Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/OyghE1BVsHDDbhInRC-01OhnDhY.roa
File:                     OyghE1BVsHDDbhInRC-01OhnDhY.roa (raw, json)
Hash identifier:          o6DnANgxhhZOGudxkirVIFdtsxarbm8P2uMMXYPlor8=
Subject key identifier:   3B:28:21:13:50:55:B0:70:C3:6E:12:27:44:2F:B4:D4:E8:67:0E:16
Certificate issuer:       /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial:       0183155DF8EE3F1C5557268995C28157C901
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/OyghE1BVsHDDbhInRC-01OhnDhY.roa
Signing time:             Wed 07 Sep 2022 00:33:43 +0000
ROA not before:           Wed 07 Sep 2022 00:33:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        185.213.22.0/24 maxlen: 24
                          185.126.236.0/24 maxlen: 24
                          185.126.237.0/24 maxlen: 24
                          2a11:840:2::/48 maxlen: 48
                          2a11:840:5::/48 maxlen: 48
                          2a11:840:3::/48 maxlen: 48
                          2a11:840:6::/48 maxlen: 48
                          2a11:840:1::/48 maxlen: 48
                          2a11:840:9::/48 maxlen: 48
                          2a11:840:4::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:15:5d:f8:ee:3f:1c:55:57:26:89:95:c2:81:57:c9:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
        Validity
            Not Before: Sep  7 00:33:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3b2821135055b070c36e1227442fb4d4e8670e16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:17:af:4d:5d:40:7d:da:30:75:66:96:12:44:
                    e9:42:75:dc:3c:21:34:df:5c:97:19:89:81:e3:5e:
                    f1:c8:86:d8:1c:cf:48:44:91:50:ab:47:0c:19:9d:
                    64:c0:bf:ed:ea:26:bd:5a:20:d7:74:a3:df:78:22:
                    9f:81:33:a1:6b:14:21:fa:e2:10:97:ac:2f:5b:7b:
                    00:1f:1d:73:f9:10:21:34:72:67:14:d3:17:07:8b:
                    71:84:da:74:a0:9f:d3:31:d6:87:fa:aa:09:ad:1e:
                    f5:29:e7:e5:da:74:17:3b:d8:76:3a:36:b0:de:8b:
                    d7:5c:c0:40:49:ad:b1:35:92:87:20:be:39:0c:9b:
                    7e:b6:8c:82:c9:d5:82:3b:09:66:1f:77:8b:5b:6e:
                    9a:ed:90:67:1e:54:17:2a:e6:09:92:88:bf:30:4f:
                    c0:41:0f:59:d2:52:7b:40:ab:cf:51:bc:5a:ff:af:
                    59:78:b1:0d:f0:30:ff:67:8b:0b:dc:4b:19:41:a2:
                    86:79:cb:2d:30:59:53:5d:21:e2:8c:ba:5f:8f:03:
                    47:f0:fe:03:59:50:f5:f3:ba:7f:0f:95:d1:70:c5:
                    f9:7b:a3:59:28:7d:41:02:5b:26:77:c4:e2:ec:d6:
                    d1:3f:d0:ee:40:75:8a:5d:46:34:1e:24:78:d2:d6:
                    81:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:28:21:13:50:55:B0:70:C3:6E:12:27:44:2F:B4:D4:E8:67:0E:16
