Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/c2UNE74lLdjfefJJiCkzLcsGT0g.roa
File:                     c2UNE74lLdjfefJJiCkzLcsGT0g.roa (raw, json)
Hash identifier:          MbhBu/oLH21B1UPAJVfyt4Po6bTC0YfGarqkmMGQAaw=
Subject key identifier:   73:65:0D:13:BE:25:2D:D8:DF:79:F2:49:88:29:33:2D:CB:06:4F:48
Certificate issuer:       /CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
Certificate serial:       0183457E699D520EBAE940E74F8210F5CA5D
Authority key identifier: 93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/c2UNE74lLdjfefJJiCkzLcsGT0g.roa
Signing time:             Fri 16 Sep 2022 08:50:55 +0000
ROA not before:           Fri 16 Sep 2022 08:50:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57928
IP address blocks:        185.49.120.0/22 maxlen: 22
                          185.49.123.0/24 maxlen: 24
                          2a01:4fe0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:45:7e:69:9d:52:0e:ba:e9:40:e7:4f:82:10:f5:ca:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
        Validity
            Not Before: Sep 16 08:50:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=73650d13be252dd8df79f2498829332dcb064f48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:39:7e:ab:63:1f:37:25:42:9f:3a:31:ef:39:
                    26:e6:a6:82:68:85:76:a2:0d:be:0b:7a:0c:e0:aa:
                    06:73:7a:1d:2c:f2:81:fe:ef:8e:39:8c:76:05:eb:
                    af:d8:4a:57:96:1d:3b:c0:9d:33:10:28:23:82:02:
                    a4:ac:e4:bb:b4:98:67:c9:e7:f0:3a:c7:54:9d:50:
                    45:3e:b2:a8:8a:57:eb:12:ed:8a:16:4b:1f:76:f9:
                    75:69:17:52:cc:3c:e3:e3:cc:0b:f0:96:03:97:99:
                    45:e9:55:66:a8:07:ba:69:84:fc:92:87:d8:2d:e0:
                    c2:06:5d:06:b8:0b:cb:5a:b5:79:c7:d7:4f:33:ef:
                    a1:55:c3:8a:24:0b:f6:06:6f:42:b0:89:de:7c:a0:
                    85:ae:55:02:0f:c5:33:ed:f6:47:a6:f1:8c:6c:58:
                    bd:53:83:4c:80:28:f3:8a:ca:17:92:4d:d6:28:1a:
                    69:5a:27:ac:06:ad:e2:5f:8b:16:17:79:61:6d:85:
                    f3:3e:f6:d7:0e:80:88:f1:70:ee:8d:b2:e2:3f:36:
                    d1:dc:47:9d:b9:12:6a:25:01:87:d8:c6:3a:26:37:
                    49:38:d8:1d:e0:12:93:07:f7:85:d6:67:4d:2b:0c:
                    17:0d:79:cf:15:94:7a:f2:a6:fb:da:7b:44:d6:e9:
                    cf:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:65:0D:13:BE:25:2D:D8:DF:79:F2:49:88:29:33:2D:CB:06:4F:48
            X509v3 Authority Key Identifier:
                keyid:93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/c2UNE74lLdjfefJJiCkzLcsGT0g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/kzSoL9wI8OjeXYSNN34Mxdl3mb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.120.0/22
