Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a5fc11-72b4-4f9d-aa45-a2a5a8d99db8/1/mZW0ru8YRgyCWTAmbaXgLr-cvkI.roa
File:                     mZW0ru8YRgyCWTAmbaXgLr-cvkI.roa (raw, json)
Hash identifier:          sGRy07j9JcUEb+rxAcilIOONCpZxfOhx3RNH2iRbQJU=
Subject key identifier:   99:95:B4:AE:EF:18:46:0C:82:59:30:26:6D:A5:E0:2E:BF:9C:BE:42
Certificate issuer:       /CN=baf79127ee34a3aee9079c8e9799c40f0dc8dca2
Certificate serial:       0185500410CEA204DB6C7494D73C70140930
Authority key identifier: BA:F7:91:27:EE:34:A3:AE:E9:07:9C:8E:97:99:C4:0F:0D:C8:DC:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uveRJ-40o67pB5yOl5nEDw3I3KI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/a5fc11-72b4-4f9d-aa45-a2a5a8d99db8/1/mZW0ru8YRgyCWTAmbaXgLr-cvkI.roa
Signing time:             Mon 26 Dec 2022 19:58:41 +0000
ROA not before:           Mon 26 Dec 2022 19:58:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30873
IP address blocks:        185.71.132.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:50:04:10:ce:a2:04:db:6c:74:94:d7:3c:70:14:09:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baf79127ee34a3aee9079c8e9799c40f0dc8dca2
        Validity
            Not Before: Dec 26 19:58:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9995b4aeef18460c825930266da5e02ebf9cbe42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:3d:3d:d5:26:5d:59:87:8a:a4:4f:4b:ab:d7:
                    5a:f2:a1:51:25:60:25:8a:7e:88:6c:35:6e:c8:d7:
                    02:11:3b:be:1f:57:d8:d0:3b:1f:8a:5b:e4:3c:2d:
                    f4:b0:9e:42:d1:d8:d1:12:47:bc:1e:f2:57:16:9e:
                    d1:36:d6:ea:54:89:c9:df:3e:9b:82:e1:65:30:e4:
                    d0:8b:bb:c1:bc:2d:eb:df:20:e6:db:18:c6:0b:ad:
                    61:c1:25:90:cb:1e:73:b5:18:73:76:1c:17:94:8c:
                    28:a1:ae:9a:a9:1c:73:7e:35:69:14:f0:e5:19:ca:
                    c0:3e:e8:28:04:c2:3a:9d:5b:cd:13:90:9e:0d:69:
                    f4:60:13:0c:17:68:46:0a:5a:ef:ca:b6:4f:98:e1:
                    5e:85:c6:89:f8:88:d1:17:da:27:6c:0f:ec:3b:41:
                    e2:42:1e:63:a6:15:1b:01:5f:f1:70:87:a6:fe:1e:
                    76:85:eb:d0:8d:8a:d4:60:9e:dc:39:17:e9:f5:9d:
                    28:70:49:1f:4d:08:f7:39:f0:5d:6e:76:30:7b:ca:
                    89:65:84:ae:6f:36:4a:47:0c:e2:83:e6:ca:84:18:
                    f9:0b:cc:d5:3f:2e:24:29:5f:6b:ac:97:ef:42:c3:
                    11:7e:64:c7:4b:2d:6c:16:d0:6a:99:cc:d5:55:71:
                    d2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:95:B4:AE:EF:18:46:0C:82:59:30:26:6D:A5:E0:2E:BF:9C:BE:42
            X509v3 Authority Key Identifier:
