Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/mdK52AQA92bHrjl6KTk6WnQm1IY.roa
File:                     mdK52AQA92bHrjl6KTk6WnQm1IY.roa (raw, json)
Hash identifier:          Wm83svdOZRAsStJtCuwb4DTcmPJplzW/3h7SOmuXSN4=
Subject key identifier:   99:D2:B9:D8:04:00:F7:66:C7:AE:39:7A:29:39:3A:5A:74:26:D4:86
Certificate issuer:       /CN=9da140e8028e6d537600e0888a9af5a971c5db46
Certificate serial:       4319FF9B
Authority key identifier: 9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/mdK52AQA92bHrjl6KTk6WnQm1IY.roa
Signing time:             Sat 01 Jan 2022 05:05:26 +0000
ROA not before:           Sat 01 Jan 2022 05:05:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8837
IP address blocks:        192.58.41.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1125777307 (0x4319ff9b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9da140e8028e6d537600e0888a9af5a971c5db46
        Validity
            Not Before: Jan  1 05:05:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=99d2b9d80400f766c7ae397a29393a5a7426d486
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:07:b1:24:6a:fa:fd:d3:0e:8d:8c:84:1f:79:
                    37:ce:79:34:57:ae:e8:d1:cb:75:8c:63:41:27:50:
                    a6:3d:17:ab:20:93:9c:20:9c:0d:d0:49:eb:61:b7:
                    f2:dc:65:88:d5:e3:af:c8:30:2c:eb:70:97:14:18:
                    fe:7b:7a:42:c2:8b:d9:62:03:06:4f:36:68:55:69:
                    ce:c6:32:dc:fa:7e:26:36:c6:18:65:f5:a7:5b:76:
                    39:1d:1b:91:c6:89:0d:cb:25:fb:db:94:01:f2:f6:
                    75:42:89:20:eb:83:d1:b4:94:34:ee:77:18:c4:9a:
                    8c:20:b4:59:06:10:d0:f8:33:07:c5:24:9c:e2:85:
                    ec:c0:4a:ba:98:e2:8f:ea:dc:76:0d:46:98:f1:62:
                    e9:2a:54:6e:ce:8b:17:c6:6d:0c:75:d4:b5:ce:41:
                    52:06:08:c0:5a:87:12:2d:e6:11:08:cc:0d:1b:b3:
                    72:80:1d:9e:6b:7c:ee:ee:41:31:9e:bd:0c:f5:55:
                    22:ab:32:8e:32:7c:68:f2:9b:bb:c8:91:60:5b:5d:
                    84:c6:01:64:67:d7:ec:e5:e6:56:e5:23:f9:77:ed:
                    b8:26:3e:cd:37:06:59:c0:67:fc:f3:48:37:ae:91:
                    47:7f:aa:11:a2:68:9e:8b:75:de:2d:3f:91:f8:26:
                    7e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:D2:B9:D8:04:00:F7:66:C7:AE:39:7A:29:39:3A:5A:74:26:D4:86
            X509v3 Authority Key Identifier:
                keyid:9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/mdK52AQA92bHrjl6KTk6WnQm1IY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.58.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:6a:4a:49:92:fb:15:a1:a6:f6:7b:ed:0a:d6:bd:bc:10:fd:
