Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/SUzTJwpsoep1HJ6QByrz10cPYO0.roa
File:                     SUzTJwpsoep1HJ6QByrz10cPYO0.roa (raw, json)
Hash identifier:          lqoaIfWtNL5nxqvKwzvvyvGsB2XfZAl5wuP3GdR+jq0=
Subject key identifier:   49:4C:D3:27:0A:6C:A1:EA:75:1C:9E:90:07:2A:F3:D7:47:0F:60:ED
Certificate issuer:       /CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Certificate serial:       05614E34
Authority key identifier: 65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/SUzTJwpsoep1HJ6QByrz10cPYO0.roa
Signing time:             Sat 01 Jan 2022 01:50:35 +0000
ROA not before:           Sat 01 Jan 2022 01:50:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59397
IP address blocks:        185.75.130.0/24 maxlen: 24
                          185.75.131.0/24 maxlen: 24
                          2a03:4d22::/32 maxlen: 32
                          2a03:4d25::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90263092 (0x5614e34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
        Validity
            Not Before: Jan  1 01:50:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=494cd3270a6ca1ea751c9e90072af3d7470f60ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:f0:31:b0:27:82:ce:90:49:fe:e7:5b:cb:65:
                    cf:9e:86:56:61:49:7f:e7:8d:24:37:93:bb:e2:94:
                    59:90:52:fd:de:12:db:ac:df:a4:33:91:15:17:10:
                    29:fd:5a:04:9f:4e:2f:97:7b:d7:1c:d1:aa:eb:5c:
                    82:92:e6:37:86:9f:06:e9:6b:fb:db:6c:58:1c:a7:
                    ed:0e:bc:4a:b8:63:c6:35:8f:3f:63:c2:25:5b:ca:
                    5a:a3:9b:e6:9a:30:3e:05:98:2b:9f:b5:e1:3d:be:
                    9f:26:e2:df:d3:82:09:2c:95:1a:55:95:23:d7:1b:
                    51:1e:e8:c2:7d:7d:5a:11:8b:bd:29:0f:24:de:fb:
                    a2:b4:8a:d7:16:9f:ad:7a:61:e9:9b:93:d5:91:dd:
                    38:2d:4f:d3:f1:2b:d3:cc:22:54:a7:34:dc:bc:67:
                    6e:08:99:26:51:43:61:5f:bc:29:5f:b5:10:b8:4c:
                    9f:d4:c7:ad:53:71:ff:58:fb:b8:87:71:5b:bd:1c:
                    9f:80:c4:df:59:a1:09:ec:5b:79:d0:ea:49:3e:bf:
                    03:3c:a9:5a:11:08:93:89:88:63:38:71:c2:10:51:
                    cc:c9:d6:75:b0:13:23:5a:c6:e6:63:d3:73:49:bd:
                    2a:fb:e3:48:3a:13:82:8a:97:89:7f:e0:bf:75:e3:
                    48:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:4C:D3:27:0A:6C:A1:EA:75:1C:9E:90:07:2A:F3:D7:47:0F:60:ED
            X509v3 Authority Key Identifier:
                keyid:65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/SUzTJwpsoep1HJ6QByrz10cPYO0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.75.130.0/23
                IPv6:
                  2a03:4d22::/32
