea:47:42:60:dd:08:78:af:69:57:0c:4f:34:
                    17:8b:04:b0:ff:b4:b8:d2:78:f8:8f:13:3f:ef:b4:
                    ca:55:69:28:be:71:72:c4:f4:79:c1:d3:7a:4d:06:
                    12:95:4c:08:a6:31:1b:bd:54:59:41:55:5d:b1:53:
                    e2:84:f5:02:3d:da:59:b8:84:9e:c6:dc:3f:89:eb:
                    41:8d:ad:15:10:fc:d1:9e:9c:8e:2b:53:48:3a:e5:
                    c3:4f:fb:13:bd:bd:e8:d5:eb:51:8d:1f:4a:39:33:
                    f0:03:c9:b9:60:5f:ad:d5:e0:d0:23:81:c9:23:d4:
                    26:87:e6:fc:f0:28:98:f8:97:17:0d:1e:14:52:8b:
                    7e:f6:36:f4:c5:1b:05:ee:78:85:03:f1:5f:20:26:
                    f5:c4:c3:4a:7e:2b:75:23:3d:0a:d1:f4:bc:3c:f2:
                    ef:4f:b1:8b:12:38:ec:a7:8b:92:54:52:d0:b8:88:
                    f2:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:9F:54:58:E7:90:4B:A4:01:61:76:14:1C:90:07:EF:C1:18:ED:10
            X509v3 Authority Key Identifier:
                keyid:05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/RZ9UWOeQS6QBYXYUHJAH78EY7RA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/BQKGH5I8fsETK1SPeruGG6yh9AY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.104.28.0/22
                IPv6:
                  2a06:2ec0::/29

    Signature Algorithm: sha256WithRSAEncryption
         5d:b2:d5:b3:ab:62:d8:32:0d:a6:16:60:2c:37:94:8e:98:70:
         fb:42:6f:d3:7d:09:db:dd:ff:68:3a:d8:a2:1e:16:b4:34:2f:
         05:c6:4f:08:31:4e:6d:06:73:5d:e5:d4:ae:e6:fc:d5:61:6f:
         07:a2:76:72:87:90:1f:1e:ec:8d:2c:05:64:cf:10:1c:67:8d:
         bc:d8:a1:57:ea:9a:dd:a6:96:e6:04:f2:25:0f:9e:7d:ff:a4:
         1f:96:6f:38:de:bf:a7:67:9b:49:16:9a:e1:c6:2a:c4:72:cf:
         9e:7b:94:73:30:b3:09:e3:e8:5b:0e:8e:dd:21:1d:d4:97:fd:
         73:8a:f0:fb:b1:d5:7d:42:c2:6d:b2:1d:53:7b:3c:7f:5e:47:
         cc:6f:35:7d:a4:54:3f:1b:b9:fe:5d:5c:ff:fb:fe:a2:85:45:
         44:5c:c6:e1:85:06:67:cf:81:25:93:d0:4e:e4:dc:e6:18:91:
         60:9b:d8:8c:58:ec:3c:db:ea:c9:9c:50:93:69:42:9a:93:22:
         79:7c:7b:fa:67:39:42:51:c8:e4:30:7e:1a:41:9e:7a:f9:a9:
         74:db:f6:91:e4:e2:c4:fb:52:77:cd:88:73:7d:85:f0:41:d5:
         a2:b2:58:55:2d:96:88:8f:cc:b7:ab:c6:0f:28:6b:aa:b0:72:
         e0:ab:37:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYL4mDvwrz3BXfErN28+xY74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI4NjFmOTIzYzdlYzExMzJiNTQ4ZjdhYmI4NjFiYWNh
MWY0MDYwHhcNMjIwOTAxMTAyODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTlmNTQ1OGU3OTA0YmE0MDE2MTc2MTQxYzkwMDdlZmMxMThlZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF79HkwggaBQ7Elgwngue1FcM5jW
2sk23sHWOqI7Mdc17VEES70nlnM+czy62G9WfI56g2vA5mrXBreeStyM0tI6Mr7K
eEf7G2XBd+pHQmDdCHivaVcMTzQXiwSw/7S40nj4jxM/77TKVWkovnFyxPR5wdN6
TQYSlUwIpjEbvVRZQVVdsVPihPUCPdpZuISextw/ietBja0VEPzRnpyOK1NIOuXD
T/sTvb3o1etRjR9KOTPwA8m5YF+t1eDQI4HJI9Qmh+b88CiY+JcXDR4UUot+9jb0
xRsF7niFA/FfICb1xMNKfit1Iz0K0fS8PPLvT7GLEjjsp4uSVFLQuIjyDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEWfVFjnkEukAWF2FByQB+/BGO0QMB8GA1UdIwQY
MBaAFAUChh+SPH7BEytUj3q7hhusofQGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQt
MGM2NGRlYmU5ZWM0LzEvUlo5VVdPZVFTNlFCWVhZVUhKQUg3OEVZN1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQtMGM2NGRlYmU5ZWM0
LzEvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWgcMA0E
AgACMAcDBQMqBi7AMA0GCSqGSIb3DQEBCwUAA4IBAQBdstWzq2LYMg2mFmAsN5SO
mHD7Qm/TfQnb3f9oOtiiHha0NC8Fxk8IMU5tBnNd5dSu5vzVYW8HonZyh5AfHuyN
LAVkzxAcZ4282KFX6prdppbmBPIlD559/6Qflm843r+nZ5tJFprhxirEcs+ee5Rz
MLMJ4+hbDo7dIR3Ul/1zivD7sdV9QsJtsh1Tezx/XkfMbzV9pFQ/G7n+XVz/+/6i
hUVEXMbhhQZnz4Elk9BO5NzmGJFgm9iMWOw82+rJnFCTaUKakyJ5fHv6ZzlCUcjk
MH4aQZ56+al02/aR5OLE+1J3zYhzfYXwQdWislhVLZaIj8y3q8YPKGuqsHLgqzfG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:56 2024 by rpki-client on console-fra.rpki-client.org