Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/39a47f-1bfd-440e-b4ef-b0701b8b40c7/1/F4mjNjo7JrHu6vCwFmBmSMJ6cWc.roa
File:                     F4mjNjo7JrHu6vCwFmBmSMJ6cWc.roa (raw, json)
Hash identifier:          AHaK0iUk9Csxbp3rwGicQOJWP/0Sfox91OYwEgqNwfk=
Subject key identifier:   17:89:A3:36:3A:3B:26:B1:EE:EA:F0:B0:16:60:66:48:C2:7A:71:67
Certificate issuer:       /CN=e33e5547aebc17a482b8cd1ee817dd8ceff6a3af
Certificate serial:       025D1E
Authority key identifier: E3:3E:55:47:AE:BC:17:A4:82:B8:CD:1E:E8:17:DD:8C:EF:F6:A3:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4z5VR668F6SCuM0e6BfdjO_2o68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/39a47f-1bfd-440e-b4ef-b0701b8b40c7/1/F4mjNjo7JrHu6vCwFmBmSMJ6cWc.roa
Signing time:             Mon 31 Jan 2022 09:38:37 +0000
ROA not before:           Mon 31 Jan 2022 09:38:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44330
IP address blocks:        185.214.92.0/24 maxlen: 24
                          185.214.93.0/24 maxlen: 24
                          2a0b:9ec0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 154910 (0x25d1e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33e5547aebc17a482b8cd1ee817dd8ceff6a3af
        Validity
            Not Before: Jan 31 09:38:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1789a3363a3b26b1eeeaf0b016606648c27a7167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:15:3d:8b:0b:7a:9f:a1:81:4e:ff:e8:b7:43:
                    9c:39:b3:3f:ae:1c:73:72:88:2e:bb:9e:64:1d:83:
                    d8:01:8d:4e:ee:d0:fa:0b:9a:fd:27:b9:89:3f:6a:
                    67:e4:a6:32:c8:c8:f1:3e:fa:43:58:15:41:fd:a7:
                    ca:6f:a5:b7:a6:24:d4:02:74:25:ed:17:8a:1e:17:
                    67:1d:6d:27:23:43:ec:dd:36:7b:71:03:b7:93:21:
                    84:ab:84:27:ff:74:be:82:98:e2:17:3c:f8:2c:92:
                    11:00:bd:89:66:e4:82:38:d0:73:c5:ab:c4:f4:d2:
                    1b:a3:d1:95:8b:b1:d6:b8:a4:0f:c4:54:c1:25:87:
                    01:e7:68:93:50:9f:53:ed:06:d5:3d:96:43:4b:d7:
                    3b:65:1b:86:0e:34:c8:fb:71:ec:0d:13:b0:89:d1:
                    24:fc:42:42:c4:5c:e3:0f:87:61:4e:84:24:20:07:
                    cc:c9:3b:d2:0f:c2:e9:fc:74:43:36:e1:a9:b9:ed:
                    6a:31:a7:2d:21:d0:2a:eb:27:a7:14:e3:cf:29:86:
                    39:91:27:f8:f1:07:8b:80:03:c1:d0:31:13:f9:07:
                    1f:20:25:63:64:e5:9d:20:7e:84:e1:a1:68:0f:13:
                    a8:f9:be:94:52:f3:67:8a:a5:bc:41:b3:45:c2:7a:
                    ba:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:89:A3:36:3A:3B:26:B1:EE:EA:F0:B0:16:60:66:48:C2:7A:71:67
            X509v3 Authority Key Identifier:
                keyid:E3:3E:55:47:AE:BC:17:A4:82:B8:CD:1E:E8:17:DD:8C:EF:F6:A3:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4z5VR668F6SCuM0e6BfdjO_2o68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/39a47f-1bfd-440e-b4ef-b0701b8b40c7/1/F4mjNjo7JrHu6vCwFmBmSMJ6cWc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/39a47f-1bfd-440e-b4ef-b0701b8b40c7/1/4z5VR668F6SCuM0e6BfdjO_2o68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.214.92.0/23
