Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/84ac9b-0870-4c3f-af5c-637cbad64e03/1/XBO3JqO1vL1sl2ppM5_98rBS82A.roa
File:                     XBO3JqO1vL1sl2ppM5_98rBS82A.roa (raw, json)
Hash identifier:          D9WiNWrw5gaGd84AIdHdFVyWGwuzU5BCHUqNm4hEoF0=
Subject key identifier:   5C:13:B7:26:A3:B5:BC:BD:6C:97:6A:69:33:9F:FD:F2:B0:52:F3:60
Certificate issuer:       /CN=1f25852874331c01a43555e7e3b72ba6a80be85f
Certificate serial:       8A04
Authority key identifier: 1F:25:85:28:74:33:1C:01:A4:35:55:E7:E3:B7:2B:A6:A8:0B:E8:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HyWFKHQzHAGkNVXn47crpqgL6F8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/84ac9b-0870-4c3f-af5c-637cbad64e03/1/XBO3JqO1vL1sl2ppM5_98rBS82A.roa
Signing time:             Tue 25 Jan 2022 11:24:05 +0000
ROA not before:           Tue 25 Jan 2022 11:24:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57878
IP address blocks:        185.205.68.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35332 (0x8a04)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f25852874331c01a43555e7e3b72ba6a80be85f
        Validity
            Not Before: Jan 25 11:24:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5c13b726a3b5bcbd6c976a69339ffdf2b052f360
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:7d:40:e0:8d:db:21:d0:e7:f4:e7:8c:a5:61:
                    9d:e8:89:5c:c5:21:51:74:55:57:fc:bd:38:07:34:
                    f7:49:62:76:3a:2d:ca:b1:df:0b:9e:00:da:23:01:
                    4c:b3:c5:89:ac:fe:50:70:55:3b:5c:3a:47:7b:86:
                    b3:9a:f7:fa:2b:da:a0:86:72:32:31:7b:da:bf:27:
                    8d:21:d7:d7:7c:c0:71:d4:bc:62:5e:86:9c:14:d5:
                    64:a6:b7:b8:20:8f:cd:a8:78:ea:02:fd:06:5b:97:
                    5a:ce:31:84:2d:ff:35:bb:89:34:08:36:8a:2a:70:
                    4e:77:92:0e:59:4f:cc:0c:7b:37:95:4d:cf:cc:7d:
                    dc:24:d9:a3:63:95:23:e0:ff:96:de:9f:6a:8b:a0:
                    f5:e5:d1:32:90:3b:b3:32:02:91:7d:23:f6:3b:0c:
                    2d:fb:26:a8:18:e3:f2:a9:5c:f1:60:2d:86:86:ef:
                    ba:42:36:bf:ee:96:08:b8:26:ef:15:35:aa:1a:00:
                    ad:a3:d8:ce:c0:e0:94:eb:2f:40:35:f6:93:a8:37:
                    c7:80:7d:ff:81:98:6a:c6:8d:34:a7:7a:3b:3d:fe:
                    b1:71:52:5e:62:33:08:72:f4:e4:a7:0c:9f:d0:19:
                    2c:27:a0:6d:4c:4a:92:15:9e:97:59:68:ed:61:ad:
                    17:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:13:B7:26:A3:B5:BC:BD:6C:97:6A:69:33:9F:FD:F2:B0:52:F3:60
            X509v3 Authority Key Identifier:
                keyid:1F:25:85:28:74:33:1C:01:A4:35:55:E7:E3:B7:2B:A6:A8:0B:E8:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyWFKHQzHAGkNVXn47crpqgL6F8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/84ac9b-0870-4c3f-af5c-637cbad64e03/1/XBO3JqO1vL1sl2ppM5_98rBS82A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/84ac9b-0870-4c3f-af5c-637cbad64e03/1/HyWFKHQzHAGkNVXn47crpqgL6F8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.205.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:41:9f:5b:d6:88:12:7a:b3:3f:31:f0:13:52:a8:4e:94:76:
