Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/otUFN_lCk35YjxIjRgy5Wbu9kIs.roa
File:                     otUFN_lCk35YjxIjRgy5Wbu9kIs.roa (raw, json)
Hash identifier:          jEE70vv/TPxt7YYUogHF3JssEwVF2yho/2HXZe4ksq0=
Subject key identifier:   A2:D5:05:37:F9:42:93:7E:58:8F:12:23:46:0C:B9:59:BB:BD:90:8B
Certificate issuer:       /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial:       0BA9491C
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/otUFN_lCk35YjxIjRgy5Wbu9kIs.roa
Signing time:             Sat 07 May 2022 11:09:12 +0000
ROA not before:           Sat 07 May 2022 11:09:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        185.189.32.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 195643676 (0xba9491c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
        Validity
            Not Before: May  7 11:09:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a2d50537f942937e588f1223460cb959bbbd908b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:61:36:07:42:a0:ba:0a:ac:6c:56:c7:c9:0c:
                    38:05:76:79:b7:e1:a1:73:49:c3:a9:f0:94:45:d8:
                    0e:23:66:5d:08:6c:ad:23:15:ae:6a:b4:92:ef:56:
                    77:c6:08:1b:5e:d9:1f:17:5c:74:6a:fd:23:09:69:
                    29:73:cd:65:58:95:45:70:9b:d7:d2:2a:67:64:e1:
                    d6:2d:86:b7:2e:8d:50:f8:6e:68:44:a0:8c:61:6a:
                    49:d4:73:19:12:f4:1d:1e:88:ea:07:e0:3f:de:2c:
                    26:50:b8:9e:03:2a:2e:2f:3e:78:81:e9:18:7f:4b:
                    0b:ba:84:f7:d8:be:40:85:d8:c6:5e:9a:53:f5:19:
                    00:82:c9:ee:3a:fa:83:df:19:c5:92:7a:da:09:85:
                    da:b0:bf:90:fe:fe:56:5e:8b:47:98:af:8d:47:22:
                    62:14:9b:9a:09:31:3b:10:3c:f1:15:aa:b3:5b:98:
                    53:dc:35:1b:d4:82:e7:6a:30:b1:c6:df:db:1f:e3:
                    a8:6c:0a:79:62:2f:7f:31:f7:1c:91:d9:dd:d4:a2:
                    7d:6e:1c:66:e7:29:6e:6a:c3:83:5d:78:e8:6e:96:
                    d7:6f:11:20:32:04:bb:c0:d1:c6:1c:03:18:a9:b7:
                    2d:d2:bc:82:cf:55:56:0c:2b:13:8d:4b:06:29:a3:
                    1d:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:D5:05:37:F9:42:93:7E:58:8F:12:23:46:0C:B9:59:BB:BD:90:8B
            X509v3 Authority Key Identifier:
                keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/otUFN_lCk35YjxIjRgy5Wbu9kIs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.189.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bf:48:83:d2:ae:db:e7:a8:d1:d8:25:41:f3:de:5d:2d:64:fa:
         9c:6e:8c:9b:8f:22:51:65:8a:7c:67:01:7e:b1:c7:9f:da:e4:
         d4:16:4e:b3:2e:4e:27:2c:3d:08:1f:8f:d3:21:72:31:3d:28:
         95:38:f2:58:94:64:8b:ae:59:cd:14:a2:ca:d6:8f:b5:64:a7:
         9f:07:ba:94:b6:71:86:9b:29:bf:c3:d2:a5:35:b5:f1:6d:c6:
         73:1d:ae:91:67:6d:a7:93:e9:94:7d:e5:b2:9d:a4:59:7b:62:
         94:43:fd:8c:f1:17:23:58:1a:83:27:a0:2b:2f:7c:cf:7d:3f:
         a2:d9:ca:4b:f0:a4:d0:c3:83:58:45:5d:9a:03:e8:08:cb:b3:
         aa:6c:4c:59:f9:01:3c:40:03:24:8e:85:6d:25:16:e2:93:41:
         6b:d6:93:3b:f4:c5:00:cc:ee:5e:4a:37:9f:5d:d4:10:58:49:
         58:38:50:52:f5:b6:88:a6:81:08:94:ed:68:d1:6e:c0:ab:9d:
         22:15:9c:d7:d6:15:83:1b:99:55:e3:ad:03:5a:87:78:84:d8:
         a3:24:d8:7e:6f:3b:03:8c:39:8c:35:64:ea:78:bc:ab:c8:5d:
         25:12:2f:33:50:97:be:23:ff:24:8a:1e:91:c2:65:ca:ec:7c:
         9b:5b:e0:e1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC6lJHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmU3MjA0NjVjNWNkMGRhOWM2YTEzYjQ0ZmEwZDg2ZjY0OWU1MDU1MB4XDTIyMDUw
NzExMDkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJkNTA1MzdmOTQy
OTM3ZTU4OGYxMjIzNDYwY2I5NTliYmJkOTA4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVhNgdCoLoKrGxWx8kMOAV2ebfhoXNJw6nwlEXYDiNmXQhs
rSMVrmq0ku9Wd8YIG17ZHxdcdGr9IwlpKXPNZViVRXCb19IqZ2Th1i2Gty6NUPhu
aESgjGFqSdRzGRL0HR6I6gfgP94sJlC4ngMqLi8+eIHpGH9LC7qE99i+QIXYxl6a
U/UZAILJ7jr6g98ZxZJ62gmF2rC/kP7+Vl6LR5ivjUciYhSbmgkxOxA88RWqs1uY
U9w1G9SC52owscbf2x/jqGwKeWIvfzH3HJHZ3dSifW4cZucpbmrDg1146G6W128R
IDIEu8DRxhwDGKm3LdK8gs9VVgwrE41LBimjHfcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSi1QU3+UKTfliPEiNGDLlZu72QizAfBgNVHSMEGDAWgBSS5yBGXFzQ2pxq
E7RPoNhvZJ5QVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t1Y2dSbHhjME5xY2FoTzBUNkRZYjJTZVVGVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvZjhhOWViLTdmOGQtNGJmNy04M2Q5LTkwOTZlMTY3NGUyMi8x
L290VUZOX2xDazM1WWp4SWpSZ3k1V2J1OWtJcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
ZjhhOWViLTdmOGQtNGJmNy04M2Q5LTkwOTZlMTY3NGUyMi8xL2t1Y2dSbHhjME5x
Y2FoTzBUNkRZYjJTZVVGVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbm9IDANBgkqhkiG9w0BAQsFAAOC
AQEAv0iD0q7b56jR2CVB895dLWT6nG6Mm48iUWWKfGcBfrHHn9rk1BZOsy5OJyw9
CB+P0yFyMT0olTjyWJRki65ZzRSiytaPtWSnnwe6lLZxhpspv8PSpTW18W3Gcx2u
kWdtp5PplH3lsp2kWXtilEP9jPEXI1gagyegKy98z30/otnKS/Ck0MODWEVdmgPo
CMuzqmxMWfkBPEADJI6FbSUW4pNBa9aTO/TFAMzuXko3n13UEFhJWDhQUvW2iKaB
CJTtaNFuwKudIhWc19YVgxuZVeOtA1qHeITYoyTYfm87A4w5jDVk6ni8q8hdJRIv
M1CXviP/JIoekcJlyux8m1vg4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:20 2024 by rpki-client on console-fra.rpki-client.org