Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/UzjTNQmWL-6uTDLjhCvkCNkyAbM.roa
File:                     UzjTNQmWL-6uTDLjhCvkCNkyAbM.roa (raw, json)
Hash identifier:          3WcIsdoyc7VsWBxiG4LOtahMrm8yt0UeXQuGnOjVKQM=
Subject key identifier:   53:38:D3:35:09:96:2F:EE:AE:4C:32:E3:84:2B:E4:08:D9:32:01:B3
Certificate issuer:       /CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Certificate serial:       075CF7
Authority key identifier: E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/UzjTNQmWL-6uTDLjhCvkCNkyAbM.roa
Signing time:             Thu 20 Jan 2022 08:30:28 +0000
ROA not before:           Thu 20 Jan 2022 08:30:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12963
IP address blocks:        185.46.88.0/24 maxlen: 24
                          185.46.89.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 482551 (0x75cf7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e740eed28f2d994eb2b831cb8efc6470306d7461
        Validity
            Not Before: Jan 20 08:30:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5338d33509962feeae4c32e3842be408d93201b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:f9:d9:29:8d:43:89:ad:38:fb:88:ef:53:e7:
                    f5:c6:2a:53:1f:53:f2:aa:fe:12:87:c9:ea:2c:7e:
                    bc:8c:88:15:88:fc:8c:4a:02:f8:e0:50:ef:45:c9:
                    54:3e:76:9c:07:4f:26:7f:95:e2:e3:3c:1f:6b:16:
                    73:68:72:06:72:79:45:b7:01:4b:fd:bb:8b:33:a2:
                    23:82:b0:55:f2:26:84:e8:0f:fa:d3:02:b8:3c:78:
                    61:9a:fc:01:d1:7d:17:2d:5a:40:2f:cd:de:d1:04:
                    dc:ae:2b:db:92:77:25:16:17:ee:21:76:1c:57:26:
                    9b:76:bd:1b:7a:01:85:3a:84:71:e7:c0:98:a3:3c:
                    4b:a1:ac:d3:74:87:0e:ee:d4:de:04:21:e6:1a:32:
                    b7:37:05:66:32:1b:5b:3b:86:df:17:b6:22:6c:ff:
                    1b:55:37:b0:48:93:74:51:cd:d7:ee:90:f1:5c:a7:
                    d1:a6:f7:0e:86:b7:5f:50:c3:e4:5a:de:f5:ce:90:
                    56:be:a6:5c:06:66:b6:a5:f2:8a:c0:59:95:c7:a1:
                    f6:f3:78:ee:b7:17:a9:8f:74:12:2b:23:ef:8f:ad:
                    b5:5f:7c:e2:29:71:bf:22:51:fb:48:6e:f0:a4:20:
                    a2:b4:44:3d:53:81:29:21:9c:50:c3:6d:d3:0b:12:
                    97:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:38:D3:35:09:96:2F:EE:AE:4C:32:E3:84:2B:E4:08:D9:32:01:B3
            X509v3 Authority Key Identifier:
                keyid:E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/UzjTNQmWL-6uTDLjhCvkCNkyAbM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/50Du0o8tmU6yuDHLjvxkcDBtdGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         22:77:60:d6:5b:62:a4:3e:11:11:82:01:43:c8:c2:34:11:0c:
