Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4bMQg6netk0Sd7A0uRmyjiae_Vk.roa
File:                     4bMQg6netk0Sd7A0uRmyjiae_Vk.roa (raw, json)
Hash identifier:          Jkgoj4iwsnk+cX2CQvjY60aFcUfkOiHsVF+Df6iVTdY=
Subject key identifier:   E1:B3:10:83:A9:DE:B6:4D:12:77:B0:34:B9:19:B2:8E:26:9E:FD:59
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       041F6ED4
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4bMQg6netk0Sd7A0uRmyjiae_Vk.roa
Signing time:             Mon 14 Mar 2022 16:48:15 +0000
ROA not before:           Mon 14 Mar 2022 16:48:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24875
IP address blocks:        185.106.92.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69168852 (0x41f6ed4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Mar 14 16:48:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e1b31083a9deb64d1277b034b919b28e269efd59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:70:46:ae:71:29:c1:ac:1f:8a:a2:47:2b:e0:
                    cf:26:a8:d8:a3:5f:a4:42:3e:61:8f:b3:00:02:d4:
                    a6:55:4c:45:e6:66:77:02:a3:9c:5e:b3:bb:5e:7c:
                    20:31:35:49:35:ee:55:c9:99:9d:d8:65:84:38:77:
                    25:ca:21:c9:3a:d0:b1:c9:75:21:07:54:f6:e8:28:
                    8f:b3:dc:e8:33:76:c5:a2:7b:e7:1a:f5:8a:0d:bb:
                    4c:6f:d4:29:3b:05:04:45:6e:a7:48:4f:b3:7e:ad:
                    d8:ee:30:b0:c8:c4:f7:f2:d7:2d:8b:20:aa:fa:a6:
                    3c:e5:8c:9b:7c:d6:9d:50:00:ba:85:ce:2d:68:2d:
                    4f:eb:68:1d:53:a4:f8:e7:2f:f8:39:35:3a:2a:eb:
                    1e:77:ae:a3:b8:37:b4:ed:06:a4:0d:3b:06:f5:e6:
                    e8:59:8e:ca:fe:74:05:c9:e5:b6:6a:a9:58:8a:0a:
                    b8:9c:1a:5e:41:61:34:40:ea:02:0b:58:2e:54:6e:
                    fc:d8:31:ee:d4:75:d1:ca:79:44:40:8d:54:3f:ec:
                    74:a1:0c:76:99:2b:6f:04:c3:f0:f2:f9:de:85:4a:
                    b2:bd:03:14:a7:be:23:9d:68:bb:73:85:e5:50:a2:
                    99:00:cd:92:2d:17:ee:f4:cd:1b:b6:51:f3:1f:36:
                    2f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:B3:10:83:A9:DE:B6:4D:12:77:B0:34:B9:19:B2:8E:26:9E:FD:59
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4bMQg6netk0Sd7A0uRmyjiae_Vk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.106.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:7b:af:3e:d3:09:2e:04:f2:a6:b2:9f:6d:63:74:db:7f:ec:
         05:eb:5b:89:93:09:2b:6a:b0:d8:ab:3e:e6:3c:42:5d:32:60:
         5e:79:2e:4b:15:73:70:cc:59:fc:a0:d1:cd:24:3b:49:1a:24:
         b3:3b:e2:a0:a0:0d:8d:b2:ef:3b:62:bf:2b:b9:52:a7:5f:29:
         60:60:2b:19:b2:46:7c:99:63:f8:ca:ae:3c:fa:ce:c8:72:64:
         23:eb:a8:84:aa:d3:b9:6a:6b:0d:56:02:77:3d:cb:1c:7e:b5:
         87:df:4a:61:33:b0:03:35:50:b0:73:36:e7:08:e0:ea:fa:a1:
         1b:ef:27:60:80:67:b9:ef:ef:99:c7:21:b1:b5:10:b4:52:c8:
         26:a1:12:16:27:6a:a0:75:06:42:34:93:a8:38:66:fb:e8:51:
         d5:6d:3c:a8:3a:e0:3a:55:90:37:d9:18:1a:94:02:a7:74:ac:
         e0:aa:cd:c0:1f:59:05:d8:54:08:75:08:8b:db:43:d7:10:fc:
         7d:f6:eb:e6:09:21:8e:67:81:1b:37:ba:f2:42:fd:8b:e8:97:
         c2:fb:e7:2b:e9:42:ea:41:c7:fc:36:06:38:4b:6a:e8:ac:4d:
         42:9d:4f:63:d1:eb:57:40:a0:45:db:8e:b2:3c:4d:51:42:68:
         78:05:e7:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBB9u1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
NDE2NDgxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFiMzEwODNhOWRl
YjY0ZDEyNzdiMDM0YjkxOWIyOGUyNjllZmQ1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNwRq5xKcGsH4qiRyvgzyao2KNfpEI+YY+zAALUplVMReZm
dwKjnF6zu158IDE1STXuVcmZndhlhDh3JcohyTrQscl1IQdU9ugoj7Pc6DN2xaJ7
5xr1ig27TG/UKTsFBEVup0hPs36t2O4wsMjE9/LXLYsgqvqmPOWMm3zWnVAAuoXO
LWgtT+toHVOk+Ocv+Dk1OirrHneuo7g3tO0GpA07BvXm6FmOyv50BcnltmqpWIoK
uJwaXkFhNEDqAgtYLlRu/Ngx7tR10cp5RECNVD/sdKEMdpkrbwTD8PL53oVKsr0D
FKe+I51ou3OF5VCimQDNki0X7vTNG7ZR8x82L3ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBThsxCDqd62TRJ3sDS5GbKOJp79WTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
LzRiTVFnNm5ldGswU2Q3QTB1Um15amlhZV9Way5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlqXDANBgkqhkiG9w0BAQsFAAOC
AQEAkXuvPtMJLgTyprKfbWN023/sBetbiZMJK2qw2Ks+5jxCXTJgXnkuSxVzcMxZ
/KDRzSQ7SRokszvioKANjbLvO2K/K7lSp18pYGArGbJGfJlj+MquPPrOyHJkI+uo
hKrTuWprDVYCdz3LHH61h99KYTOwAzVQsHM25wjg6vqhG+8nYIBnue/vmcchsbUQ
tFLIJqESFidqoHUGQjSTqDhm++hR1W08qDrgOlWQN9kYGpQCp3Ss4KrNwB9ZBdhU
CHUIi9tD1xD8ffbr5gkhjmeBGze68kL9i+iXwvvnK+lC6kHH/DYGOEtq6KxNQp1P
Y9HrV0CgRduOsjxNUUJoeAXnGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org