Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/SUMZo1BPg3pFTc_R5Dt49c0zRwA.roa
File:                     SUMZo1BPg3pFTc_R5Dt49c0zRwA.roa (raw, json)
Hash identifier:          4DYuOnA8CS+8GgsncwnQtuNTdYG+wWEuEPjC41GaGwA=
Subject key identifier:   49:43:19:A3:50:4F:83:7A:45:4D:CF:D1:E4:3B:78:F5:CD:33:47:00
Certificate issuer:       /CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Certificate serial:       10B2E7
Authority key identifier: E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/SUMZo1BPg3pFTc_R5Dt49c0zRwA.roa
Signing time:             Thu 20 Jan 2022 08:45:04 +0000
ROA not before:           Thu 20 Jan 2022 08:45:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21217
IP address blocks:        185.46.91.0/24 maxlen: 24
                          185.46.88.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1094375 (0x10b2e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e740eed28f2d994eb2b831cb8efc6470306d7461
        Validity
            Not Before: Jan 20 08:45:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=494319a3504f837a454dcfd1e43b78f5cd334700
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:55:33:56:b0:8b:93:c2:7a:bc:71:65:c4:d5:
                    90:15:18:0f:9b:cf:55:c4:24:de:6d:21:c1:9c:b4:
                    ba:11:d3:73:93:be:d9:0c:f5:7c:ef:80:86:7d:c2:
                    51:c1:b1:3b:09:90:5e:b6:5b:f9:e1:79:b0:33:ac:
                    3b:e1:ba:12:6c:08:66:a8:c0:99:69:d7:48:bb:50:
                    2d:3b:4c:0e:1f:26:ee:94:b3:08:36:13:59:dc:98:
                    74:09:e7:79:8a:e5:1c:94:44:63:6f:2c:99:4e:e1:
                    34:e5:ad:91:ec:bc:77:d5:ec:61:30:e0:39:9b:49:
                    b4:6a:4e:e4:d2:20:32:e2:aa:13:86:90:90:22:14:
                    b4:cd:0a:be:73:7f:9a:bf:86:dd:a6:56:72:a8:68:
                    00:48:46:fb:2c:83:bf:cb:f2:2b:b5:51:4e:bf:3c:
                    e7:2b:5e:e8:d1:09:52:bf:cd:4f:3c:38:1c:30:9c:
                    2a:fc:3f:d7:b2:7b:91:c6:ad:b6:7e:2c:8d:17:fc:
                    da:23:53:a2:4d:bb:12:51:b2:49:ba:6d:5e:19:f1:
                    6f:ff:d3:af:e3:bc:27:82:1b:f5:22:93:6b:a9:b7:
                    89:c3:20:f9:9e:ec:e7:74:5b:ff:7e:79:99:f9:e7:
                    d3:13:9e:eb:7d:f2:02:ad:31:11:12:1d:ee:ff:aa:
                    d6:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:43:19:A3:50:4F:83:7A:45:4D:CF:D1:E4:3B:78:F5:CD:33:47:00
            X509v3 Authority Key Identifier:
                keyid:E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/SUMZo1BPg3pFTc_R5Dt49c0zRwA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/50Du0o8tmU6yuDHLjvxkcDBtdGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:c8:91:1a:94:52:18:f7:66:dc:52:fd:f2:5c:c2:db:71:ae:
