Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/cuvS099Ll8GLtwe-GTYA-Q2xOEo.roa
File:                     cuvS099Ll8GLtwe-GTYA-Q2xOEo.roa (raw, json)
Hash identifier:          nBSmDhp2ayW+5KoRCsN9wJh8y4BDp2fQFLjQrNYQ1tI=
Subject key identifier:   72:EB:D2:D3:DF:4B:97:C1:8B:B7:07:BE:19:36:00:F9:0D:B1:38:4A
Certificate issuer:       /CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
Certificate serial:       104E71BF
Authority key identifier: 1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/cuvS099Ll8GLtwe-GTYA-Q2xOEo.roa
Signing time:             Wed 23 Feb 2022 15:06:11 +0000
ROA not before:           Wed 23 Feb 2022 15:06:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31898
IP address blocks:        185.192.56.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 273576383 (0x104e71bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
        Validity
            Not Before: Feb 23 15:06:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72ebd2d3df4b97c18bb707be193600f90db1384a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:24:b4:b8:fa:28:f7:98:8e:51:6c:46:5e:34:
                    c4:ff:3b:77:bf:04:8b:ac:5e:58:f7:d7:87:4b:79:
                    93:13:8d:c1:33:b7:63:55:bd:f6:9a:41:02:ed:a2:
                    91:0c:2f:f5:0c:fc:24:50:f3:fd:1e:56:1e:32:63:
                    c5:9d:f9:61:5b:5f:46:9b:80:22:75:1b:a9:73:9d:
                    2a:47:a3:dd:b3:1a:68:f8:6f:2d:6d:aa:57:90:cb:
                    3e:8a:e2:68:42:c7:d2:f6:42:4e:9f:19:dc:4a:26:
                    07:0e:48:be:cb:6c:d6:cc:b8:ac:04:4d:8a:88:0e:
                    86:2e:7e:37:22:32:53:70:0e:76:d5:82:11:85:11:
                    cd:66:33:7f:ab:d4:30:38:ca:61:b0:cf:c4:c1:0d:
                    7b:36:19:f8:5b:bd:c7:96:e3:b6:f7:03:9f:51:9e:
                    57:00:6f:db:6b:59:42:e3:dc:81:db:92:16:b7:33:
                    5f:f2:61:e9:c9:fa:86:7c:4a:81:e3:9d:60:3b:05:
                    d3:3c:6a:b9:45:7d:7e:c1:c1:7e:02:31:7b:cc:ac:
                    8c:d8:05:6c:fd:aa:ef:d8:69:0f:76:b1:89:b0:af:
                    3b:da:ec:d2:84:97:0d:43:b6:fd:1f:e6:42:b7:2b:
                    41:47:cc:d0:c2:e5:99:69:23:12:a8:de:c1:74:7d:
                    6a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:EB:D2:D3:DF:4B:97:C1:8B:B7:07:BE:19:36:00:F9:0D:B1:38:4A
            X509v3 Authority Key Identifier:
                keyid:1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/cuvS099Ll8GLtwe-GTYA-Q2xOEo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a7:aa:17:fb:11:99:2a:91:ba:64:bd:61:92:89:6e:84:ed:ca:
         a0:47:4c:a6:01:21:39:bc:24:54:40:ef:b6:9f:47:06:f5:c1:
         e5:e3:29:40:9b:7d:79:39:c7:a6:c9:a0:2d:27:76:71:a5:b5:
         46:9c:09:7d:48:f0:4c:e1:85:49:5c:a2:51:03:82:95:ed:33:
         9e:92:a7:7a:eb:4a:18:66:76:c0:14:86:7a:d2:5c:29:84:f9:
         c8:6a:0e:3b:b6:12:1d:a9:a8:d0:f3:40:f1:76:b4:8d:30:3b:
         e8:fa:e7:1e:da:26:37:7f:09:2d:0f:e6:1e:c6:94:09:2b:b9:
         98:4c:b9:c2:cf:7d:25:a0:e3:c7:83:be:50:2a:e5:4a:b3:55:
         2f:c6:11:a0:52:9b:0b:49:2b:fe:27:e3:41:b2:b6:81:05:c8:
         dd:16:6d:6a:f5:cd:ea:31:5c:f5:79:51:29:5f:dc:da:99:36:
         5e:ba:42:61:56:44:13:50:8a:b2:d0:c4:e8:46:21:9a:f3:3d:
         64:cc:ec:8d:72:7e:da:48:13:3c:20:88:7b:66:fa:9d:9b:59:
         bd:90:ce:d5:7b:e1:f3:ee:cf:0d:04:42:d4:24:88:6d:ff:54:
         ff:d9:f9:65:79:40:3e:be:b1:b2:f0:d5:f5:54:be:01:1b:55:
         1c:6e:68:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEE5xvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTRkZDExNTU0MjQ3YmQyYmQzMDFjZWE0M2ZmNTE4MDM3MmMzOGU0MB4XDTIyMDIy
MzE1MDYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJlYmQyZDNkZjRi
OTdjMThiYjcwN2JlMTkzNjAwZjkwZGIxMzg0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQktLj6KPeYjlFsRl40xP87d78Ei6xeWPfXh0t5kxONwTO3
Y1W99ppBAu2ikQwv9Qz8JFDz/R5WHjJjxZ35YVtfRpuAInUbqXOdKkej3bMaaPhv
LW2qV5DLPoriaELH0vZCTp8Z3EomBw5Ivsts1sy4rARNiogOhi5+NyIyU3AOdtWC
EYURzWYzf6vUMDjKYbDPxMENezYZ+Fu9x5bjtvcDn1GeVwBv22tZQuPcgduSFrcz
X/Jh6cn6hnxKgeOdYDsF0zxquUV9fsHBfgIxe8ysjNgFbP2q79hpD3axibCvO9rs
0oSXDUO2/R/mQrcrQUfM0MLlmWkjEqjewXR9apUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRy69LT30uXwYu3B74ZNgD5DbE4SjAfBgNVHSMEGDAWgBQaTdEVVCR70r0w
HOpD/1GANyw45DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0drM1JGVlFrZTlLOU1CenFRXzlSZ0Rjc09PUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvN2JkZGRhLTBjNmMtNGE1ZS1iMWM1LTNiYTVmMzBjYWFiZi8x
L2N1dlMwOTlMbDhHTHR3ZS1HVFlBLVEyeE9Fby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
N2JkZGRhLTBjNmMtNGE1ZS1iMWM1LTNiYTVmMzBjYWFiZi8xL0drM1JGVlFrZTlL
OU1CenFRXzlSZ0Rjc09PUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnAODANBgkqhkiG9w0BAQsFAAOC
AQEAp6oX+xGZKpG6ZL1hkoluhO3KoEdMpgEhObwkVEDvtp9HBvXB5eMpQJt9eTnH
psmgLSd2caW1RpwJfUjwTOGFSVyiUQOCle0znpKneutKGGZ2wBSGetJcKYT5yGoO
O7YSHamo0PNA8Xa0jTA76PrnHtomN38JLQ/mHsaUCSu5mEy5ws99JaDjx4O+UCrl
SrNVL8YRoFKbC0kr/ifjQbK2gQXI3RZtavXN6jFc9XlRKV/c2pk2XrpCYVZEE1CK
stDE6EYhmvM9ZMzsjXJ+2kgTPCCIe2b6nZtZvZDO1Xvh8+7PDQRC1CSIbf9U/9n5
ZXlAPr6xsvDV9VS+ARtVHG5otw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:38 2024 by rpki-client on console-ams.rpki-client.org