Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/Do_sHsJFAGvl-1XMscL2576hhwo.roa
File:                     Do_sHsJFAGvl-1XMscL2576hhwo.roa (raw, json)
Hash identifier:          zFZakbG4YuBZoCDA0H0mLGOJKEde76GjGFo3jDvNX6Q=
Subject key identifier:   0E:8F:EC:1E:C2:45:00:6B:E5:FB:55:CC:B1:C2:F6:E7:BE:A1:87:0A
Certificate issuer:       /CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Certificate serial:       78BB35
Authority key identifier: 8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/Do_sHsJFAGvl-1XMscL2576hhwo.roa
Signing time:             Sat 01 Jan 2022 03:56:22 +0000
ROA not before:           Sat 01 Jan 2022 03:56:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50763
IP address blocks:        185.241.44.0/22 maxlen: 22
                          185.241.44.0/23 maxlen: 23
                          185.241.46.0/24 maxlen: 24
                          2a0c:9880::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7912245 (0x78bb35)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
        Validity
            Not Before: Jan  1 03:56:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0e8fec1ec245006be5fb55ccb1c2f6e7bea1870a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a2:e5:a6:bb:ea:83:ed:6a:31:5d:d1:88:19:
                    39:70:9e:b9:5f:6f:64:c2:29:49:1a:a6:ad:39:5c:
                    cd:97:43:50:30:29:b2:74:cc:0e:d5:20:b3:ba:90:
                    29:ba:e0:a9:04:0c:c1:6d:bd:5d:d4:2c:7b:95:da:
                    bd:c0:dc:02:ee:06:e9:3f:99:73:02:ac:48:aa:9f:
                    22:04:18:7f:c1:b6:f4:8b:21:b5:50:de:7a:76:bb:
                    f1:cf:be:8b:66:95:52:21:13:be:9a:db:3a:a3:bb:
                    5f:7f:60:6e:6f:54:28:71:15:43:9f:83:46:61:67:
                    dd:aa:82:e1:d9:fb:ca:c1:a8:01:3e:76:89:2b:11:
                    34:e6:29:80:71:fd:e6:a3:75:20:5d:69:9f:46:ff:
                    46:29:72:ac:d3:89:43:f9:ab:94:95:0d:ce:7d:4c:
                    ac:89:2a:bd:98:77:fa:67:19:7d:3d:b2:e3:9e:ef:
                    38:67:70:73:11:47:78:07:25:b4:ba:38:af:dd:16:
                    ed:ff:79:e1:9d:bd:36:70:83:c5:35:52:c2:4d:e5:
                    bb:a6:bb:a3:dd:21:7e:7b:cb:f4:df:23:56:b4:6a:
                    dc:c5:00:9e:8a:05:db:1b:9c:ee:01:a4:99:51:3e:
                    b3:f0:15:af:20:2f:06:4d:51:09:ba:ce:43:9b:47:
                    cb:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:8F:EC:1E:C2:45:00:6B:E5:FB:55:CC:B1:C2:F6:E7:BE:A1:87:0A
            X509v3 Authority Key Identifier:
                keyid:8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/Do_sHsJFAGvl-1XMscL2576hhwo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.241.44.0/22
