Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/a2qZSYOifvHPH0E33MW_msELAgs.roa
File:                     a2qZSYOifvHPH0E33MW_msELAgs.roa (raw, json)
Hash identifier:          NrTxu3gSwTX7TXQ8IaKe6dorCeM/V6VeEfOxIhQLMl4=
Subject key identifier:   6B:6A:99:49:83:A2:7E:F1:CF:1F:41:37:DC:C5:BF:9A:C1:0B:02:0B
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       0182164C741FA18B65C6099E65133524ECEA
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/a2qZSYOifvHPH0E33MW_msELAgs.roa
Signing time:             Tue 19 Jul 2022 11:51:25 +0000
ROA not before:           Tue 19 Jul 2022 11:51:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8447
IP address blocks:        192.164.128.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:16:4c:74:1f:a1:8b:65:c6:09:9e:65:13:35:24:ec:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Jul 19 11:51:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b6a994983a27ef1cf1f4137dcc5bf9ac10b020b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c1:65:48:13:08:cd:cc:40:d3:f5:a4:40:3c:
                    55:d4:c2:06:ec:3c:05:b7:48:c5:83:51:b5:7d:21:
                    cd:7a:de:38:1b:ef:a7:c1:4a:61:c3:c8:6d:55:f2:
                    85:ee:ab:6a:c6:c2:e8:ab:3a:b0:fa:5a:62:a2:cb:
                    29:2b:a0:d8:0c:a6:5b:60:06:5c:76:c7:30:1b:41:
                    4e:9f:45:68:8e:04:61:be:57:0e:45:c6:b8:a9:0d:
                    8b:53:3a:f2:8e:89:3b:6d:01:2e:1c:c7:06:e9:a9:
                    af:74:5e:36:6a:45:c6:84:64:b3:fe:8d:75:cf:8a:
                    fe:04:7d:0c:bc:90:bb:8d:11:9f:6a:05:0a:14:2f:
                    86:19:c0:9f:ce:4b:0a:ee:3c:1b:9e:1b:0b:ec:79:
                    ad:cb:84:f6:55:d6:39:5f:69:4f:78:74:00:aa:db:
                    fa:92:31:9d:c6:55:d5:73:ce:2a:b6:78:b5:eb:6a:
                    8b:ca:84:e1:ec:1d:56:7c:4d:73:49:b8:7d:f1:be:
                    00:0f:66:d2:94:94:f0:d6:4d:5b:ff:e3:9b:ee:59:
                    01:47:2b:13:a1:82:da:fb:91:b6:89:b6:70:e6:1d:
                    ec:06:58:24:66:db:da:ca:be:96:4c:64:03:35:de:
                    bb:84:c6:f1:17:45:5c:c2:a8:52:5e:31:30:a3:e3:
                    63:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:6A:99:49:83:A2:7E:F1:CF:1F:41:37:DC:C5:BF:9A:C1:0B:02:0B
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/a2qZSYOifvHPH0E33MW_msELAgs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.164.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         3f:e8:47:58:c8:d9:6f:4c:90:24:95:e6:57:18:bc:e5:75:02:
         93:e9:2c:5b:46:a4:29:cc:17:f6:d5:06:90:0a:3f:e1:14:d7:
         6e:dd:84:4b:83:c2:9d:e1:1d:e9:b1:3b:7d:6e:81:ad:88:e7:
         35:80:02:d4:52:ca:64:80:7c:8c:d3:68:d3:6a:db:da:17:c5:
         46:69:1a:eb:47:5a:df:27:4e:a6:59:e5:36:2d:d8:0d:ac:86:
         d6:b3:fb:0c:23:19:ed:b4:1f:69:8f:f3:c6:64:cc:d0:3f:cc:
         3b:b7:0a:c4:58:17:10:b2:56:6e:ad:f5:2a:16:87:4d:36:2f:
         1c:7e:51:2a:02:33:b7:ee:6c:b2:12:89:0a:16:ba:bc:42:68:
         f6:80:40:e7:40:3f:ba:ac:1e:33:dd:9f:7c:fd:dc:db:49:33:
         23:45:81:a1:27:16:32:99:bc:72:2f:fe:94:90:24:43:fd:4a:
         8d:07:0e:97:96:2c:ea:ab:d2:28:fb:6a:2a:b2:09:28:48:21:
         33:66:4b:49:d2:6c:01:09:a5:47:30:0b:89:9f:a5:1b:ce:55:
         d9:2f:1c:95:f3:71:89:ce:3e:69:05:a8:cf:3f:9d:89:9e:d8:
         3c:39:9e:32:3f:95:71:ad:12:85:83:1b:25:bb:26:91:09:25:
         94:75:0c:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIWTHQfoYtlxgmeZRM1JOzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIwNzE5MTE1MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjZhOTk0OTgzYTI3ZWYxY2YxZjQxMzdkY2M1YmY5YWMxMGIwMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMFlSBMIzcxA0/WkQDxV1MIG7DwF
t0jFg1G1fSHNet44G++nwUphw8htVfKF7qtqxsLoqzqw+lpiosspK6DYDKZbYAZc
dscwG0FOn0VojgRhvlcORca4qQ2LUzryjok7bQEuHMcG6amvdF42akXGhGSz/o11
z4r+BH0MvJC7jRGfagUKFC+GGcCfzksK7jwbnhsL7Hmty4T2VdY5X2lPeHQAqtv6
kjGdxlXVc84qtni162qLyoTh7B1WfE1zSbh98b4AD2bSlJTw1k1b/+Ob7lkBRysT
oYLa+5G2ibZw5h3sBlgkZtvayr6WTGQDNd67hMbxF0VcwqhSXjEwo+NjxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtqmUmDon7xzx9BN9zFv5rBCwILMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvYTJxWlNZT2lmdkhQSDBFMzNNV19tc0VMQWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwKSAMA0G
CSqGSIb3DQEBCwUAA4IBAQA/6EdYyNlvTJAkleZXGLzldQKT6SxbRqQpzBf21QaQ
Cj/hFNdu3YRLg8Kd4R3psTt9boGtiOc1gALUUspkgHyM02jTatvaF8VGaRrrR1rf
J06mWeU2LdgNrIbWs/sMIxnttB9pj/PGZMzQP8w7twrEWBcQslZurfUqFodNNi8c
flEqAjO37myyEokKFrq8Qmj2gEDnQD+6rB4z3Z98/dzbSTMjRYGhJxYymbxyL/6U
kCRD/UqNBw6Xlizqq9Io+2oqsgkoSCEzZktJ0mwBCaVHMAuJn6UbzlXZLxyV83GJ
zj5pBajPP52Jntg8OZ4yP5VxrRKFgxsluyaRCSWUdQy6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org