         44:74:c7:8f:6a:1c:53:23:d7:bc:e9:9e:9e:be:7a:34:6f:12:
         b1:00:c4:85:ba:ec:6c:f5:81:89:0f:99:04:10:5d:55:68:0b:
         18:5f:dc:0d:20:60:60:74:07:ee:74:e3:28:89:66:c7:f8:84:
         85:b6:2c:0f:cd:2f:ec:8a:f2:d6:8e:ce:11:00:58:ed:2b:da:
         ec:21:8b:f9:85:e2:d9:b4:60:4d:7e:ec:3e:a1:cb:ba:34:e0:
         3b:99:f7:89:f8:17:48:92:12:7a:b9:66:ab:10:8e:b2:4e:e8:
         70:fc:db:43:e5:d2:1d:aa:52:a9:dc:2e:ee:c1:d1:1e:5e:64:
         20:c3:e9:9d:89:16:9b:ff:70:bc:d0:be:1f:32:6b:81:2d:ff:
         3b:bc:58:67:a5:ac:1a:5b:3c:68:bb:f2:40:e1:46:9e:a4:92:
         3d:8d:92:76:e7:65:6d:c1:68:47:06:37:5b:8d:a3:d8:ef:84:
         e1:f0:44:1d:dc:35:d4:5c:3e:c2:f1:c0:80:5c:19:ab:93:78:
         ad:ff:c0:a9:03:85:38:82:66:9b:b9:ea:5c:bf:cf:a9:62:94:
         52:49:34:4d:c4:e5:59:ee:72:4a:e0:54:d1:82:f1:43:e0:77:
         4c:9a:14:96
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAIoEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFm
MjU4NTI4NzQzMzFjMDFhNDM1NTVlN2UzYjcyYmE2YTgwYmU4NWYwHhcNMjIwMTI1
MTEyNDA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1YzEzYjcyNmEzYjVi
Y2JkNmM5NzZhNjkzMzlmZmRmMmIwNTJmMzYwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1H1A4I3bIdDn9OeMpWGd6IlcxSFRdFVX/L04BzT3SWJ2Oi3K
sd8LngDaIwFMs8WJrP5QcFU7XDpHe4azmvf6K9qghnIyMXvavyeNIdfXfMBx1Lxi
XoacFNVkpre4II/NqHjqAv0GW5dazjGELf81u4k0CDaKKnBOd5IOWU/MDHs3lU3P
zH3cJNmjY5Uj4P+W3p9qi6D15dEykDuzMgKRfSP2Owwt+yaoGOPyqVzxYC2Ghu+6
Qja/7pYIuCbvFTWqGgCto9jOwOCU6y9ANfaTqDfHgH3/gZhqxo00p3o7Pf6xcVJe
YjMIcvTkpwyf0BksJ6BtTEqSFZ6XWWjtYa0XQwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFFwTtyajtby9bJdqaTOf/fKwUvNgMB8GA1UdIwQYMBaAFB8lhSh0MxwBpDVV
5+O3K6aoC+hfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SHlXRktIUXpIQUdrTlZYbjQ3Y3JwcWdMNkY4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hNC84NGFjOWItMDg3MC00YzNmLWFmNWMtNjM3Y2JhZDY0ZTAzLzEv
WEJPM0pxTzF2TDFzbDJwcE01Xzk4ckJTODJBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC84
NGFjOWItMDg3MC00YzNmLWFmNWMtNjM3Y2JhZDY0ZTAzLzEvSHlXRktIUXpIQUdr
TlZYbjQ3Y3JwcWdMNkY4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc1EMA0GCSqGSIb3DQEBCwUAA4IB
AQCWQZ9b1ogSerM/MfATUqhOlHZEdMePahxTI9e86Z6evno0bxKxAMSFuuxs9YGJ
D5kEEF1VaAsYX9wNIGBgdAfudOMoiWbH+ISFtiwPzS/sivLWjs4RAFjtK9rsIYv5
heLZtGBNfuw+ocu6NOA7mfeJ+BdIkhJ6uWarEI6yTuhw/NtD5dIdqlKp3C7uwdEe
XmQgw+mdiRab/3C80L4fMmuBLf87vFhnpawaWzxou/JA4UaepJI9jZJ252VtwWhH
BjdbjaPY74Th8EQd3DXUXD7C8cCAXBmrk3it/8CpA4U4gmabuepcv8+pYpRSSTRN
xOVZ7nJK4FTRgvFD4HdMmhSW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:43 2023 by rpki-client on console-fra.rpki-client.org