Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/MoaSdgScCQG5ZEHn9C05NUIVgkc.roa
File:                     MoaSdgScCQG5ZEHn9C05NUIVgkc.roa (raw, json)
Hash identifier:          1h4dK86VYzIyGMyVn8sOqvrDe0bA+m7BRmLQqB4mhXc=
Subject key identifier:   32:86:92:76:04:9C:09:01:B9:64:41:E7:F4:2D:39:35:42:15:82:47
Certificate issuer:       /CN=04560bea392eaf69208ab705ef405cf78684176b
Certificate serial:       06452007
Authority key identifier: 04:56:0B:EA:39:2E:AF:69:20:8A:B7:05:EF:40:5C:F7:86:84:17:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BFYL6jkur2kgircF70Bc94aEF2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/MoaSdgScCQG5ZEHn9C05NUIVgkc.roa
Signing time:             Sat 01 Jan 2022 00:55:15 +0000
ROA not before:           Sat 01 Jan 2022 00:55:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     395363
IP address blocks:        185.173.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 105193479 (0x6452007)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04560bea392eaf69208ab705ef405cf78684176b
        Validity
            Not Before: Jan  1 00:55:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32869276049c0901b96441e7f42d393542158247
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:bf:de:4f:3c:54:93:04:e6:ed:71:fd:86:a2:
                    66:d7:a9:53:41:28:d6:d8:05:3f:e8:47:b5:78:02:
                    8c:a8:55:25:e7:39:b7:ec:af:6a:4d:c4:09:05:2d:
                    1e:99:3e:30:f1:66:b1:7c:08:e0:bf:b9:48:4f:4d:
                    6a:c3:a5:d1:5a:40:61:06:20:3f:bf:4e:32:17:de:
                    40:f3:99:2b:8e:30:08:13:8c:27:46:e6:32:ff:ed:
                    84:cd:7f:71:bd:78:81:b3:bd:f3:30:da:06:2e:34:
                    5f:f1:ba:71:4f:23:0f:4c:d7:8a:fc:1a:92:6f:c5:
                    95:b2:6c:c6:a1:a2:1c:ad:4a:c3:3b:05:7d:13:38:
                    d2:c8:71:36:b8:38:a2:a4:dc:48:8a:89:06:1f:c2:
                    14:89:40:9e:a0:4e:18:d1:89:7c:e4:49:5b:99:73:
                    18:59:a2:f6:fb:10:64:51:db:28:37:e6:f3:07:0f:
                    27:61:5d:e3:91:14:ec:ab:92:ba:4b:2c:14:89:66:
                    62:6f:07:dd:b6:c7:04:19:41:cf:6a:73:f9:82:db:
                    c4:93:6d:8f:f0:f2:9c:55:ad:f6:70:67:e8:e4:8f:
                    b5:38:97:ee:f2:8a:c2:ec:7d:a2:e3:3f:cc:94:b2:
                    5a:28:80:bf:1d:e1:5a:09:e3:ea:7e:42:bb:b4:ee:
                    f6:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:86:92:76:04:9C:09:01:B9:64:41:E7:F4:2D:39:35:42:15:82:47
            X509v3 Authority Key Identifier:
                keyid:04:56:0B:EA:39:2E:AF:69:20:8A:B7:05:EF:40:5C:F7:86:84:17:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BFYL6jkur2kgircF70Bc94aEF2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/MoaSdgScCQG5ZEHn9C05NUIVgkc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.173.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:a7:3c:98:17:56:bb:8b:fa:ee:7b:ad:0e:ff:b4:1b:5f:06:
