Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/eo8ovEqa7btes1Ycw5mQi0cPJqA.roa
File:                     eo8ovEqa7btes1Ycw5mQi0cPJqA.roa (raw, json)
Hash identifier:          sAxAlgDfN8E/ical5OrZ+82pwA8XiACFbAgChGfTtlI=
Subject key identifier:   7A:8F:28:BC:4A:9A:ED:BB:5E:B3:56:1C:C3:99:90:8B:47:0F:26:A0
Certificate issuer:       /CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
Certificate serial:       0FD41CBA
Authority key identifier: 1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/eo8ovEqa7btes1Ycw5mQi0cPJqA.roa
Signing time:             Sat 01 Jan 2022 14:07:25 +0000
ROA not before:           Sat 01 Jan 2022 14:07:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        185.192.58.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 265559226 (0xfd41cba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
        Validity
            Not Before: Jan  1 14:07:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7a8f28bc4a9aedbb5eb3561cc399908b470f26a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:77:dd:18:13:a2:f4:25:7c:f6:51:dc:35:e9:
                    c8:ab:84:37:e0:e7:db:02:7a:ef:cf:ab:40:82:42:
                    51:07:1d:44:ba:9f:08:9e:53:da:2b:17:ec:33:aa:
                    11:0d:e8:48:67:1e:c4:6c:ee:bb:4b:79:70:e8:ec:
                    b8:81:41:07:87:be:6a:6c:fc:4c:71:4b:ce:b7:5a:
                    15:29:ab:18:c0:82:7e:b4:11:80:bb:3f:23:29:77:
                    dd:e0:fe:e0:e5:56:89:49:18:2e:1b:ac:15:3d:f2:
                    7c:12:16:83:63:6f:18:50:06:89:41:81:09:6d:41:
                    32:e3:41:96:c1:54:3b:6c:cc:09:86:00:7e:be:7b:
                    8b:2f:6a:10:c4:db:cd:32:36:24:b0:9c:20:ec:ca:
                    de:f9:f5:45:55:79:28:78:f2:a7:9f:8f:d4:22:75:
                    a5:65:a3:2c:05:d3:e2:11:10:7f:eb:88:e0:d1:5e:
                    92:ef:18:e9:aa:c9:eb:71:f7:97:0c:e7:12:7f:86:
                    13:6a:80:22:88:f0:3e:02:01:27:62:95:40:4a:db:
                    6e:01:ce:d0:73:cf:51:aa:4f:c1:6a:0c:41:56:86:
                    a7:a9:4f:af:c0:12:12:c1:cc:25:06:d1:01:3f:8f:
                    3e:2c:2c:83:87:bf:d1:b1:be:e9:bf:44:18:71:bc:
                    08:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:8F:28:BC:4A:9A:ED:BB:5E:B3:56:1C:C3:99:90:8B:47:0F:26:A0
            X509v3 Authority Key Identifier:
                keyid:1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/eo8ovEqa7btes1Ycw5mQi0cPJqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5b:03:e1:31:c5:7e:47:d3:c1:d0:7f:20:d5:a4:49:d7:d9:b4:
         50:a2:fe:48:62:69:f3:ed:56:dc:07:35:08:b3:40:04:91:a8:
         b7:e9:46:08:f5:10:c3:3b:ad:f2:07:11:f1:0f:5a:fa:9e:2e:
         eb:40:6b:2f:99:08:4b:90:4b:81:6c:e7:53:0c:e7:cd:e9:eb:
         96:83:47:db:5d:34:f5:06:44:aa:bb:b0:c3:61:75:51:b7:8c:
         ac:f2:83:ca:96:41:d6:89:b6:87:7f:63:ec:cf:83:cd:17:da:
         75:0f:67:8e:34:80:34:d2:73:d8:48:b2:a8:b5:d2:09:fb:dc:
         2c:44:5d:52:cf:28:8a:47:6f:99:9f:4e:2b:3d:e3:e2:70:37:
         c6:65:05:fa:6a:3a:36:19:36:62:eb:01:ca:98:de:b5:04:de:
         07:60:b9:fb:12:ea:a1:f3:d1:6e:e3:f0:80:43:40:b9:5b:d1:
         b6:43:52:aa:c5:78:f8:4a:c1:18:8b:0a:84:41:21:61:59:4f:
         b3:c3:a0:f4:c7:2f:4a:c3:06:0d:99:a4:70:05:e3:77:38:ce:
         ee:d3:b7:53:9b:a9:bc:bb:04:6c:9d:66:77:8f:8b:d8:3c:20:
         36:41:f8:13:ce:e4:74:08:cf:a4:d8:90:b6:b4:bc:47:c3:6d:
         32:3f:bc:b4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED9QcujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTRkZDExNTU0MjQ3YmQyYmQzMDFjZWE0M2ZmNTE4MDM3MmMzOGU0MB4XDTIyMDEw
MTE0MDcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2E4ZjI4YmM0YTlh
ZWRiYjVlYjM1NjFjYzM5OTkwOGI0NzBmMjZhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALN33RgTovQlfPZR3DXpyKuEN+Dn2wJ678+rQIJCUQcdRLqf
CJ5T2isX7DOqEQ3oSGcexGzuu0t5cOjsuIFBB4e+amz8THFLzrdaFSmrGMCCfrQR
gLs/Iyl33eD+4OVWiUkYLhusFT3yfBIWg2NvGFAGiUGBCW1BMuNBlsFUO2zMCYYA
fr57iy9qEMTbzTI2JLCcIOzK3vn1RVV5KHjyp5+P1CJ1pWWjLAXT4hEQf+uI4NFe
ku8Y6arJ63H3lwznEn+GE2qAIojwPgIBJ2KVQErbbgHO0HPPUapPwWoMQVaGp6lP
r8ASEsHMJQbRAT+PPiwsg4e/0bG+6b9EGHG8CAsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR6jyi8Sprtu16zVhzDmZCLRw8moDAfBgNVHSMEGDAWgBQaTdEVVCR70r0w
HOpD/1GANyw45DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0drM1JGVlFrZTlLOU1CenFRXzlSZ0Rjc09PUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvN2JkZGRhLTBjNmMtNGE1ZS1iMWM1LTNiYTVmMzBjYWFiZi8x
L2VvOG92RXFhN2J0ZXMxWWN3NW1RaTBjUEpxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
N2JkZGRhLTBjNmMtNGE1ZS1iMWM1LTNiYTVmMzBjYWFiZi8xL0drM1JGVlFrZTlL
OU1CenFRXzlSZ0Rjc09PUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnAOjANBgkqhkiG9w0BAQsFAAOC
AQEAWwPhMcV+R9PB0H8g1aRJ19m0UKL+SGJp8+1W3Ac1CLNABJGot+lGCPUQwzut
8gcR8Q9a+p4u60BrL5kIS5BLgWznUwznzenrloNH21009QZEqruww2F1UbeMrPKD
ypZB1om2h39j7M+DzRfadQ9njjSANNJz2EiyqLXSCfvcLERdUs8oikdvmZ9OKz3j
4nA3xmUF+mo6Nhk2YusBypjetQTeB2C5+xLqofPRbuPwgENAuVvRtkNSqsV4+ErB
GIsKhEEhYVlPs8Og9McvSsMGDZmkcAXjdzjO7tO3U5upvLsEbJ1md4+L2DwgNkH4
E87kdAjPpNiQtrS8R8NtMj+8tA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:38 2023 by rpki-client on console-ams.rpki-client.org