Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/uH8GGPFpPvIznqNbK2OQdYpfy0A.roa
File:                     uH8GGPFpPvIznqNbK2OQdYpfy0A.roa (raw, json)
Hash identifier:          7rM7qMmX4I7OTiCJUkYbWt6lM8kh3tLlI52JI98Sb6Y=
Subject key identifier:   B8:7F:06:18:F1:69:3E:F2:33:9E:A3:5B:2B:63:90:75:8A:5F:CB:40
Certificate issuer:       /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial:       03E8BD
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/uH8GGPFpPvIznqNbK2OQdYpfy0A.roa
Signing time:             Tue 22 Mar 2022 18:39:42 +0000
ROA not before:           Tue 22 Mar 2022 18:39:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209622
IP address blocks:        185.131.146.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 256189 (0x3e8bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
        Validity
            Not Before: Mar 22 18:39:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b87f0618f1693ef2339ea35b2b6390758a5fcb40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:63:ce:9b:69:b2:65:eb:8e:8d:e1:ad:8d:ed:
                    b7:e5:23:15:20:b0:92:f1:7d:d4:ca:73:73:91:52:
                    fe:0c:85:7c:46:65:e7:ce:6e:52:b1:7d:14:35:22:
                    54:ba:ff:ab:b3:f8:36:58:0d:fc:2b:30:dc:0b:b1:
                    a2:c6:65:a4:09:6c:10:76:2a:95:8a:43:d6:28:68:
                    0d:8e:e1:bd:f0:80:d1:27:ab:22:14:34:ee:65:8b:
                    01:7a:b5:ba:ee:56:1b:56:ae:74:b4:70:b6:f8:04:
                    1c:5c:a6:9f:b3:e4:4f:19:06:32:39:39:a5:d7:e9:
                    b6:fd:fb:d2:1f:19:b4:29:17:0c:42:ca:c5:56:1a:
                    5f:fb:13:1c:cd:a7:0d:5e:78:5d:51:df:0a:bc:ca:
                    17:e7:7e:23:b1:95:97:ac:e6:d4:92:32:f5:84:00:
                    1d:36:49:f7:af:6d:de:44:3c:50:e3:3b:18:af:dc:
                    ba:de:ae:53:45:c6:e7:3c:8a:19:f7:c7:29:b7:83:
                    b2:a0:bb:75:d4:bc:e7:15:98:c4:d5:c6:35:da:d3:
                    51:d9:cf:29:17:ff:26:3e:7d:05:52:a5:67:5e:a6:
                    0a:11:2c:6e:1c:88:b9:11:00:29:5d:42:77:6c:0b:
                    79:80:dd:5c:07:46:06:66:48:c7:bb:d3:86:3e:50:
                    c8:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:7F:06:18:F1:69:3E:F2:33:9E:A3:5B:2B:63:90:75:8A:5F:CB:40
            X509v3 Authority Key Identifier:
                keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/uH8GGPFpPvIznqNbK2OQdYpfy0A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.131.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         29:f0:b4:5d:6d:62:ea:ed:6c:f3:85:d0:03:38:3e:8e:a4:72:
         41:29:4c:26:ab:3f:94:9f:60:09:f9:6a:93:cd:7c:f5:81:bf:
         67:25:36:fe:a8:d6:5f:42:42:b9:8c:87:29:ef:87:8e:84:fd:
         dc:32:9e:c7:68:69:ae:d9:69:22:36:e0:bc:26:52:95:98:90:
         f5:cd:55:10:69:8d:2d:17:ae:f0:ff:f2:7a:d7:21:ad:2d:41:
         58:34:11:15:b7:f8:51:1c:af:e3:ad:a7:bc:85:cf:a0:bf:90:
         8a:f2:85:39:a4:b6:b3:0f:b0:17:e7:e4:89:74:6d:70:4a:59:
         00:1d:d7:d5:c1:7b:fd:ac:66:3f:40:54:38:45:90:b9:13:1c:
         70:d1:59:c2:c9:2a:75:f3:63:de:94:bd:d8:0b:4e:37:81:06:
         7c:28:32:a1:89:09:b0:a7:7b:cc:cb:d0:b3:cd:29:12:0d:21:
         b9:f6:fd:0e:7c:fd:a2:b0:04:4d:c3:5f:ed:73:c9:f4:e9:61:
         7c:0a:d6:4d:bb:49:8e:84:a3:e9:37:d3:af:f0:1d:81:92:34:
         d4:ad:d9:c6:40:1a:78:a9:2d:6f:aa:2e:bb:94:99:63:61:4a:
         fc:c2:f5:30:aa:7e:f6:3a:4c:9d:e2:3d:be:66:17:51:00:e2:
         5a:8a:ec:3f
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDA+i9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkwYWI3NzAwHhcNMjIwMzIy
MTgzOTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiODdmMDYxOGYxNjkz
ZWYyMzM5ZWEzNWIyYjYzOTA3NThhNWZjYjQwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArWPOm2myZeuOjeGtje235SMVILCS8X3UynNzkVL+DIV8RmXn
zm5SsX0UNSJUuv+rs/g2WA38KzDcC7GixmWkCWwQdiqVikPWKGgNjuG98IDRJ6si
FDTuZYsBerW67lYbVq50tHC2+AQcXKafs+RPGQYyOTml1+m2/fvSHxm0KRcMQsrF
Vhpf+xMczacNXnhdUd8KvMoX534jsZWXrObUkjL1hAAdNkn3r23eRDxQ4zsYr9y6
3q5TRcbnPIoZ98cpt4OyoLt11LznFZjE1cY12tNR2c8pF/8mPn0FUqVnXqYKESxu
HIi5EQApXUJ3bAt5gN1cB0YGZkjHu9OGPlDIVQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFLh/BhjxaT7yM56jWytjkHWKX8tAMB8GA1UdIwQYMBaAFNnv6dNvX4j98EdC
xBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEv
dUg4R0dQRnBQdkl6bnFOYksyT1FkWXBmeTBBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81
NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEvMmVfcDAyOWZpUDN3
UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYOSMA0GCSqGSIb3DQEBCwUAA4IB
AQAp8LRdbWLq7WzzhdADOD6OpHJBKUwmqz+Un2AJ+WqTzXz1gb9nJTb+qNZfQkK5
jIcp74eOhP3cMp7HaGmu2WkiNuC8JlKVmJD1zVUQaY0tF67w//J61yGtLUFYNBEV
t/hRHK/jrae8hc+gv5CK8oU5pLazD7AX5+SJdG1wSlkAHdfVwXv9rGY/QFQ4RZC5
Exxw0VnCySp182PelL3YC043gQZ8KDKhiQmwp3vMy9CzzSkSDSG59v0OfP2isARN
w1/tc8n06WF8CtZNu0mOhKPpN9Ov8B2BkjTUrdnGQBp4qS1vqi67lJljYUr8wvUw
qn72Okyd4j2+ZhdRAOJaiuw/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:55 2024 by rpki-client on console-fra.rpki-client.org