Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f14bc3-1f96-4da8-a16f-7b45be0465aa/1/ZMGwLhufifFn3w2cFBKzYwX7uXM.roa
File:                     ZMGwLhufifFn3w2cFBKzYwX7uXM.roa (raw, json)
Hash identifier:          8JgrlLqnys0Uc7H3LWHsZuT4mzjIonB5QqMPsZOFYfY=
Subject key identifier:   64:C1:B0:2E:1B:9F:89:F1:67:DF:0D:9C:14:12:B3:63:05:FB:B9:73
Certificate issuer:       /CN=076b0185cabb66843d67f88601bc0a79a2eebcad
Certificate serial:       95DF
Authority key identifier: 07:6B:01:85:CA:BB:66:84:3D:67:F8:86:01:BC:0A:79:A2:EE:BC:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B2sBhcq7ZoQ9Z_iGAbwKeaLuvK0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/f14bc3-1f96-4da8-a16f-7b45be0465aa/1/ZMGwLhufifFn3w2cFBKzYwX7uXM.roa
Signing time:             Wed 06 Apr 2022 13:09:12 +0000
ROA not before:           Wed 06 Apr 2022 13:09:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202942
IP address blocks:        185.135.224.0/22 maxlen: 24
                          45.9.64.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38367 (0x95df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=076b0185cabb66843d67f88601bc0a79a2eebcad
        Validity
            Not Before: Apr  6 13:09:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=64c1b02e1b9f89f167df0d9c1412b36305fbb973
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a6:21:56:fd:01:f6:54:16:bd:c5:e6:40:69:
                    47:3c:d6:4e:f1:de:67:76:99:f1:92:7b:0c:40:55:
                    ea:ac:aa:d2:89:e8:b5:70:f2:0e:fd:2f:cb:85:b9:
                    99:ac:0b:67:65:26:61:24:bd:8e:90:cb:b8:a9:41:
                    c2:24:d9:fc:80:97:04:44:54:ca:56:4d:47:19:e2:
                    67:ec:d7:64:57:7a:f1:6a:ad:5d:6b:24:13:86:31:
                    e8:89:88:e9:49:43:3f:8a:78:c2:19:97:89:7a:76:
                    85:b1:63:4f:21:ae:a6:5a:96:22:e2:f4:03:eb:a8:
                    f5:57:d0:ae:8b:d7:b6:55:da:b4:0d:c4:96:c3:bf:
                    94:f0:d4:fc:3f:1f:a0:d8:95:91:f5:de:59:bd:75:
                    a8:ca:8d:76:b7:8a:17:a0:29:1f:7f:f2:c1:55:3e:
                    c4:10:3c:6e:94:c3:47:36:e4:95:8e:02:3f:b2:eb:
                    ab:67:4e:5f:ab:cf:b3:88:98:7d:53:f8:9f:3f:e2:
                    64:76:42:00:dd:3c:21:48:af:f4:dc:7e:81:74:dc:
                    e2:f6:46:2a:3a:31:1f:22:e2:78:ca:ff:b7:6f:1c:
                    1a:97:05:dd:ad:67:cc:59:ce:28:7b:cf:d6:54:db:
                    50:77:30:ac:29:9f:5c:b3:78:35:0d:fc:ce:c7:95:
                    00:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:C1:B0:2E:1B:9F:89:F1:67:DF:0D:9C:14:12:B3:63:05:FB:B9:73
            X509v3 Authority Key Identifier:
                keyid:07:6B:01:85:CA:BB:66:84:3D:67:F8:86:01:BC:0A:79:A2:EE:BC:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B2sBhcq7ZoQ9Z_iGAbwKeaLuvK0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f14bc3-1f96-4da8-a16f-7b45be0465aa/1/ZMGwLhufifFn3w2cFBKzYwX7uXM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f14bc3-1f96-4da8-a16f-7b45be0465aa/1/B2sBhcq7ZoQ9Z_iGAbwKeaLuvK0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.64.0/22
