Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/P6DRUAl2Ik0ZM3k_Qlip2WeObp8.roa
File:                     P6DRUAl2Ik0ZM3k_Qlip2WeObp8.roa (raw, json)
Hash identifier:          HS2ihE0kSRmCYwxncUXQVdb/3TRZ4hLZ/ZliYFn38io=
Subject key identifier:   3F:A0:D1:50:09:76:22:4D:19:33:79:3F:42:58:A9:D9:67:8E:6E:9F
Certificate issuer:       /CN=10af800ce95bfbb1f473b0b5f9f7b93175930e89
Certificate serial:       01849A5D4BAACB6E0EB2C0A53F804FF0EA0C
Authority key identifier: 10:AF:80:0C:E9:5B:FB:B1:F4:73:B0:B5:F9:F7:B9:31:75:93:0E:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EK-ADOlb-7H0c7C1-fe5MXWTDok.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/P6DRUAl2Ik0ZM3k_Qlip2WeObp8.roa
Signing time:             Mon 21 Nov 2022 13:25:16 +0000
ROA not before:           Mon 21 Nov 2022 13:25:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24971
IP address blocks:        185.32.160.0/22 maxlen: 24
                          2a00:a5a0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9a:5d:4b:aa:cb:6e:0e:b2:c0:a5:3f:80:4f:f0:ea:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10af800ce95bfbb1f473b0b5f9f7b93175930e89
        Validity
            Not Before: Nov 21 13:25:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3fa0d1500976224d1933793f4258a9d9678e6e9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:69:8e:df:ab:10:e6:80:16:d5:3d:2b:f1:b2:
                    5e:48:9a:ab:00:bc:08:a3:2f:4c:56:1c:e2:a2:0e:
                    73:26:d1:96:28:c1:20:ec:ee:6b:17:05:e3:14:4b:
                    71:82:eb:f8:e0:d5:97:18:10:da:5b:8a:98:ed:c0:
                    8b:cf:7e:d1:2b:d3:77:1d:10:71:63:2c:f5:91:3e:
                    ed:b6:d4:fc:57:f9:ab:16:d7:b0:3f:5c:a6:08:a6:
                    62:65:45:4c:52:f5:df:75:c1:10:f8:18:cf:0c:83:
                    da:10:a4:83:60:1d:8b:d9:8a:04:db:6a:72:b5:f3:
                    68:8e:f4:49:e7:b1:17:8d:b4:c5:34:d0:81:75:4c:
                    1b:03:36:14:7c:2d:49:75:7c:90:7a:ee:1a:97:f1:
                    f5:99:a0:63:8a:29:c1:5e:26:25:57:26:79:a4:d6:
                    4d:24:f1:4b:10:ed:db:af:ad:21:c6:6e:15:cc:19:
                    e8:f1:f2:80:57:11:c8:6d:0d:72:2c:07:de:92:02:
                    d7:17:9b:76:8b:72:b7:5f:be:ee:2e:3f:4e:d7:69:
                    70:33:b0:91:44:c8:c4:36:1f:2e:f3:1f:52:88:10:
                    ca:5a:9f:65:64:72:56:99:f6:4d:24:41:ed:fa:c9:
                    13:c6:92:44:28:47:62:82:8f:e6:66:f9:1e:e8:d1:
                    a7:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:A0:D1:50:09:76:22:4D:19:33:79:3F:42:58:A9:D9:67:8E:6E:9F
            X509v3 Authority Key Identifier:
                keyid:10:AF:80:0C:E9:5B:FB:B1:F4:73:B0:B5:F9:F7:B9:31:75:93:0E:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EK-ADOlb-7H0c7C1-fe5MXWTDok.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/P6DRUAl2Ik0ZM3k_Qlip2WeObp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/EK-ADOlb-7H0c7C1-fe5MXWTDok.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.32.160.0/22
