Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/2A0jvaODkLi4f6ZJl0x-JoIHyNY.roa
File:                     2A0jvaODkLi4f6ZJl0x-JoIHyNY.roa (raw, json)
Hash identifier:          JQCj8n4KtE+SK5qg/afhes338k7Ke7nAdmqu6qtbHUw=
Subject key identifier:   D8:0D:23:BD:A3:83:90:B8:B8:7F:A6:49:97:4C:7E:26:82:07:C8:D6
Certificate issuer:       /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial:       08F69525
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/2A0jvaODkLi4f6ZJl0x-JoIHyNY.roa
Signing time:             Sat 01 Jan 2022 14:05:29 +0000
ROA not before:           Sat 01 Jan 2022 14:05:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1828
IP address blocks:        185.92.120.0/24 maxlen: 24
                          185.92.121.0/24 maxlen: 24
                          185.92.122.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 150377765 (0x8f69525)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
        Validity
            Not Before: Jan  1 14:05:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d80d23bda38390b8b87fa649974c7e268207c8d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:98:74:d6:12:31:af:aa:22:06:c6:c6:f0:07:
                    5e:e7:3a:f2:f0:ac:60:41:c3:bb:49:ba:6c:57:4c:
                    ed:09:6c:91:d3:ab:6f:db:48:c5:c5:a6:07:3e:f5:
                    99:1a:46:aa:ce:c4:40:8b:e6:bb:fd:2a:72:da:af:
                    70:6c:cb:68:5e:bc:34:83:4e:22:d4:49:75:14:28:
                    30:0a:3b:6c:f5:ea:d1:27:12:03:9c:33:f0:cb:1a:
                    83:e3:37:c6:da:27:dc:5b:b5:d6:5c:ce:0f:59:e9:
                    93:9b:e7:4a:81:4d:0f:1d:a7:87:73:c6:1d:27:27:
                    c9:57:40:11:03:f2:a1:61:1e:23:d3:75:fd:f1:c1:
                    37:5f:4a:3c:4a:4a:a6:de:05:ae:59:92:a6:09:7f:
                    ed:1e:ef:5b:bd:b3:7e:0e:28:cc:02:14:55:b4:a3:
                    e3:92:77:37:e9:c0:31:58:2a:ed:8c:c8:44:74:86:
                    bd:99:ab:b3:bd:6f:4d:53:86:bb:90:47:e7:61:08:
                    73:6c:4e:4c:c2:6d:e4:db:9e:84:f7:ae:5e:a3:c8:
                    6c:70:f6:04:2d:af:4f:3c:ac:2d:fe:c3:fa:d7:5c:
                    59:14:1c:df:03:48:8c:75:18:e4:b7:e3:53:55:3b:
                    50:50:ad:4f:a4:42:f8:e8:4e:cd:8c:dd:4e:21:0d:
                    56:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:0D:23:BD:A3:83:90:B8:B8:7F:A6:49:97:4C:7E:26:82:07:C8:D6
            X509v3 Authority Key Identifier:
                keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/2A0jvaODkLi4f6ZJl0x-JoIHyNY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.120.0-185.92.122.255

    Signature Algorithm: sha256WithRSAEncryption
