Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/Vty_kjeotS21oZRGTRcj8d9T9ls.roa
File:                     Vty_kjeotS21oZRGTRcj8d9T9ls.roa (raw, json)
Hash identifier:          2bd4xkBpeh1W96GMUMtW6sLEUrM1NhBw9Ep/mt58ZCc=
Subject key identifier:   56:DC:BF:92:37:A8:B5:2D:B5:A1:94:46:4D:17:23:F1:DF:53:F6:5B
Certificate issuer:       /CN=0aa2f1205553fa5960f1805c6ed9389e9e0dc92c
Certificate serial:       060764
Authority key identifier: 0A:A2:F1:20:55:53:FA:59:60:F1:80:5C:6E:D9:38:9E:9E:0D:C9:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CqLxIFVT-llg8YBcbtk4np4NySw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/Vty_kjeotS21oZRGTRcj8d9T9ls.roa
Signing time:             Tue 11 Jan 2022 11:25:23 +0000
ROA not before:           Tue 11 Jan 2022 11:25:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203425
IP address blocks:        185.105.64.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 395108 (0x60764)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0aa2f1205553fa5960f1805c6ed9389e9e0dc92c
        Validity
            Not Before: Jan 11 11:25:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=56dcbf9237a8b52db5a194464d1723f1df53f65b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:21:07:a9:18:49:5e:07:c0:f5:11:b0:b5:3d:
                    35:8d:ab:63:23:b1:33:dd:99:88:58:07:e7:0b:a7:
                    87:9d:88:57:ef:ad:9e:3a:b7:9d:46:92:b7:24:2c:
                    64:0a:ba:0b:21:81:13:d0:16:ce:c1:93:45:e6:fa:
                    e9:8f:3e:4a:6b:87:61:31:05:22:55:44:a6:f0:68:
                    93:40:3c:d7:52:2b:ba:0e:e6:b5:c6:3e:05:5a:3e:
                    41:bd:00:fe:1f:d1:94:a7:bc:36:7a:27:3e:61:23:
                    6f:ab:91:92:95:2e:3d:c3:b9:c4:46:c0:43:cf:75:
                    d1:06:9a:8e:ca:85:8f:d9:b2:b5:00:5f:c4:2f:22:
                    9d:ca:69:b9:6f:5c:e3:db:60:b0:ac:12:e1:39:55:
                    8b:18:45:56:04:13:52:6b:6f:a3:e0:72:fa:7f:a2:
                    34:96:a8:b1:e9:22:9a:fd:8a:09:41:d4:2a:07:ba:
                    87:fb:89:4c:13:59:3b:47:62:1f:06:4c:3f:71:c3:
                    ad:fc:45:58:b3:96:42:e3:70:29:a8:d6:08:92:2d:
                    ad:35:b3:e3:b2:c3:06:f6:c4:aa:20:37:5a:dc:8f:
                    c7:38:05:0d:c2:07:47:69:21:46:d8:dd:51:93:aa:
                    a1:a4:d5:f7:77:1e:03:0b:08:b4:85:d7:b1:af:c9:
                    8e:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:DC:BF:92:37:A8:B5:2D:B5:A1:94:46:4D:17:23:F1:DF:53:F6:5B
            X509v3 Authority Key Identifier:
                keyid:0A:A2:F1:20:55:53:FA:59:60:F1:80:5C:6E:D9:38:9E:9E:0D:C9:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CqLxIFVT-llg8YBcbtk4np4NySw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/Vty_kjeotS21oZRGTRcj8d9T9ls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/CqLxIFVT-llg8YBcbtk4np4NySw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.105.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:30:33:8b:33:45:0f:b6:0b:be:59:d7:13:25:36:06:18:96:
         d3:f4:7c:52:e9:d6:33:01:75:1e:b6:f3:bc:dd:99:93:bc:78:
         a7:17:50:78:1b:04:69:88:1c:b1:a4:3c:3d:97:e6:96:0f:b3:
         1d:1a:9b:0e:b4:37:4e:88:20:49:a2:be:84:2b:3a:dc:4c:d6:
         e1:47:1a:ee:37:ee:d8:54:58:fd:54:a4:16:2c:bc:b0:62:9b:
         d2:ed:b0:45:4e:4c:36:89:a5:19:32:69:cc:b1:cc:a4:fe:af:
         b1:e1:29:6b:0d:95:eb:af:bf:bd:d5:22:99:f3:47:a8:84:dd:
         73:9b:ea:9a:93:8a:03:32:07:e2:be:80:26:a1:f3:39:49:e4:
         c7:d2:6c:a7:49:0f:e0:17:d1:f4:f3:d5:78:b1:ef:db:02:b2:
         48:15:a9:c8:9b:f1:4e:07:34:1d:17:7f:c1:37:ae:80:0c:4c:
         ab:66:db:69:c1:4e:a3:9d:df:1a:e4:8c:2a:15:36:b3:6d:c4:
         07:b1:ea:39:56:0a:e3:0e:c3:70:d0:dc:0a:18:e6:26:66:cf:
         f4:02:9f:f0:ef:1b:26:60:89:bb:2a:5a:40:41:88:f5:21:5d:
         dc:1d:1d:36:cf:e2:c0:25:d1:6c:67:42:f8:e8:af:bb:8f:a1:
         a0:cc:9c:1e
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDBgdkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBh
YTJmMTIwNTU1M2ZhNTk2MGYxODA1YzZlZDkzODllOWUwZGM5MmMwHhcNMjIwMTEx
MTEyNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1NmRjYmY5MjM3YThi
NTJkYjVhMTk0NDY0ZDE3MjNmMWRmNTNmNjViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmCEHqRhJXgfA9RGwtT01jatjI7Ez3ZmIWAfnC6eHnYhX762e
OredRpK3JCxkCroLIYET0BbOwZNF5vrpjz5Ka4dhMQUiVUSm8GiTQDzXUiu6Dua1
xj4FWj5BvQD+H9GUp7w2eic+YSNvq5GSlS49w7nERsBDz3XRBpqOyoWP2bK1AF/E
LyKdymm5b1zj22CwrBLhOVWLGEVWBBNSa2+j4HL6f6I0lqix6SKa/YoJQdQqB7qH
+4lME1k7R2IfBkw/ccOt/EVYs5ZC43ApqNYIki2tNbPjssMG9sSqIDda3I/HOAUN
wgdHaSFG2N1Rk6qhpNX3dx4DCwi0hdexr8mORQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFFbcv5I3qLUttaGURk0XI/HfU/ZbMB8GA1UdIwQYMBaAFAqi8SBVU/pZYPGA
XG7ZOJ6eDcksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Q3FMeElGVlQtbGxnOFlCY2J0azRucDROeVN3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lOS82NGU0NDItMTM3ZS00MTAxLWJiNmMtYjA2ODMxNTk2NDQ5LzEv
VnR5X2tqZW90UzIxb1pSR1RSY2o4ZDlUOWxzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82
NGU0NDItMTM3ZS00MTAxLWJiNmMtYjA2ODMxNTk2NDQ5LzEvQ3FMeElGVlQtbGxn
OFlCY2J0azRucDROeVN3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWlAMA0GCSqGSIb3DQEBCwUAA4IB
AQALMDOLM0UPtgu+WdcTJTYGGJbT9HxS6dYzAXUetvO83ZmTvHinF1B4GwRpiByx
pDw9l+aWD7MdGpsOtDdOiCBJor6EKzrcTNbhRxruN+7YVFj9VKQWLLywYpvS7bBF
Tkw2iaUZMmnMscyk/q+x4SlrDZXrr7+91SKZ80eohN1zm+qak4oDMgfivoAmofM5
SeTH0mynSQ/gF9H089V4se/bArJIFanIm/FOBzQdF3/BN66ADEyrZttpwU6jnd8a
5IwqFTazbcQHseo5VgrjDsNw0NwKGOYmZs/0Ap/w7xsmYIm7KlpAQYj1IV3cHR02
z+LAJdFsZ0L46K+7j6GgzJwe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:08 2024 by rpki-client on console-fra.rpki-client.org