                IPv6:
                  2a00:a5a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         90:2a:2e:45:a0:8a:13:11:1e:ec:7f:4e:7d:c9:9b:3e:81:f8:
         b8:22:6d:6b:c3:ed:da:93:29:94:97:8b:07:a8:26:5f:c4:93:
         fb:6e:59:81:89:38:46:56:f7:0b:5a:68:42:bf:4b:17:c7:cf:
         40:3f:7d:b6:1b:67:58:ac:5b:c6:e5:30:02:94:4a:5d:ef:18:
         91:fa:4e:d4:e5:f7:9e:33:70:81:2e:86:7f:4c:37:03:ec:4d:
         53:3c:39:60:e0:4f:64:fb:88:15:e4:5b:cb:bf:92:82:29:af:
         9e:fc:ba:b3:3f:03:f6:a1:3d:6c:17:e7:61:0b:a4:cb:5c:89:
         04:50:f0:88:15:ed:42:60:64:d8:aa:8e:9f:6b:cc:59:8e:81:
         7f:4f:63:47:91:b6:35:f9:24:d7:4b:52:67:73:c3:4a:0c:c8:
         a2:b7:2b:f9:86:1b:77:31:0d:16:82:b9:c3:3c:56:75:5b:a7:
         1f:96:e1:ae:dd:80:0d:20:15:d1:de:7f:79:d6:77:10:84:79:
         21:2d:05:e5:6b:63:10:79:89:cd:f2:ae:ca:39:f3:8e:e1:27:
         94:43:60:e0:27:db:76:9c:07:6b:c4:86:3c:fb:38:0c:5c:cd:
         b4:e1:d8:f2:2a:af:89:fc:cb:77:1e:cd:77:37:f3:08:b2:6d:
         77:d7:50:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSaXUuqy24OssClP4BP8OoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYWY4MDBjZTk1YmZiYjFmNDczYjBiNWY5ZjdiOTMxNzU5
MzBlODkwHhcNMjIxMTIxMTMyNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmEwZDE1MDA5NzYyMjRkMTkzMzc5M2Y0MjU4YTlkOTY3OGU2ZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWmO36sQ5oAW1T0r8bJeSJqrALwI
oy9MVhziog5zJtGWKMEg7O5rFwXjFEtxguv44NWXGBDaW4qY7cCLz37RK9N3HRBx
Yyz1kT7tttT8V/mrFtewP1ymCKZiZUVMUvXfdcEQ+BjPDIPaEKSDYB2L2YoE22py
tfNojvRJ57EXjbTFNNCBdUwbAzYUfC1JdXyQeu4al/H1maBjiinBXiYlVyZ5pNZN
JPFLEO3br60hxm4VzBno8fKAVxHIbQ1yLAfekgLXF5t2i3K3X77uLj9O12lwM7CR
RMjENh8u8x9SiBDKWp9lZHJWmfZNJEHt+skTxpJEKEdigo/mZvke6NGnvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD+g0VAJdiJNGTN5P0JYqdlnjm6fMB8GA1UdIwQY
MBaAFBCvgAzpW/ux9HOwtfn3uTF1kw6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUstQURPbGItN0gwYzdDMS1mZTVNWFdURG9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85YTc4ZTYtM2JmNy00MmI2LThjYmYt
MTE5OTQyZjNkN2E3LzEvUDZEUlVBbDJJazBaTTNrX1FsaXAyV2VPYnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85YTc4ZTYtM2JmNy00MmI2LThjYmYtMTE5OTQyZjNkN2E3
LzEvRUstQURPbGItN0gwYzdDMS1mZTVNWFdURG9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSCgMA0E
AgACMAcDBQAqAKWgMA0GCSqGSIb3DQEBCwUAA4IBAQCQKi5FoIoTER7sf059yZs+
gfi4Im1rw+3akymUl4sHqCZfxJP7blmBiThGVvcLWmhCv0sXx89AP322G2dYrFvG
5TAClEpd7xiR+k7U5feeM3CBLoZ/TDcD7E1TPDlg4E9k+4gV5FvLv5KCKa+e/Lqz
PwP2oT1sF+dhC6TLXIkEUPCIFe1CYGTYqo6fa8xZjoF/T2NHkbY1+STXS1Jnc8NK
DMiityv5hht3MQ0WgrnDPFZ1W6cfluGu3YANIBXR3n951ncQhHkhLQXla2MQeYnN
8q7KOfOO4SeUQ2DgJ9t2nAdrxIY8+zgMXM204djyKq+J/Mt3Hs13N/MIsm1311Ae
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:30 2024 by rpki-client on console-fra.rpki-client.org