                keyid:BA:F7:91:27:EE:34:A3:AE:E9:07:9C:8E:97:99:C4:0F:0D:C8:DC:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uveRJ-40o67pB5yOl5nEDw3I3KI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a5fc11-72b4-4f9d-aa45-a2a5a8d99db8/1/mZW0ru8YRgyCWTAmbaXgLr-cvkI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a5fc11-72b4-4f9d-aa45-a2a5a8d99db8/1/uveRJ-40o67pB5yOl5nEDw3I3KI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:12:a3:bc:35:69:0a:c8:98:c6:84:ec:ae:45:6b:d3:68:ac:
         3b:32:e1:b6:68:d6:4b:ac:12:d2:81:bc:b0:c7:51:18:62:35:
         46:f3:51:02:e4:c4:4e:76:6f:47:b3:10:f1:66:44:19:4a:f8:
         85:90:bb:0c:df:64:31:e0:03:fe:4c:9b:cd:67:7e:a1:ae:60:
         8d:d5:8a:b7:79:42:1c:7d:f9:a8:e4:1e:0e:64:e2:0d:5c:82:
         58:80:13:55:0b:76:12:ee:ad:c3:ba:d5:81:a9:36:37:bd:8f:
         2e:77:a1:38:fb:9f:04:a0:95:12:ad:db:0f:cc:3c:c4:71:49:
         a5:e5:84:3e:dd:bc:d5:9a:e1:a8:82:6f:05:02:01:b6:17:b1:
         53:43:51:a6:2b:62:6e:4e:95:e7:87:39:f9:f2:de:50:67:a5:
         7d:24:86:42:b1:63:8f:75:94:7e:f1:76:6f:c4:97:ab:17:0a:
         eb:e7:c3:72:93:13:01:ae:00:bc:24:5a:b9:dd:6d:ee:c2:7d:
         a5:c4:26:f9:51:eb:df:95:d6:60:4c:89:c8:e6:34:77:cc:13:
         49:23:04:4f:e9:a2:1a:44:09:d9:78:4c:5f:de:a2:5f:ba:69:
         db:ea:1c:0e:b2:4d:09:1a:f4:6f:a0:82:2a:7f:05:c6:00:03:
         05:29:f9:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVQBBDOogTbbHSU1zxwFAkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhZjc5MTI3ZWUzNGEzYWVlOTA3OWM4ZTk3OTljNDBmMGRj
OGRjYTIwHhcNMjIxMjI2MTk1ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTk1YjRhZWVmMTg0NjBjODI1OTMwMjY2ZGE1ZTAyZWJmOWNiZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz091SZdWYeKpE9Lq9da8qFRJWAl
in6IbDVuyNcCETu+H1fY0DsfilvkPC30sJ5C0djREke8HvJXFp7RNtbqVInJ3z6b
guFlMOTQi7vBvC3r3yDm2xjGC61hwSWQyx5ztRhzdhwXlIwooa6aqRxzfjVpFPDl
GcrAPugoBMI6nVvNE5CeDWn0YBMMF2hGClrvyrZPmOFehcaJ+IjRF9onbA/sO0Hi
Qh5jphUbAV/xcIem/h52hevQjYrUYJ7cORfp9Z0ocEkfTQj3OfBdbnYwe8qJZYSu
bzZKRwzig+bKhBj5C8zVPy4kKV9rrJfvQsMRfmTHSy1sFtBqmczVVXHSmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmVtK7vGEYMglkwJm2l4C6/nL5CMB8GA1UdIwQY
MBaAFLr3kSfuNKOu6QecjpeZxA8NyNyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXZlUkotNDBvNjdwQjV5T2w1bkVEdzNJM0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hNWZjMTEtNzJiNC00ZjlkLWFhNDUt
YTJhNWE4ZDk5ZGI4LzEvbVpXMHJ1OFlSZ3lDV1RBbWJhWGdMci1jdmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hNWZjMTEtNzJiNC00ZjlkLWFhNDUtYTJhNWE4ZDk5ZGI4
LzEvdXZlUkotNDBvNjdwQjV5T2w1bkVEdzNJM0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUeEMA0G
CSqGSIb3DQEBCwUAA4IBAQCUEqO8NWkKyJjGhOyuRWvTaKw7MuG2aNZLrBLSgbyw
x1EYYjVG81EC5MROdm9HsxDxZkQZSviFkLsM32Qx4AP+TJvNZ36hrmCN1Yq3eUIc
ffmo5B4OZOINXIJYgBNVC3YS7q3DutWBqTY3vY8ud6E4+58EoJUSrdsPzDzEcUml
5YQ+3bzVmuGogm8FAgG2F7FTQ1GmK2JuTpXnhzn58t5QZ6V9JIZCsWOPdZR+8XZv
xJerFwrr58NykxMBrgC8JFq53W3uwn2lxCb5UevfldZgTInI5jR3zBNJIwRP6aIa
RAnZeExf3qJfumnb6hwOsk0JGvRvoIIqfwXGAAMFKflu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:27 2024 by rpki-client on console-ams.rpki-client.org