Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/DZm4R-Wr8gBsoFj51EIQrWtkdZ8.roa
File:                     DZm4R-Wr8gBsoFj51EIQrWtkdZ8.roa (raw, json)
Hash identifier:          yEXj3mzE9qpLmueUDy+rT55e2hi4HQLSKssttDw2Swc=
Subject key identifier:   0D:99:B8:47:E5:AB:F2:00:6C:A0:58:F9:D4:42:10:AD:6B:64:75:9F
Certificate issuer:       /CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
Certificate serial:       0121DB
Authority key identifier: 7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/DZm4R-Wr8gBsoFj51EIQrWtkdZ8.roa
Signing time:             Tue 26 Apr 2022 06:46:05 +0000
ROA not before:           Tue 26 Apr 2022 06:46:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50819
IP address blocks:        185.102.88.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74203 (0x121db)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
        Validity
            Not Before: Apr 26 06:46:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0d99b847e5abf2006ca058f9d44210ad6b64759f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ef:b3:4f:4c:83:1d:4d:47:e8:ed:e1:32:79:
                    de:b8:13:c3:d2:63:8b:d9:97:e3:e6:1d:95:fa:b7:
                    4f:51:57:1f:43:0b:97:21:4a:56:95:44:90:eb:25:
                    9a:ea:94:6d:6e:d4:0c:ce:79:86:41:af:75:ba:da:
                    4e:f3:50:34:5f:3b:b0:5d:7d:e1:4c:5e:8d:60:d4:
                    d3:23:98:7c:9b:b2:ae:8b:d3:ad:36:f4:e3:58:eb:
                    27:9c:20:3b:56:c7:74:13:6c:cd:54:c5:6e:d2:b7:
                    64:99:25:18:40:d5:b6:73:7f:e4:30:d1:32:ed:55:
                    bf:89:ad:cb:80:14:51:64:68:fb:ab:2a:ec:ac:84:
                    b8:b6:a8:99:0c:6f:48:ec:da:25:4b:83:77:18:57:
                    dc:30:a9:18:41:32:ee:f0:0e:2c:1b:9b:30:f1:a0:
                    80:96:9d:74:47:d6:86:70:77:7c:89:b9:05:c9:b7:
                    a6:ec:67:6d:bc:79:d6:4a:4b:da:21:67:49:51:be:
                    c2:01:17:40:97:c5:03:b8:fc:b7:22:66:25:ae:66:
                    91:1a:b3:d2:82:d4:30:52:9d:c5:1d:97:84:4a:66:
                    d4:18:58:12:f4:c2:6d:a9:4f:16:9d:ef:cf:07:d9:
                    d7:3c:c0:77:5a:f8:c9:e1:51:fc:ed:1f:af:2e:85:
                    8c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:99:B8:47:E5:AB:F2:00:6C:A0:58:F9:D4:42:10:AD:6B:64:75:9F
            X509v3 Authority Key Identifier:
                keyid:7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/DZm4R-Wr8gBsoFj51EIQrWtkdZ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.102.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:3b:9d:15:4c:13:5b:b8:a9:2e:be:0c:bd:a2:90:94:d8:49:
         ad:d2:82:bc:8a:5a:28:89:09:b0:7b:6d:f4:20:4a:32:c4:d8:
         47:2b:58:59:75:b7:6b:0e:3f:7f:f2:fd:e9:f5:ff:e3:16:8f:
         64:ec:70:c5:ed:79:ff:e4:4c:80:ec:d4:26:1d:73:6e:a6:35:
         9b:d3:1f:63:44:7d:5e:43:66:21:b4:40:d1:69:5d:cb:54:da:
         98:3b:ff:51:d8:45:9f:96:91:4f:f2:21:40:cd:19:e9:a7:d0:
         0c:a1:dd:99:4b:22:58:c6:47:84:8d:cd:ac:8a:38:5b:49:c8:
         60:f6:8e:17:37:24:6c:7c:85:1b:fe:9d:40:5a:f9:07:9c:a3:
         b5:d3:e5:81:23:b5:85:c8:2f:ac:56:46:5c:bb:d1:ed:65:94:
         c1:93:c6:fd:a7:ca:83:33:8a:0e:62:c4:ae:80:da:90:56:77:
         8c:b1:a9:83:45:40:71:b7:d7:e4:4c:85:1f:62:e8:b4:86:4b:
         1a:0f:0d:b4:9c:c1:64:2b:d9:de:3b:de:c3:5d:e6:bb:dc:f6:
         cc:d7:ff:63:59:44:51:42:af:bb:af:7b:8c:9c:71:29:cb:75:
         34:aa:13:5c:ce:1d:74:9d:f1:a4:02:b4:19:10:f0:9e:66:f6:
         f1:d5:4d:38
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDASHbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdk
ZWM3MjgzN2VmYmJjNGVhNmRkZDRiZTk0MzYxOTE2YjRjMzYyZGEwHhcNMjIwNDI2
MDY0NjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwZDk5Yjg0N2U1YWJm
MjAwNmNhMDU4ZjlkNDQyMTBhZDZiNjQ3NTlmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAt++zT0yDHU1H6O3hMnneuBPD0mOL2Zfj5h2V+rdPUVcfQwuX
IUpWlUSQ6yWa6pRtbtQMznmGQa91utpO81A0XzuwXX3hTF6NYNTTI5h8m7Kui9Ot
NvTjWOsnnCA7Vsd0E2zNVMVu0rdkmSUYQNW2c3/kMNEy7VW/ia3LgBRRZGj7qyrs
rIS4tqiZDG9I7NolS4N3GFfcMKkYQTLu8A4sG5sw8aCAlp10R9aGcHd8ibkFybem
7GdtvHnWSkvaIWdJUb7CARdAl8UDuPy3ImYlrmaRGrPSgtQwUp3FHZeESmbUGFgS
9MJtqU8Wne/PB9nXPMB3WvjJ4VH87R+vLoWMDQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFA2ZuEflq/IAbKBY+dRCEK1rZHWfMB8GA1UdIwQYMBaAFH3scoN++7xOpt3U
vpQ2GRa0w2LaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUtMzg2NjE3YTY2NGZlLzEv
RFptNFItV3I4Z0Jzb0ZqNTFFSVFyV3RrZFo4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80
NDQ3OGYtZTk4MC00ZTYwLTlkNmUtMzg2NjE3YTY2NGZlLzEvZmV4eWczNzd2RTZt
M2RTLWxEWVpGclREWXRvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWZYMA0GCSqGSIb3DQEBCwUAA4IB
AQCPO50VTBNbuKkuvgy9opCU2Emt0oK8ilooiQmwe230IEoyxNhHK1hZdbdrDj9/
8v3p9f/jFo9k7HDF7Xn/5EyA7NQmHXNupjWb0x9jRH1eQ2YhtEDRaV3LVNqYO/9R
2EWflpFP8iFAzRnpp9AMod2ZSyJYxkeEjc2sijhbSchg9o4XNyRsfIUb/p1AWvkH
nKO10+WBI7WFyC+sVkZcu9HtZZTBk8b9p8qDM4oOYsSugNqQVneMsamDRUBxt9fk
TIUfYui0hksaDw20nMFkK9neO97DXea73PbM1/9jWURRQq+7r3uMnHEpy3U0qhNc
zh10nfGkArQZEPCeZvbx1U04
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:04 2024 by rpki-client on console-ams.rpki-client.org