         60:05:3a:f8:59:ad:bf:1a:6b:0d:e9:68:7e:83:26:c2:00:0d:
         92:f0:a5:9f:64:6a:ea:0a:81:5c:77:a8:19:b2:51:b8:44:2e:
         b4:19:d4:0e:cb:e0:19:74:de:dc:76:b3:b6:fd:9c:9f:e3:c7:
         31:2f:ae:f0:9c:0b:4d:b7:82:49:5f:a6:81:c8:3c:f9:bc:9b:
         86:14:c7:b5:5d:a9:21:34:cc:45:7b:6c:2e:74:09:ec:4c:c3:
         6b:b1:49:a9:5b:23:cb:06:79:1e:b2:60:d5:59:0b:14:9c:49:
         38:19:35:86:a0:f2:56:32:60:38:12:bd:2a:be:57:57:b2:50:
         41:f5:96:dd:c5:06:85:f1:b5:ac:9d:de:c3:0d:fb:93:5f:d4:
         f3:98:b1:35:68:9c:f1:5e:82:e3:ea:a6:3a:58:26:f2:24:26:
         c0:cf:48:af:e5:3a:9e:8f:64:36:d8:a9:e5:d7:ff:85:94:2b:
         ab:2e:6e:cc:20:52:1e:fb:6c:d8:56:4f:af:e3:68:45:bf:00:
         10:4e:5a:9a:e1:dc:8b:b5:04:4a:ce:6d:9e:a4:6c:53:3a:c6:
         85:01:70:ba:f5:09:b9:52:50:cc:6c:24:5b:71:83:eb:e2:ed:
         22:4b:5c:b9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQxn/mzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZGExNDBlODAyOGU2ZDUzNzYwMGUwODg4YTlhZjVhOTcxYzVkYjQ2MB4XDTIyMDEw
MTA1MDUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTlkMmI5ZDgwNDAw
Zjc2NmM3YWUzOTdhMjkzOTNhNWE3NDI2ZDQ4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQHsSRq+v3TDo2MhB95N855NFeu6NHLdYxjQSdQpj0XqyCT
nCCcDdBJ62G38txliNXjr8gwLOtwlxQY/nt6QsKL2WIDBk82aFVpzsYy3Pp+JjbG
GGX1p1t2OR0bkcaJDcsl+9uUAfL2dUKJIOuD0bSUNO53GMSajCC0WQYQ0PgzB8Uk
nOKF7MBKupjij+rcdg1GmPFi6SpUbs6LF8ZtDHXUtc5BUgYIwFqHEi3mEQjMDRuz
coAdnmt87u5BMZ69DPVVIqsyjjJ8aPKbu8iRYFtdhMYBZGfX7OXmVuUj+XftuCY+
zTcGWcBn/PNIN66RR3+qEaJonot13i0/kfgmfjkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSZ0rnYBAD3ZseuOXopOTpadCbUhjAfBgNVHSMEGDAWgBSdoUDoAo5tU3YA
4IiKmvWpccXbRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25hRkE2QUtPYlZOMkFPQ0lpcHIxcVhIRjIwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvMTI2NzU1LWVlZGQtNDBiMS05NWU4LWE0Y2E4YjljMjA1Yi8x
L21kSzUyQVFBOTJiSHJqbDZLVGs2V25RbTFJWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
MTI2NzU1LWVlZGQtNDBiMS05NWU4LWE0Y2E4YjljMjA1Yi8xL25hRkE2QUtPYlZO
MkFPQ0lpcHIxcVhIRjIwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMA6KTANBgkqhkiG9w0BAQsFAAOC
AQEAEmpKSZL7FaGm9nvtCta9vBD9YAU6+FmtvxprDelofoMmwgANkvCln2Rq6gqB
XHeoGbJRuEQutBnUDsvgGXTe3Haztv2cn+PHMS+u8JwLTbeCSV+mgcg8+bybhhTH
tV2pITTMRXtsLnQJ7EzDa7FJqVsjywZ5HrJg1VkLFJxJOBk1hqDyVjJgOBK9Kr5X
V7JQQfWW3cUGhfG1rJ3eww37k1/U85ixNWic8V6C4+qmOlgm8iQmwM9Ir+U6no9k
Ntip5df/hZQrqy5uzCBSHvts2FZPr+NoRb8AEE5amuHci7UESs5tnqRsUzrGhQFw
uvUJuVJQzGwkW3GD6+LtIktcuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:12 2024 by rpki-client on console-fra.rpki-client.org