Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/1WnbMxT2YIgOvDmNyDa3fSOsxNI.roa
File:                     1WnbMxT2YIgOvDmNyDa3fSOsxNI.roa (raw, json)
Hash identifier:          hJS51mcuYrDkKmBQfMFUCKCuPrL0wlRorlR/iB6nib4=
Subject key identifier:   D5:69:DB:33:14:F6:60:88:0E:BC:39:8D:C8:36:B7:7D:23:AC:C4:D2
Certificate issuer:       /CN=8f5ea8379bca44f4f6a7f4b69864cd9b02a27b12
Certificate serial:       0BB7209E
Authority key identifier: 8F:5E:A8:37:9B:CA:44:F4:F6:A7:F4:B6:98:64:CD:9B:02:A2:7B:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j16oN5vKRPT2p_S2mGTNmwKiexI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/1WnbMxT2YIgOvDmNyDa3fSOsxNI.roa
Signing time:             Sat 01 Jan 2022 04:55:27 +0000
ROA not before:           Sat 01 Jan 2022 04:55:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43395
IP address blocks:        185.46.108.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 196550814 (0xbb7209e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f5ea8379bca44f4f6a7f4b69864cd9b02a27b12
        Validity
            Not Before: Jan  1 04:55:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d569db3314f660880ebc398dc836b77d23acc4d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:42:dd:8e:c1:ca:c9:2f:c8:f8:22:3e:4a:9d:
                    9c:bc:74:ca:73:99:08:7e:89:5e:3d:81:40:36:57:
                    57:44:f4:e3:c4:8b:5c:5b:b6:d0:8f:eb:3c:6d:4b:
                    f9:46:18:35:ba:2e:23:59:dd:13:2e:8d:55:df:19:
                    f0:3a:d0:bf:9b:e2:44:6f:76:aa:9d:99:51:f1:00:
                    b7:14:fc:4c:5c:c3:1c:e9:ff:d4:ce:7a:8c:ba:7b:
                    d0:8e:60:bf:48:ba:5b:90:34:aa:72:ef:10:76:65:
                    e1:a4:a3:10:04:99:e3:bf:72:a8:21:5a:45:14:e8:
                    40:ff:f2:2c:87:f8:43:20:c4:bf:ce:6a:1f:bc:3d:
                    65:a2:b8:ac:6d:7a:7e:fc:30:5c:7b:99:ec:c3:75:
                    65:2d:2a:f5:14:d1:c1:6b:ce:ba:ef:3c:e7:88:8c:
                    fa:33:43:de:8d:8d:80:45:00:a9:85:a7:ae:5a:a2:
                    74:bf:73:d8:ad:90:3c:32:8d:8d:c2:8b:b1:7c:9f:
                    5b:0c:3f:86:bb:53:fa:71:8b:46:e9:72:af:94:85:
                    1a:04:14:ae:b6:cc:c5:d9:ab:5f:48:7a:59:12:1d:
                    fb:64:88:d9:18:51:77:ed:0f:8f:33:c5:c9:51:b2:
                    5d:22:1b:88:82:5e:24:33:b9:36:73:7f:9b:69:df:
                    e4:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:69:DB:33:14:F6:60:88:0E:BC:39:8D:C8:36:B7:7D:23:AC:C4:D2
            X509v3 Authority Key Identifier:
                keyid:8F:5E:A8:37:9B:CA:44:F4:F6:A7:F4:B6:98:64:CD:9B:02:A2:7B:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j16oN5vKRPT2p_S2mGTNmwKiexI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/1WnbMxT2YIgOvDmNyDa3fSOsxNI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/j16oN5vKRPT2p_S2mGTNmwKiexI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:05:d3:7c:28:3d:a1:64:e0:1a:0a:22:b4:9d:4c:32:b6:af:
         ad:57:50:c0:08:57:93:05:63:b1:50:d8:a2:54:bd:15:4b:a1:
         51:ee:fc:13:3f:28:58:5a:8d:3b:11:d7:f0:fd:8d:91:1e:92:
         e7:a3:e9:36:07:85:3c:52:18:72:76:da:a9:00:14:37:4c:e8:
         57:78:a2:04:b9:de:5f:8d:ac:b9:95:ca:8e:a1:ea:29:1c:0d:
         b5:37:e1:35:9e:40:2d:09:d9:a5:2d:d0:fb:fa:67:4f:f4:43:
         84:0f:56:31:86:f6:d4:3d:d0:a0:dc:59:f3:08:d0:af:a1:80:
         05:d0:16:58:e5:d8:97:71:4a:ab:ce:18:ab:b4:29:e3:f4:1b:
         e6:07:b9:d2:cf:5c:19:04:9a:95:f3:14:86:d1:13:23:b7:43:
         d1:02:35:be:31:2c:d7:3e:68:77:b6:65:d0:49:a6:32:24:9e:
         dd:10:b7:b5:32:c6:be:51:ae:63:a1:bd:0c:17:bb:a9:cc:32:
         db:ba:d0:4b:a7:26:f0:03:db:bb:9a:93:34:f4:4d:d1:c9:99:
         28:1a:24:f3:9e:57:b3:37:03:85:8d:47:4e:67:dd:85:00:35:
         28:75:78:db:75:ec:58:92:f5:73:21:91:57:cd:56:75:b2:ac:
         0c:3d:ab:5c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC7cgnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjVlYTgzNzliY2E0NGY0ZjZhN2Y0YjY5ODY0Y2Q5YjAyYTI3YjEyMB4XDTIyMDEw
MTA0NTUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU2OWRiMzMxNGY2
NjA4ODBlYmMzOThkYzgzNmI3N2QyM2FjYzRkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdC3Y7ByskvyPgiPkqdnLx0ynOZCH6JXj2BQDZXV0T048SL
XFu20I/rPG1L+UYYNbouI1ndEy6NVd8Z8DrQv5viRG92qp2ZUfEAtxT8TFzDHOn/
1M56jLp70I5gv0i6W5A0qnLvEHZl4aSjEASZ479yqCFaRRToQP/yLIf4QyDEv85q
H7w9ZaK4rG16fvwwXHuZ7MN1ZS0q9RTRwWvOuu8854iM+jND3o2NgEUAqYWnrlqi
dL9z2K2QPDKNjcKLsXyfWww/hrtT+nGLRulyr5SFGgQUrrbMxdmrX0h6WRId+2SI
2RhRd+0PjzPFyVGyXSIbiIJeJDO5NnN/m2nf5FkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVadszFPZgiA68OY3INrd9I6zE0jAfBgNVHSMEGDAWgBSPXqg3m8pE9Pan
9LaYZM2bAqJ7EjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2oxNm9ONXZLUlBUMnBfUzJtR1RObXdLaWV4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvNDAyZDQzLWU5OWMtNDExMi1hMDM4LWVjYmI5NDQyZjU4OS8x
LzFXbmJNeFQyWUlnT3ZEbU55RGEzZlNPc3hOSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
NDAyZDQzLWU5OWMtNDExMi1hMDM4LWVjYmI5NDQyZjU4OS8xL2oxNm9ONXZLUlBU
MnBfUzJtR1RObXdLaWV4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkubDANBgkqhkiG9w0BAQsFAAOC
AQEACAXTfCg9oWTgGgoitJ1MMravrVdQwAhXkwVjsVDYolS9FUuhUe78Ez8oWFqN
OxHX8P2NkR6S56PpNgeFPFIYcnbaqQAUN0zoV3iiBLneX42suZXKjqHqKRwNtTfh
NZ5ALQnZpS3Q+/pnT/RDhA9WMYb21D3QoNxZ8wjQr6GABdAWWOXYl3FKq84Yq7Qp
4/Qb5ge50s9cGQSalfMUhtETI7dD0QI1vjEs1z5od7Zl0EmmMiSe3RC3tTLGvlGu
Y6G9DBe7qcwy27rQS6cm8APbu5qTNPRN0cmZKBok855XszcDhY1HTmfdhQA1KHV4
23XsWJL1cyGRV81WdbKsDD2rXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:52 2024 by rpki-client on console-ams.rpki-client.org