Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/qV7zbTeynHf59CV02KjGsqhM1R8.roa
File:                     qV7zbTeynHf59CV02KjGsqhM1R8.roa (raw, json)
Hash identifier:          HgISjIGZ0+VCbo5d+LL1WDKtgMm8+1snDu5B81v6U7M=
Subject key identifier:   A9:5E:F3:6D:37:B2:9C:77:F9:F4:25:74:D8:A8:C6:B2:A8:4C:D5:1F
Certificate issuer:       /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial:       4202F5E4
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/qV7zbTeynHf59CV02KjGsqhM1R8.roa
Signing time:             Sat 01 Jan 2022 16:11:21 +0000
ROA not before:           Sat 01 Jan 2022 16:11:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35548
IP address blocks:        185.137.170.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1107490276 (0x4202f5e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
        Validity
            Not Before: Jan  1 16:11:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a95ef36d37b29c77f9f42574d8a8c6b2a84cd51f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:57:50:a4:a4:85:87:29:ba:ce:28:c9:46:06:
                    b5:7f:12:6f:26:01:22:c9:74:49:dc:8b:f9:45:96:
                    ed:9b:9e:d5:b8:b2:02:38:41:bd:73:9e:85:7b:91:
                    ae:cd:05:a7:d3:c6:c6:ee:e9:6a:d1:fe:2b:7f:cd:
                    ee:5a:3f:53:59:3d:0f:01:8f:6c:66:68:13:fd:d6:
                    be:43:0e:b3:ea:d4:91:c3:89:1d:29:7c:f3:00:2d:
                    c3:a2:12:b7:b1:f4:18:37:8b:33:a9:3f:e6:f5:a9:
                    c6:f6:1d:e1:a9:da:76:40:eb:b3:64:8f:8c:55:77:
                    f2:3e:74:10:43:cd:96:5c:40:46:2c:21:10:3b:12:
                    f9:1d:af:bc:42:c2:12:23:ed:b0:d7:12:ad:59:6e:
                    12:b0:40:92:3f:08:ed:d0:c1:96:e2:b6:03:a5:57:
                    ab:5a:ae:c9:54:bf:0d:bb:c4:4f:28:58:04:54:b0:
                    80:2a:b0:20:22:2f:4a:5e:6b:28:c2:db:bc:06:3d:
                    b0:a8:5e:d9:82:11:0f:5c:ce:de:12:9b:5f:05:46:
                    d6:a4:e5:b9:39:06:aa:62:be:de:6a:bb:1d:19:01:
                    ab:d9:31:4d:bf:7f:36:ca:a0:84:85:72:33:4d:20:
                    9d:70:5b:c2:a9:bd:8a:8a:d0:74:f8:99:42:c7:c9:
                    ce:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:5E:F3:6D:37:B2:9C:77:F9:F4:25:74:D8:A8:C6:B2:A8:4C:D5:1F
            X509v3 Authority Key Identifier:
                keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/qV7zbTeynHf59CV02KjGsqhM1R8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:fe:ea:ef:e5:cd:04:3a:e7:6e:b7:d2:8d:91:d1:d0:1b:b6:
         46:b1:c1:97:d7:4f:3e:67:63:89:d3:20:fc:0a:49:b4:eb:8d:
         c7:e3:ea:18:d8:a5:9f:db:77:1f:19:8c:73:43:eb:0f:a5:f3:
         7f:5d:a3:11:06:f5:17:b8:1d:09:1a:68:bb:b6:80:d0:3e:6a:
         68:f2:d7:09:57:1b:1d:3e:c9:5b:fd:97:98:ef:c5:0d:21:22:
         ae:10:a0:3c:07:bd:13:a8:ee:d4:d6:17:d5:93:7b:d6:1e:5d:
         9d:6c:13:39:85:69:fb:5a:9a:72:2b:67:22:c4:92:f8:ba:7b:
         e5:e3:04:ec:8e:39:11:3a:b4:2e:e2:e9:fd:a0:cc:39:22:55:
         a5:f6:d9:b2:25:c0:a4:a9:16:df:12:f1:3a:08:26:d0:93:d5:
         14:6d:d2:50:0d:b9:9e:66:d5:e2:f6:2d:9d:80:f9:dc:ba:f8:
         2e:d9:22:98:4c:73:41:70:a9:36:9c:37:45:24:1b:8d:97:79:
         fd:00:dd:68:ba:87:f1:f2:1a:46:24:a0:e4:09:f7:d5:ac:70:
         ee:31:d1:30:f7:0d:aa:40:7d:24:53:37:98:9a:45:24:45:1b:
         03:78:9d:be:63:fe:aa:85:8c:e3:30:56:ff:a1:2b:77:5b:6b:
         53:ec:3b:8e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQgL15DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDI3MDhkZjkzOTU0YWFjNjAxYWVmMTgzNWJkNWQ2OTI0NWZiMDJmMB4XDTIyMDEw
MTE2MTEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTk1ZWYzNmQzN2Iy
OWM3N2Y5ZjQyNTc0ZDhhOGM2YjJhODRjZDUxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9XUKSkhYcpus4oyUYGtX8SbyYBIsl0SdyL+UWW7Zue1biy
AjhBvXOehXuRrs0Fp9PGxu7patH+K3/N7lo/U1k9DwGPbGZoE/3WvkMOs+rUkcOJ
HSl88wAtw6ISt7H0GDeLM6k/5vWpxvYd4anadkDrs2SPjFV38j50EEPNllxARiwh
EDsS+R2vvELCEiPtsNcSrVluErBAkj8I7dDBluK2A6VXq1quyVS/DbvETyhYBFSw
gCqwICIvSl5rKMLbvAY9sKhe2YIRD1zO3hKbXwVG1qTluTkGqmK+3mq7HRkBq9kx
Tb9/NsqghIVyM00gnXBbwqm9iorQdPiZQsfJzgUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSpXvNtN7Kcd/n0JXTYqMayqEzVHzAfBgNVHSMEGDAWgBTEJwjfk5VKrGAa
7xg1vV1pJF+wLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hDY0kzNU9WU3F4Z0d1OFlOYjFkYVNSZnNDOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvZjYxN2E1LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8x
L3FWN3piVGV5bkhmNTlDVjAyS2pHc3FoTTFSOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
ZjYxN2E1LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8xL3hDY0kzNU9WU3F4
Z0d1OFlOYjFkYVNSZnNDOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmJqjANBgkqhkiG9w0BAQsFAAOC
AQEAWf7q7+XNBDrnbrfSjZHR0Bu2RrHBl9dPPmdjidMg/ApJtOuNx+PqGNiln9t3
HxmMc0PrD6Xzf12jEQb1F7gdCRpou7aA0D5qaPLXCVcbHT7JW/2XmO/FDSEirhCg
PAe9E6ju1NYX1ZN71h5dnWwTOYVp+1qacitnIsSS+Lp75eME7I45ETq0LuLp/aDM
OSJVpfbZsiXApKkW3xLxOggm0JPVFG3SUA25nmbV4vYtnYD53Lr4LtkimExzQXCp
Npw3RSQbjZd5/QDdaLqH8fIaRiSg5An31axw7jHRMPcNqkB9JFM3mJpFJEUbA3id
vmP+qoWM4zBW/6Erd1trU+w7jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org