                  185.135.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b6:d7:1f:ee:02:48:52:0a:d9:7b:36:f9:6b:85:29:b6:3a:b4:
         91:fc:f1:94:26:2b:d1:63:a8:7c:4a:c8:a2:15:65:61:5e:6b:
         1d:f6:80:0d:6e:c8:95:52:28:9f:1d:10:28:b9:86:9d:4b:3f:
         85:fc:fb:20:af:91:f3:30:61:c6:e6:64:73:f5:38:8d:7e:d6:
         8f:78:7e:b4:4b:0d:d2:22:e4:73:48:41:18:ae:d9:0e:11:9b:
         f6:e5:8e:ad:d0:d4:46:e4:75:10:45:2c:5b:14:2c:75:50:d5:
         c1:4f:dd:46:07:a2:0b:72:ee:0c:23:b0:e3:b1:95:b8:2a:4a:
         52:1c:62:23:6d:e4:12:2c:b2:22:fe:a0:c6:13:55:06:27:e6:
         52:a5:da:f0:31:0f:bf:7a:f4:78:d2:e5:58:de:c0:69:4a:5f:
         e3:ee:fd:74:79:eb:2a:18:0f:18:f6:81:a4:2b:54:a4:cc:2e:
         5a:fe:4a:e3:31:87:3b:6a:1a:ba:7f:5f:40:56:ba:4a:87:27:
         30:77:2d:04:42:64:ba:6d:1c:58:21:db:db:c1:2a:16:f6:8b:
         6f:e8:f1:85:24:c8:dc:e7:7e:74:e2:8f:ae:92:0d:23:cf:3d:
         90:3a:f4:43:4b:19:c2:9e:09:28:1e:ad:d0:a1:f3:c4:4d:5b:
         26:fe:9f:80
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAJXfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA3
NmIwMTg1Y2FiYjY2ODQzZDY3Zjg4NjAxYmMwYTc5YTJlZWJjYWQwHhcNMjIwNDA2
MTMwOTEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2NGMxYjAyZTFiOWY4
OWYxNjdkZjBkOWMxNDEyYjM2MzA1ZmJiOTczMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvqYhVv0B9lQWvcXmQGlHPNZO8d5ndpnxknsMQFXqrKrSiei1
cPIO/S/LhbmZrAtnZSZhJL2OkMu4qUHCJNn8gJcERFTKVk1HGeJn7NdkV3rxaq1d
ayQThjHoiYjpSUM/injCGZeJenaFsWNPIa6mWpYi4vQD66j1V9Cui9e2Vdq0DcSW
w7+U8NT8Px+g2JWR9d5ZvXWoyo12t4oXoCkff/LBVT7EEDxulMNHNuSVjgI/suur
Z05fq8+ziJh9U/ifP+JkdkIA3TwhSK/03H6BdNzi9kYqOjEfIuJ4yv+3bxwalwXd
rWfMWc4oe8/WVNtQdzCsKZ9cs3g1DfzOx5UAtwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFGTBsC4bn4nxZ98NnBQSs2MF+7lzMB8GA1UdIwQYMBaAFAdrAYXKu2aEPWf4
hgG8Cnmi7rytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QjJzQmhjcTdab1E5Wl9pR0Fid0tlYUx1dkswLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85MS9mMTRiYzMtMWY5Ni00ZGE4LWExNmYtN2I0NWJlMDQ2NWFhLzEv
Wk1Hd0xodWZpZkZuM3cyY0ZCS3pZd1g3dVhNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9m
MTRiYzMtMWY5Ni00ZGE4LWExNmYtN2I0NWJlMDQ2NWFhLzEvQjJzQmhjcTdab1E5
Wl9pR0Fid0tlYUx1dkswLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQlAAwQCuYfgMA0GCSqGSIb3DQEB
CwUAA4IBAQC21x/uAkhSCtl7NvlrhSm2OrSR/PGUJivRY6h8SsiiFWVhXmsd9oAN
bsiVUiifHRAouYadSz+F/Psgr5HzMGHG5mRz9TiNftaPeH60Sw3SIuRzSEEYrtkO
EZv25Y6t0NRG5HUQRSxbFCx1UNXBT91GB6ILcu4MI7DjsZW4KkpSHGIjbeQSLLIi
/qDGE1UGJ+ZSpdrwMQ+/evR40uVY3sBpSl/j7v10eesqGA8Y9oGkK1SkzC5a/krj
MYc7ahq6f19AVrpKhycwdy0EQmS6bRxYIdvbwSoW9otv6PGFJMjc53504o+ukg0j
zz2QOvRDSxnCngkoHq3QofPETVsm/p+A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:04 2024 by rpki-client on console-ams.rpki-client.org