Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/XgnCPlxi8lCdNiZq6-nr5-8RKtE.roa
File:                     XgnCPlxi8lCdNiZq6-nr5-8RKtE.roa (raw, json)
Hash identifier:          KRY7kmCrK6WMwTmDIZ3yZffXF1HPMqjCgngNxZInDMc=
Subject key identifier:   5E:09:C2:3E:5C:62:F2:50:9D:36:26:6A:EB:E9:EB:E7:EF:11:2A:D1
Certificate issuer:       /CN=504523f8811ebe5aa3598511a48f3baf0001a8e8
Certificate serial:       01C491D4
Authority key identifier: 50:45:23:F8:81:1E:BE:5A:A3:59:85:11:A4:8F:3B:AF:00:01:A8:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UEUj-IEevlqjWYURpI87rwABqOg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/XgnCPlxi8lCdNiZq6-nr5-8RKtE.roa
Signing time:             Sat 01 Jan 2022 02:53:33 +0000
ROA not before:           Sat 01 Jan 2022 02:53:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19905
IP address blocks:        185.239.93.0/24 maxlen: 24
                          185.239.92.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29659604 (0x1c491d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=504523f8811ebe5aa3598511a48f3baf0001a8e8
        Validity
            Not Before: Jan  1 02:53:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e09c23e5c62f2509d36266aebe9ebe7ef112ad1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:86:56:21:40:2b:8c:a3:73:6b:3c:57:ce:49:
                    25:8c:cc:0c:73:70:f1:8b:e3:a3:08:ce:f4:51:61:
                    0f:c1:08:a8:23:e2:c1:c1:5c:42:db:14:a5:06:08:
                    ef:32:05:b4:7c:ce:73:37:2e:ac:6d:18:8f:17:a8:
                    a4:bd:d8:c5:1b:3c:f9:89:30:cb:0a:ae:fd:72:5b:
                    27:b6:d3:6c:71:60:b1:af:80:a2:fd:7e:60:b1:4e:
                    3d:6d:bb:f6:91:23:4e:a9:88:a7:4b:ba:af:3e:ed:
                    31:cd:cd:99:a6:4b:71:d1:8d:c5:90:1c:39:a1:e4:
                    c4:bb:65:ab:7e:18:e3:a3:56:b5:41:d5:f6:09:0f:
                    c0:e0:90:36:05:a3:e2:50:a3:df:f5:67:ac:ac:1d:
                    8c:66:51:b0:69:05:e3:ee:e3:29:8c:99:2b:48:11:
                    56:db:5e:b0:7a:c9:d4:ec:e5:50:40:3d:8d:05:b5:
                    7f:95:3b:86:a9:b5:1b:a1:79:21:a7:f3:00:96:6a:
                    3a:bc:3a:42:88:05:2b:5e:ca:c3:d9:52:9d:91:1b:
                    a8:37:38:c6:2e:a3:00:67:77:26:3a:5a:aa:df:af:
                    8e:55:3f:2e:b4:16:d7:b8:b0:5d:27:a3:94:21:92:
                    99:aa:4e:44:c4:a4:55:a9:89:41:e1:f1:68:7a:f0:
                    7a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:09:C2:3E:5C:62:F2:50:9D:36:26:6A:EB:E9:EB:E7:EF:11:2A:D1
            X509v3 Authority Key Identifier:
                keyid:50:45:23:F8:81:1E:BE:5A:A3:59:85:11:A4:8F:3B:AF:00:01:A8:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UEUj-IEevlqjWYURpI87rwABqOg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/XgnCPlxi8lCdNiZq6-nr5-8RKtE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b023e-a397-46bb-9465-bf3f62b95f10/1/UEUj-IEevlqjWYURpI87rwABqOg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.239.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:d0:14:35:6a:10:a6:e3:7b:64:1e:04:a8:bf:6a:16:0c:93:
