Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/mvLBtSL2sXQJnzI6rGE64ZmNV2I.roa
File:                     mvLBtSL2sXQJnzI6rGE64ZmNV2I.roa (raw, json)
Hash identifier:          LfOInCRZMye/GNocXLSyOxsmon7AuEWtkqeonH2hrmM=
Subject key identifier:   9A:F2:C1:B5:22:F6:B1:74:09:9F:32:3A:AC:61:3A:E1:99:8D:57:62
Certificate issuer:       /CN=50399d4435bb85fae910abe38e68533204dfd60b
Certificate serial:       0BC9E28B
Authority key identifier: 50:39:9D:44:35:BB:85:FA:E9:10:AB:E3:8E:68:53:32:04:DF:D6:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDmdRDW7hfrpEKvjjmhTMgTf1gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/mvLBtSL2sXQJnzI6rGE64ZmNV2I.roa
Signing time:             Sat 01 Jan 2022 01:51:26 +0000
ROA not before:           Sat 01 Jan 2022 01:51:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9443
IP address blocks:        185.167.191.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 197780107 (0xbc9e28b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50399d4435bb85fae910abe38e68533204dfd60b
        Validity
            Not Before: Jan  1 01:51:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9af2c1b522f6b174099f323aac613ae1998d5762
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f3:07:18:3d:a5:34:2c:96:e0:04:e9:6a:19:
                    81:fb:3b:3d:2c:4b:85:91:4e:a8:a8:6e:c4:9e:b6:
                    7a:80:61:1f:25:d5:f4:6a:6a:58:c4:19:27:9f:93:
                    26:28:63:12:42:35:9d:66:06:e8:79:26:a7:78:71:
                    c5:c8:81:49:fc:24:da:39:69:14:97:42:1a:4b:73:
                    77:ac:fa:15:a1:53:8a:34:7c:7b:02:f5:7e:dc:74:
                    c9:62:b7:76:e6:7f:e5:dc:69:31:6a:24:f3:49:30:
                    a1:9e:77:e9:b3:c7:3d:d9:97:c1:53:38:b0:1a:34:
                    65:c4:5b:2c:71:ca:75:92:f4:8c:21:a4:f7:6c:00:
                    25:1d:5e:07:6b:8f:97:40:db:8b:c3:df:b3:99:f7:
                    1c:d7:24:ae:b1:3a:38:ae:f8:aa:1f:e7:5e:2b:5b:
                    a6:d6:d9:ab:67:e1:f0:0b:2e:5a:70:c7:d9:b1:49:
                    84:7c:44:c8:78:a0:3b:62:72:3e:ec:dc:5d:f0:11:
                    09:0a:54:39:46:bc:5b:44:5b:85:e6:8a:1c:88:9a:
                    1e:9d:9d:6f:36:c2:c3:2d:13:8e:33:c6:1b:81:76:
                    95:c7:83:91:18:f8:e0:87:d6:6f:39:89:ed:d9:31:
                    30:2d:d5:02:db:d2:87:fe:da:c3:36:85:b1:1d:9b:
                    8b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:F2:C1:B5:22:F6:B1:74:09:9F:32:3A:AC:61:3A:E1:99:8D:57:62
            X509v3 Authority Key Identifier:
                keyid:50:39:9D:44:35:BB:85:FA:E9:10:AB:E3:8E:68:53:32:04:DF:D6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDmdRDW7hfrpEKvjjmhTMgTf1gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/mvLBtSL2sXQJnzI6rGE64ZmNV2I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/UDmdRDW7hfrpEKvjjmhTMgTf1gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:ad:59:80:37:80:90:f5:5f:a6:79:00:67:79:e5:f0:4e:7f:
         50:21:f5:22:de:b0:6f:50:c6:41:94:af:b4:f1:b6:38:d5:c4:
         57:8e:3a:90:f9:f8:82:25:40:0c:22:52:0a:89:98:ab:67:b3:
         7c:10:61:89:86:aa:cf:54:a1:74:b9:79:be:60:11:b3:2c:45:
         d6:96:9c:5c:32:94:ef:dd:99:e7:19:70:d7:27:e4:e0:ac:f9:
         0a:45:e5:7d:33:17:aa:e3:48:5b:6b:af:7a:63:ce:95:64:73:
         13:4a:14:dc:a4:dc:60:c1:49:69:68:14:c4:e3:30:c7:80:28:
         4f:96:d5:df:6c:f6:1f:7d:02:6b:60:52:a7:7f:6d:7c:65:57:
         89:15:3f:28:2b:3b:cb:d5:4c:40:7a:88:e1:2d:36:a7:80:58:
         67:f8:75:6c:ae:5e:da:fc:ca:a0:71:a0:39:ae:a2:61:0d:fd:
         43:08:5e:a4:45:25:b4:4e:66:27:e5:03:74:6b:29:95:17:12:
         c1:9c:41:ca:2e:45:60:6e:47:ce:8f:b4:b7:93:61:35:3c:61:
         c4:be:ce:bb:5a:3c:38:3d:89:67:16:4f:17:08:00:10:1d:72:
         29:64:6c:bb:62:82:9a:9d:4f:70:cd:26:6f:37:9d:c8:af:ce:
         c8:c6:4f:a3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC8niizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MDM5OWQ0NDM1YmI4NWZhZTkxMGFiZTM4ZTY4NTMzMjA0ZGZkNjBiMB4XDTIyMDEw
MTAxNTEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFmMmMxYjUyMmY2
YjE3NDA5OWYzMjNhYWM2MTNhZTE5OThkNTc2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXzBxg9pTQsluAE6WoZgfs7PSxLhZFOqKhuxJ62eoBhHyXV
9GpqWMQZJ5+TJihjEkI1nWYG6Hkmp3hxxciBSfwk2jlpFJdCGktzd6z6FaFTijR8
ewL1ftx0yWK3duZ/5dxpMWok80kwoZ536bPHPdmXwVM4sBo0ZcRbLHHKdZL0jCGk
92wAJR1eB2uPl0Dbi8Pfs5n3HNckrrE6OK74qh/nXitbptbZq2fh8AsuWnDH2bFJ
hHxEyHigO2JyPuzcXfARCQpUOUa8W0RbheaKHIiaHp2dbzbCwy0TjjPGG4F2lceD
kRj44IfWbzmJ7dkxMC3VAtvSh/7awzaFsR2bi18CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSa8sG1IvaxdAmfMjqsYTrhmY1XYjAfBgNVHSMEGDAWgBRQOZ1ENbuF+ukQ
q+OOaFMyBN/WCzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VEbWRSRFc3aGZycEVLdmpqbWhUTWdUZjFncy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvNGYzZjA4LTk4NmItNDhlNC04NWRkLTM0ZmZkYjQ0MjExMy8x
L212TEJ0U0wyc1hRSm56STZyR0U2NFptTlYySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
NGYzZjA4LTk4NmItNDhlNC04NWRkLTM0ZmZkYjQ0MjExMy8xL1VEbWRSRFc3aGZy
cEVLdmpqbWhUTWdUZjFncy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmnvzANBgkqhkiG9w0BAQsFAAOC
AQEAu61ZgDeAkPVfpnkAZ3nl8E5/UCH1It6wb1DGQZSvtPG2ONXEV446kPn4giVA
DCJSComYq2ezfBBhiYaqz1ShdLl5vmARsyxF1pacXDKU792Z5xlw1yfk4Kz5CkXl
fTMXquNIW2uvemPOlWRzE0oU3KTcYMFJaWgUxOMwx4AoT5bV32z2H30Ca2BSp39t
fGVXiRU/KCs7y9VMQHqI4S02p4BYZ/h1bK5e2vzKoHGgOa6iYQ39QwhepEUltE5m
J+UDdGsplRcSwZxByi5FYG5Hzo+0t5NhNTxhxL7Ou1o8OD2JZxZPFwgAEB1yKWRs
u2KCmp1PcM0mbzedyK/OyMZPow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:07 2024 by rpki-client on console-ams.rpki-client.org