                IPv6:
                  2a0c:9880::/29

    Signature Algorithm: sha256WithRSAEncryption
         9a:f1:3f:11:a2:1c:85:e7:a9:b9:de:5e:54:a9:69:39:92:38:
         5b:f6:ff:17:75:5a:0d:6b:b9:34:03:78:cd:56:21:79:37:bf:
         db:0e:05:e2:3c:3a:c1:df:59:9c:7f:75:a1:ca:38:8f:ec:0c:
         94:dd:1b:f3:b9:e7:b3:e1:af:61:64:e6:43:88:07:ce:f1:82:
         21:0d:70:84:a0:ae:0e:11:37:8d:a0:cc:c4:52:df:83:0b:59:
         0c:fa:0e:d4:6e:46:92:0a:78:22:2d:6d:fd:f2:8a:5b:22:09:
         3d:a1:01:a8:b6:6b:7e:62:4a:f4:93:28:9e:dd:42:ef:fb:d5:
         7b:0c:36:a9:5c:9f:36:e4:45:ca:e0:ca:a5:1d:c2:3d:54:49:
         1f:64:43:ca:ea:bb:fa:35:f8:5e:51:a8:ef:84:8b:19:88:81:
         1e:f4:df:95:04:84:46:04:03:ae:d2:33:69:c1:7c:da:f5:36:
         3b:e4:0d:3f:ff:ef:3e:aa:66:96:25:d8:86:fc:88:83:5e:0d:
         de:ae:43:89:14:c4:60:91:f6:e2:cf:67:bd:39:5d:fc:da:5e:
         f5:36:69:b0:85:f2:16:82:31:38:b7:5e:75:0e:87:78:d1:f6:
         95:b6:f7:d2:42:9b:ef:c6:ff:ff:38:43:19:c1:3a:cc:32:28:
         f9:6e:83:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDeLs1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhh
YTFmZTlhNGMwM2QwMTVhZWM5NzRlMmQyOTcwOWE5NzllYjgyZjEwHhcNMjIwMTAx
MDM1NjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwZThmZWMxZWMyNDUw
MDZiZTVmYjU1Y2NiMWMyZjZlN2JlYTE4NzBhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm6Llprvqg+1qMV3RiBk5cJ65X29kwilJGqatOVzNl0NQMCmy
dMwO1SCzupApuuCpBAzBbb1d1Cx7ldq9wNwC7gbpP5lzAqxIqp8iBBh/wbb0iyG1
UN56drvxz76LZpVSIRO+mts6o7tff2Bub1QocRVDn4NGYWfdqoLh2fvKwagBPnaJ
KxE05imAcf3mo3UgXWmfRv9GKXKs04lD+auUlQ3OfUysiSq9mHf6Zxl9PbLjnu84
Z3BzEUd4ByW0ujiv3Rbt/3nhnb02cIPFNVLCTeW7pruj3SF+e8v03yNWtGrcxQCe
igXbG5zuAaSZUT6z8BWvIC8GTVEJus5Dm0fLwQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFA6P7B7CRQBr5ftVzLHC9ue+oYcKMB8GA1UdIwQYMBaAFIqh/ppMA9AVrsl0
4tKXCal564LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYtMWY5YWUwNTU2NDZmLzEv
RG9fc0hzSkZBR3ZsLTFYTXNjTDI1NzZoaHdvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80
MWU5YjAtNjJlNy00NzE4LWI5NjYtMWY5YWUwNTU2NDZmLzEvaXFILW1rd0QwQld1
eVhUaTBwY0pxWG5yZ3ZFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufEsMA0EAgACMAcDBQMqDJiAMA0G
CSqGSIb3DQEBCwUAA4IBAQCa8T8RohyF56m53l5UqWk5kjhb9v8XdVoNa7k0A3jN
ViF5N7/bDgXiPDrB31mcf3WhyjiP7AyU3Rvzueez4a9hZOZDiAfO8YIhDXCEoK4O
ETeNoMzEUt+DC1kM+g7UbkaSCngiLW398opbIgk9oQGotmt+Ykr0kyie3ULv+9V7
DDapXJ825EXK4MqlHcI9VEkfZEPK6rv6NfheUajvhIsZiIEe9N+VBIRGBAOu0jNp
wXza9TY75A0//+8+qmaWJdiG/IiDXg3erkOJFMRgkfbiz2e9OV382l71NmmwhfIW
gjE4t151Dod40faVtvfSQpvvxv//OEMZwTrMMij5boPX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:35 2024 by rpki-client on console-fra.rpki-client.org