Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/qo0ENkCtMXHNSYo7aLztKpBqb3o.roa
File:                     qo0ENkCtMXHNSYo7aLztKpBqb3o.roa (raw, json)
Hash identifier:          4S8kdl0nLf02fr4IDSKzWgB/gfKduYRyDs2wejQ4/wo=
Subject key identifier:   AA:8D:04:36:40:AD:31:71:CD:49:8A:3B:68:BC:ED:2A:90:6A:6F:7A
Certificate issuer:       /CN=31db847d1db1e0b2c2c25502210ff5a719967a19
Certificate serial:       0182D04BF7209FA5670FD9D04B8D9FE2832E
Authority key identifier: 31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/qo0ENkCtMXHNSYo7aLztKpBqb3o.roa
Signing time:             Wed 24 Aug 2022 14:40:15 +0000
ROA not before:           Wed 24 Aug 2022 14:40:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        185.238.212.0/23 maxlen: 24
                          185.238.214.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d0:4b:f7:20:9f:a5:67:0f:d9:d0:4b:8d:9f:e2:83:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31db847d1db1e0b2c2c25502210ff5a719967a19
        Validity
            Not Before: Aug 24 14:40:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aa8d043640ad3171cd498a3b68bced2a906a6f7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:81:6d:b2:42:bd:98:cd:b0:60:dc:0a:5a:5e:
                    98:0b:80:8a:fd:dd:71:23:dc:d8:b7:bc:32:ab:ba:
                    06:75:25:9c:29:60:c2:dd:44:ca:50:64:66:00:18:
                    ce:ef:cf:5b:8b:03:a7:b4:0a:6c:eb:84:6e:17:66:
                    73:80:48:0b:a2:49:b7:74:c6:36:26:25:46:8b:d0:
                    99:30:ee:bb:27:4e:64:a8:42:c4:7b:a9:fa:20:fe:
                    bf:57:eb:ea:d6:5c:e0:15:30:7e:e7:19:fd:07:d5:
                    3d:cb:3c:a2:d7:cc:51:21:b5:30:14:23:d0:f4:ce:
                    5d:f0:6b:f1:1b:28:59:5f:9e:f2:e6:3b:dd:b9:c5:
                    16:c0:32:cd:cd:78:32:4d:80:a4:cb:a6:06:4c:49:
                    02:1d:24:82:c7:53:4c:21:7c:41:6b:b0:9e:78:49:
                    0b:23:72:7b:c5:25:7c:23:70:56:de:49:8e:fe:b5:
                    41:77:03:00:35:91:1d:f1:98:cf:cf:15:a2:2a:6f:
                    69:e1:ac:3e:66:76:c7:d6:2b:47:e2:5c:7f:ba:4a:
                    b1:4d:1b:27:ad:40:bb:e8:d0:3f:9a:26:b3:fa:06:
                    17:b3:e0:9b:d8:e6:0c:ce:35:c5:fb:ac:f8:b6:d0:
                    68:f3:62:76:66:95:91:58:c6:6c:27:b2:4b:11:af:
                    25:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:8D:04:36:40:AD:31:71:CD:49:8A:3B:68:BC:ED:2A:90:6A:6F:7A
            X509v3 Authority Key Identifier:
                keyid:31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/qo0ENkCtMXHNSYo7aLztKpBqb3o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/MduEfR2x4LLCwlUCIQ_1pxmWehk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.238.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:33:e4:1d:ac:f1:f2:97:27:80:2c:fc:ed:9e:97:46:93:79:
         6b:d1:5b:e9:ec:4b:fa:84:bb:1f:f6:e2:93:f5:7c:65:5a:61:
         c3:72:5d:11:02:5c:36:38:cf:c0:05:a0:52:5a:fb:e7:49:3e:
         24:92:90:8e:e5:a6:c3:8b:51:ed:6e:6b:3b:99:91:6b:2c:f1:
         a4:ec:b8:20:ac:fe:6a:fd:3d:be:b1:fc:0e:14:9b:b6:76:78:
         9f:76:71:f4:8b:77:e6:5c:f4:8d:f7:0b:a9:64:7a:a3:29:04:
         1a:98:2f:ee:9d:ae:dd:7e:c3:2a:98:dc:da:a6:08:d1:0e:1d:
         95:b9:59:27:39:a0:34:99:fe:4f:62:a1:9f:dd:55:60:07:4f:
         d9:fa:22:db:46:3c:4e:d4:5a:a0:3f:16:fe:bb:65:99:c4:4f:
         02:6e:30:f7:d4:4b:e9:1f:75:66:f9:83:4a:1c:06:4f:4e:90:
         ad:b2:af:6a:44:f0:f0:43:04:00:d0:98:9e:52:16:5c:c2:31:
         63:8d:24:06:e5:8b:d6:61:c9:7c:65:62:18:26:11:6b:f1:04:
         99:73:ee:a9:66:24:17:90:d8:67:8e:97:56:33:36:76:9d:17:
         a7:d5:ad:c1:52:45:11:55:ee:b2:0a:7c:d7:0e:c6:82:7a:33:
         1c:97:78:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLQS/cgn6VnD9nQS42f4oMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZGI4NDdkMWRiMWUwYjJjMmMyNTUwMjIxMGZmNWE3MTk5
NjdhMTkwHhcNMjIwODI0MTQ0MDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYThkMDQzNjQwYWQzMTcxY2Q0OThhM2I2OGJjZWQyYTkwNmE2ZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoFtskK9mM2wYNwKWl6YC4CK/d1x
I9zYt7wyq7oGdSWcKWDC3UTKUGRmABjO789biwOntAps64RuF2ZzgEgLokm3dMY2
JiVGi9CZMO67J05kqELEe6n6IP6/V+vq1lzgFTB+5xn9B9U9yzyi18xRIbUwFCPQ
9M5d8GvxGyhZX57y5jvducUWwDLNzXgyTYCky6YGTEkCHSSCx1NMIXxBa7CeeEkL
I3J7xSV8I3BW3kmO/rVBdwMANZEd8ZjPzxWiKm9p4aw+ZnbH1itH4lx/ukqxTRsn
rUC76NA/miaz+gYXs+Cb2OYMzjXF+6z4ttBo82J2ZpWRWMZsJ7JLEa8lowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqNBDZArTFxzUmKO2i87SqQam96MB8GA1UdIwQY
MBaAFDHbhH0dseCywsJVAiEP9acZlnoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWR1RWZSMng0TExDd2xVQ0lRXzFweG1XZWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8zZGJkMzktNWY5Zi00OGZiLTljMDEt
YmQ2ZTNiMDI2YzM3LzEvcW8wRU5rQ3RNWEhOU1lvN2FMenRLcEJxYjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8zZGJkMzktNWY5Zi00OGZiLTljMDEtYmQ2ZTNiMDI2YzM3
LzEvTWR1RWZSMng0TExDd2xVQ0lRXzFweG1XZWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue7UMA0G
CSqGSIb3DQEBCwUAA4IBAQCUM+QdrPHylyeALPztnpdGk3lr0Vvp7Ev6hLsf9uKT
9XxlWmHDcl0RAlw2OM/ABaBSWvvnST4kkpCO5abDi1Htbms7mZFrLPGk7LggrP5q
/T2+sfwOFJu2dnifdnH0i3fmXPSN9wupZHqjKQQamC/una7dfsMqmNzapgjRDh2V
uVknOaA0mf5PYqGf3VVgB0/Z+iLbRjxO1FqgPxb+u2WZxE8CbjD31EvpH3Vm+YNK
HAZPTpCtsq9qRPDwQwQA0JieUhZcwjFjjSQG5YvWYcl8ZWIYJhFr8QSZc+6pZiQX
kNhnjpdWMzZ2nRen1a3BUkURVe6yCnzXDsaCejMcl3gE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:45 2024 by rpki-client on console-ams.rpki-client.org