Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/lE7bd5NnSQml_kaqXR4mw15vwAo.roa
File:                     lE7bd5NnSQml_kaqXR4mw15vwAo.roa (raw, json)
Hash identifier:          6SBF9AGxAbfHScsZ6x1NH0Exc9hcPVh+zKEEBiKp4ew=
Subject key identifier:   94:4E:DB:77:93:67:49:09:A5:FE:46:AA:5D:1E:26:C3:5E:6F:C0:0A
Certificate issuer:       /CN=6d7b79604af1f3908f4817956626353ee6ffc1f4
Certificate serial:       077307E9
Authority key identifier: 6D:7B:79:60:4A:F1:F3:90:8F:48:17:95:66:26:35:3E:E6:FF:C1:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXt5YErx85CPSBeVZiY1Pub_wfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/lE7bd5NnSQml_kaqXR4mw15vwAo.roa
Signing time:             Sat 01 Jan 2022 08:57:28 +0000
ROA not before:           Sat 01 Jan 2022 08:57:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197792
IP address blocks:        185.37.184.0/22 maxlen: 22
                          31.209.96.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124979177 (0x77307e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d7b79604af1f3908f4817956626353ee6ffc1f4
        Validity
            Not Before: Jan  1 08:57:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=944edb7793674909a5fe46aa5d1e26c35e6fc00a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:57:58:dc:48:0b:f2:bf:04:ce:44:cd:cb:74:
                    c4:83:c9:e9:ac:c5:74:43:d4:31:e4:47:67:95:5c:
                    ea:b9:48:e0:90:00:9c:94:dd:bb:2c:fc:73:67:75:
                    96:50:35:48:5e:db:13:44:97:42:ff:bd:d0:7b:c8:
                    ef:95:59:04:af:36:52:f7:07:2c:f9:0e:48:70:24:
                    06:fa:18:39:90:44:1a:4c:2d:a9:e4:a3:c3:e3:51:
                    34:ee:97:f1:99:80:b3:19:ae:cd:18:b9:09:11:cf:
                    4c:79:77:9b:52:f8:2c:d9:52:3c:12:a3:48:a8:93:
                    5c:38:ed:28:26:5d:58:31:9e:8d:dd:de:e9:79:4a:
                    4a:3f:23:ce:e4:de:ba:4e:bc:0b:41:4b:38:03:bf:
                    1f:1a:3d:39:9c:11:77:c6:c2:c5:0b:42:93:8e:6f:
                    fc:ba:ab:9a:ea:bb:f9:d7:0b:c5:c8:8f:26:b4:be:
                    73:5a:3e:46:1c:4a:54:33:67:5c:33:9c:f4:31:98:
                    4c:bf:83:02:db:23:b3:57:d6:45:ff:a2:4e:b0:97:
                    42:a7:43:82:7c:45:9c:78:3a:1e:bd:4a:f0:6f:9e:
                    fe:9a:44:d6:1b:ea:b5:f4:dc:7a:c8:ef:c2:fc:0f:
                    da:48:c5:0f:9a:f9:6c:c1:d9:71:01:fe:91:ca:a8:
                    aa:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:4E:DB:77:93:67:49:09:A5:FE:46:AA:5D:1E:26:C3:5E:6F:C0:0A
            X509v3 Authority Key Identifier:
                keyid:6D:7B:79:60:4A:F1:F3:90:8F:48:17:95:66:26:35:3E:E6:FF:C1:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXt5YErx85CPSBeVZiY1Pub_wfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/lE7bd5NnSQml_kaqXR4mw15vwAo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bXt5YErx85CPSBeVZiY1Pub_wfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.209.96.0/20
