Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/6oPZP_3ItZedEm-0K22phC31MpY.roa
File:                     6oPZP_3ItZedEm-0K22phC31MpY.roa (raw, json)
Hash identifier:          N6tdllqzGKc8XVrKjMpQ3MPYxMIglCShh6YQU5vxD6w=
Subject key identifier:   EA:83:D9:3F:FD:C8:B5:97:9D:12:6F:B4:2B:6D:A9:84:2D:F5:32:96
Certificate issuer:       /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial:       383D3BE0
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/6oPZP_3ItZedEm-0K22phC31MpY.roa
Signing time:             Sat 01 Jan 2022 09:56:21 +0000
ROA not before:           Sat 01 Jan 2022 09:56:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35916
IP address blocks:        178.236.228.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 943537120 (0x383d3be0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
        Validity
            Not Before: Jan  1 09:56:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ea83d93ffdc8b5979d126fb42b6da9842df53296
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ae:d0:0b:9e:a6:d4:bf:38:b0:05:3e:a4:d6:
                    fc:c3:e8:07:8b:b6:c8:16:a7:75:5c:0a:26:7e:af:
                    bf:db:87:78:07:64:d2:53:8c:25:fc:d2:bb:86:03:
                    02:4f:8c:66:fa:de:9d:42:06:42:6d:c7:09:bc:03:
                    89:ed:1c:78:19:41:cc:33:6e:3a:26:1e:0b:2e:60:
                    4f:c0:fd:ca:5f:85:c6:75:5f:e8:f3:92:42:b3:e5:
                    7b:17:65:ca:d3:95:1d:b8:fa:c9:2e:5b:8b:1f:17:
                    44:fd:40:a3:ae:65:2b:86:0d:bb:c2:79:bf:da:d9:
                    1c:bc:fe:7f:ff:e7:2f:09:fd:e8:ee:a8:84:7a:4a:
                    86:1e:25:cd:82:08:c9:0d:1b:5a:89:f0:cf:21:e8:
                    2b:bf:0c:50:61:18:de:16:d2:59:e6:ea:25:68:7b:
                    89:b1:26:ce:be:81:04:5e:e9:f8:67:e0:dc:08:9c:
                    b8:29:0a:1c:e1:1b:06:a4:76:9d:36:1c:a9:fa:bc:
                    b9:ad:b4:47:ee:18:3e:f7:96:ed:6f:b9:57:52:2f:
                    79:89:03:fc:4e:45:a1:02:ce:64:30:18:a3:c7:2b:
                    ae:1f:dc:9e:20:45:de:c8:ff:6c:b6:29:7c:e4:51:
                    0e:ae:09:f7:9f:bc:90:b1:79:fd:82:69:94:93:ab:
                    e5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:83:D9:3F:FD:C8:B5:97:9D:12:6F:B4:2B:6D:A9:84:2D:F5:32:96
            X509v3 Authority Key Identifier:
                keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/6oPZP_3ItZedEm-0K22phC31MpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.236.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:a5:70:56:01:7a:71:95:e3:ed:6c:29:d9:6c:af:72:17:9f:
         e6:57:a5:25:a7:45:26:03:c0:df:93:07:3c:aa:ed:f6:77:b1:
         38:5a:3c:df:fa:a7:6f:03:a6:9b:77:e1:51:18:ad:ec:d1:76:
         31:de:79:09:93:2c:4b:9f:1c:33:c1:3e:ff:08:fe:6b:b6:e5:
         e0:a7:5a:47:21:0c:21:9f:fa:26:0f:86:7e:fe:f0:74:35:48:
         bd:0d:77:61:46:27:3b:7d:c8:1f:22:07:ab:4d:7e:fc:e2:8e:
         e2:1c:9e:24:2d:a9:14:f1:d4:7f:39:95:23:d7:e7:e8:92:24:
         27:87:1b:92:b6:74:5a:78:04:ab:c3:07:e7:cc:8f:88:a3:87:
         61:70:23:fd:48:b3:ba:3a:a8:71:33:62:bc:37:da:7b:e6:70:
         eb:a4:d2:76:74:8a:f0:43:92:e6:32:2f:4f:e4:a1:c3:77:91:
         59:07:a7:36:32:8f:eb:19:a8:58:75:2d:9a:78:0b:2a:e3:c1:
         66:f1:89:a4:fd:2e:4d:98:3b:fe:17:2b:a6:94:12:d3:59:36:
         90:0e:ce:00:eb:23:90:c1:4a:2c:cb:55:c4:31:72:96:1b:37:
         92:ed:c9:40:0d:bb:af:af:85:93:4e:ab:e2:cf:d3:0d:d7:0e:
         d6:54:9a:ae
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOD074DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Nzk0YWZkYjVlNmExODg1NzgwOTIwYTU0ZmZhODI0MDhlYTg1YmExMB4XDTIyMDEw
MTA5NTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWE4M2Q5M2ZmZGM4
YjU5NzlkMTI2ZmI0MmI2ZGE5ODQyZGY1MzI5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGu0AueptS/OLAFPqTW/MPoB4u2yBandVwKJn6vv9uHeAdk
0lOMJfzSu4YDAk+MZvrenUIGQm3HCbwDie0ceBlBzDNuOiYeCy5gT8D9yl+FxnVf
6POSQrPlexdlytOVHbj6yS5bix8XRP1Ao65lK4YNu8J5v9rZHLz+f//nLwn96O6o
hHpKhh4lzYIIyQ0bWonwzyHoK78MUGEY3hbSWebqJWh7ibEmzr6BBF7p+Gfg3Aic
uCkKHOEbBqR2nTYcqfq8ua20R+4YPveW7W+5V1IveYkD/E5FoQLOZDAYo8crrh/c
niBF3sj/bLYpfORRDq4J95+8kLF5/YJplJOr5W0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTqg9k//ci1l50Sb7QrbamELfUyljAfBgNVHSMEGDAWgBRXlK/bXmoYhXgJ
IKVP+oJAjqhboTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Y1U3YyMTVxR0lWNENTQ2xUX3FDUUk2b1c2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvZGRjZTRkLTk5MTItNDg3ZC1iNTVkLTQ3ZDgyYTQxYThmMy8x
LzZvUFpQXzNJdFplZEVtLTBLMjJwaEMzMU1wWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
ZGRjZTRkLTk5MTItNDg3ZC1iNTVkLTQ3ZDgyYTQxYThmMy8xL1Y1U3YyMTVxR0lW
NENTQ2xUX3FDUUk2b1c2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArLs5DANBgkqhkiG9w0BAQsFAAOC
AQEAjaVwVgF6cZXj7Wwp2Wyvchef5lelJadFJgPA35MHPKrt9nexOFo83/qnbwOm
m3fhURit7NF2Md55CZMsS58cM8E+/wj+a7bl4KdaRyEMIZ/6Jg+Gfv7wdDVIvQ13
YUYnO33IHyIHq01+/OKO4hyeJC2pFPHUfzmVI9fn6JIkJ4cbkrZ0WngEq8MH58yP
iKOHYXAj/UizujqocTNivDfae+Zw66TSdnSK8EOS5jIvT+Shw3eRWQenNjKP6xmo
WHUtmngLKuPBZvGJpP0uTZg7/hcrppQS01k2kA7OAOsjkMFKLMtVxDFylhs3ku3J
QA27r6+Fk06r4s/TDdcO1lSarg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:27 2023 by rpki-client on console-fra.rpki-client.org