Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/vq-1wzrIw1DL3R6K4yIoYvO-qQk.roa
File:                     vq-1wzrIw1DL3R6K4yIoYvO-qQk.roa (raw, json)
Hash identifier:          Xx33/oD/wLUy8oOTSpI7nzjTR0evXWdVdZSgHA9DSEc=
Subject key identifier:   BE:AF:B5:C3:3A:C8:C3:50:CB:DD:1E:8A:E3:22:28:62:F3:BE:A9:09
Certificate issuer:       /CN=593897174f967490dbf6189d479df2c9371bf404
Certificate serial:       0184667521D81A8461D80EB77FC42FD91C9D
Authority key identifier: 59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/vq-1wzrIw1DL3R6K4yIoYvO-qQk.roa
Signing time:             Fri 11 Nov 2022 11:31:03 +0000
ROA not before:           Fri 11 Nov 2022 11:31:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        185.67.36.0/22 maxlen: 32
                          2a05:bc0::/29 maxlen: 128

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:66:75:21:d8:1a:84:61:d8:0e:b7:7f:c4:2f:d9:1c:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=593897174f967490dbf6189d479df2c9371bf404
        Validity
            Not Before: Nov 11 11:31:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=beafb5c33ac8c350cbdd1e8ae3222862f3bea909
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:fd:83:25:f5:e5:d2:fd:ea:e6:a9:24:86:5a:
                    df:28:c9:04:72:51:ea:ba:f7:ab:de:4e:31:3d:e2:
                    5a:56:8c:b8:75:f1:b0:65:18:25:ff:84:28:f1:a7:
                    d2:f5:87:dc:cb:62:d8:3a:c6:de:10:c3:55:e4:d2:
                    f2:21:fd:a3:75:3d:67:2a:71:a3:b4:d9:db:00:60:
                    db:98:49:3e:c1:51:a4:08:3f:a9:78:2f:0b:96:43:
                    0e:7d:38:54:86:6d:c4:e5:c7:0a:f8:2f:a4:84:c5:
                    2a:c9:dd:4f:a3:82:27:fd:fb:7d:ce:e7:fd:91:16:
                    ed:cb:e1:cb:d1:f6:31:87:99:50:8a:e1:dd:8c:4b:
                    3c:b0:55:d9:0a:b2:47:2f:e6:b9:b7:cf:77:1f:f5:
                    ad:1f:98:9b:fe:5e:2e:8a:0f:e7:e3:03:0b:09:84:
                    96:26:45:88:f5:0e:13:67:b6:52:ae:05:d8:30:e5:
                    f9:43:01:10:aa:cc:10:50:56:5e:c2:bb:b3:04:76:
                    67:be:d3:b2:95:89:a5:e3:65:6e:42:7e:21:51:03:
                    4f:97:06:c2:4c:06:da:2e:47:a9:d2:1c:2f:66:f9:
                    c9:4f:45:8f:8b:d6:61:f3:5e:d3:b6:ad:b4:85:b3:
                    bd:15:3c:62:ca:97:9b:b3:69:06:68:5c:8d:6b:50:
                    a1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:AF:B5:C3:3A:C8:C3:50:CB:DD:1E:8A:E3:22:28:62:F3:BE:A9:09
            X509v3 Authority Key Identifier:
                keyid:59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/vq-1wzrIw1DL3R6K4yIoYvO-qQk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.67.36.0/22
