Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/8g7LkqE_1wvHmEVYG1jl85S8SWg.roa
File:                     8g7LkqE_1wvHmEVYG1jl85S8SWg.roa (raw, json)
Hash identifier:          YPworlPnFekOOLToelkcHTl7kWTJgoGWhjShavlvgrc=
Subject key identifier:   F2:0E:CB:92:A1:3F:D7:0B:C7:98:45:58:1B:58:E5:F3:94:BC:49:68
Certificate issuer:       /CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
Certificate serial:       0A441DB7
Authority key identifier: 8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/8g7LkqE_1wvHmEVYG1jl85S8SWg.roa
Signing time:             Sat 01 Jan 2022 08:03:50 +0000
ROA not before:           Sat 01 Jan 2022 08:03:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198239
IP address blocks:        185.198.76.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 172236215 (0xa441db7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
        Validity
            Not Before: Jan  1 08:03:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f20ecb92a13fd70bc79845581b58e5f394bc4968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:61:a3:d4:5f:f0:f5:0c:59:87:24:6e:f7:6b:
                    fe:d4:d8:b6:cd:69:3d:63:9b:9b:e5:b6:2f:ba:f7:
                    81:1d:db:95:1d:9d:65:a4:d4:6c:5a:f2:11:a3:38:
                    82:15:53:81:d6:5e:98:0a:fd:39:f8:a6:ca:d4:fb:
                    f8:25:ac:c2:8e:25:98:42:9e:b4:a7:b4:e2:49:6a:
                    31:cd:69:15:fd:f3:2f:f8:1f:62:0b:3f:3c:2d:32:
                    1d:2e:9b:9e:84:15:a0:5a:f3:3e:09:d6:e9:ca:c2:
                    3c:c7:e1:7d:09:e1:22:94:8a:62:f2:27:08:32:6a:
                    08:ec:29:7b:69:7d:62:d5:d2:a6:3c:61:7f:77:bf:
                    29:df:ac:8d:72:9f:24:b2:45:57:17:72:32:65:30:
                    7f:a1:d1:16:a6:86:99:86:58:7f:f6:95:11:07:72:
                    d8:2d:2b:ef:14:0c:4d:39:07:9e:fe:23:66:c3:2c:
                    b4:b6:5c:29:0d:93:5e:69:35:b1:30:d5:82:07:f6:
                    81:a7:23:9b:b7:fc:01:c5:ab:99:ce:1f:f3:b6:f8:
                    44:b9:66:43:a8:3a:eb:bd:cb:ca:e9:d0:15:93:d8:
                    b1:25:e7:a3:aa:be:d5:ca:0c:70:ea:b6:6b:d6:e6:
                    7f:34:88:a8:2e:2c:8e:e9:25:0e:3b:b9:92:02:f7:
                    fe:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:0E:CB:92:A1:3F:D7:0B:C7:98:45:58:1B:58:E5:F3:94:BC:49:68
            X509v3 Authority Key Identifier:
                keyid:8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/8g7LkqE_1wvHmEVYG1jl85S8SWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/jX3LNj2aw0vcm2mA8mht0hnVAlc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.198.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4f:9c:97:90:90:70:cb:88:fc:94:cf:00:5f:96:9a:7c:dd:aa:
         e9:dd:a1:e2:bd:57:05:42:11:6c:0e:72:1e:24:17:ab:d2:a3:
         5c:84:17:f0:20:a2:19:cc:9b:5a:ae:dc:0f:db:0e:d8:fe:4b:
         6e:91:34:f9:6d:8c:c9:ec:d4:e9:c7:11:85:3f:27:9c:93:ee:
         c1:b7:b7:68:bd:1a:d1:93:92:bf:6d:28:4c:3c:c1:8e:9d:dd:
         0b:4d:56:d6:e4:bc:be:c1:8c:d3:b7:c6:76:72:21:73:cd:2c:
         82:a6:e1:7c:79:73:9d:f8:21:a5:55:fd:10:ce:f1:d0:e7:ac:
         9a:a2:94:f9:88:55:37:48:a8:4e:a3:53:df:03:c0:6e:80:fa:
         be:63:15:0b:eb:55:66:8f:fd:2d:a5:16:4a:31:cb:9a:7c:73:
         57:93:52:95:37:18:6c:7b:d6:49:d2:ce:20:3a:b4:69:b4:7e:
         5d:03:b7:d5:0f:ba:d8:e1:9b:83:cf:00:fc:ac:cd:40:4c:74:
         80:e3:a9:2e:1a:fd:e2:18:87:c3:32:80:09:3d:ab:4e:fc:b2:
         5d:78:20:7b:46:48:05:f0:0d:da:c2:95:8d:a4:1e:94:26:b3:
         d9:ae:e6:20:02:d1:3e:ab:9e:cb:95:8d:cd:aa:54:3f:04:5d:
         88:5b:23:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECkQdtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDdkY2IzNjNkOWFjMzRiZGM5YjY5ODBmMjY4NmRkMjE5ZDUwMjU3MB4XDTIyMDEw
MTA4MDM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIwZWNiOTJhMTNm
ZDcwYmM3OTg0NTU4MWI1OGU1ZjM5NGJjNDk2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVho9Rf8PUMWYckbvdr/tTYts1pPWObm+W2L7r3gR3blR2d
ZaTUbFryEaM4ghVTgdZemAr9OfimytT7+CWswo4lmEKetKe04klqMc1pFf3zL/gf
Ygs/PC0yHS6bnoQVoFrzPgnW6crCPMfhfQnhIpSKYvInCDJqCOwpe2l9YtXSpjxh
f3e/Kd+sjXKfJLJFVxdyMmUwf6HRFqaGmYZYf/aVEQdy2C0r7xQMTTkHnv4jZsMs
tLZcKQ2TXmk1sTDVggf2gacjm7f8AcWrmc4f87b4RLlmQ6g6673LyunQFZPYsSXn
o6q+1coMcOq2a9bmfzSIqC4sjuklDju5kgL3/qMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTyDsuSoT/XC8eYRVgbWOXzlLxJaDAfBgNVHSMEGDAWgBSNfcs2PZrDS9yb
aYDyaG3SGdUCVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pYM0xOajJhdzB2Y20ybUE4bWh0MGhuVkFsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTYvY2FkMjQ0LTM5OTUtNGQ0MS04ODZiLWFjNDYzZTIyMTk3NC8x
LzhnN0xrcUVfMXd2SG1FVllHMWpsODVTOFNXZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYv
Y2FkMjQ0LTM5OTUtNGQ0MS04ODZiLWFjNDYzZTIyMTk3NC8xL2pYM0xOajJhdzB2
Y20ybUE4bWh0MGhuVkFsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnGTDANBgkqhkiG9w0BAQsFAAOC
AQEAT5yXkJBwy4j8lM8AX5aafN2q6d2h4r1XBUIRbA5yHiQXq9KjXIQX8CCiGcyb
Wq7cD9sO2P5LbpE0+W2MyezU6ccRhT8nnJPuwbe3aL0a0ZOSv20oTDzBjp3dC01W
1uS8vsGM07fGdnIhc80sgqbhfHlznfghpVX9EM7x0OesmqKU+YhVN0ioTqNT3wPA
boD6vmMVC+tVZo/9LaUWSjHLmnxzV5NSlTcYbHvWSdLOIDq0abR+XQO31Q+62OGb
g88A/KzNQEx0gOOpLhr94hiHwzKACT2rTvyyXXgge0ZIBfAN2sKVjaQelCaz2a7m
IALRPquey5WNzapUPwRdiFsjUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:46 2024 by rpki-client on console-ams.rpki-client.org