Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/xnWF9WZYeO0JIF_HmRQCAR8qVXA.roa
File:                     xnWF9WZYeO0JIF_HmRQCAR8qVXA.roa (raw, json)
Hash identifier:          RhfiDEFXSgRXuDt2vVzaEOe2ndrxzgxb1rL6eTu8uWg=
Subject key identifier:   C6:75:85:F5:66:58:78:ED:09:20:5F:C7:99:14:02:01:1F:2A:55:70
Certificate issuer:       /CN=05f59aedc28296e291724f7937de788e27216408
Certificate serial:       053BDB92
Authority key identifier: 05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/xnWF9WZYeO0JIF_HmRQCAR8qVXA.roa
Signing time:             Sat 01 Jan 2022 10:02:19 +0000
ROA not before:           Sat 01 Jan 2022 10:02:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198638
IP address blocks:        185.22.20.0/22 maxlen: 22
                          2a00:5ae0:100::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 87808914 (0x53bdb92)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05f59aedc28296e291724f7937de788e27216408
        Validity
            Not Before: Jan  1 10:02:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c67585f5665878ed09205fc7991402011f2a5570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:d2:14:27:9a:db:98:1d:5a:10:62:96:96:bd:
                    73:d5:d1:13:b1:e6:5c:7d:3b:cb:19:9f:af:87:07:
                    87:d7:06:ae:a4:40:d0:71:d2:39:6a:55:ae:c3:e6:
                    52:29:82:7d:96:de:20:28:05:5c:cb:0a:e5:44:51:
                    d5:8c:02:44:53:bf:88:79:3b:47:7b:7e:ed:45:a5:
                    01:43:e4:16:f5:82:b0:6e:60:10:37:ef:ae:50:16:
                    06:0f:b7:fc:c7:e4:30:93:cc:73:3e:73:09:93:78:
                    4a:04:55:9a:55:ff:a5:c7:c9:b7:6b:3b:b5:c1:c7:
                    50:ab:04:8a:1a:bb:e0:01:cf:42:ca:6d:13:b3:55:
                    f2:44:28:78:62:26:60:12:9a:7f:97:4c:bd:27:2c:
                    43:dc:b3:7d:8a:09:a5:f1:fb:13:2e:14:0d:a9:9b:
                    2d:09:7c:db:42:d8:b7:09:a8:9c:91:0f:86:c7:8f:
                    29:19:a4:49:e7:2c:57:f4:e3:04:cd:97:de:93:cf:
                    bd:08:71:e7:98:b5:5e:7a:6d:7e:0f:09:62:c0:1b:
                    c0:38:0d:85:9e:00:21:e9:82:89:4e:11:63:43:6f:
                    62:c7:59:ac:6a:03:3a:67:66:56:9a:b1:8a:e6:a6:
                    21:e8:b5:84:bc:a9:e9:a4:29:bd:2d:1f:e9:19:c2:
                    e0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:75:85:F5:66:58:78:ED:09:20:5F:C7:99:14:02:01:1F:2A:55:70
            X509v3 Authority Key Identifier:
                keyid:05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/xnWF9WZYeO0JIF_HmRQCAR8qVXA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.22.20.0/22
                IPv6:
                  2a00:5ae0:100::/48

