Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/mUbbrItWIOB7RLyQrwHDesAUifk.roa
File:                     mUbbrItWIOB7RLyQrwHDesAUifk.roa (raw, json)
Hash identifier:          VhDRl1+Myj2A6/g1zzLRSFjaWPcnMhOOOfYKA6Lusiw=
Subject key identifier:   99:46:DB:AC:8B:56:20:E0:7B:44:BC:90:AF:01:C3:7A:C0:14:89:F9
Certificate issuer:       /CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Certificate serial:       06728C14
Authority key identifier: D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/mUbbrItWIOB7RLyQrwHDesAUifk.roa
Signing time:             Mon 21 Mar 2022 17:45:24 +0000
ROA not before:           Mon 21 Mar 2022 17:45:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        185.175.30.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 108170260 (0x6728c14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
        Validity
            Not Before: Mar 21 17:45:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9946dbac8b5620e07b44bc90af01c37ac01489f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:dc:50:d8:b4:c8:06:c6:49:27:3e:4c:e6:de:
                    4b:f3:68:b3:80:2f:06:e5:47:ba:d5:b0:0c:9a:eb:
                    8b:b3:b9:31:19:b4:d9:af:78:1e:1c:ea:bb:95:2d:
                    fc:8e:41:14:7c:7c:ab:68:3d:64:12:eb:32:63:8e:
                    31:5a:76:6e:bd:4d:d7:de:e5:47:c6:ef:44:9b:cc:
                    75:4f:ab:f1:be:11:20:f7:95:07:05:95:8e:cb:50:
                    41:7c:37:c2:89:f1:e2:3b:89:4a:e6:ac:ff:b1:f7:
                    cd:f9:b4:ae:27:4d:cb:58:2f:3d:34:61:30:87:19:
                    c2:b6:62:23:19:e2:64:84:ad:83:2e:44:67:78:3a:
                    9c:a4:e4:cf:e3:9b:8e:3a:43:53:dc:8c:56:fe:83:
                    f9:7d:7d:fb:d0:1c:79:ab:2f:1d:d2:89:83:ed:ad:
                    39:87:b5:80:ee:ba:0a:d7:ba:2b:f9:4c:15:e3:5d:
                    07:8c:5f:52:e9:5d:58:2e:63:53:c6:1d:44:88:d9:
                    a3:6d:3d:f8:f9:d8:59:f4:16:a8:d6:78:44:27:ec:
                    50:bf:d5:05:50:7a:02:da:d9:81:ef:23:45:ce:d4:
                    b3:8f:4d:c3:65:c7:59:37:3f:54:33:e2:bb:25:67:
                    14:5d:d2:18:9f:93:f6:e1:09:8e:5f:50:ac:48:8e:
                    21:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:46:DB:AC:8B:56:20:E0:7B:44:BC:90:AF:01:C3:7A:C0:14:89:F9
            X509v3 Authority Key Identifier:
                keyid:D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/mUbbrItWIOB7RLyQrwHDesAUifk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.175.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         91:28:df:f7:25:41:08:8a:dd:9b:20:94:aa:a8:8d:6b:ae:f9:
         7c:a9:51:8b:94:6e:7d:b7:db:63:4d:ed:53:ac:3b:17:ff:1b:
         2f:9c:39:ca:c7:f5:e5:6c:16:77:cb:3a:93:59:57:5a:51:58:
         2b:7e:4d:ea:14:da:29:81:b2:85:e1:dc:45:5a:cf:a5:fb:44:
         92:80:b9:3a:91:f6:d9:31:22:21:fb:3c:30:f3:b8:52:5f:9c:
         e1:6f:fd:43:b0:a3:28:77:a8:b0:4a:d9:7d:20:f8:c6:a2:5c:
         d1:13:37:98:22:99:1e:0e:8e:1d:44:ae:41:54:3f:c3:1a:a2:
         6c:c3:a9:c2:24:33:18:6b:c1:dc:33:80:f5:35:83:c5:fc:ae:
         12:e7:29:b7:70:3b:71:95:22:7d:c0:b5:93:e2:b8:75:6b:fc:
         f8:c0:b3:cf:4d:bf:40:e2:5c:eb:bc:b7:cd:f9:53:0c:d1:74:
         2c:3a:94:61:a9:6c:f8:76:50:4d:63:69:75:de:ba:c4:37:51:
         7e:3c:5c:9e:e7:5c:5a:72:60:d7:db:d2:df:47:25:c3:11:57:
         5d:7c:8b:a8:9e:97:db:29:50:18:c5:e3:57:08:1c:ea:e0:b2:
         fb:9a:17:1f:47:02:63:34:f1:8e:1b:0d:05:4c:30:44:bd:76:
         a6:05:db:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBnKMFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTM1ZjhmYWM3MDYyZjc3ZjI0Yjk4Y2Q1YzNiNTRhODliYWQ0ODM4MB4XDTIyMDMy
MTE3NDUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk0NmRiYWM4YjU2
MjBlMDdiNDRiYzkwYWYwMWMzN2FjMDE0ODlmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDcUNi0yAbGSSc+TObeS/Nos4AvBuVHutWwDJrri7O5MRm0
2a94Hhzqu5Ut/I5BFHx8q2g9ZBLrMmOOMVp2br1N197lR8bvRJvMdU+r8b4RIPeV
BwWVjstQQXw3wonx4juJSuas/7H3zfm0ridNy1gvPTRhMIcZwrZiIxniZIStgy5E
Z3g6nKTkz+ObjjpDU9yMVv6D+X19+9AceasvHdKJg+2tOYe1gO66Cte6K/lMFeNd
B4xfUuldWC5jU8YdRIjZo209+PnYWfQWqNZ4RCfsUL/VBVB6AtrZge8jRc7Us49N
w2XHWTc/VDPiuyVnFF3SGJ+T9uEJjl9QrEiOIYUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSZRtusi1Yg4HtEvJCvAcN6wBSJ+TAfBgNVHSMEGDAWgBTVNfj6xwYvd/JL
mM1cO1Som61IODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFUWDQtc2NHTDNmeVM1ak5YRHRVcUp1dFNEZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvMDk3ZGExLTdjYzktNDM0My04MDI0LWIzMTBkNzFjMmNhZC8x
L21VYmJySXRXSU9CN1JMeVFyd0hEZXNBVWlmay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
MDk3ZGExLTdjYzktNDM0My04MDI0LWIzMTBkNzFjMmNhZC8xLzFUWDQtc2NHTDNm
eVM1ak5YRHRVcUp1dFNEZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmvHjANBgkqhkiG9w0BAQsFAAOC
AQEAkSjf9yVBCIrdmyCUqqiNa675fKlRi5RufbfbY03tU6w7F/8bL5w5ysf15WwW
d8s6k1lXWlFYK35N6hTaKYGyheHcRVrPpftEkoC5OpH22TEiIfs8MPO4Ul+c4W/9
Q7CjKHeosErZfSD4xqJc0RM3mCKZHg6OHUSuQVQ/wxqibMOpwiQzGGvB3DOA9TWD
xfyuEucpt3A7cZUifcC1k+K4dWv8+MCzz02/QOJc67y3zflTDNF0LDqUYals+HZQ
TWNpdd66xDdRfjxcnudcWnJg19vS30clwxFXXXyLqJ6X2ylQGMXjVwgc6uCy+5oX
H0cCYzTxjhsNBUwwRL12pgXbpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:23 2024 by rpki-client on console-ams.rpki-client.org