                  2a03:4d25::/32

    Signature Algorithm: sha256WithRSAEncryption
         70:40:94:c6:2d:f4:fe:0f:e0:e7:ce:4e:a1:21:59:fd:eb:28:
         87:6e:47:c3:37:c2:ed:39:d9:e1:ae:8f:8e:35:49:48:0b:3d:
         e8:89:85:e7:00:68:ef:87:91:97:92:79:c4:c6:ab:53:f8:6e:
         f0:8c:e6:8c:a9:bf:24:dc:bc:6f:7c:84:83:e1:ab:08:ff:8c:
         3b:6c:56:b0:10:24:10:83:df:9f:c3:23:96:d3:8d:f9:52:8e:
         80:76:b9:71:ca:5f:97:7d:05:f2:2b:14:13:ef:23:84:27:50:
         7c:6f:54:9d:73:49:13:75:95:62:f1:22:8c:a5:9e:06:27:8a:
         b5:4f:bf:09:b1:19:18:1a:b8:d0:3a:91:7a:19:76:b3:da:4b:
         c8:3f:4f:91:2b:a9:3a:4a:30:5c:ee:36:fb:f4:34:20:82:66:
         26:56:24:a7:24:15:8d:e9:5e:00:c6:ef:57:80:cf:8a:e2:dc:
         a1:4c:11:5c:4a:fb:62:33:9c:c1:9a:a4:6f:4d:e7:ef:4e:b3:
         02:0e:fb:48:65:f8:c5:a5:ba:51:a7:dd:88:10:15:ab:e9:62:
         0a:3e:f5:0d:7b:12:e7:06:44:21:18:d6:e6:df:b6:d8:29:8e:
         b9:98:cf:07:ea:a7:14:3a:e5:ac:b2:52:b0:ff:1f:88:49:db:
         a6:f3:3b:24
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEBWFONDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTIyNmVlNWVhMDQwNjU5MmRmOTc1YzZmNGM4NGYxMGYxNGQxNWNiMB4XDTIyMDEw
MTAxNTAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk0Y2QzMjcwYTZj
YTFlYTc1MWM5ZTkwMDcyYWYzZDc0NzBmNjBlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnwMbAngs6QSf7nW8tlz56GVmFJf+eNJDeTu+KUWZBS/d4S
26zfpDORFRcQKf1aBJ9OL5d71xzRqutcgpLmN4afBulr+9tsWByn7Q68SrhjxjWP
P2PCJVvKWqOb5powPgWYK5+14T2+nybi39OCCSyVGlWVI9cbUR7own19WhGLvSkP
JN77orSK1xafrXph6ZuT1ZHdOC1P0/Er08wiVKc03LxnbgiZJlFDYV+8KV+1ELhM
n9THrVNx/1j7uIdxW70cn4DE31mhCexbedDqST6/AzypWhEIk4mIYzhxwhBRzMnW
dbATI1rG5mPTc0m9KvvjSDoTgoqXiX/gv3XjSGUCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRJTNMnCmyh6nUcnpAHKvPXRw9g7TAfBgNVHSMEGDAWgBRlIm7l6gQGWS35
dcb0yE8Q8U0VyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pTSnU1ZW9FQmxrdC1YWEc5TWhQRVBGTkZjcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvNTk0ZmE4LWQzMTUtNGEzOC1hNjMxLWRlYzAyNDg4YzM3Yy8x
L1NVelRKd3Bzb2VwMUhKNlFCeXJ6MTBjUFlPMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
NTk0ZmE4LWQzMTUtNGEzOC1hNjMxLWRlYzAyNDg4YzM3Yy8xL1pTSnU1ZW9FQmxr
dC1YWEc5TWhQRVBGTkZjcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgMEAblLgjAUBAIAAjAOAwUAKgNNIgMF
ACoDTSUwDQYJKoZIhvcNAQELBQADggEBAHBAlMYt9P4P4OfOTqEhWf3rKIduR8M3
wu052eGuj441SUgLPeiJhecAaO+HkZeSecTGq1P4bvCM5oypvyTcvG98hIPhqwj/
jDtsVrAQJBCD35/DI5bTjflSjoB2uXHKX5d9BfIrFBPvI4QnUHxvVJ1zSRN1lWLx
IoylngYnirVPvwmxGRgauNA6kXoZdrPaS8g/T5ErqTpKMFzuNvv0NCCCZiZWJKck
FY3pXgDG71eAz4ri3KFMEVxK+2IznMGapG9N5+9OswIO+0hl+MWlulGn3YgQFavp
Ygo+9Q17EucGRCEY1ubfttgpjrmYzwfqpxQ65ayyUrD/H4hJ26bzOyQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:40 2024 by rpki-client on console-fra.rpki-client.org