Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/xDZrZdl2z7aHlKOqjdvJpIrFDho.roa
File:                     xDZrZdl2z7aHlKOqjdvJpIrFDho.roa (raw, json)
Hash identifier:          R9W6UibE9Tzmrf1zgVkhU0bfYMjI47wyn6QZq+f4664=
Subject key identifier:   C4:36:6B:65:D9:76:CF:B6:87:94:A3:AA:8D:DB:C9:A4:8A:C5:0E:1A
Certificate issuer:       /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial:       05A2E4D9
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/xDZrZdl2z7aHlKOqjdvJpIrFDho.roa
Signing time:             Thu 23 Jun 2022 05:07:32 +0000
ROA not before:           Thu 23 Jun 2022 05:07:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        185.164.64.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94561497 (0x5a2e4d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
        Validity
            Not Before: Jun 23 05:07:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c4366b65d976cfb68794a3aa8ddbc9a48ac50e1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:3b:6c:05:1c:7d:08:c4:60:90:be:d6:c8:00:
                    66:97:c2:92:52:17:47:d4:9d:d6:ff:37:04:6f:b8:
                    88:39:fb:51:aa:0b:0c:5a:62:e5:f2:eb:bb:8b:0b:
                    4c:4a:69:14:9f:a1:b6:68:c1:f8:ba:ec:dd:77:5b:
                    fa:36:cd:f6:3c:14:52:86:16:71:80:41:24:ad:51:
                    69:34:bb:7b:46:d7:1b:be:e2:b5:bf:15:01:10:43:
                    e7:c3:86:6d:2f:f3:cc:28:b7:91:71:17:73:29:a8:
                    ac:ec:f4:83:b8:3d:66:d7:a7:4f:83:c0:7d:dd:57:
                    f3:cf:4b:4e:2b:66:5c:2f:df:a8:2a:36:65:a6:81:
                    3f:1b:2f:73:2e:75:70:74:98:d4:dd:95:90:a0:b9:
                    bf:fb:ef:ae:c0:44:dc:eb:a4:61:f4:61:e8:5d:dc:
                    12:af:85:91:8d:ee:ff:05:42:ca:50:22:57:ea:34:
                    5f:28:91:fa:3e:2b:89:74:06:4b:fd:fb:02:c2:d0:
                    aa:68:ac:e7:d1:dd:82:2e:68:2f:ef:a1:a4:75:41:
                    90:e3:7f:31:3e:48:58:bd:3e:d4:ca:ba:48:4a:dd:
                    a1:ea:cf:97:76:87:60:a0:54:88:22:19:f4:55:a9:
                    9d:c9:23:ec:5f:9e:de:64:55:43:71:6f:7e:d9:e7:
                    9c:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:36:6B:65:D9:76:CF:B6:87:94:A3:AA:8D:DB:C9:A4:8A:C5:0E:1A
            X509v3 Authority Key Identifier:
                keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/xDZrZdl2z7aHlKOqjdvJpIrFDho.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.164.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ad:9e:90:e5:1a:0a:63:c1:2d:bc:c1:2d:e9:92:25:4a:5d:56:
         ca:e0:ff:1b:f0:dd:f8:4f:be:b1:2f:cf:63:09:84:99:1c:bb:
         e6:49:33:d8:34:ec:9e:a8:3a:b9:b0:47:00:27:8b:c5:46:14:
         05:8c:83:bd:3f:1c:d4:03:73:ec:a8:4b:82:63:35:0a:9f:71:
         95:8e:86:e0:ae:e4:ed:f9:77:67:f5:f1:78:1d:e4:0d:09:a3:
         d9:58:89:97:72:28:43:03:b0:69:7f:eb:f6:53:11:e7:34:3e:
         a8:c8:f2:e2:3f:98:8e:15:40:a3:80:33:49:3d:0d:9f:ff:71:
         6b:b7:ee:f9:79:c0:7c:8c:d0:c5:e4:dd:8d:15:90:2c:cd:b9:
         28:82:cf:e6:dc:9c:fb:af:26:31:03:5c:93:27:18:ee:2e:19:
         29:63:9f:fa:36:12:7a:63:0c:9e:2f:b6:a3:8a:7f:26:41:06:
         3f:46:79:cd:df:56:d3:b5:fa:da:32:48:23:60:cf:42:11:e1:
         c5:51:bd:0e:d0:1f:93:e8:3a:ab:b5:7d:90:45:20:39:6d:92:
         19:cb:23:41:5a:34:2d:ee:d6:f4:a2:32:27:16:df:1b:20:0f:
         1c:f7:c6:2d:97:87:91:f0:0c:61:be:92:d4:a2:92:78:98:14:
         a5:e7:1c:93
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaLk2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzQ0NmRhN2E3MGJjZTc3M2VjMmJjMTY1NWFhZTMwYzNjMTg0MTJjMB4XDTIyMDYy
MzA1MDczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQzNjZiNjVkOTc2
Y2ZiNjg3OTRhM2FhOGRkYmM5YTQ4YWM1MGUxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKk7bAUcfQjEYJC+1sgAZpfCklIXR9Sd1v83BG+4iDn7UaoL
DFpi5fLru4sLTEppFJ+htmjB+Lrs3Xdb+jbN9jwUUoYWcYBBJK1RaTS7e0bXG77i
tb8VARBD58OGbS/zzCi3kXEXcymorOz0g7g9ZtenT4PAfd1X889LTitmXC/fqCo2
ZaaBPxsvcy51cHSY1N2VkKC5v/vvrsBE3OukYfRh6F3cEq+FkY3u/wVCylAiV+o0
XyiR+j4riXQGS/37AsLQqmis59Hdgi5oL++hpHVBkON/MT5IWL0+1Mq6SErdoerP
l3aHYKBUiCIZ9FWpnckj7F+e3mRVQ3FvftnnnO8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTENmtl2XbPtoeUo6qN28mkisUOGjAfBgNVHSMEGDAWgBQjRG2npwvOdz7C
vBZVquMMPBhBLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kwUnRwNmNMem5jLXdyd1dWYXJqRER3WVFTdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8x
L3hEWnJaZGwyejdhSGxLT3FqZHZKcElyRkRoby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
ZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8xL0kwUnRwNmNMem5j
LXdyd1dWYXJqRER3WVFTdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmkQDANBgkqhkiG9w0BAQsFAAOC
AQEArZ6Q5RoKY8EtvMEt6ZIlSl1WyuD/G/Dd+E++sS/PYwmEmRy75kkz2DTsnqg6
ubBHACeLxUYUBYyDvT8c1ANz7KhLgmM1Cp9xlY6G4K7k7fl3Z/XxeB3kDQmj2ViJ
l3IoQwOwaX/r9lMR5zQ+qMjy4j+YjhVAo4AzST0Nn/9xa7fu+XnAfIzQxeTdjRWQ
LM25KILP5tyc+68mMQNckycY7i4ZKWOf+jYSemMMni+2o4p/JkEGP0Z5zd9W07X6
2jJII2DPQhHhxVG9DtAfk+g6q7V9kEUgOW2SGcsjQVo0Le7W9KIyJxbfGyAPHPfG
LZeHkfAMYb6S1KKSeJgUpecckw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:32 2024 by rpki-client on console-fra.rpki-client.org