            X509v3 Authority Key Identifier:
                keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/OyghE1BVsHDDbhInRC-01OhnDhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.126.236.0/23
                  185.213.22.0/24
                IPv6:
                  2a11:840:1::-2a11:840:6:ffff:ffff:ffff:ffff:ffff
                  2a11:840:9::/48

    Signature Algorithm: sha256WithRSAEncryption
         26:47:aa:55:48:9a:fc:31:e5:82:56:cd:44:ac:90:79:20:12:
         12:c0:a8:25:4e:5c:7e:93:47:83:f0:6f:b2:a3:b4:58:6e:9b:
         66:a8:4c:fc:dc:6a:5b:95:f9:7c:2e:3e:f9:6f:16:a0:01:31:
         9c:16:c4:6d:11:3e:c9:ce:c5:d8:a5:cc:0c:cf:86:ac:e6:69:
         b3:30:8e:46:81:75:79:0b:c3:a1:2b:0b:f5:a1:24:bf:27:99:
         d1:cc:fa:17:7c:23:69:74:89:ea:a9:87:aa:50:f3:0e:d8:08:
         95:cd:14:77:57:45:f9:d9:8c:f6:89:aa:2c:85:af:9a:20:17:
         a9:cb:01:2e:5e:52:84:8b:95:4e:4b:7c:c1:d1:b6:31:88:82:
         48:94:64:16:e9:dc:62:38:01:d9:69:e3:68:85:81:3b:a1:1c:
         8c:16:d3:e2:af:1b:d2:e8:bf:9e:14:22:60:87:cd:a9:24:6a:
         a6:3e:5f:ba:c2:ca:cf:59:a2:5a:01:68:38:f7:7a:c2:bb:1f:
         f2:03:c0:55:05:b3:fe:e3:66:5c:c5:f9:ad:82:f9:1e:b3:de:
         4b:dc:68:69:df:7b:a7:ff:2a:4d:1b:5e:ea:25:4d:85:b2:d2:
         34:89:17:10:7d:d4:bd:50:40:76:4d:b6:b2:77:b0:a0:42:dd:
         e2:cf:11:d3
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYMVXfjuPxxVVyaJlcKBV8kBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjIwOTA3MDAzMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI4MjExMzUwNTViMDcwYzM2ZTEyMjc0NDJmYjRkNGU4NjcwZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhevTV1AfdowdWaWEkTpQnXcPCE0
31yXGYmB417xyIbYHM9IRJFQq0cMGZ1kwL/t6ia9WiDXdKPfeCKfgTOhaxQh+uIQ
l6wvW3sAHx1z+RAhNHJnFNMXB4txhNp0oJ/TMdaH+qoJrR71Kefl2nQXO9h2Ojaw
3ovXXMBASa2xNZKHIL45DJt+toyCydWCOwlmH3eLW26a7ZBnHlQXKuYJkoi/ME/A
QQ9Z0lJ7QKvPUbxa/69ZeLEN8DD/Z4sL3EsZQaKGecstMFlTXSHijLpfjwNH8P4D
WVD187p/D5XRcMX5e6NZKH1BAlsmd8Ti7NbRP9DuQHWKXUY0HiR40taBCQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDsoIRNQVbBww24SJ0QvtNToZw4WMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvT3lnaEUxQlZzSEREYmhJblJDLTAxT2huRGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQBuX7sAwQA
udUWMCMEAgACMB0wEgMHACoRCEAAAQMHACoRCEAABgMHACoRCEAACTANBgkqhkiG
9w0BAQsFAAOCAQEAJkeqVUia/DHlglbNRKyQeSASEsCoJU5cfpNHg/BvsqO0WG6b
ZqhM/NxqW5X5fC4++W8WoAExnBbEbRE+yc7F2KXMDM+GrOZpszCORoF1eQvDoSsL
9aEkvyeZ0cz6F3wjaXSJ6qmHqlDzDtgIlc0Ud1dF+dmM9omqLIWvmiAXqcsBLl5S
hIuVTkt8wdG2MYiCSJRkFuncYjgB2WnjaIWBO6EcjBbT4q8b0ui/nhQiYIfNqSRq
pj5fusLKz1miWgFoOPd6wrsf8gPAVQWz/uNmXMX5rYL5HrPeS9xoad97p/8qTRte
6iVNhbLSNIkXEH3UvVBAdk22snewoELd4s8R0w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:56 2023 by rpki-client on console-ams.rpki-client.org