Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/cdFZjjyeX3653HWTxk_8ZARZPSQ.roa
File:                     cdFZjjyeX3653HWTxk_8ZARZPSQ.roa (raw, json)
Hash identifier:          MlrB0PKi9ysuC5EDl9w+bcmb1hppNFh+jVQ3ZXYwxKc=
Subject key identifier:   71:D1:59:8E:3C:9E:5F:7E:B9:DC:75:93:C6:4F:FC:64:04:59:3D:24
Certificate issuer:       /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial:       0B2CEC83
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/cdFZjjyeX3653HWTxk_8ZARZPSQ.roa
Signing time:             Thu 17 Mar 2022 19:34:25 +0000
ROA not before:           Thu 17 Mar 2022 19:34:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6762
IP address blocks:        185.189.32.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 187493507 (0xb2cec83)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
        Validity
            Not Before: Mar 17 19:34:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=71d1598e3c9e5f7eb9dc7593c64ffc6404593d24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:31:c5:cf:05:46:d0:3e:29:c1:98:89:f7:3e:
                    28:a4:86:66:eb:67:9c:c4:67:0a:76:29:f4:6e:09:
                    a8:a7:a2:e8:1c:3b:c3:4f:6b:ec:73:31:45:7f:ab:
                    04:cc:9c:2b:46:de:83:d9:0e:0c:7d:aa:a0:4b:bc:
                    41:a5:58:50:e1:54:b7:df:0f:88:28:7a:80:89:79:
                    84:d0:40:ff:7b:a9:f5:fe:57:41:b0:6c:5b:65:9d:
                    ee:28:44:dd:73:cf:49:a9:84:ff:75:68:52:3f:de:
                    28:67:0e:6c:b8:74:d6:b0:e2:a7:8d:8c:74:9b:af:
                    0e:5f:3d:b8:78:4e:c7:c9:3d:93:f9:f3:96:22:9e:
                    b2:f5:e2:6b:23:32:71:23:fe:9d:19:0f:ab:a8:95:
                    37:c8:f6:df:97:64:17:84:39:30:2c:dd:70:ba:3f:
                    1d:7b:63:16:eb:48:a3:9a:cf:8c:5d:dc:a9:de:76:
                    59:db:2b:5b:59:7d:71:d4:44:85:bc:35:28:64:53:
                    95:aa:1c:35:c6:c8:1d:8a:7f:1e:e7:45:8e:60:89:
                    f7:6e:e3:37:00:6f:fe:02:9a:78:0d:58:6a:8e:7b:
                    a1:45:bd:67:c6:81:ad:47:c6:32:b8:d5:af:2b:fd:
                    e6:ad:94:f4:a4:ed:f0:0b:ea:bd:78:16:1a:9c:15:
                    75:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:D1:59:8E:3C:9E:5F:7E:B9:DC:75:93:C6:4F:FC:64:04:59:3D:24
            X509v3 Authority Key Identifier:
                keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/cdFZjjyeX3653HWTxk_8ZARZPSQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.189.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0e:56:b9:d6:61:0f:f1:af:a2:fd:a3:5b:d6:e9:5b:9a:85:bd:
         36:0f:14:26:cf:17:fd:54:fa:0e:53:38:46:79:b0:8b:46:79:
         a2:f2:58:ac:d0:0f:38:cc:d7:ad:46:6e:01:23:b3:51:c3:28:
         b6:80:b1:ad:23:0c:66:e0:10:74:6b:77:71:ee:8e:e5:fa:fd:
         f8:4d:0b:7a:04:bf:7e:cd:74:fa:8f:dd:60:7d:6e:4e:e3:da:
         59:a5:94:11:4f:c6:41:ad:47:94:4e:17:78:ce:e7:a4:07:f3:
         51:4c:4d:d9:22:be:77:dc:b1:67:02:62:47:59:fc:4a:1b:a8:
         84:cb:26:00:6b:20:b9:d6:e9:00:6b:3e:ca:a8:e3:54:79:64:
         82:7e:56:01:88:33:8c:32:bc:a8:4f:47:8c:47:1e:a1:27:80:
         ad:ba:d1:60:64:3e:af:38:55:de:a3:cd:d6:a8:42:b4:5f:67:
         58:ac:61:b1:f6:22:00:12:28:9f:b8:ba:2e:9b:5d:81:c2:43:
         fb:3b:70:d4:81:82:e9:f5:c4:c2:a2:fc:89:46:73:11:44:47:
         6c:85:76:04:ad:02:fe:3b:ff:7e:12:e0:4a:48:4d:a8:8f:4e:
         0d:09:fc:01:89:5a:25:14:4b:8f:33:a7:02:ac:e0:fe:ed:20:
         16:4b:70:b2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECyzsgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmU3MjA0NjVjNWNkMGRhOWM2YTEzYjQ0ZmEwZDg2ZjY0OWU1MDU1MB4XDTIyMDMx
NzE5MzQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFkMTU5OGUzYzll
NWY3ZWI5ZGM3NTkzYzY0ZmZjNjQwNDU5M2QyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwxxc8FRtA+KcGYifc+KKSGZutnnMRnCnYp9G4JqKei6Bw7
w09r7HMxRX+rBMycK0beg9kODH2qoEu8QaVYUOFUt98PiCh6gIl5hNBA/3up9f5X
QbBsW2Wd7ihE3XPPSamE/3VoUj/eKGcObLh01rDip42MdJuvDl89uHhOx8k9k/nz
liKesvXiayMycSP+nRkPq6iVN8j235dkF4Q5MCzdcLo/HXtjFutIo5rPjF3cqd52
WdsrW1l9cdREhbw1KGRTlaocNcbIHYp/HudFjmCJ927jNwBv/gKaeA1Yao57oUW9
Z8aBrUfGMrjVryv95q2U9KTt8AvqvXgWGpwVdYUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRx0VmOPJ5ffrncdZPGT/xkBFk9JDAfBgNVHSMEGDAWgBSS5yBGXFzQ2pxq
E7RPoNhvZJ5QVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t1Y2dSbHhjME5xY2FoTzBUNkRZYjJTZVVGVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvZjhhOWViLTdmOGQtNGJmNy04M2Q5LTkwOTZlMTY3NGUyMi8x
L2NkRlpqanllWDM2NTNIV1R4a184WkFSWlBTUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
ZjhhOWViLTdmOGQtNGJmNy04M2Q5LTkwOTZlMTY3NGUyMi8xL2t1Y2dSbHhjME5x
Y2FoTzBUNkRZYjJTZVVGVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbm9IDANBgkqhkiG9w0BAQsFAAOC
AQEADla51mEP8a+i/aNb1ulbmoW9Ng8UJs8X/VT6DlM4Rnmwi0Z5ovJYrNAPOMzX
rUZuASOzUcMotoCxrSMMZuAQdGt3ce6O5fr9+E0LegS/fs10+o/dYH1uTuPaWaWU
EU/GQa1HlE4XeM7npAfzUUxN2SK+d9yxZwJiR1n8ShuohMsmAGsgudbpAGs+yqjj
VHlkgn5WAYgzjDK8qE9HjEceoSeArbrRYGQ+rzhV3qPN1qhCtF9nWKxhsfYiABIo
n7i6LptdgcJD+ztw1IGC6fXEwqL8iUZzEURHbIV2BK0C/jv/fhLgSkhNqI9ODQn8
AYlaJRRLjzOnAqzg/u0gFktwsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:20 2024 by rpki-client on console-fra.rpki-client.org