                IPv6:
                  2a0b:9ec0::/32

    Signature Algorithm: sha256WithRSAEncryption
         d2:35:ae:0e:05:04:0b:90:8f:8c:b9:db:db:55:ef:43:f9:4d:
         4b:95:3c:de:12:7e:a5:e7:7f:61:f3:1f:db:23:5d:68:79:e4:
         ba:de:ba:a8:cf:d6:45:dc:6f:25:0c:1b:31:70:79:61:ff:32:
         cd:71:38:bc:79:a9:45:2d:91:0f:0f:17:38:97:8a:3a:41:9e:
         80:ee:c8:0e:b8:5e:75:c4:26:41:3d:ea:d8:ba:16:4c:eb:95:
         2c:d4:f8:8a:e8:1d:74:72:f4:45:97:b5:00:bb:a5:20:58:b3:
         f6:2b:2c:d2:cb:d9:d7:0b:09:c6:ef:42:20:c7:fe:9e:d8:36:
         20:85:d4:cf:90:fb:a3:61:51:65:78:53:4c:34:69:91:1b:8a:
         7c:e3:90:e3:91:9c:94:16:e2:90:19:17:97:93:90:d2:2a:20:
         0c:eb:1e:bc:8e:49:2d:2e:b9:82:e0:3b:72:3f:b7:0c:e1:a0:
         a3:60:a7:70:25:8f:7c:f5:7b:3f:8e:05:26:a0:ca:9c:55:cc:
         f9:38:93:b6:78:b8:ca:a6:6b:c5:8f:73:76:fe:3f:5b:3b:0d:
         03:e0:de:80:a9:bc:2f:96:39:0a:f0:65:b5:a0:3b:4d:12:9c:
         02:37:c6:d6:1a:e3:84:04:e6:91:7f:b9:ae:5c:d1:58:9b:4f:
         de:19:1f:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAl0eMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUz
M2U1NTQ3YWViYzE3YTQ4MmI4Y2QxZWU4MTdkZDhjZWZmNmEzYWYwHhcNMjIwMTMx
MDkzODM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxNzg5YTMzNjNhM2Iy
NmIxZWVlYWYwYjAxNjYwNjY0OGMyN2E3MTY3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1RU9iwt6n6GBTv/ot0OcObM/rhxzcoguu55kHYPYAY1O7tD6
C5r9J7mJP2pn5KYyyMjxPvpDWBVB/afKb6W3piTUAnQl7ReKHhdnHW0nI0Ps3TZ7
cQO3kyGEq4Qn/3S+gpjiFzz4LJIRAL2JZuSCONBzxavE9NIbo9GVi7HWuKQPxFTB
JYcB52iTUJ9T7QbVPZZDS9c7ZRuGDjTI+3HsDROwidEk/EJCxFzjD4dhToQkIAfM
yTvSD8Lp/HRDNuGpue1qMactIdAq6yenFOPPKYY5kSf48QeLgAPB0DET+QcfICVj
ZOWdIH6E4aFoDxOo+b6UUvNniqW8QbNFwnq6nQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFBeJozY6Oyax7urwsBZgZkjCenFnMB8GA1UdIwQYMBaAFOM+VUeuvBekgrjN
HugX3Yzv9qOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NHo1VlI2NjhGNlNDdU0wZTZCZmRqT18ybzY4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85NS8zOWE0N2YtMWJmZC00NDBlLWI0ZWYtYjA3MDFiOGI0MGM3LzEv
RjRtak5qbzdKckh1NnZDd0ZtQm1TTUo2Y1djLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8z
OWE0N2YtMWJmZC00NDBlLWI0ZWYtYjA3MDFiOGI0MGM3LzEvNHo1VlI2NjhGNlND
dU0wZTZCZmRqT18ybzY4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBudZcMA0EAgACMAcDBQAqC57AMA0G
CSqGSIb3DQEBCwUAA4IBAQDSNa4OBQQLkI+MudvbVe9D+U1LlTzeEn6l539h8x/b
I11oeeS63rqoz9ZF3G8lDBsxcHlh/zLNcTi8ealFLZEPDxc4l4o6QZ6A7sgOuF51
xCZBPerYuhZM65Us1PiK6B10cvRFl7UAu6UgWLP2KyzSy9nXCwnG70Igx/6e2DYg
hdTPkPujYVFleFNMNGmRG4p845DjkZyUFuKQGReXk5DSKiAM6x68jkktLrmC4Dty
P7cM4aCjYKdwJY989Xs/jgUmoMqcVcz5OJO2eLjKpmvFj3N2/j9bOw0D4N6Aqbwv
ljkK8GW1oDtNEpwCN8bWGuOEBOaRf7muXNFYm0/eGR9d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:48 2024 by rpki-client on console-fra.rpki-client.org