    Signature Algorithm: sha256WithRSAEncryption
         d3:97:da:af:9c:8c:92:20:a1:3e:ab:86:59:89:98:73:cf:8f:
         b9:d7:90:46:90:41:e4:49:08:12:e3:d7:81:57:a3:d6:34:aa:
         b4:8f:f3:f0:d0:a6:d5:5c:fa:06:df:c9:60:2d:cc:13:cf:25:
         8f:b7:ba:16:d7:69:a8:00:70:87:78:0a:bb:45:2c:89:f6:eb:
         31:f5:21:36:ae:ae:28:37:b7:cf:23:4b:8f:be:65:7b:64:44:
         70:40:91:8b:e3:7c:6a:e8:8d:a2:c6:69:8f:7a:c7:6d:2a:ba:
         d4:7d:44:9c:11:f4:d1:b7:25:39:5b:95:2e:15:a8:d4:d0:82:
         50:9d:11:60:c7:92:bb:61:17:35:b5:e6:8f:f9:f4:43:8b:15:
         d2:45:0b:19:cc:fb:22:10:12:94:44:91:b7:8c:3f:b5:c4:72:
         cf:9b:42:b7:67:c9:6a:65:56:1c:bc:8a:a7:1c:ac:9b:16:a9:
         bd:91:82:ba:39:7e:43:20:46:76:38:95:5c:fd:aa:ca:36:28:
         7f:70:36:56:7d:1a:66:20:29:46:73:e0:e5:dd:63:73:d3:15:
         5c:87:f7:cc:5e:08:cc:d8:97:3c:eb:8f:db:00:75:a5:7d:7a:
         fc:45:8e:34:94:12:77:2f:35:c4:6c:75:ec:bd:48:de:db:62:
         b2:48:c6:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBTvbkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWY1OWFlZGMyODI5NmUyOTE3MjRmNzkzN2RlNzg4ZTI3MjE2NDA4MB4XDTIyMDEw
MTEwMDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY3NTg1ZjU2NjU4
NzhlZDA5MjA1ZmM3OTkxNDAyMDExZjJhNTU3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7SFCea25gdWhBilpa9c9XRE7HmXH07yxmfr4cHh9cGrqRA
0HHSOWpVrsPmUimCfZbeICgFXMsK5URR1YwCRFO/iHk7R3t+7UWlAUPkFvWCsG5g
EDfvrlAWBg+3/MfkMJPMcz5zCZN4SgRVmlX/pcfJt2s7tcHHUKsEihq74AHPQspt
E7NV8kQoeGImYBKaf5dMvScsQ9yzfYoJpfH7Ey4UDambLQl820LYtwmonJEPhseP
KRmkSecsV/TjBM2X3pPPvQhx55i1Xnptfg8JYsAbwDgNhZ4AIemCiU4RY0NvYsdZ
rGoDOmdmVpqxiuamIei1hLyp6aQpvS0f6RnC4B0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTGdYX1Zlh47QkgX8eZFAIBHypVcDAfBgNVHSMEGDAWgBQF9ZrtwoKW4pFy
T3k33niOJyFkCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JmV2E3Y0tDbHVLUmNrOTVOOTU0amljaFpBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNWUxZDQyLTM1NzUtNGVjMS1iYzdjLWQ2NDM2ODIwODEzMS8x
L3huV0Y5V1pZZU8wSklGX0htUlFDQVI4cVZYQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NWUxZDQyLTM1NzUtNGVjMS1iYzdjLWQ2NDM2ODIwODEzMS8xL0JmV2E3Y0tDbHVL
UmNrOTVOOTU0amljaFpBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArkWFDAPBAIAAjAJAwcAKgBa4AEA
MA0GCSqGSIb3DQEBCwUAA4IBAQDTl9qvnIySIKE+q4ZZiZhzz4+515BGkEHkSQgS
49eBV6PWNKq0j/Pw0KbVXPoG38lgLcwTzyWPt7oW12moAHCHeAq7RSyJ9usx9SE2
rq4oN7fPI0uPvmV7ZERwQJGL43xq6I2ixmmPesdtKrrUfUScEfTRtyU5W5UuFajU
0IJQnRFgx5K7YRc1teaP+fRDixXSRQsZzPsiEBKURJG3jD+1xHLPm0K3Z8lqZVYc
vIqnHKybFqm9kYK6OX5DIEZ2OJVc/arKNih/cDZWfRpmIClGc+Dl3WNz0xVch/fM
XgjM2Jc864/bAHWlfXr8RY40lBJ3LzXEbHXsvUje22KySMZV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org