Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/320797-b810-4f8e-8e7c-83c38b777478/1/UQLhjo71LMZBqaKMD5ZXLIDZv_I.roa
File:                     UQLhjo71LMZBqaKMD5ZXLIDZv_I.roa (raw, json)
Hash identifier:          6Nv+tKoCLmbDtnrkyDEtsMDAw/UF4t1yFSP3gZ0VAe4=
Subject key identifier:   51:02:E1:8E:8E:F5:2C:C6:41:A9:A2:8C:0F:96:57:2C:80:D9:BF:F2
Certificate issuer:       /CN=8c34e2938dd68849bb406e9eb79c893e6c12c78a
Certificate serial:       0899F144
Authority key identifier: 8C:34:E2:93:8D:D6:88:49:BB:40:6E:9E:B7:9C:89:3E:6C:12:C7:8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jDTik43WiEm7QG6et5yJPmwSx4o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/320797-b810-4f8e-8e7c-83c38b777478/1/UQLhjo71LMZBqaKMD5ZXLIDZv_I.roa
Signing time:             Sat 01 Jan 2022 14:04:33 +0000
ROA not before:           Sat 01 Jan 2022 14:04:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29119
IP address blocks:        185.237.200.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 144306500 (0x899f144)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c34e2938dd68849bb406e9eb79c893e6c12c78a
        Validity
            Not Before: Jan  1 14:04:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5102e18e8ef52cc641a9a28c0f96572c80d9bff2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:7d:2f:71:28:7c:1a:50:24:08:a6:9c:f9:47:
                    86:36:eb:be:aa:04:8a:c5:c6:8e:dd:5e:58:01:a7:
                    f6:3c:e1:1d:a0:25:56:4c:a6:db:13:37:26:16:3e:
                    d2:5f:dd:f0:4a:ad:54:25:bd:9d:12:b1:d2:42:02:
                    58:31:1a:8a:f3:1b:30:0c:11:51:b6:07:58:66:cd:
                    47:37:c6:54:dd:04:54:92:6d:89:91:3d:7e:99:4e:
                    f3:f1:f8:e5:2e:ab:54:60:c5:a8:52:f5:38:a1:d5:
                    9a:7f:30:c4:a6:0d:f4:73:5f:c1:be:19:3d:8c:88:
                    fc:5d:60:94:fc:b7:9c:b4:16:b2:bd:25:90:c2:1f:
                    f6:3d:1c:95:4e:f9:da:e6:e8:ea:18:42:f3:4d:f4:
                    88:7b:3d:58:2d:8c:ff:fe:d2:ff:dd:61:11:e8:7f:
                    e4:d1:82:61:50:00:30:6c:77:e6:da:61:7a:3e:47:
                    a4:a8:8c:40:b7:25:ff:a7:fe:e5:17:29:a7:63:76:
                    61:ea:ca:40:8a:e1:23:bf:b6:68:60:ff:e6:c1:bf:
                    59:dc:03:23:48:7a:7e:29:80:4d:58:44:6e:b1:81:
                    89:71:0f:88:2b:b3:03:91:63:3e:ac:b1:48:07:c6:
                    3f:d9:47:bc:86:ca:9e:fd:f9:6c:d2:45:f8:ad:dc:
                    e6:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:02:E1:8E:8E:F5:2C:C6:41:A9:A2:8C:0F:96:57:2C:80:D9:BF:F2
            X509v3 Authority Key Identifier:
                keyid:8C:34:E2:93:8D:D6:88:49:BB:40:6E:9E:B7:9C:89:3E:6C:12:C7:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDTik43WiEm7QG6et5yJPmwSx4o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/320797-b810-4f8e-8e7c-83c38b777478/1/UQLhjo71LMZBqaKMD5ZXLIDZv_I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/320797-b810-4f8e-8e7c-83c38b777478/1/jDTik43WiEm7QG6et5yJPmwSx4o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.237.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:00:c2:ed:dd:ee:78:bc:41:8a:9a:b5:0e:21:00:04:a5:80:
         4b:01:9b:7e:67:76:46:06:23:e1:04:68:06:a8:f2:ed:5a:14:
         0a:26:ef:7e:ab:d2:af:8b:0e:71:11:91:c1:10:20:36:0c:43:
         a3:60:9f:b2:f7:4b:22:df:52:20:6d:54:1d:ea:2b:08:f1:a9:
         b0:cc:9a:4e:49:65:85:dc:6f:c8:ed:fc:d0:73:ee:e7:67:e3:
         db:ba:56:de:c6:60:d0:c8:ab:82:38:ec:6f:bc:bb:fb:ec:34:
         72:e7:b9:a1:a0:3d:a3:6f:ab:40:cb:fc:97:61:39:51:72:42:
         87:78:59:0e:5e:00:07:51:63:8b:24:ed:31:eb:10:93:57:4e:
         e3:f7:10:5e:fe:2f:a4:79:00:cf:70:6d:b6:1f:5c:16:ae:a8:
         76:8f:87:19:54:91:0d:3e:96:bf:2f:0d:50:53:d7:01:78:ba:
         cc:3e:a7:7b:39:b2:15:3f:5b:a9:7f:9f:2f:ff:c3:b0:7c:d8:
         78:53:78:83:c7:a3:1a:07:2f:e8:43:30:89:81:e4:46:7c:91:
         b8:a1:83:57:77:bb:13:43:ca:31:3d:e6:47:41:31:76:b4:96:
         7a:da:70:75:5e:29:b9:84:d1:82:ea:59:f2:af:44:a8:9a:ab:
         1e:f4:10:70
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECJnxRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YzM0ZTI5MzhkZDY4ODQ5YmI0MDZlOWViNzljODkzZTZjMTJjNzhhMB4XDTIyMDEw
MTE0MDQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTEwMmUxOGU4ZWY1
MmNjNjQxYTlhMjhjMGY5NjU3MmM4MGQ5YmZmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJ9L3EofBpQJAimnPlHhjbrvqoEisXGjt1eWAGn9jzhHaAl
Vkym2xM3JhY+0l/d8EqtVCW9nRKx0kICWDEaivMbMAwRUbYHWGbNRzfGVN0EVJJt
iZE9fplO8/H45S6rVGDFqFL1OKHVmn8wxKYN9HNfwb4ZPYyI/F1glPy3nLQWsr0l
kMIf9j0clU752ubo6hhC8030iHs9WC2M//7S/91hEeh/5NGCYVAAMGx35tphej5H
pKiMQLcl/6f+5Rcpp2N2YerKQIrhI7+2aGD/5sG/WdwDI0h6fimATVhEbrGBiXEP
iCuzA5FjPqyxSAfGP9lHvIbKnv35bNJF+K3c5i0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRRAuGOjvUsxkGpoowPllcsgNm/8jAfBgNVHSMEGDAWgBSMNOKTjdaISbtA
bp63nIk+bBLHijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pEVGlrNDNXaUVtN1FHNmV0NXlKUG13U3g0by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvMzIwNzk3LWI4MTAtNGY4ZS04ZTdjLTgzYzM4Yjc3NzQ3OC8x
L1VRTGhqbzcxTE1aQnFhS01ENVpYTElEWnZfSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
MzIwNzk3LWI4MTAtNGY4ZS04ZTdjLTgzYzM4Yjc3NzQ3OC8xL2pEVGlrNDNXaUVt
N1FHNmV0NXlKUG13U3g0by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArntyDANBgkqhkiG9w0BAQsFAAOC
AQEAIwDC7d3ueLxBipq1DiEABKWASwGbfmd2RgYj4QRoBqjy7VoUCibvfqvSr4sO
cRGRwRAgNgxDo2CfsvdLIt9SIG1UHeorCPGpsMyaTkllhdxvyO380HPu52fj27pW
3sZg0Mirgjjsb7y7++w0cue5oaA9o2+rQMv8l2E5UXJCh3hZDl4AB1FjiyTtMesQ
k1dO4/cQXv4vpHkAz3Btth9cFq6odo+HGVSRDT6Wvy8NUFPXAXi6zD6nezmyFT9b
qX+fL//DsHzYeFN4g8ejGgcv6EMwiYHkRnyRuKGDV3e7E0PKMT3mR0ExdrSWetpw
dV4puYTRgupZ8q9EqJqrHvQQcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:18 2024 by rpki-client on console-fra.rpki-client.org