Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_ZVfXxZwMo40CfZlhnSGQmtsEv4.roa
File:                     _ZVfXxZwMo40CfZlhnSGQmtsEv4.roa (raw, json)
Hash identifier:          v850UmE9sL4p91mNvZKAbF/TklICDH8gPm7MFBtRAG8=
Subject key identifier:   FD:95:5F:5F:16:70:32:8E:34:09:F6:65:86:74:86:42:6B:6C:12:FE
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       0182118A9169302DE27133326ADBF6EB5566
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_ZVfXxZwMo40CfZlhnSGQmtsEv4.roa
Signing time:             Mon 18 Jul 2022 13:41:10 +0000
ROA not before:           Mon 18 Jul 2022 13:41:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44103
IP address blocks:        185.150.96.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:11:8a:91:69:30:2d:e2:71:33:32:6a:db:f6:eb:55:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jul 18 13:41:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fd955f5f1670328e3409f665867486426b6c12fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:83:99:2f:e8:cc:ea:ab:6c:9c:f9:f8:25:02:
                    20:f0:a8:be:b6:4d:ec:76:d0:41:bd:41:91:1f:72:
                    d2:53:18:28:9f:c6:22:f6:fc:d6:ca:a8:61:4f:b0:
                    04:2a:ce:40:4f:7b:64:b2:3d:ed:1e:d6:49:5f:bc:
                    41:ae:2c:9c:5b:fd:21:55:e9:dc:da:b8:59:43:c7:
                    3f:6d:32:2f:8f:23:76:4c:1a:78:6f:c5:af:39:b1:
                    85:49:3f:d9:26:f2:0d:28:73:f1:67:34:79:b0:71:
                    a9:40:eb:8d:6d:6a:dd:aa:98:67:3b:5c:74:ab:27:
                    bd:da:43:93:6c:d9:65:88:04:b6:76:54:51:92:fe:
                    b9:2a:75:d2:2e:c0:8f:a0:f5:e4:aa:48:86:8b:f4:
                    0f:e1:a9:92:41:08:6a:09:32:9e:29:f8:f4:e5:fe:
                    11:04:3d:bd:ae:d0:2c:67:1d:7c:5d:b2:af:a3:a2:
                    8e:f6:5b:b2:a6:76:c9:c3:60:bd:a9:27:69:7d:38:
                    fd:a6:09:8e:0e:61:71:83:48:d3:e9:71:5f:d1:bc:
                    52:d8:a0:0f:e6:dc:59:e5:be:bb:19:9d:59:fa:4d:
                    a2:56:f0:cb:7c:f7:a4:8a:b5:dc:d5:ea:da:85:66:
                    e7:7f:8d:21:ae:25:99:b5:5f:ce:94:28:26:32:dd:
                    0c:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:95:5F:5F:16:70:32:8E:34:09:F6:65:86:74:86:42:6B:6C:12:FE
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_ZVfXxZwMo40CfZlhnSGQmtsEv4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:a6:12:bf:2e:e1:19:9a:36:a6:22:dd:35:b0:a7:75:7b:a0:
         3b:dd:d0:d7:cf:2e:a3:dc:52:9e:81:14:b7:70:41:fe:a1:00:
         c2:c2:db:53:fd:3a:ec:59:fe:c1:c2:4c:b5:fc:d6:49:3d:d7:
         09:7d:63:dd:35:10:fd:1d:37:5a:f3:7c:09:33:fb:05:77:dd:
         c3:ad:0c:e5:7c:fc:ec:ee:7a:b8:40:21:85:3c:9b:ed:a0:ab:
         4d:02:00:84:12:76:ee:51:65:61:9c:92:c6:1b:c9:cf:bc:7c:
         1f:e1:ae:6f:e4:0a:87:ea:8f:17:0b:89:ac:71:3b:28:e7:1b:
         77:90:da:3d:e5:e7:d6:aa:9a:be:12:f9:43:ef:f5:be:39:21:
         e9:68:38:52:dc:de:f3:8f:2e:73:25:66:6b:01:62:be:03:07:
         7b:e7:54:3f:27:0f:37:5b:21:bc:3d:93:60:c2:50:04:62:a0:
         d7:a9:cc:c9:1f:20:04:7e:bb:d2:3e:3f:cb:97:b5:f2:a1:ca:
         39:9f:77:98:a0:56:02:b3:58:e4:d9:c9:83:83:41:4a:85:b0:
         0c:f4:26:e3:a1:52:4c:90:01:20:9d:98:33:4e:9d:bc:a8:42:
         68:11:b9:74:9d:57:ca:5f:09:b0:d4:e4:88:f8:f3:d7:e6:da:
         1c:05:66:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIRipFpMC3icTMyatv261VmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjIwNzE4MTM0MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDk1NWY1ZjE2NzAzMjhlMzQwOWY2NjU4Njc0ODY0MjZiNmMxMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoOZL+jM6qtsnPn4JQIg8Ki+tk3s
dtBBvUGRH3LSUxgon8Yi9vzWyqhhT7AEKs5AT3tksj3tHtZJX7xBriycW/0hVenc
2rhZQ8c/bTIvjyN2TBp4b8WvObGFST/ZJvINKHPxZzR5sHGpQOuNbWrdqphnO1x0
qye92kOTbNlliAS2dlRRkv65KnXSLsCPoPXkqkiGi/QP4amSQQhqCTKeKfj05f4R
BD29rtAsZx18XbKvo6KO9luypnbJw2C9qSdpfTj9pgmODmFxg0jT6XFf0bxS2KAP
5txZ5b67GZ1Z+k2iVvDLfPekirXc1erahWbnf40hriWZtV/OlCgmMt0MfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2VX18WcDKONAn2ZYZ0hkJrbBL+MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvX1pWZlh4WndNbzQwQ2ZabGhuU0dRbXRzRXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZZgMA0G
CSqGSIb3DQEBCwUAA4IBAQBEphK/LuEZmjamIt01sKd1e6A73dDXzy6j3FKegRS3
cEH+oQDCwttT/TrsWf7Bwky1/NZJPdcJfWPdNRD9HTda83wJM/sFd93DrQzlfPzs
7nq4QCGFPJvtoKtNAgCEEnbuUWVhnJLGG8nPvHwf4a5v5AqH6o8XC4mscTso5xt3
kNo95efWqpq+EvlD7/W+OSHpaDhS3N7zjy5zJWZrAWK+Awd751Q/Jw83WyG8PZNg
wlAEYqDXqczJHyAEfrvSPj/Ll7Xyoco5n3eYoFYCs1jk2cmDg0FKhbAM9CbjoVJM
kAEgnZgzTp28qEJoEbl0nVfKXwmw1OSI+PPX5tocBWaw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org