Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/UGoc4BL-lIEt0qbmTcPiAmk_CIg.roa
File:                     UGoc4BL-lIEt0qbmTcPiAmk_CIg.roa (raw, json)
Hash identifier:          dYlGe7fC+tFzIHyKBuPfOt/QES6FxQa/1/MtCdtwe+4=
Subject key identifier:   50:6A:1C:E0:12:FE:94:81:2D:D2:A6:E6:4D:C3:E2:02:69:3F:08:88
Certificate issuer:       /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial:       0182D43A71E946FD6B520AE1AB790A9A1505
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/UGoc4BL-lIEt0qbmTcPiAmk_CIg.roa
Signing time:             Thu 25 Aug 2022 08:59:36 +0000
ROA not before:           Thu 25 Aug 2022 08:59:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12849
IP address blocks:        194.88.108.0/22 maxlen: 24
                          185.131.144.0/24 maxlen: 24
                          185.131.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d4:3a:71:e9:46:fd:6b:52:0a:e1:ab:79:0a:9a:15:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
        Validity
            Not Before: Aug 25 08:59:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=506a1ce012fe94812dd2a6e64dc3e202693f0888
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c7:6d:12:29:db:3a:ce:eb:64:ae:d5:a3:5a:
                    ce:d0:99:ac:ae:09:bc:a9:69:64:90:50:34:f0:a6:
                    73:65:69:0b:69:10:f0:ae:c6:52:d0:a4:6c:f6:b3:
                    68:e8:60:6b:04:73:46:c6:50:d2:9e:be:82:6c:c1:
                    b2:5c:80:15:d4:81:d6:eb:8a:f1:94:96:11:3e:f0:
                    fd:db:4f:f1:bf:7e:94:be:04:95:ff:67:07:a8:2f:
                    69:c8:e5:0c:b9:b4:5c:fa:33:da:68:f7:a5:78:92:
                    58:1c:c8:4c:33:10:70:76:c5:12:d5:bc:16:c4:b3:
                    dd:a5:f2:60:5f:dd:e8:80:95:76:38:13:db:24:7b:
                    9e:4b:7b:c1:75:22:28:29:01:0b:67:b6:0e:72:2c:
                    3b:3f:3d:86:31:6c:8a:a7:fd:49:7e:fa:91:c8:6f:
                    6b:95:56:37:c7:32:37:29:26:e7:ed:42:d3:dc:c9:
                    c6:01:83:06:a1:66:54:dc:82:cf:da:5e:b1:ff:7f:
                    60:5f:f6:c3:42:9e:79:1e:1d:31:08:44:3c:0b:07:
                    37:e6:86:35:2b:ad:98:4c:bc:43:1d:75:18:7d:84:
                    e0:f4:fc:f0:99:17:61:08:17:33:73:de:da:d0:76:
                    44:6b:20:2e:8d:2f:96:f6:77:5e:68:09:52:1d:a4:
                    cb:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:6A:1C:E0:12:FE:94:81:2D:D2:A6:E6:4D:C3:E2:02:69:3F:08:88
            X509v3 Authority Key Identifier:
                keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/UGoc4BL-lIEt0qbmTcPiAmk_CIg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.131.144.0/23
                  194.88.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:d8:3f:08:69:07:ef:0c:1f:79:ae:7c:92:89:b0:c2:47:23:
         bd:bd:8b:58:cb:c9:ef:ba:58:a9:02:79:c6:c9:54:47:3e:07:
         7d:f9:25:af:32:ea:59:df:1f:66:70:d1:18:80:b4:95:f2:11:
         a5:b6:38:05:6d:f6:bd:d9:8e:cd:8d:f4:20:7d:e6:3c:75:89:
         66:4a:58:9b:57:98:82:9c:54:33:c1:6f:94:6c:e8:48:fe:f2:
         71:10:73:14:4a:5e:29:03:a9:0a:55:cb:5d:d7:f7:6c:b4:c1:
         8b:72:f7:2c:f3:df:73:3e:31:ee:7a:0e:4e:21:42:d6:bc:8d:
         d6:69:73:96:9b:11:f3:ec:9b:af:09:cd:02:c7:a7:8d:0a:47:
         67:52:16:a8:ce:2d:44:57:bd:6e:53:8d:71:6e:3e:ac:65:69:
         ca:87:06:2c:45:2c:5f:6b:a8:4d:0f:68:f7:25:46:d5:86:5c:
         ed:a3:36:a7:90:9c:36:5c:b9:bd:c4:64:e5:d5:60:a6:62:b0:
         fc:bd:dc:14:db:d9:27:f8:a9:c5:cf:6c:ce:43:b4:7b:b5:6a:
         14:2d:71:b2:09:e4:8a:be:0f:22:90:93:75:10:06:23:26:e7:
         08:fd:cd:bc:de:5f:fd:08:51:56:ba:87:a7:4e:dd:35:34:5d:
         e5:35:52:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLUOnHpRv1rUgrhq3kKmhUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjIwODI1MDg1OTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDZhMWNlMDEyZmU5NDgxMmRkMmE2ZTY0ZGMzZTIwMjY5M2YwODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMdtEinbOs7rZK7Vo1rO0Jmsrgm8
qWlkkFA08KZzZWkLaRDwrsZS0KRs9rNo6GBrBHNGxlDSnr6CbMGyXIAV1IHW64rx
lJYRPvD920/xv36UvgSV/2cHqC9pyOUMubRc+jPaaPeleJJYHMhMMxBwdsUS1bwW
xLPdpfJgX93ogJV2OBPbJHueS3vBdSIoKQELZ7YOciw7Pz2GMWyKp/1JfvqRyG9r
lVY3xzI3KSbn7ULT3MnGAYMGoWZU3ILP2l6x/39gX/bDQp55Hh0xCEQ8Cwc35oY1
K62YTLxDHXUYfYTg9PzwmRdhCBczc97a0HZEayAujS+W9ndeaAlSHaTLFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFBqHOAS/pSBLdKm5k3D4gJpPwiIMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvVUdvYzRCTC1sSUV0MHFibVRjUGlBbWtfQ0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYOQAwQC
wlhsMA0GCSqGSIb3DQEBCwUAA4IBAQBm2D8IaQfvDB95rnySibDCRyO9vYtYy8nv
ulipAnnGyVRHPgd9+SWvMupZ3x9mcNEYgLSV8hGltjgFbfa92Y7NjfQgfeY8dYlm
SlibV5iCnFQzwW+UbOhI/vJxEHMUSl4pA6kKVctd1/dstMGLcvcs899zPjHueg5O
IULWvI3WaXOWmxHz7JuvCc0Cx6eNCkdnUhaozi1EV71uU41xbj6sZWnKhwYsRSxf
a6hND2j3JUbVhlztozankJw2XLm9xGTl1WCmYrD8vdwU29kn+KnFz2zOQ7R7tWoU
LXGyCeSKvg8ikJN1EAYjJucI/c283l/9CFFWuoenTt01NF3lNVLG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:23 2024 by rpki-client on console-ams.rpki-client.org