Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2SlbydokITwYJSEK8lejWT2B7Og.roa
File:                     2SlbydokITwYJSEK8lejWT2B7Og.roa (raw, json)
Hash identifier:          6Ff0IGNPFlESTq3Vjc2de9YBvwhR5NtNxvdjJxu2JC8=
Subject key identifier:   D9:29:5B:C9:DA:24:21:3C:18:25:21:0A:F2:57:A3:59:3D:81:EC:E8
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018321E9A39C70AA2CEAD73C83AE377EF931
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2SlbydokITwYJSEK8lejWT2B7Og.roa
Signing time:             Fri 09 Sep 2022 11:01:43 +0000
ROA not before:           Fri 09 Sep 2022 11:01:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28753
IP address blocks:        185.172.130.0/24 maxlen: 24
                          185.172.131.0/24 maxlen: 24
                          185.94.166.0/24 maxlen: 24
                          45.138.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:21:e9:a3:9c:70:aa:2c:ea:d7:3c:83:ae:37:7e:f9:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Sep  9 11:01:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d9295bc9da24213c1825210af257a3593d81ece8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:0f:fe:50:bd:e0:a2:e6:b7:85:f9:a9:a6:51:
                    ee:b9:d4:8c:6a:04:48:33:e4:b3:08:d8:f6:6b:7d:
                    54:94:ab:8d:3b:ec:59:c0:39:44:21:7d:6b:99:04:
                    5f:7f:df:24:f2:e0:e6:9c:be:5a:cb:81:2f:7f:d9:
                    36:d7:dd:6b:78:9b:ae:49:06:0f:c3:45:f1:91:5b:
                    c2:fd:1f:64:1e:f3:f0:34:93:bd:80:44:35:d6:5d:
                    9b:d8:46:33:78:b5:43:36:bf:09:19:ec:4f:11:2c:
                    2b:39:df:be:75:6d:5b:e3:e8:17:ad:1c:57:b2:ce:
                    41:72:ec:b8:72:8c:23:9d:32:75:b5:1f:0b:22:e0:
                    6b:63:8e:75:69:5a:b4:df:5c:aa:22:46:4c:c6:a5:
                    82:c5:6d:d7:3d:b6:76:0f:86:c8:69:52:d3:64:98:
                    5c:3a:b5:af:54:8c:54:04:0f:d9:56:0a:29:f4:f3:
                    20:a0:0f:29:fd:5e:4e:c6:95:cc:64:20:21:11:fd:
                    67:39:52:d4:fd:5f:08:42:8d:2c:bc:7e:8e:25:3c:
                    31:ff:c8:f2:a5:a3:a9:70:76:51:e3:f7:b5:99:72:
                    ed:b0:ab:2f:2d:ad:7d:00:91:80:2a:64:2b:f7:e2:
                    38:6f:7c:22:8b:4e:1f:56:9e:ff:cb:3f:35:f7:b6:
                    a1:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:29:5B:C9:DA:24:21:3C:18:25:21:0A:F2:57:A3:59:3D:81:EC:E8
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2SlbydokITwYJSEK8lejWT2B7Og.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.72.0/24
                  185.94.166.0/24
                  185.172.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a7:b9:4b:20:67:b1:11:68:bc:b6:b9:d8:03:e7:51:7b:2d:81:
         00:24:f8:e6:74:85:3c:96:23:ff:74:96:6d:07:eb:49:f2:75:
         a9:e5:41:94:33:6b:62:bf:ce:ad:90:a4:95:44:5f:ad:16:14:
         bf:70:1a:8d:e3:e6:8a:23:53:bd:55:fc:5e:e0:26:c4:01:6c:
         4f:90:3c:fa:52:eb:00:7b:bb:7c:a3:ab:fa:e5:70:40:6e:8e:
         64:9a:12:5e:ac:d0:62:f8:8c:e4:5e:ce:38:29:f3:bd:0e:16:
         d9:65:cb:5e:6d:3e:2c:8a:ad:7e:f3:bc:b5:16:e8:52:4f:c2:
         0c:87:5e:47:62:b2:4e:0d:04:f5:e2:74:58:ca:57:06:f9:6d:
         bd:51:7c:3b:d6:30:e7:85:3f:47:a2:4e:17:84:09:e3:bf:9d:
         2a:c9:93:57:c5:42:f8:ef:3e:08:70:58:b4:93:20:4d:48:b9:
         7b:08:e8:34:15:24:71:a5:d2:70:bf:b0:e0:ce:91:0c:ad:71:
         66:4f:38:7b:99:e4:8c:77:0f:df:2a:d2:d7:1a:f1:12:1f:c9:
         31:22:0e:9b:7f:36:05:80:23:87:13:91:28:99:90:4c:db:b3:
         06:23:5d:2a:6c:1b:b3:92:e7:63:7e:5d:19:95:c8:a5:2a:f1:
         c4:af:62:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMh6aOccKos6tc8g643fvkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTA5MTEwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTI5NWJjOWRhMjQyMTNjMTgyNTIxMGFmMjU3YTM1OTNkODFlY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig/+UL3goua3hfmpplHuudSMagRI
M+SzCNj2a31UlKuNO+xZwDlEIX1rmQRff98k8uDmnL5ay4Evf9k2191reJuuSQYP
w0XxkVvC/R9kHvPwNJO9gEQ11l2b2EYzeLVDNr8JGexPESwrOd++dW1b4+gXrRxX
ss5Bcuy4cowjnTJ1tR8LIuBrY451aVq031yqIkZMxqWCxW3XPbZ2D4bIaVLTZJhc
OrWvVIxUBA/ZVgop9PMgoA8p/V5OxpXMZCAhEf1nOVLU/V8IQo0svH6OJTwx/8jy
paOpcHZR4/e1mXLtsKsvLa19AJGAKmQr9+I4b3wii04fVp7/yz8197ah2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNkpW8naJCE8GCUhCvJXo1k9gezoMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMlNsYnlkb2tJVHdZSlNFSzhsZWpXVDJCN09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYpIAwQA
uV6mAwQBuayCMA0GCSqGSIb3DQEBCwUAA4IBAQCnuUsgZ7ERaLy2udgD51F7LYEA
JPjmdIU8liP/dJZtB+tJ8nWp5UGUM2tiv86tkKSVRF+tFhS/cBqN4+aKI1O9Vfxe
4CbEAWxPkDz6UusAe7t8o6v65XBAbo5kmhJerNBi+IzkXs44KfO9DhbZZctebT4s
iq1+87y1FuhST8IMh15HYrJODQT14nRYylcG+W29UXw71jDnhT9Hok4XhAnjv50q
yZNXxUL47z4IcFi0kyBNSLl7COg0FSRxpdJwv7DgzpEMrXFmTzh7meSMdw/fKtLX
GvESH8kxIg6bfzYFgCOHE5EomZBM27MGI10qbBuzkudjfl0ZlcilKvHEr2I3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org