Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/zaI7ag4hrY5PUeWsnKnoO1_71Xk.roa
File:                     zaI7ag4hrY5PUeWsnKnoO1_71Xk.roa (raw, json)
Hash identifier:          xhjySGY0wKXrvSVC/0xqpWKccYZV63z2Cb2byLSKXw8=
Subject key identifier:   CD:A2:3B:6A:0E:21:AD:8E:4F:51:E5:AC:9C:A9:E8:3B:5F:FB:D5:79
Certificate issuer:       /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial:       01845D32898A4CF8303A7368436C96ED8C33
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/zaI7ag4hrY5PUeWsnKnoO1_71Xk.roa
Signing time:             Wed 09 Nov 2022 16:21:43 +0000
ROA not before:           Wed 09 Nov 2022 16:21:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396073
IP address blocks:        185.189.32.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:5d:32:89:8a:4c:f8:30:3a:73:68:43:6c:96:ed:8c:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
        Validity
            Not Before: Nov  9 16:21:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cda23b6a0e21ad8e4f51e5ac9ca9e83b5ffbd579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:70:de:8f:7a:70:43:03:78:d0:68:c8:92:1d:
                    c7:48:3b:4a:6b:0b:1f:85:f2:de:ad:34:71:a0:ae:
                    04:b3:fd:09:51:cb:78:51:ad:84:d5:f0:4a:28:fb:
                    2f:00:48:3f:17:9b:40:12:54:6a:fd:2c:74:b0:d9:
                    ec:a7:a8:03:3c:e9:76:42:aa:68:a7:d3:d2:4c:83:
                    38:04:ef:39:cb:74:e9:13:b1:83:c6:16:b5:c5:94:
                    b6:d3:1b:fa:4c:ae:13:15:97:b4:fb:d8:4f:20:9d:
                    51:38:fb:d7:f4:31:ad:b6:42:e1:43:b5:28:ae:39:
                    a8:b6:ac:a3:72:d7:f6:a9:dd:f4:3f:6c:b7:1d:8f:
                    e0:40:34:80:06:2d:f5:7a:4d:02:d1:43:a1:ab:0f:
                    d7:35:cf:7a:c5:a1:cd:0e:2f:b0:a4:4b:9d:46:cf:
                    c2:e9:d6:b1:93:59:b8:af:e2:2f:cf:58:3a:d1:9f:
                    92:23:fa:f2:f9:be:9a:e5:08:f2:d5:8b:03:ba:65:
                    b9:df:19:21:39:76:b9:7a:a3:08:4c:2b:3b:af:70:
                    5e:2a:b8:27:b4:85:b8:0d:e6:1d:75:1f:3d:6a:59:
                    03:b7:87:38:5b:f7:95:a0:aa:62:26:a6:56:fd:6d:
                    d7:86:84:17:e5:85:29:a8:db:a4:09:50:cb:dc:ed:
                    79:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:A2:3B:6A:0E:21:AD:8E:4F:51:E5:AC:9C:A9:E8:3B:5F:FB:D5:79
            X509v3 Authority Key Identifier:
                keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/zaI7ag4hrY5PUeWsnKnoO1_71Xk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.189.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:9c:fb:64:fe:81:85:9b:e0:49:e6:ba:99:7e:90:7b:3a:1d:
         eb:48:c0:98:40:12:34:6e:8b:da:01:bc:e3:22:12:8a:aa:5a:
         6d:2a:20:1c:28:7e:0a:98:6a:77:13:b8:bc:29:88:64:10:3f:
         de:9a:72:74:2a:98:80:62:50:05:5c:e1:ad:16:34:b5:6e:8f:
         15:68:5a:15:7d:99:d0:18:b0:ec:ff:7c:99:e1:93:5f:03:b3:
         c5:6a:14:32:e3:45:0d:b2:81:e5:7e:03:7d:c9:11:5e:f4:9c:
         37:70:65:49:7e:4c:7d:f8:74:e1:1d:aa:cf:15:0f:02:44:be:
         85:74:f1:fa:a8:32:2a:07:55:6b:cc:c7:87:ef:32:46:81:ac:
         33:f4:14:de:08:fa:4c:37:7e:80:84:0d:fe:47:e9:04:0b:3e:
         69:3d:1e:22:c6:79:76:51:f5:6c:85:6a:7e:f2:9b:ee:05:74:
         69:0f:32:4b:88:79:0b:0f:7e:b8:b8:94:a2:f8:06:4f:6e:d3:
         b1:16:96:91:ed:16:b2:22:20:76:2e:a8:8a:68:00:4c:a4:ad:
         2d:51:c8:02:dc:c0:23:bf:d4:b8:db:57:ea:80:0d:d9:ed:c7:
         19:9a:28:33:f3:e0:a2:dc:e4:53:b8:8b:c5:ff:62:4b:5c:d9:
         3f:bd:77:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRdMomKTPgwOnNoQ2yW7YwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjIxMTA5MTYyMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGEyM2I2YTBlMjFhZDhlNGY1MWU1YWM5Y2E5ZTgzYjVmZmJkNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknDej3pwQwN40GjIkh3HSDtKawsf
hfLerTRxoK4Es/0JUct4Ua2E1fBKKPsvAEg/F5tAElRq/Sx0sNnsp6gDPOl2Qqpo
p9PSTIM4BO85y3TpE7GDxha1xZS20xv6TK4TFZe0+9hPIJ1ROPvX9DGttkLhQ7Uo
rjmotqyjctf2qd30P2y3HY/gQDSABi31ek0C0UOhqw/XNc96xaHNDi+wpEudRs/C
6daxk1m4r+Ivz1g60Z+SI/ry+b6a5Qjy1YsDumW53xkhOXa5eqMITCs7r3BeKrgn
tIW4DeYddR89alkDt4c4W/eVoKpiJqZW/W3XhoQX5YUpqNukCVDL3O153wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2iO2oOIa2OT1HlrJyp6Dtf+9V5MB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEvemFJN2FnNGhyWTVQVWVXc25Lbm9PMV83MVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub0gMA0G
CSqGSIb3DQEBCwUAA4IBAQADnPtk/oGFm+BJ5rqZfpB7Oh3rSMCYQBI0bovaAbzj
IhKKqlptKiAcKH4KmGp3E7i8KYhkED/emnJ0KpiAYlAFXOGtFjS1bo8VaFoVfZnQ
GLDs/3yZ4ZNfA7PFahQy40UNsoHlfgN9yRFe9Jw3cGVJfkx9+HThHarPFQ8CRL6F
dPH6qDIqB1VrzMeH7zJGgawz9BTeCPpMN36AhA3+R+kECz5pPR4ixnl2UfVshWp+
8pvuBXRpDzJLiHkLD364uJSi+AZPbtOxFpaR7RayIiB2LqiKaABMpK0tUcgC3MAj
v9S421fqgA3Z7ccZmigz8+Ci3ORTuIvF/2JLXNk/vXe7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:20 2024 by rpki-client on console-fra.rpki-client.org