Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/1-V2WjrQaZXONKb-aqPTZjdHUaRY.roa
File:                     1-V2WjrQaZXONKb-aqPTZjdHUaRY.roa (raw, json)
Hash identifier:          c4gm/KFne3eZpn72BWZ3k0/a0/3faOXgNhqGRUopv4k=
Subject key identifier:   F9:5D:96:8E:B4:1A:65:73:8D:29:BF:9A:A8:F4:D9:8D:D1:D4:69:16
Certificate issuer:       /CN=656d33c5f16e3cdd960ae05c80d9f6f36fc553f2
Certificate serial:       0184C90B21B352B40AF4BFD5797A4DADD856
Authority key identifier: 65:6D:33:C5:F1:6E:3C:DD:96:0A:E0:5C:80:D9:F6:F3:6F:C5:53:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZW0zxfFuPN2WCuBcgNn282_FU_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/1-V2WjrQaZXONKb-aqPTZjdHUaRY.roa
Signing time:             Wed 30 Nov 2022 14:57:40 +0000
ROA not before:           Wed 30 Nov 2022 14:57:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.219.146.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c9:0b:21:b3:52:b4:0a:f4:bf:d5:79:7a:4d:ad:d8:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=656d33c5f16e3cdd960ae05c80d9f6f36fc553f2
        Validity
            Not Before: Nov 30 14:57:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f95d968eb41a65738d29bf9aa8f4d98dd1d46916
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:3f:7a:10:7c:15:f3:08:40:97:92:e6:c1:b2:
                    6e:9d:d3:67:59:f3:4a:72:34:8d:41:bd:cc:86:09:
                    89:05:0b:14:a5:ab:06:e7:96:ac:41:0c:2d:c4:a6:
                    3e:03:c2:06:e7:83:04:db:d5:44:28:1f:e0:8f:8c:
                    7a:fc:e0:0d:db:a3:7b:af:c1:27:d6:2c:c6:72:27:
                    f4:65:41:c5:48:14:0e:98:95:cf:40:75:ed:dc:67:
                    14:dc:9d:67:0d:c8:86:60:49:1b:a3:38:56:2c:20:
                    78:00:12:6d:b2:76:12:79:45:8d:91:13:a7:a9:6a:
                    8e:77:ca:fd:40:82:64:6e:c8:c9:7c:5d:dc:81:a7:
                    28:5e:2a:fa:f7:02:dd:f1:9b:b2:da:ad:7f:58:91:
                    e9:01:30:ea:16:d6:ff:7d:87:59:a9:72:07:a9:3d:
                    db:12:b7:a5:00:ed:6a:a4:28:df:d6:64:71:5d:83:
                    7a:f3:9a:51:31:59:bb:cf:4d:61:d6:e1:2e:e5:51:
                    4b:0d:f6:b6:71:77:2a:d3:31:40:74:ca:b8:bb:bb:
                    93:bc:c9:cf:f6:73:c1:bd:1f:77:ac:ea:4d:45:b6:
                    5f:58:3a:f3:c9:14:cc:4f:a7:59:63:8e:f4:9b:eb:
                    4c:2e:ea:8f:87:70:c4:51:6c:e7:5d:b6:2c:ea:03:
                    1d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:5D:96:8E:B4:1A:65:73:8D:29:BF:9A:A8:F4:D9:8D:D1:D4:69:16
            X509v3 Authority Key Identifier:
                keyid:65:6D:33:C5:F1:6E:3C:DD:96:0A:E0:5C:80:D9:F6:F3:6F:C5:53:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZW0zxfFuPN2WCuBcgNn282_FU_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/1-V2WjrQaZXONKb-aqPTZjdHUaRY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/ZW0zxfFuPN2WCuBcgNn282_FU_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.219.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0f:03:ea:4e:8f:c0:0c:95:e3:98:98:98:fd:1e:c5:ec:fc:b0:
         d2:05:75:96:81:e9:73:ae:0a:37:ca:fd:ba:e8:e1:5f:9f:bf:
         ba:16:75:31:fb:3f:b0:10:74:42:22:d1:6d:03:22:50:81:39:
         36:05:2b:77:62:08:07:67:e9:b8:ba:1b:98:9c:5b:45:78:38:
         eb:09:12:67:f9:e9:43:bd:fa:df:93:95:b1:ce:52:8d:c2:fb:
         62:39:c8:03:ea:28:d0:b3:a0:92:d9:b8:88:db:d4:3f:fc:ce:
         80:a9:e7:b4:9e:40:51:85:72:89:91:22:49:91:29:a1:51:1e:
         51:23:89:aa:4b:82:6b:8a:36:05:0a:43:88:53:75:ab:68:30:
         55:a0:81:23:ba:cd:00:ad:19:6b:08:a7:90:03:89:7e:9c:87:
         15:49:4c:87:7a:49:eb:16:05:40:4c:33:bf:3b:69:ac:64:c9:
         ea:ed:c1:0e:9a:f2:b1:20:5c:01:5a:c1:0c:65:98:b9:6d:cf:
         01:a3:31:c2:7d:8d:6a:4b:8a:d4:20:cf:b4:30:a2:d2:b6:67:
         7f:ef:62:d0:84:e7:3f:de:42:f9:e1:0e:4d:ee:95:51:05:e8:
         73:5f:81:b2:30:2c:49:cf:cd:d9:49:42:12:99:93:09:37:cf:
         dd:67:88:d1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTJCyGzUrQK9L/VeXpNrdhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NmQzM2M1ZjE2ZTNjZGQ5NjBhZTA1YzgwZDlmNmYzNmZj
NTUzZjIwHhcNMjIxMTMwMTQ1NzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTVkOTY4ZWI0MWE2NTczOGQyOWJmOWFhOGY0ZDk4ZGQxZDQ2OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT96EHwV8whAl5LmwbJundNnWfNK
cjSNQb3MhgmJBQsUpasG55asQQwtxKY+A8IG54ME29VEKB/gj4x6/OAN26N7r8En
1izGcif0ZUHFSBQOmJXPQHXt3GcU3J1nDciGYEkbozhWLCB4ABJtsnYSeUWNkROn
qWqOd8r9QIJkbsjJfF3cgacoXir69wLd8Zuy2q1/WJHpATDqFtb/fYdZqXIHqT3b
ErelAO1qpCjf1mRxXYN685pRMVm7z01h1uEu5VFLDfa2cXcq0zFAdMq4u7uTvMnP
9nPBvR93rOpNRbZfWDrzyRTMT6dZY470m+tMLuqPh3DEUWznXbYs6gMdUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPldlo60GmVzjSm/mqj02Y3R1GkWMB8GA1UdIwQY
MBaAFGVtM8XxbjzdlgrgXIDZ9vNvxVPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlcwenhmRnVQTjJXQ3VCY2dObjI4Ml9GVV9JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83Y2M2ZWEtNzc0YS00ODc2LTg0Zjkt
MzA0ZDIxOTFhNGYzLzEvMS1WMldqclFhWlhPTktiLWFxUFRaamRIVWFSWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTcvN2NjNmVhLTc3NGEtNDg3Ni04NGY5LTMwNGQyMTkxYTRm
My8xL1pXMHp4ZkZ1UE4yV0N1QmNnTm4yODJfRlVfSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnbkjAN
BgkqhkiG9w0BAQsFAAOCAQEADwPqTo/ADJXjmJiY/R7F7Pyw0gV1loHpc64KN8r9
uujhX5+/uhZ1Mfs/sBB0QiLRbQMiUIE5NgUrd2IIB2fpuLobmJxbRXg46wkSZ/np
Q73635OVsc5SjcL7YjnIA+oo0LOgktm4iNvUP/zOgKnntJ5AUYVyiZEiSZEpoVEe
USOJqkuCa4o2BQpDiFN1q2gwVaCBI7rNAK0ZawinkAOJfpyHFUlMh3pJ6xYFQEwz
vztprGTJ6u3BDprysSBcAVrBDGWYuW3PAaMxwn2NakuK1CDPtDCi0rZnf+9i0ITn
P95C+eEOTe6VUQXoc1+BsjAsSc/N2UlCEpmTCTfP3WeI0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:51 2024 by rpki-client on console-fra.rpki-client.org