         7d:66:ee:a6:70:a5:5b:71:13:fe:3b:09:6a:27:9d:0b:4c:e9:
         d3:6f:f6:c4:60:8c:a0:81:0e:5c:81:6c:81:72:be:3a:3b:68:
         67:9b:20:ce:5f:f1:a9:a2:82:02:cd:ec:d7:f1:0c:b6:8b:db:
         f6:18:e1:e2:93:48:bf:15:1b:8f:ce:53:d6:60:7a:ca:b7:18:
         73:ff:4f:b9:94:00:01:83:47:78:c0:39:23:ab:20:82:9f:71:
         0f:59:65:b1:ec:99:54:1b:ec:9b:ca:e5:7f:cf:a9:06:03:a5:
         21:bd:0d:01:68:e3:45:b4:a4:09:66:4a:fe:36:6c:80:ca:dd:
         77:82:42:df:8a:15:66:32:be:dc:1c:10:11:82:00:b0:77:2b:
         8b:52:4c:d4:a7:6f:23:29:e5:d0:8f:6e:fc:3e:69:4f:b6:f3:
         be:dd:ae:ac:3d:da:4b:e1:6e:44:a9:4e:04:ef:17:64:90:4d:
         b4:f0:8b:06:49:b4:55:2b:1f:b6:ef:eb:16:25:9b:ff:b7:cc:
         95:9a:95:56:43:52:7a:18:5f:f4:f2:af:9d:8f:8a:ec:60:27:
         70:b3:50:12:d2:ce:15:26:59:b2:58:7c:66:b0:94:1e:31:5e:
         92:1e:61:ed
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBkUgBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDU2MGJlYTM5MmVhZjY5MjA4YWI3MDVlZjQwNWNmNzg2ODQxNzZiMB4XDTIyMDEw
MTAwNTUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI4NjkyNzYwNDlj
MDkwMWI5NjQ0MWU3ZjQyZDM5MzU0MjE1ODI0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMi/3k88VJME5u1x/YaiZtepU0Eo1tgFP+hHtXgCjKhVJec5
t+yvak3ECQUtHpk+MPFmsXwI4L+5SE9NasOl0VpAYQYgP79OMhfeQPOZK44wCBOM
J0bmMv/thM1/cb14gbO98zDaBi40X/G6cU8jD0zXivwakm/FlbJsxqGiHK1KwzsF
fRM40shxNrg4oqTcSIqJBh/CFIlAnqBOGNGJfORJW5lzGFmi9vsQZFHbKDfm8wcP
J2Fd45EU7KuSukssFIlmYm8H3bbHBBlBz2pz+YLbxJNtj/DynFWt9nBn6OSPtTiX
7vKKwux9ouM/zJSyWiiAvx3hWgnj6n5Cu7Tu9m8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQyhpJ2BJwJAblkQef0LTk1QhWCRzAfBgNVHSMEGDAWgBQEVgvqOS6vaSCK
twXvQFz3hoQXazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JGWUw2amt1cjJrZ2lyY0Y3MEJjOTRhRUYycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvY2U0YTRlLWIxYTMtNDVmNC1hMjdjLWUxYWNhMDEwNjJmZi8x
L01vYVNkZ1NjQ1FHNVpFSG45QzA1TlVJVmdrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
Y2U0YTRlLWIxYTMtNDVmNC1hMjdjLWUxYWNhMDEwNjJmZi8xL0JGWUw2amt1cjJr
Z2lyY0Y3MEJjOTRhRUYycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmtuDANBgkqhkiG9w0BAQsFAAOC
AQEAGKc8mBdWu4v67nutDv+0G18GfWbupnClW3ET/jsJaiedC0zp02/2xGCMoIEO
XIFsgXK+OjtoZ5sgzl/xqaKCAs3s1/EMtovb9hjh4pNIvxUbj85T1mB6yrcYc/9P
uZQAAYNHeMA5I6sggp9xD1llseyZVBvsm8rlf8+pBgOlIb0NAWjjRbSkCWZK/jZs
gMrdd4JC34oVZjK+3BwQEYIAsHcri1JM1KdvIynl0I9u/D5pT7bzvt2urD3aS+Fu
RKlOBO8XZJBNtPCLBkm0VSsftu/rFiWb/7fMlZqVVkNSehhf9PKvnY+K7GAncLNQ
EtLOFSZZslh8ZrCUHjFekh5h7Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:45 2023 by rpki-client on console-ams.rpki-client.org