         23:7f:54:49:3a:90:99:ab:98:20:8c:ea:21:75:a8:ed:4e:a9:
         00:c4:71:87:84:f4:b6:03:bd:3c:5b:80:95:28:a4:c5:03:b6:
         e6:4a:31:a7:be:ce:1a:55:cf:83:c6:8f:fd:5a:c8:50:f1:3f:
         ee:94:d1:e4:fe:18:fe:ec:4d:50:17:b3:72:13:7b:14:6e:e9:
         a1:de:d7:79:d0:5a:73:e5:a6:bf:4f:4b:75:94:ae:33:1e:e0:
         5e:bf:97:d0:e7:1b:f8:67:ee:d1:42:4f:05:d8:81:b5:5f:6f:
         32:50:be:e2:10:30:da:ba:d2:27:75:0f:af:6f:da:cb:5e:96:
         08:d2:fc:54:6b:6e:01:7f:76:2a:43:3b:97:e1:8d:72:ce:b0:
         7e:e9:ab:61:e7:90:f9:6f:b2:30:0c:4d:ad:4c:03:e5:89:60:
         5d:92:01:32:b6:0d:c1:0d:cf:b5:15:3d:be:af:38:ee:00:61:
         f7:43:b2:0a:ae:81:b7:3a:1e:6c:86:43:9a:83:ab:b5:c2:70:
         29:f1:b8:3a:cd:c8:79:20:64:64:6e:ec:48:1e:ad:a6:eb:dc:
         41:bd:40:73:33:f0:14:1a:db:c8:ff:a0:f1:0b:ca:1a:cd:37:
         97:d1:6a:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAcSR1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MDQ1MjNmODgxMWViZTVhYTM1OTg1MTFhNDhmM2JhZjAwMDFhOGU4MB4XDTIyMDEw
MTAyNTMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUwOWMyM2U1YzYy
ZjI1MDlkMzYyNjZhZWJlOWViZTdlZjExMmFkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyGViFAK4yjc2s8V85JJYzMDHNw8YvjowjO9FFhD8EIqCPi
wcFcQtsUpQYI7zIFtHzOczcurG0YjxeopL3YxRs8+Ykwywqu/XJbJ7bTbHFgsa+A
ov1+YLFOPW279pEjTqmIp0u6rz7tMc3NmaZLcdGNxZAcOaHkxLtlq34Y46NWtUHV
9gkPwOCQNgWj4lCj3/VnrKwdjGZRsGkF4+7jKYyZK0gRVttesHrJ1OzlUEA9jQW1
f5U7hqm1G6F5IafzAJZqOrw6QogFK17Kw9lSnZEbqDc4xi6jAGd3Jjpaqt+vjlU/
LrQW17iwXSejlCGSmapORMSkVamJQeHxaHrweicCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBReCcI+XGLyUJ02Jmrr6evn7xEq0TAfBgNVHSMEGDAWgBRQRSP4gR6+WqNZ
hRGkjzuvAAGo6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VFVWotSUVldmxxaldZVVJwSTg3cndBQnFPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvM2IwMjNlLWEzOTctNDZiYi05NDY1LWJmM2Y2MmI5NWYxMC8x
L1hnbkNQbHhpOGxDZE5pWnE2LW5yNS04Ukt0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
M2IwMjNlLWEzOTctNDZiYi05NDY1LWJmM2Y2MmI5NWYxMC8xL1VFVWotSUVldmxx
aldZVVJwSTg3cndBQnFPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnvXDANBgkqhkiG9w0BAQsFAAOC
AQEAItAUNWoQpuN7ZB4EqL9qFgyTI39USTqQmauYIIzqIXWo7U6pAMRxh4T0tgO9
PFuAlSikxQO25koxp77OGlXPg8aP/VrIUPE/7pTR5P4Y/uxNUBezchN7FG7pod7X
edBac+Wmv09LdZSuMx7gXr+X0Ocb+Gfu0UJPBdiBtV9vMlC+4hAw2rrSJ3UPr2/a
y16WCNL8VGtuAX92KkM7l+GNcs6wfumrYeeQ+W+yMAxNrUwD5YlgXZIBMrYNwQ3P
tRU9vq847gBh90OyCq6BtzoebIZDmoOrtcJwKfG4Os3IeSBkZG7sSB6tpuvcQb1A
czPwFBrbyP+g8QvKGs03l9FqZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:31 2024 by rpki-client on console-ams.rpki-client.org