Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/rqBYfo6nnSWUJyDegvgexy1aX30.roa
File:                     rqBYfo6nnSWUJyDegvgexy1aX30.roa (raw, json)
Hash identifier:          c7F3fEiRB2CwAy9Toa+RA3sUl9byrd+Hqq7opzaqBJ8=
Subject key identifier:   AE:A0:58:7E:8E:A7:9D:25:94:27:20:DE:82:F8:1E:C7:2D:5A:5F:7D
Certificate issuer:       /CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Certificate serial:       033CBB32
Authority key identifier: E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/rqBYfo6nnSWUJyDegvgexy1aX30.roa
Signing time:             Sat 01 Jan 2022 09:56:05 +0000
ROA not before:           Sat 01 Jan 2022 09:56:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35196
IP address blocks:        185.69.120.0/22 maxlen: 22
                          185.129.208.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54311730 (0x33cbb32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
        Validity
            Not Before: Jan  1 09:56:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aea0587e8ea79d25942720de82f81ec72d5a5f7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:cf:0d:9b:07:87:0f:72:24:d3:cd:44:5f:08:
                    09:5a:0b:fb:82:2e:8f:21:f9:e3:7c:41:1a:c9:f2:
                    b1:74:d8:80:62:f4:72:67:0a:e9:f1:58:31:b6:3c:
                    96:10:2c:2b:a5:27:5c:9b:6b:23:af:d1:00:e6:06:
                    3d:71:33:34:d9:0b:bc:ae:ca:54:75:6d:2b:55:1b:
                    c3:51:17:a3:9e:6a:a0:a4:33:c2:bb:18:52:60:8a:
                    32:ef:e1:b9:fc:2e:86:95:5e:c4:93:04:fe:6b:b4:
                    e9:b4:7d:de:9b:45:e6:56:aa:8b:b4:36:eb:e6:89:
                    ae:8e:4f:91:21:9b:86:85:13:fa:02:bf:83:be:0e:
                    87:88:12:57:8f:8f:40:99:ac:c6:09:f7:ab:07:4a:
                    3b:34:f5:98:5a:d5:b6:c1:cb:ca:d6:81:b4:ed:23:
                    c4:ac:c9:62:26:7f:4b:ed:f9:99:96:64:36:e1:f0:
                    f2:fa:56:1e:72:06:af:86:ff:ae:d5:db:00:81:17:
                    0c:ee:20:bb:70:1b:37:7a:4d:6b:c3:34:8e:50:d2:
                    10:21:95:39:bc:2f:b8:70:e3:a6:96:78:bf:f7:a7:
                    63:6b:ba:e6:b8:4c:15:0b:77:b4:dc:fe:f1:df:eb:
                    29:7d:4c:95:50:4e:c3:ad:a2:53:03:db:31:d3:34:
                    17:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:A0:58:7E:8E:A7:9D:25:94:27:20:DE:82:F8:1E:C7:2D:5A:5F:7D
            X509v3 Authority Key Identifier:
                keyid:E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/rqBYfo6nnSWUJyDegvgexy1aX30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.69.120.0/22
                  185.129.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a1:32:ff:92:b6:67:04:38:94:36:10:4a:c0:be:6f:ad:5f:50:
         25:02:cf:43:05:63:3c:20:24:d6:20:b3:ad:46:b3:23:87:81:
         62:63:cb:e2:64:c3:d7:06:e6:8a:bb:2d:2e:26:5a:4b:3c:2f:
         6c:48:d5:ab:18:4d:a9:60:c2:1a:80:4a:eb:b2:2e:36:48:87:
         65:f9:8a:9d:f3:25:97:15:15:b0:96:af:f9:ed:30:1c:d0:9b:
         34:44:81:0d:f2:be:f3:3d:3c:5d:8a:94:61:80:90:14:d7:12:
         86:f6:88:69:e5:a8:9a:31:0d:74:3a:22:ea:c9:ed:2c:79:63:
         74:95:e1:b1:55:c8:2b:06:25:39:27:77:6d:89:ac:f7:d2:c5:
         bc:08:e7:44:fb:02:4a:95:a5:40:87:06:6b:14:ca:3a:63:46:
         0d:b6:f9:c1:6b:b0:f7:4f:1f:bd:15:dd:ce:86:4c:71:97:0e:
         05:a4:85:bf:31:96:a0:15:a2:4a:15:ef:2f:b2:74:3b:a5:c6:
         6e:a5:0a:b6:79:36:79:9c:aa:11:60:f7:16:dd:39:d6:ae:3c:
         e6:52:b3:62:e3:53:c1:5e:30:76:f7:38:b2:3c:c5:5a:44:ed:
         30:fc:97:7e:ee:81:fb:37:a4:9e:02:2f:b4:75:42:53:99:75:
         f9:d3:66:75
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAzy7MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NjFiZDdkZDFmOGFjOGI0MTkyYmE3OGE1OTIzNDhiNWRkMGExYTY2MB4XDTIyMDEw
MTA5NTYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWVhMDU4N2U4ZWE3
OWQyNTk0MjcyMGRlODJmODFlYzcyZDVhNWY3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjPDZsHhw9yJNPNRF8ICVoL+4IujyH543xBGsnysXTYgGL0
cmcK6fFYMbY8lhAsK6UnXJtrI6/RAOYGPXEzNNkLvK7KVHVtK1Ubw1EXo55qoKQz
wrsYUmCKMu/hufwuhpVexJME/mu06bR93ptF5laqi7Q26+aJro5PkSGbhoUT+gK/
g74Oh4gSV4+PQJmsxgn3qwdKOzT1mFrVtsHLytaBtO0jxKzJYiZ/S+35mZZkNuHw
8vpWHnIGr4b/rtXbAIEXDO4gu3AbN3pNa8M0jlDSECGVObwvuHDjppZ4v/enY2u6
5rhMFQt3tNz+8d/rKX1MlVBOw62iUwPbMdM0F7MCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSuoFh+jqedJZQnIN6C+B7HLVpffTAfBgNVHSMEGDAWgBTmG9fdH4rItBkr
p4pZI0i13QoaZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVodlgzUi1LeUxRWks2ZUtXU05JdGQwS0dtWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNGFjYzE1LWJiYTAtNDQ1OS05NjY3LWRlOWIyZjhmN2UyOS8x
L3JxQllmbzZublNXVUp5RGVndmdleHkxYVgzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NGFjYzE1LWJiYTAtNDQ1OS05NjY3LWRlOWIyZjhmN2UyOS8xLzVodlgzUi1LeUxR
Wks2ZUtXU05JdGQwS0dtWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlFeAMEArmB0DANBgkqhkiG9w0B
AQsFAAOCAQEAoTL/krZnBDiUNhBKwL5vrV9QJQLPQwVjPCAk1iCzrUazI4eBYmPL
4mTD1wbmirstLiZaSzwvbEjVqxhNqWDCGoBK67IuNkiHZfmKnfMllxUVsJav+e0w
HNCbNESBDfK+8z08XYqUYYCQFNcShvaIaeWomjENdDoi6sntLHljdJXhsVXIKwYl
OSd3bYms99LFvAjnRPsCSpWlQIcGaxTKOmNGDbb5wWuw908fvRXdzoZMcZcOBaSF
vzGWoBWiShXvL7J0O6XGbqUKtnk2eZyqEWD3Ft051q485lKzYuNTwV4wdvc4sjzF
WkTtMPyXfu6B+zekngIvtHVCU5l1+dNmdQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org