                IPv6:
                  2a05:bc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         7d:c6:19:a8:05:92:f5:75:76:e2:fd:2c:38:ca:96:de:c1:55:
         ec:8e:23:0b:2a:1d:e2:80:21:29:35:85:64:6a:e2:f7:18:d3:
         63:72:3d:ec:d9:e8:69:ce:d7:3c:1c:cb:44:e0:3a:36:f7:ab:
         f6:b0:1e:29:f3:c8:bb:45:dd:47:c4:f4:eb:04:2d:35:f0:c2:
         ed:c2:15:75:ec:18:f7:87:01:3b:db:dc:fd:93:b6:24:89:da:
         47:e9:d0:ab:a8:9c:de:b4:40:f2:f1:f7:c2:f2:ea:3b:15:23:
         09:4e:40:d7:ca:9f:e8:90:87:cc:d1:11:a5:9c:db:bf:dc:bf:
         b6:48:25:8a:6b:01:47:40:5c:9f:01:d3:99:39:0d:2a:7e:19:
         9e:a7:af:0c:9f:e1:50:d0:92:a7:17:24:6d:ca:35:ab:7b:9e:
         fa:e1:d3:b3:a7:35:dd:23:a3:d7:e2:0f:51:f6:e2:af:db:d0:
         03:15:b4:c3:68:10:b1:69:34:bd:11:10:2d:fb:b5:75:d4:28:
         3d:34:30:11:6f:9e:0e:c4:4e:d9:b9:87:e8:a1:53:35:62:00:
         3d:6a:00:51:a3:27:c7:75:b7:80:9e:ac:07:6b:5f:e7:39:54:
         d9:3e:5d:36:f2:a7:8e:89:b4:7d:d2:ca:cb:72:00:f1:f0:70:
         ea:7f:fd:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRmdSHYGoRh2A63f8Qv2RydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5Mzg5NzE3NGY5Njc0OTBkYmY2MTg5ZDQ3OWRmMmM5Mzcx
YmY0MDQwHhcNMjIxMTExMTEzMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWFmYjVjMzNhYzhjMzUwY2JkZDFlOGFlMzIyMjg2MmYzYmVhOTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2P2DJfXl0v3q5qkkhlrfKMkEclHq
uver3k4xPeJaVoy4dfGwZRgl/4Qo8afS9Yfcy2LYOsbeEMNV5NLyIf2jdT1nKnGj
tNnbAGDbmEk+wVGkCD+peC8LlkMOfThUhm3E5ccK+C+khMUqyd1Po4In/ft9zuf9
kRbty+HL0fYxh5lQiuHdjEs8sFXZCrJHL+a5t893H/WtH5ib/l4uig/n4wMLCYSW
JkWI9Q4TZ7ZSrgXYMOX5QwEQqswQUFZewruzBHZnvtOylYml42VuQn4hUQNPlwbC
TAbaLkep0hwvZvnJT0WPi9Zh817Ttq20hbO9FTxiypebs2kGaFyNa1ChUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL6vtcM6yMNQy90eiuMiKGLzvqkJMB8GA1UdIwQY
MBaAFFk4lxdPlnSQ2/YYnUed8sk3G/QEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTIt
NWY4ZmM3MDc4MzZhLzEvdnEtMXd6ckl3MURMM1I2SzR5SW9Zdk8tcVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTItNWY4ZmM3MDc4MzZh
LzEvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUMkMA0E
AgACMAcDBQMqBQvAMA0GCSqGSIb3DQEBCwUAA4IBAQB9xhmoBZL1dXbi/Sw4ypbe
wVXsjiMLKh3igCEpNYVkauL3GNNjcj3s2ehpztc8HMtE4Do296v2sB4p88i7Rd1H
xPTrBC018MLtwhV17Bj3hwE729z9k7YkidpH6dCrqJzetEDy8ffC8uo7FSMJTkDX
yp/okIfM0RGlnNu/3L+2SCWKawFHQFyfAdOZOQ0qfhmep68Mn+FQ0JKnFyRtyjWr
e5764dOzpzXdI6PX4g9R9uKv29ADFbTDaBCxaTS9ERAt+7V11Cg9NDARb54OxE7Z
uYfooVM1YgA9agBRoyfHdbeAnqwHa1/nOVTZPl028qeOibR90srLcgDx8HDqf/2S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:00 2024 by rpki-client on console-ams.rpki-client.org