         2e:a3:cb:05:94:0b:7b:79:b7:04:16:09:95:c0:b5:aa:8d:5c:
         24:85:f9:01:c9:e5:5d:37:05:45:f1:7d:ff:a3:6f:01:2a:e2:
         7d:89:56:e0:29:88:60:c4:fc:10:ae:da:84:dd:e4:62:ef:c9:
         47:6e:e5:17:cc:bf:25:2f:d2:dc:9e:3c:01:3c:b9:4c:fb:f9:
         15:d7:18:73:08:f0:85:64:ad:07:fc:bd:74:61:d5:be:b3:c0:
         6a:66:dc:13:4d:f7:d8:d7:a7:d5:ee:8a:17:12:b9:52:01:1f:
         65:e2:c8:62:bd:11:c8:95:39:c3:b6:1c:ff:1f:e8:31:07:ae:
         c9:25:3b:21:6c:91:a9:b9:b5:cc:ae:ae:42:a3:6e:20:b1:11:
         d9:32:78:04:6f:ff:88:5e:3e:f2:4b:66:7b:88:e1:d0:28:f7:
         a0:48:30:10:78:3c:ab:65:2e:c2:76:7a:e4:a6:e8:09:41:8d:
         b5:83:7a:07:46:3e:fc:c7:8c:71:45:6e:39:c2:28:8d:1e:7b:
         32:7e:a9:e7:2d:5e:d4:2c:3b:9a:cf:ee:f2:38:ee:f6:32:94:
         90:3d:d0:5b:0d:27:bf:d4:6d:87:fb:c5:08:ea:60:9f:89:64:
         e9:80:a7:f6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDELLnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU3
NDBlZWQyOGYyZDk5NGViMmI4MzFjYjhlZmM2NDcwMzA2ZDc0NjEwHhcNMjIwMTIw
MDg0NTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0OTQzMTlhMzUwNGY4
MzdhNDU0ZGNmZDFlNDNiNzhmNWNkMzM0NzAwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnVUzVrCLk8J6vHFlxNWQFRgPm89VxCTebSHBnLS6EdNzk77Z
DPV874CGfcJRwbE7CZBetlv54XmwM6w74boSbAhmqMCZaddIu1AtO0wOHybulLMI
NhNZ3Jh0Ced5iuUclERjbyyZTuE05a2R7Lx31exhMOA5m0m0ak7k0iAy4qoThpCQ
IhS0zQq+c3+av4bdplZyqGgASEb7LIO/y/IrtVFOvzznK17o0QlSv81PPDgcMJwq
/D/XsnuRxq22fiyNF/zaI1OiTbsSUbJJum1eGfFv/9Ov47wnghv1IpNrqbeJwyD5
nuzndFv/fnmZ+efTE57rffICrTEREh3u/6rWlwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFElDGaNQT4N6RU3P0eQ7ePXNM0cAMB8GA1UdIwQYMBaAFOdA7tKPLZlOsrgx
y478ZHAwbXRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NTBEdTBvOHRtVTZ5dURITGp2eGtjREJ0ZEdFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYy80ZDIwMGQtZWFlNS00NGRhLThlZTMtMDk1OTVlOWNkNmMyLzEv
U1VNWm8xQlBnM3BGVGNfUjVEdDQ5YzB6UndBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80
ZDIwMGQtZWFlNS00NGRhLThlZTMtMDk1OTVlOWNkNmMyLzEvNTBEdTBvOHRtVTZ5
dURITGp2eGtjREJ0ZEdFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS5YMA0GCSqGSIb3DQEBCwUAA4IB
AQBUyJEalFIY92bcUv3yXMLbca4uo8sFlAt7ebcEFgmVwLWqjVwkhfkByeVdNwVF
8X3/o28BKuJ9iVbgKYhgxPwQrtqE3eRi78lHbuUXzL8lL9LcnjwBPLlM+/kV1xhz
CPCFZK0H/L10YdW+s8BqZtwTTffY16fV7ooXErlSAR9l4shivRHIlTnDthz/H+gx
B67JJTshbJGpubXMrq5Co24gsRHZMngEb/+IXj7yS2Z7iOHQKPegSDAQeDyrZS7C
dnrkpugJQY21g3oHRj78x4xxRW45wiiNHnsyfqnnLV7ULDuaz+7yOO72MpSQPdBb
DSe/1G2H+8UI6mCfiWTpgKf2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:01 2024 by rpki-client on console-ams.rpki-client.org