         3a:11:0e:3c:9a:55:20:b5:7d:4a:6d:1c:8a:ce:c3:99:75:d8:
         80:a4:71:1e:b1:a3:94:64:58:51:cf:b4:a7:5b:bb:62:d0:72:
         8d:43:78:14:67:b5:53:38:ea:b0:eb:87:c4:27:05:da:fe:48:
         47:28:54:35:38:bf:c9:67:54:e3:dd:29:d9:64:c6:c1:0c:27:
         db:b1:c5:ff:1d:10:05:47:b1:01:08:a3:06:c7:a0:06:03:cb:
         2d:90:eb:f7:74:fb:ff:d0:ba:ac:95:cc:89:bf:e6:17:c4:6b:
         b1:f9:e3:01:4e:94:9f:59:8c:5d:5c:a8:04:60:4f:f0:a1:6c:
         d3:d9:af:f2:ea:54:90:96:db:8e:8b:c8:7d:0a:37:29:a4:42:
         01:01:e0:9f:eb:2e:d5:84:ef:96:13:a2:c0:b0:6f:80:38:92:
         b2:08:c1:ee:4d:11:72:06:e3:43:94:4e:98:50:de:c5:f5:0f:
         72:99:03:c6:0b:21:26:65:7c:ff:e9:96:13:86:ef:73:69:df:
         31:7f:85:f0:ec:f1:7e:fc:7f:fc:bd:35:de:5d:60:78:20:5f:
         d5:26:d8:50:3c:5a:7a:e3:19:f7:7e:38:35:bd:10:1e:92:57:
         03:09:50:eb:c1:8c:2e:f9:0c:7b:90:54:ef:fd:2e:de:ae:0c:
         9d:0d:a8:a4
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECPaVJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWRhZWVhOTExN2ExZDVjY2MzMjAyMjI5NTVhMDlmYWEwNzk4ZmQ5MB4XDTIyMDEw
MTE0MDUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDgwZDIzYmRhMzgz
OTBiOGI4N2ZhNjQ5OTc0YzdlMjY4MjA3YzhkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6YdNYSMa+qIgbGxvAHXuc68vCsYEHDu0m6bFdM7QlskdOr
b9tIxcWmBz71mRpGqs7EQIvmu/0qctqvcGzLaF68NINOItRJdRQoMAo7bPXq0ScS
A5wz8Msag+M3xton3Fu11lzOD1npk5vnSoFNDx2nh3PGHScnyVdAEQPyoWEeI9N1
/fHBN19KPEpKpt4FrlmSpgl/7R7vW72zfg4ozAIUVbSj45J3N+nAMVgq7YzIRHSG
vZmrs71vTVOGu5BH52EIc2xOTMJt5NuehPeuXqPIbHD2BC2vTzysLf7D+tdcWRQc
3wNIjHUY5LfjU1U7UFCtT6RC+OhOzYzdTiENVtUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTYDSO9o4OQuLh/pkmXTH4mggfI1jAfBgNVHSMEGDAWgBSu2u6pEXodXMwy
AiKVWgn6oHmP2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J0cnVxUkY2SFZ6TU1nSWlsVm9KLXFCNWo5ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvYTEzYjAxLTQxNTMtNGVhNS1iZjIxLTk5ODY4YzUxMzI5YS8x
LzJBMGp2YU9Ea0xpNGY2WkpsMHgtSm9JSHlOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
YTEzYjAxLTQxNTMtNGVhNS1iZjIxLTk5ODY4YzUxMzI5YS8xL3J0cnVxUkY2SFZ6
TU1nSWlsVm9KLXFCNWo5ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDuVx4AwQAuVx6MA0GCSqGSIb3
DQEBCwUAA4IBAQA6EQ48mlUgtX1KbRyKzsOZddiApHEesaOUZFhRz7SnW7ti0HKN
Q3gUZ7VTOOqw64fEJwXa/khHKFQ1OL/JZ1Tj3SnZZMbBDCfbscX/HRAFR7EBCKMG
x6AGA8stkOv3dPv/0LqslcyJv+YXxGux+eMBTpSfWYxdXKgEYE/woWzT2a/y6lSQ
ltuOi8h9CjcppEIBAeCf6y7VhO+WE6LAsG+AOJKyCMHuTRFyBuNDlE6YUN7F9Q9y
mQPGCyEmZXz/6ZYThu9zad8xf4Xw7PF+/H/8vTXeXWB4IF/VJthQPFp64xn3fjg1
vRAeklcDCVDrwYwu+Qx7kFTv/S7ergydDaik
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:02 2024 by rpki-client on console-ams.rpki-client.org