         14:52:8a:09:7c:bc:02:6d:b2:0b:47:61:3b:a4:7e:0f:51:03:
         04:1d:a1:4a:8f:d3:04:ee:e5:1a:9d:f3:c1:c9:f0:c7:1e:92:
         3e:f9:2c:9d:d8:29:24:be:74:8d:09:91:2f:83:d7:fc:41:08:
         dc:36:a8:c5:6e:e0:d1:8a:ed:dc:20:ef:fa:8b:ca:be:84:c7:
         f9:6e:99:07:dc:6b:fd:dd:3b:03:1d:e8:47:44:2d:d2:91:33:
         32:34:3a:68:1d:7f:16:e6:28:5c:f3:e3:68:8d:f8:85:06:12:
         56:41:dd:91:23:15:c2:2d:93:74:b5:b6:dd:90:9c:ea:8d:97:
         fa:ca:06:37:21:ec:c9:0b:02:b0:2e:d9:04:78:0f:dc:30:41:
         ef:fb:2d:57:0f:f2:2f:05:15:87:5c:4e:eb:f3:86:8f:e2:fa:
         54:53:ed:e6:cb:ea:8a:3a:ec:28:ba:45:81:e1:4a:98:65:39:
         d7:da:88:b4:61:f8:30:f2:22:cd:e0:dd:01:45:e3:33:c3:99:
         ed:1c:df:c6:c8:ea:b2:48:d9:aa:d2:6a:69:35:90:d9:1f:db:
         05:42:16:f7:9d:ee:4b:1b:32:1d:dc:38:6a:0e:03:a8:b9:28:
         7f:99:df:d7
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDB1z3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU3
NDBlZWQyOGYyZDk5NGViMmI4MzFjYjhlZmM2NDcwMzA2ZDc0NjEwHhcNMjIwMTIw
MDgzMDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1MzM4ZDMzNTA5OTYy
ZmVlYWU0YzMyZTM4NDJiZTQwOGQ5MzIwMWIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkvnZKY1Dia04+4jvU+f1xipTH1Pyqv4Sh8nqLH68jIgViPyM
SgL44FDvRclUPnacB08mf5Xi4zwfaxZzaHIGcnlFtwFL/buLM6IjgrBV8iaE6A/6
0wK4PHhhmvwB0X0XLVpAL83e0QTcrivbknclFhfuIXYcVyabdr0begGFOoRx58CY
ozxLoazTdIcO7tTeBCHmGjK3NwVmMhtbO4bfF7YibP8bVTewSJN0Uc3X7pDxXKfR
pvcOhrdfUMPkWt71zpBWvqZcBma2pfKKwFmVx6H283jutxepj3QSKyPvj621X3zi
KXG/IlH7SG7wpCCitEQ9U4EpIZxQw23TCxKX1wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFFM40zUJli/urkwy44Qr5AjZMgGzMB8GA1UdIwQYMBaAFOdA7tKPLZlOsrgx
y478ZHAwbXRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NTBEdTBvOHRtVTZ5dURITGp2eGtjREJ0ZEdFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYy80ZDIwMGQtZWFlNS00NGRhLThlZTMtMDk1OTVlOWNkNmMyLzEv
VXpqVE5RbVdMLTZ1VERMamhDdmtDTmt5QWJNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80
ZDIwMGQtZWFlNS00NGRhLThlZTMtMDk1OTVlOWNkNmMyLzEvNTBEdTBvOHRtVTZ5
dURITGp2eGtjREJ0ZEdFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuS5YMA0GCSqGSIb3DQEBCwUAA4IB
AQAid2DWW2KkPhERggFDyMI0EQwUUooJfLwCbbILR2E7pH4PUQMEHaFKj9ME7uUa
nfPByfDHHpI++Syd2CkkvnSNCZEvg9f8QQjcNqjFbuDRiu3cIO/6i8q+hMf5bpkH
3Gv93TsDHehHRC3SkTMyNDpoHX8W5ihc8+NojfiFBhJWQd2RIxXCLZN0tbbdkJzq
jZf6ygY3IezJCwKwLtkEeA/cMEHv+y1XD/IvBRWHXE7r84aP4vpUU+3my+qKOuwo
ukWB4UqYZTnX2oi0Yfgw8iLN4N0BReMzw5ntHN/GyOqySNmq0mppNZDZH9sFQhb3
ne5LGzId3DhqDgOouSh/md/X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:27 2024 by rpki-client on console-fra.rpki-client.org