Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/SrQ70VXE_4k5ctWOl7WVu6balD8.roa
File:                     SrQ70VXE_4k5ctWOl7WVu6balD8.roa (raw, json)
Hash identifier:          gkhOSvxQjNwUGzaECj6Tly+0sC53W7lpPmNK4HOfcGU=
Subject key identifier:   4A:B4:3B:D1:55:C4:FF:89:39:72:D5:8E:97:B5:95:BB:A6:DA:94:3F
Certificate issuer:       /CN=8ec1f7d0530682e1b68e3bfe5a8744ee51ad335d
Certificate serial:       18974BA8
Authority key identifier: 8E:C1:F7:D0:53:06:82:E1:B6:8E:3B:FE:5A:87:44:EE:51:AD:33:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jsH30FMGguG2jjv-WodE7lGtM10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/SrQ70VXE_4k5ctWOl7WVu6balD8.roa
Signing time:             Sat 01 Jan 2022 10:00:34 +0000
ROA not before:           Sat 01 Jan 2022 10:00:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61956
IP address blocks:        185.47.120.0/22 maxlen: 22
                          185.47.122.0/23 maxlen: 23
                          2a01:8be0::/29 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 412568488 (0x18974ba8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ec1f7d0530682e1b68e3bfe5a8744ee51ad335d
        Validity
            Not Before: Jan  1 10:00:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4ab43bd155c4ff893972d58e97b595bba6da943f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8e:d9:34:c8:0c:2c:4a:81:9e:30:11:5f:fa:
                    ce:97:c6:54:0c:bd:25:33:2f:ae:75:e5:e0:5b:c9:
                    dd:ef:7f:b5:60:ae:49:43:cd:ea:b4:85:9e:0a:74:
                    6e:a1:fb:fe:c1:2c:7d:f6:51:2a:66:61:d4:8a:ac:
                    c3:0c:78:c9:3e:58:aa:03:35:c8:da:17:02:5f:f8:
                    16:a7:c9:b2:04:0c:3b:8f:66:8c:63:d5:8e:73:07:
                    2e:34:a7:7a:d8:f8:f9:a8:08:98:4b:7b:44:01:aa:
                    df:33:f3:fa:34:a4:66:68:49:5f:98:57:60:e5:61:
                    ef:78:84:6e:f5:1b:5d:5f:22:22:5e:3e:5a:bf:03:
                    71:54:93:05:03:5f:8a:1a:bd:62:31:92:96:92:06:
                    cf:82:05:64:16:c3:49:00:bd:fa:78:ff:0f:e0:de:
                    7e:7d:43:36:c6:b7:ab:1f:d2:04:1f:53:c9:1b:26:
                    2d:b1:ce:d3:37:fa:4c:60:44:87:ba:4b:b9:53:c4:
                    d1:d1:46:e4:e4:94:25:d5:59:24:73:d1:0f:4e:bd:
                    d2:37:79:af:0b:67:f0:82:2d:f9:92:81:0d:2d:4c:
                    ca:12:13:be:76:22:0b:59:f5:8d:c9:43:38:55:c6:
                    8a:34:fa:8d:5c:f6:0e:85:9f:fa:19:1e:24:fb:85:
                    ea:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:B4:3B:D1:55:C4:FF:89:39:72:D5:8E:97:B5:95:BB:A6:DA:94:3F
            X509v3 Authority Key Identifier:
                keyid:8E:C1:F7:D0:53:06:82:E1:B6:8E:3B:FE:5A:87:44:EE:51:AD:33:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsH30FMGguG2jjv-WodE7lGtM10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/SrQ70VXE_4k5ctWOl7WVu6balD8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/jsH30FMGguG2jjv-WodE7lGtM10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.47.120.0/22