                IPv6:
                  2a01:4fe0::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:24:c5:4f:5b:01:46:5f:a2:2e:eb:c9:7f:79:a0:80:c8:d9:
         01:6e:e2:b7:73:c9:6a:e2:d2:19:82:74:8e:97:1f:df:53:e4:
         9c:bd:d6:38:ee:37:f4:7c:7d:07:31:f6:8e:2a:d3:f7:7f:dd:
         d8:66:c5:81:db:91:f8:db:32:3f:2a:48:42:d8:80:3f:d3:a5:
         1d:66:e0:4b:e7:cc:cf:c3:c1:c0:96:6b:0c:47:96:e1:63:35:
         ba:6d:ec:d8:de:2f:ef:c3:e3:2c:43:bf:ab:56:0b:2d:79:e0:
         cf:64:f6:5d:88:00:ad:6c:e6:63:56:5b:75:30:78:2d:a0:6d:
         8d:4b:31:2c:b0:a7:76:f1:64:c8:1c:e1:d1:a4:97:53:b8:76:
         7d:7b:e7:85:b9:be:a3:cd:6d:0b:83:43:07:a1:c9:ab:3b:c2:
         cc:09:45:0e:8a:88:24:9e:28:72:c0:bd:f1:4f:2a:bb:5a:de:
         f7:8c:40:84:a1:d2:d8:3e:7f:56:c0:68:ba:fc:4d:64:74:be:
         54:2c:02:82:6c:60:64:15:d9:2a:f4:85:a8:4a:6a:53:34:81:
         4f:7e:b5:c0:29:80:37:19:b8:03:63:a5:6d:a5:b2:df:e1:6a:
         f4:8e:da:51:fa:fa:98:a8:e6:00:7e:8c:70:58:3e:d4:ff:e6:
         54:26:e7:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNFfmmdUg666UDnT4IQ9cpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzRhODJmZGMwOGYwZThkZTVkODQ4ZDM3N2UwY2M1ZDk3
Nzk5YmYwHhcNMjIwOTE2MDg1MDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzY1MGQxM2JlMjUyZGQ4ZGY3OWYyNDk4ODI5MzMyZGNiMDY0ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszl+q2MfNyVCnzox7zkm5qaCaIV2
og2+C3oM4KoGc3odLPKB/u+OOYx2Beuv2EpXlh07wJ0zECgjggKkrOS7tJhnyefw
OsdUnVBFPrKoilfrEu2KFksfdvl1aRdSzDzj48wL8JYDl5lF6VVmqAe6aYT8kofY
LeDCBl0GuAvLWrV5x9dPM++hVcOKJAv2Bm9CsInefKCFrlUCD8Uz7fZHpvGMbFi9
U4NMgCjzisoXkk3WKBppWiesBq3iX4sWF3lhbYXzPvbXDoCI8XDujbLiPzbR3Eed
uRJqJQGH2MY6JjdJONgd4BKTB/eF1mdNKwwXDXnPFZR68qb72ntE1unPdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHNlDRO+JS3Y33nySYgpMy3LBk9IMB8GA1UdIwQY
MBaAFJM0qC/cCPDo3l2EjTd+DMXZd5m/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3pTb0w5d0k4T2plWFlTTk4zNE14ZGwzbWI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iYjZlN2UtYWIxZC00ZGE1LTljOTYt
ZmY2OGU5MjI1ZjdkLzEvYzJVTkU3NGxMZGpmZWZKSmlDa3pMY3NHVDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iYjZlN2UtYWIxZC00ZGE1LTljOTYtZmY2OGU5MjI1Zjdk
LzEva3pTb0w5d0k4T2plWFlTTk4zNE14ZGwzbWI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTF4MA0E
AgACMAcDBQAqAU/gMA0GCSqGSIb3DQEBCwUAA4IBAQBlJMVPWwFGX6Iu68l/eaCA
yNkBbuK3c8lq4tIZgnSOlx/fU+ScvdY47jf0fH0HMfaOKtP3f93YZsWB25H42zI/
KkhC2IA/06UdZuBL58zPw8HAlmsMR5bhYzW6bezY3i/vw+MsQ7+rVgsteeDPZPZd
iACtbOZjVlt1MHgtoG2NSzEssKd28WTIHOHRpJdTuHZ9e+eFub6jzW0Lg0MHocmr
O8LMCUUOiogknihywL3xTyq7Wt73jECEodLYPn9WwGi6/E1kdL5ULAKCbGBkFdkq
9IWoSmpTNIFPfrXAKYA3GbgDY6VtpbLf4Wr0jtpR+vqYqOYAfoxwWD7U/+ZUJuf1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:27 2024 by rpki-client on console-ams.rpki-client.org