Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/usEulZIX-Elnkhh4C0bqjt1EB5A.roa
File:                     usEulZIX-Elnkhh4C0bqjt1EB5A.roa (raw, json)
Hash identifier:          e/Gd5nw7BM2v0FQMdt+uVcexSe/C+y33yIiSRkulHAE=
Subject key identifier:   BA:C1:2E:95:92:17:F8:49:67:92:18:78:0B:46:EA:8E:DD:44:07:90
Certificate issuer:       /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial:       0357328E
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/usEulZIX-Elnkhh4C0bqjt1EB5A.roa
Signing time:             Sat 01 Jan 2022 07:57:33 +0000
ROA not before:           Sat 01 Jan 2022 07:57:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197328
IP address blocks:        185.4.226.0/24 maxlen: 32
                          195.3.136.0/22 maxlen: 32
                          194.187.36.0/22 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56046222 (0x357328e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
        Validity
            Not Before: Jan  1 07:57:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bac12e959217f849679218780b46ea8edd440790
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d5:c3:65:c2:a5:6a:88:b5:29:87:fd:2b:d2:
                    dc:ae:b6:10:eb:ba:8c:54:0f:f8:fd:7f:9a:f4:8a:
                    e6:d9:e4:94:02:46:43:76:3c:31:8e:a1:d7:92:da:
                    ff:12:42:e2:79:71:dc:36:81:c0:50:93:8a:89:89:
                    ff:51:9b:e8:9f:0a:75:5e:08:3a:ea:d3:69:15:2f:
                    3d:e5:76:cb:5f:21:c3:ba:0d:48:af:c8:33:6c:f4:
                    86:15:f7:24:c2:c0:3d:6b:aa:e6:3f:bf:1c:b8:6b:
                    1a:43:e7:67:d5:c1:61:72:98:2c:27:78:02:49:8a:
                    55:1b:5e:2d:91:2f:6e:84:39:b1:bb:33:25:2f:0c:
                    12:df:a7:d9:eb:f4:1b:93:7f:83:f4:4a:71:4b:a8:
                    32:81:2b:ec:8a:8a:da:27:06:36:d3:90:cd:61:74:
                    b8:8f:da:30:38:e1:2c:ea:6c:4e:6f:d4:f7:4f:5c:
                    0b:9a:33:a0:f4:7a:c4:83:46:9b:5b:75:72:00:4b:
                    0b:19:6a:5b:cd:dc:8e:a6:87:1e:5d:67:58:b5:e1:
                    dd:b9:73:fb:33:65:46:25:09:d7:20:28:35:bf:76:
                    3f:02:98:71:cc:88:48:5e:a5:29:cd:8d:3c:0a:e8:
                    40:4e:d4:e7:11:a5:65:31:c9:11:92:57:21:ae:89:
                    c3:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:C1:2E:95:92:17:F8:49:67:92:18:78:0B:46:EA:8E:DD:44:07:90
            X509v3 Authority Key Identifier:
                keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/usEulZIX-Elnkhh4C0bqjt1EB5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.4.226.0/24
                  194.187.36.0/22
                  195.3.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         29:41:63:66:45:38:a2:85:86:5b:87:6e:3f:fa:4d:a0:a7:25:
         b6:05:df:60:d8:09:90:cb:5f:e7:6c:5b:6a:ab:f9:e1:79:8d:
         ce:6c:09:32:e7:70:a5:d4:c7:f4:1c:c4:44:c2:12:a0:76:45:
         f4:8d:e8:1b:4d:e7:da:91:30:4f:0e:84:d9:e3:2a:a4:10:a0:
         c1:fe:34:ac:b6:be:9b:e2:a0:d2:b1:66:29:85:df:bc:7e:f9:
         da:a2:2f:9a:24:2d:7e:5a:ff:cf:d3:12:0b:51:1d:47:d6:48:
         34:ee:13:86:25:29:27:58:46:ae:14:7a:63:d9:bb:33:64:27:
         27:28:af:39:02:45:59:d9:82:45:fb:36:6e:10:d7:d1:66:d6:
         a6:42:35:5b:ed:05:6d:62:5e:fc:ec:45:ab:0a:4f:74:c9:78:
         c3:b7:dd:be:40:c7:58:4c:4c:52:d8:0d:6a:5f:86:d2:d5:83:
         44:c4:10:8c:fd:3f:4e:28:dc:c2:10:99:a5:12:92:f4:0d:27:
         5a:5f:2d:be:6e:79:3e:51:5f:6c:eb:e5:60:1f:71:8b:78:80:
         92:48:c8:c1:0c:24:8a:9b:dd:31:c1:e7:78:d4:b8:2c:e8:92:
         78:7d:de:ba:fe:4e:6c:0d:ff:01:57:00:e0:c9:81:3f:5c:e5:
         6c:79:33:be
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA1cyjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWQ2MzE1NmMxODM2ZjE2YzNiNDMwZWZmYmI3MmFjNjk5MzJlYTliMB4XDTIyMDEw
MTA3NTczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFjMTJlOTU5MjE3
Zjg0OTY3OTIxODc4MGI0NmVhOGVkZDQ0MDc5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXVw2XCpWqItSmH/SvS3K62EOu6jFQP+P1/mvSK5tnklAJG
Q3Y8MY6h15La/xJC4nlx3DaBwFCTiomJ/1Gb6J8KdV4IOurTaRUvPeV2y18hw7oN
SK/IM2z0hhX3JMLAPWuq5j+/HLhrGkPnZ9XBYXKYLCd4AkmKVRteLZEvboQ5sbsz
JS8MEt+n2ev0G5N/g/RKcUuoMoEr7IqK2icGNtOQzWF0uI/aMDjhLOpsTm/U909c
C5ozoPR6xINGm1t1cgBLCxlqW83cjqaHHl1nWLXh3blz+zNlRiUJ1yAoNb92PwKY
ccyISF6lKc2NPAroQE7U5xGlZTHJEZJXIa6JwzMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBS6wS6Vkhf4SWeSGHgLRuqO3UQHkDAfBgNVHSMEGDAWgBTZ1jFWwYNvFsO0
MO/7tyrGmTLqmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJkWXhWc0dEYnhiRHRERHYtN2NxeHBreTZwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvOGY0NmJlLTAyOGItNGQwMy1hOTczLWZkYTAxMWU1Yzk3Mi8x
L3VzRXVsWklYLUVsbmtoaDRDMGJxanQxRUI1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
OGY0NmJlLTAyOGItNGQwMy1hOTczLWZkYTAxMWU1Yzk3Mi8xLzJkWXhWc0dEYnhi
RHRERHYtN2NxeHBreTZwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALkE4gMEAsK7JAMEAsMDiDANBgkq
hkiG9w0BAQsFAAOCAQEAKUFjZkU4ooWGW4duP/pNoKcltgXfYNgJkMtf52xbaqv5
4XmNzmwJMudwpdTH9BzERMISoHZF9I3oG03n2pEwTw6E2eMqpBCgwf40rLa+m+Kg
0rFmKYXfvH752qIvmiQtflr/z9MSC1EdR9ZINO4ThiUpJ1hGrhR6Y9m7M2QnJyiv
OQJFWdmCRfs2bhDX0WbWpkI1W+0FbWJe/OxFqwpPdMl4w7fdvkDHWExMUtgNal+G
0tWDRMQQjP0/TijcwhCZpRKS9A0nWl8tvm55PlFfbOvlYB9xi3iAkkjIwQwkipvd
McHneNS4LOiSeH3euv5ObA3/AVcA4MmBP1zlbHkzvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:40 2024 by rpki-client on console-fra.rpki-client.org