Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8L4Ss_DQwtyyD0n02WIoCqJeif8.roa
File:                     8L4Ss_DQwtyyD0n02WIoCqJeif8.roa (raw, json)
Hash identifier:          m5gDXPgvZ7iTIW/AoW9NOC2jUn+0KWM5HB18BjDKb3c=
Subject key identifier:   F0:BE:12:B3:F0:D0:C2:DC:B2:0F:49:F4:D9:62:28:0A:A2:5E:89:FF
Certificate issuer:       /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial:       06E5EAE1
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8L4Ss_DQwtyyD0n02WIoCqJeif8.roa
Signing time:             Sat 19 Mar 2022 16:31:50 +0000
ROA not before:           Sat 19 Mar 2022 16:31:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211701
IP address blocks:        185.131.223.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115731169 (0x6e5eae1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
        Validity
            Not Before: Mar 19 16:31:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f0be12b3f0d0c2dcb20f49f4d962280aa25e89ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:66:8b:8f:4c:cd:07:fd:05:fd:14:7d:5f:67:
                    af:ac:d6:96:e9:70:3b:ac:74:84:92:5c:91:a5:93:
                    3a:22:de:ac:62:cd:e0:2a:7f:a6:9a:38:50:2c:97:
                    12:78:01:b6:90:ef:e3:38:e1:a5:92:9e:3c:7b:6e:
                    07:cb:f5:f4:5a:8c:af:9a:23:4c:52:67:97:1a:58:
                    4f:26:31:a8:89:35:d6:7e:15:77:50:2b:7e:3f:eb:
                    60:46:7e:b8:db:7a:d0:0b:99:2f:1a:f7:b2:73:cf:
                    20:1b:32:bc:b3:e2:cf:72:40:31:0c:1d:92:57:cf:
                    83:a6:e6:1a:78:dd:65:83:6b:2e:e8:02:1e:e9:aa:
                    cc:a6:fa:bb:f3:b8:d7:b6:67:9f:61:ee:79:eb:57:
                    22:c6:0f:e2:79:a6:cb:55:f5:96:09:3b:94:19:5d:
                    30:6e:4e:6a:ee:13:fc:88:b2:54:e0:7f:e6:86:ed:
                    b8:bd:8e:65:31:91:c7:42:87:63:8a:04:5a:87:c7:
                    da:09:c6:7d:20:aa:bb:67:af:f4:8d:7c:28:05:d8:
                    c8:87:09:81:31:7e:a1:52:a7:7b:4b:91:f4:f3:6e:
                    ea:a8:60:26:10:2d:de:d3:60:2b:3c:2c:f5:cd:88:
                    e5:79:f9:78:2f:d0:98:3e:6d:b4:82:ab:08:82:2d:
                    45:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:BE:12:B3:F0:D0:C2:DC:B2:0F:49:F4:D9:62:28:0A:A2:5E:89:FF
            X509v3 Authority Key Identifier:
                keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8L4Ss_DQwtyyD0n02WIoCqJeif8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.131.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:60:d4:47:d8:21:ff:19:f8:c3:47:f7:de:32:07:4b:27:0e:
         c4:f4:c0:bf:71:95:55:73:96:9f:f1:f2:89:0a:ed:c5:cc:f5:
         2e:6d:d1:a5:7f:78:f8:28:a2:82:f3:af:98:56:06:bb:b9:6b:
         d0:ee:6a:48:7c:d8:46:20:03:f3:9d:ef:d5:ad:04:07:6a:c2:
         d4:91:8e:59:5f:47:63:75:da:e6:48:f9:03:4a:e3:bc:eb:7e:
         a8:b7:9f:8f:40:5a:65:03:f5:d7:06:87:8f:6e:2e:8a:28:71:
         f2:7a:85:b6:6a:19:28:dd:dd:93:b1:c4:d8:da:19:c5:d8:cb:
         98:88:a6:8b:5b:73:35:ba:e8:da:43:1d:a6:c8:de:83:5e:f8:
         e4:3d:df:ba:d7:70:b2:d1:cf:53:30:c4:50:13:cd:d5:48:1f:
         a2:d8:14:2d:12:39:47:c4:b6:d5:81:52:a2:1f:9b:96:d2:9c:
         f5:20:2d:5d:3d:4f:d6:15:34:b2:0d:20:ab:9f:e6:d6:de:50:
         7c:5e:1c:8a:5e:b9:b8:49:62:32:37:da:2e:5c:eb:eb:ad:19:
         bd:ea:aa:5e:3f:02:8f:e7:5c:8e:cf:fc:f8:3d:96:b9:65:d2:
         dc:cd:8b:87:0e:d9:a8:38:2a:6b:f7:af:d9:32:42:a8:bb:aa:
         fe:3a:11:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBuXq4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDUyMTEyOGNmNjM0YWE2YWZhN2VmNTJkNTMxZjNmY2Q1NTYyOGY5MB4XDTIyMDMx
OTE2MzE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBiZTEyYjNmMGQw
YzJkY2IyMGY0OWY0ZDk2MjI4MGFhMjVlODlmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKlmi49MzQf9Bf0UfV9nr6zWlulwO6x0hJJckaWTOiLerGLN
4Cp/ppo4UCyXEngBtpDv4zjhpZKePHtuB8v19FqMr5ojTFJnlxpYTyYxqIk11n4V
d1Arfj/rYEZ+uNt60AuZLxr3snPPIBsyvLPiz3JAMQwdklfPg6bmGnjdZYNrLugC
HumqzKb6u/O417Znn2HueetXIsYP4nmmy1X1lgk7lBldMG5Oau4T/IiyVOB/5obt
uL2OZTGRx0KHY4oEWofH2gnGfSCqu2ev9I18KAXYyIcJgTF+oVKne0uR9PNu6qhg
JhAt3tNgKzws9c2I5Xn5eC/QmD5ttIKrCIItRR0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTwvhKz8NDC3LIPSfTZYigKol6J/zAfBgNVHSMEGDAWgBTwUhEoz2NKpq+n
71LVMfP81VYo+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhGSVJLTTlqU3FhdnAtOVMxVEh6X05WV0tQay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvYjRiMTUwLWRiYjgtNDY1Zi04MTU1LWU0NDE5YjY0MjEyZS8x
LzhMNFNzX0RRd3R5eUQwbjAyV0lvQ3FKZWlmOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
YjRiMTUwLWRiYjgtNDY1Zi04MTU1LWU0NDE5YjY0MjEyZS8xLzhGSVJLTTlqU3Fh
dnAtOVMxVEh6X05WV0tQay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmD3zANBgkqhkiG9w0BAQsFAAOC
AQEAnWDUR9gh/xn4w0f33jIHSycOxPTAv3GVVXOWn/HyiQrtxcz1Lm3RpX94+Cii
gvOvmFYGu7lr0O5qSHzYRiAD853v1a0EB2rC1JGOWV9HY3Xa5kj5A0rjvOt+qLef
j0BaZQP11waHj24uiihx8nqFtmoZKN3dk7HE2NoZxdjLmIimi1tzNbro2kMdpsje
g1745D3futdwstHPUzDEUBPN1UgfotgULRI5R8S21YFSoh+bltKc9SAtXT1P1hU0
sg0gq5/m1t5QfF4cil65uEliMjfaLlzr660ZveqqXj8Cj+dcjs/8+D2WuWXS3M2L
hw7ZqDgqa/ev2TJCqLuq/joRzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:58 2024 by rpki-client on console-ams.rpki-client.org