Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/aqt6bFBoKokq-UVj6WMnx1RKw-Q.roa
File:                     aqt6bFBoKokq-UVj6WMnx1RKw-Q.roa (raw, json)
Hash identifier:          qudIS8/YPUAcqblKGyyuR7Y3lLNlJ0KIy+IWwywFyFI=
Subject key identifier:   6A:AB:7A:6C:50:68:2A:89:2A:F9:45:63:E9:63:27:C7:54:4A:C3:E4
Certificate issuer:       /CN=98e2f4aba0bc9b3e3ab1856497a40071971b704a
Certificate serial:       03935786
Authority key identifier: 98:E2:F4:AB:A0:BC:9B:3E:3A:B1:85:64:97:A4:00:71:97:1B:70:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mOL0q6C8mz46sYVkl6QAcZcbcEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/aqt6bFBoKokq-UVj6WMnx1RKw-Q.roa
Signing time:             Sat 01 Jan 2022 15:57:45 +0000
ROA not before:           Sat 01 Jan 2022 15:57:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8875
IP address blocks:        185.219.152.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59987846 (0x3935786)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98e2f4aba0bc9b3e3ab1856497a40071971b704a
        Validity
            Not Before: Jan  1 15:57:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6aab7a6c50682a892af94563e96327c7544ac3e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:00:97:21:ed:10:cf:b4:46:09:5b:a8:14:46:
                    8c:36:29:92:7f:fd:d4:09:af:53:cf:a1:13:56:50:
                    e8:56:0a:26:98:8d:3b:62:61:b6:1e:d5:f4:89:50:
                    44:62:e2:d7:62:59:f9:70:3d:d2:06:cd:d5:e3:b0:
                    f5:71:a8:5c:49:24:01:f5:35:3c:4e:fc:48:f5:40:
                    96:7e:8b:7f:06:ae:8c:eb:36:a8:7c:42:e8:e6:75:
                    07:70:25:6c:7b:74:a3:e1:35:54:53:67:78:55:ff:
                    d8:49:a8:02:7d:6c:f4:bd:d0:99:bb:8c:d9:51:01:
                    db:a6:88:f6:33:45:9a:a9:db:3d:04:fd:21:97:94:
                    c8:f6:51:ad:37:d3:d6:49:54:ea:12:4d:c4:94:15:
                    87:7a:90:23:8a:b0:fc:81:28:ab:31:91:ca:ca:b1:
                    f9:bd:57:f4:a5:0a:4b:04:a1:5e:6d:31:15:72:90:
                    a0:50:41:e9:17:45:13:23:96:66:ef:f5:43:14:26:
                    59:6b:0e:c6:12:fe:81:27:41:88:11:cd:dc:0c:e7:
                    46:fa:0b:36:88:91:1a:21:00:f2:8a:84:37:29:5b:
                    ba:ba:8a:3d:27:40:98:35:cd:56:86:63:4f:5c:fa:
                    3e:e4:0b:5d:46:1b:9a:bc:7b:22:b9:e4:ba:2d:95:
                    3c:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:AB:7A:6C:50:68:2A:89:2A:F9:45:63:E9:63:27:C7:54:4A:C3:E4
            X509v3 Authority Key Identifier:
                keyid:98:E2:F4:AB:A0:BC:9B:3E:3A:B1:85:64:97:A4:00:71:97:1B:70:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOL0q6C8mz46sYVkl6QAcZcbcEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/aqt6bFBoKokq-UVj6WMnx1RKw-Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/mOL0q6C8mz46sYVkl6QAcZcbcEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.219.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:3a:ec:9f:32:4a:d3:3a:42:51:4c:5b:0d:14:75:0c:53:2c:
         d1:ed:db:b5:43:c5:7b:8e:f9:76:04:81:b8:3d:29:40:d0:dc:
         1d:bf:6f:ba:41:19:ea:b5:0b:52:37:e2:d7:fc:df:c2:61:c9:
         34:88:23:f8:7f:3b:e8:70:ca:4a:8c:13:32:29:fd:b5:99:de:
         4c:da:78:cd:72:5f:cc:23:fa:44:bb:c2:46:d7:18:ea:6e:f2:
         1b:e0:13:63:3a:61:0d:10:6f:9c:b3:b5:a3:3c:0f:0e:49:24:
         ae:47:5a:d5:27:bd:a5:b7:4f:e4:91:60:4d:f9:51:da:6f:0f:
         dd:36:95:d0:11:f3:c0:68:95:74:fa:ea:f5:91:9a:3c:4f:bc:
         ad:a0:2c:8f:e2:9d:71:fe:94:29:f0:a1:5d:7b:05:a2:1b:dd:
         b9:5c:22:79:95:93:d2:78:c2:20:d3:1b:00:f8:2c:fc:ea:68:
         42:fc:41:c3:5d:b5:6f:58:2c:02:03:8e:07:01:23:56:27:2c:
         72:fd:de:e0:a0:c4:20:fa:20:f6:53:ef:d8:3a:b3:81:50:57:
         28:8b:6a:42:83:5b:68:eb:05:75:e8:b6:3a:48:2c:97:92:2e:
         2e:00:ba:fe:94:22:39:f3:02:6d:1d:db:02:b2:6e:d1:0f:87:
         0b:21:58:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5NXhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OGUyZjRhYmEwYmM5YjNlM2FiMTg1NjQ5N2E0MDA3MTk3MWI3MDRhMB4XDTIyMDEw
MTE1NTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFhYjdhNmM1MDY4
MmE4OTJhZjk0NTYzZTk2MzI3Yzc1NDRhYzNlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoAlyHtEM+0RglbqBRGjDYpkn/91AmvU8+hE1ZQ6FYKJpiN
O2Jhth7V9IlQRGLi12JZ+XA90gbN1eOw9XGoXEkkAfU1PE78SPVAln6LfwaujOs2
qHxC6OZ1B3AlbHt0o+E1VFNneFX/2EmoAn1s9L3QmbuM2VEB26aI9jNFmqnbPQT9
IZeUyPZRrTfT1klU6hJNxJQVh3qQI4qw/IEoqzGRysqx+b1X9KUKSwShXm0xFXKQ
oFBB6RdFEyOWZu/1QxQmWWsOxhL+gSdBiBHN3AznRvoLNoiRGiEA8oqENylburqK
PSdAmDXNVoZjT1z6PuQLXUYbmrx7Irnkui2VPBkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRqq3psUGgqiSr5RWPpYyfHVErD5DAfBgNVHSMEGDAWgBSY4vSroLybPjqx
hWSXpABxlxtwSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21PTDBxNkM4bXo0NnNZVmtsNlFBY1pjYmNFby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvOTJkNTY0LTVkMDktNDI4ZS1hZjgwLTg4ODIxOTliY2NiNC8x
L2FxdDZiRkJvS29rcS1VVmo2V01ueDFSS3ctUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
OTJkNTY0LTVkMDktNDI4ZS1hZjgwLTg4ODIxOTliY2NiNC8xL21PTDBxNkM4bXo0
NnNZVmtsNlFBY1pjYmNFby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnbmDANBgkqhkiG9w0BAQsFAAOC
AQEAZzrsnzJK0zpCUUxbDRR1DFMs0e3btUPFe475dgSBuD0pQNDcHb9vukEZ6rUL
Ujfi1/zfwmHJNIgj+H876HDKSowTMin9tZneTNp4zXJfzCP6RLvCRtcY6m7yG+AT
YzphDRBvnLO1ozwPDkkkrkda1Se9pbdP5JFgTflR2m8P3TaV0BHzwGiVdPrq9ZGa
PE+8raAsj+Kdcf6UKfChXXsFohvduVwieZWT0njCINMbAPgs/OpoQvxBw121b1gs
AgOOBwEjVicscv3e4KDEIPog9lPv2DqzgVBXKItqQoNbaOsFdei2Okgsl5IuLgC6
/pQiOfMCbR3bArJu0Q+HCyFYgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:52 2024 by rpki-client on console-fra.rpki-client.org