                  185.37.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:c7:18:8e:4f:5c:40:22:a4:c6:db:0a:7f:07:3e:32:f7:ac:
         99:79:86:7d:ae:67:55:6e:d1:67:5a:cc:43:9a:cc:a7:55:bb:
         3f:a3:c1:73:a6:e7:66:3e:22:c4:10:21:52:bc:34:db:16:2f:
         69:89:d0:2d:07:5c:3a:f5:df:d9:83:0a:9a:09:65:ba:73:03:
         12:ab:16:72:c9:2b:dc:47:aa:5f:76:1b:05:98:24:75:5f:df:
         2a:76:ac:a7:5e:94:5f:e3:43:5f:00:3d:11:4f:c7:ee:3c:71:
         e2:fa:e2:36:82:45:1c:37:63:a2:e7:a7:9a:58:63:81:29:b6:
         98:2f:ea:ba:6b:bd:63:fa:36:b6:1f:11:c5:5d:59:fb:07:e9:
         82:73:2c:b6:a5:8d:35:51:38:f0:e5:98:43:c3:95:a9:bc:4d:
         f8:82:d7:2b:ed:0e:73:7e:d0:e3:ef:24:36:6e:27:aa:78:21:
         ae:87:3c:0f:39:14:9d:ac:73:b8:97:20:f5:e4:46:83:fb:7c:
         96:4d:93:ce:aa:24:d5:23:a1:b8:f7:c7:53:38:40:61:df:58:
         66:a7:9c:73:f2:03:5e:ee:b6:79:9c:bb:dc:f9:a7:7b:24:f6:
         d7:0f:e5:f8:5e:b4:d2:44:79:c3:9a:4b:c1:ca:d2:5d:c9:81:
         4e:7d:90:07
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB3MH6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDdiNzk2MDRhZjFmMzkwOGY0ODE3OTU2NjI2MzUzZWU2ZmZjMWY0MB4XDTIyMDEw
MTA4NTcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ0ZWRiNzc5MzY3
NDkwOWE1ZmU0NmFhNWQxZTI2YzM1ZTZmYzAwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVXWNxIC/K/BM5Ezct0xIPJ6azFdEPUMeRHZ5Vc6rlI4JAA
nJTduyz8c2d1llA1SF7bE0SXQv+90HvI75VZBK82UvcHLPkOSHAkBvoYOZBEGkwt
qeSjw+NRNO6X8ZmAsxmuzRi5CRHPTHl3m1L4LNlSPBKjSKiTXDjtKCZdWDGejd3e
6XlKSj8jzuTeuk68C0FLOAO/Hxo9OZwRd8bCxQtCk45v/Lqrmuq7+dcLxciPJrS+
c1o+RhxKVDNnXDOc9DGYTL+DAtsjs1fWRf+iTrCXQqdDgnxFnHg6Hr1K8G+e/ppE
1hvqtfTcesjvwvwP2kjFD5r5bMHZcQH+kcqoqhECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSUTtt3k2dJCaX+RqpdHibDXm/ACjAfBgNVHSMEGDAWgBRte3lgSvHzkI9I
F5VmJjU+5v/B9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JYdDVZRXJ4ODVDUFNCZVZaaVkxUHViX3dmUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvOTNhNzM0LTNjYjctNDEyYy1iNDVmLTI3NWI2ZTlmYmM2My8x
L2xFN2JkNU5uU1FtbF9rYXFYUjRtdzE1dndBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
OTNhNzM0LTNjYjctNDEyYy1iNDVmLTI3NWI2ZTlmYmM2My8xL2JYdDVZRXJ4ODVD
UFNCZVZaaVkxUHViX3dmUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBB/RYAMEArkluDANBgkqhkiG9w0B
AQsFAAOCAQEAG8cYjk9cQCKkxtsKfwc+MvesmXmGfa5nVW7RZ1rMQ5rMp1W7P6PB
c6bnZj4ixBAhUrw02xYvaYnQLQdcOvXf2YMKmgllunMDEqsWcskr3EeqX3YbBZgk
dV/fKnasp16UX+NDXwA9EU/H7jxx4vriNoJFHDdjouenmlhjgSm2mC/qumu9Y/o2
th8RxV1Z+wfpgnMstqWNNVE48OWYQ8OVqbxN+ILXK+0Oc37Q4+8kNm4nqnghroc8
DzkUnaxzuJcg9eRGg/t8lk2Tzqok1SOhuPfHUzhAYd9YZqecc/IDXu62eZy73Pmn
eyT21w/l+F600kR5w5pLwcrSXcmBTn2QBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:13 2024 by rpki-client on console-fra.rpki-client.org