                IPv6:
                  2a01:8be0::/29

    Signature Algorithm: sha256WithRSAEncryption
         0f:69:f8:70:79:c0:1d:78:f9:9b:df:17:aa:b1:bb:57:89:58:
         f8:1c:aa:b7:d1:96:0f:12:fc:ae:6a:09:fe:00:ba:8d:40:05:
         5d:8b:98:93:72:cb:d0:99:0c:8b:db:9a:3d:0d:1f:53:56:b3:
         66:0e:8a:06:56:bf:a9:8e:65:67:43:76:8a:41:b6:6a:90:a2:
         e7:c2:15:9f:fd:1d:cb:53:51:00:13:df:15:73:af:3c:dd:d0:
         1c:63:ca:1b:db:a7:33:eb:2b:d3:cb:2e:ad:07:8f:8e:22:34:
         99:0a:e6:82:78:ff:81:3e:0e:f5:03:b5:f5:df:33:32:87:53:
         ef:46:31:4b:72:0b:6b:d7:d7:08:a6:cc:3d:0f:5c:b5:09:1c:
         84:25:2c:c9:62:45:f9:f4:4e:c8:d4:80:6b:41:04:a9:61:d4:
         3f:1b:62:6f:85:19:45:9b:7e:6c:89:92:8c:f8:33:c0:51:2c:
         be:c5:e1:df:fb:2a:10:8d:de:e3:95:65:ff:44:a0:c4:c0:d7:
         21:05:dd:fb:31:89:a2:68:f0:12:05:86:24:54:97:fc:80:09:
         92:ce:e4:cb:e5:3e:5f:2d:cc:48:05:62:0d:b9:48:71:b6:24:
         98:6a:88:b5:c5:85:51:64:54:ea:72:66:32:72:1c:00:e0:42:
         68:f1:a1:71
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGJdLqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZWMxZjdkMDUzMDY4MmUxYjY4ZTNiZmU1YTg3NDRlZTUxYWQzMzVkMB4XDTIyMDEw
MTEwMDAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGFiNDNiZDE1NWM0
ZmY4OTM5NzJkNThlOTdiNTk1YmJhNmRhOTQzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSO2TTIDCxKgZ4wEV/6zpfGVAy9JTMvrnXl4FvJ3e9/tWCu
SUPN6rSFngp0bqH7/sEsffZRKmZh1Iqswwx4yT5YqgM1yNoXAl/4FqfJsgQMO49m
jGPVjnMHLjSnetj4+agImEt7RAGq3zPz+jSkZmhJX5hXYOVh73iEbvUbXV8iIl4+
Wr8DcVSTBQNfihq9YjGSlpIGz4IFZBbDSQC9+nj/D+Defn1DNsa3qx/SBB9TyRsm
LbHO0zf6TGBEh7pLuVPE0dFG5OSUJdVZJHPRD0690jd5rwtn8IIt+ZKBDS1MyhIT
vnYiC1n1jclDOFXGijT6jVz2DoWf+hkeJPuF6v8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRKtDvRVcT/iTly1Y6XtZW7ptqUPzAfBgNVHSMEGDAWgBSOwffQUwaC4baO
O/5ah0TuUa0zXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pzSDMwRk1HZ3VHMmpqdi1Xb2RFN2xHdE0xMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvOTE4YTMzLTY3NjYtNDc5NS04NTczLWFlZTY5OGFmNjhiNy8x
L1NyUTcwVlhFXzRrNWN0V09sN1dWdTZiYWxEOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
OTE4YTMzLTY3NjYtNDc5NS04NTczLWFlZTY5OGFmNjhiNy8xL2pzSDMwRk1HZ3VH
Mmpqdi1Xb2RFN2xHdE0xMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkveDANBAIAAjAHAwUDKgGL4DAN
BgkqhkiG9w0BAQsFAAOCAQEAD2n4cHnAHXj5m98XqrG7V4lY+Byqt9GWDxL8rmoJ
/gC6jUAFXYuYk3LL0JkMi9uaPQ0fU1azZg6KBla/qY5lZ0N2ikG2apCi58IVn/0d
y1NRABPfFXOvPN3QHGPKG9unM+sr08surQePjiI0mQrmgnj/gT4O9QO19d8zModT
70YxS3ILa9fXCKbMPQ9ctQkchCUsyWJF+fROyNSAa0EEqWHUPxtib4UZRZt+bImS
jPgzwFEsvsXh3/sqEI3e45Vl/0SgxMDXIQXd+zGJomjwEgWGJFSX/IAJks7ky+U+
Xy3MSAViDblIcbYkmGqItcWFUWRU6nJmMnIcAOBCaPGhcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:30 2024 by rpki-client on console-fra.rpki-client.org