Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/2iqODR2Tk-AdT9tzxa4CfgpKjRw.roa
File:                     2iqODR2Tk-AdT9tzxa4CfgpKjRw.roa (raw, json)
Hash identifier:          MQrVp9+37fbFhBCurUxseLj69SyBy9Lg1H7zuW04hb8=
Subject key identifier:   DA:2A:8E:0D:1D:93:93:E0:1D:4F:DB:73:C5:AE:02:7E:0A:4A:8D:1C
Certificate issuer:       /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial:       018341C932CCE8F0115F0D81CA9564DD99C8
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/2iqODR2Tk-AdT9tzxa4CfgpKjRw.roa
Signing time:             Thu 15 Sep 2022 15:34:08 +0000
ROA not before:           Thu 15 Sep 2022 15:34:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210539
IP address blocks:        185.196.222.0/23 maxlen: 32
                          185.162.88.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:41:c9:32:cc:e8:f0:11:5f:0d:81:ca:95:64:dd:99:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
        Validity
            Not Before: Sep 15 15:34:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=da2a8e0d1d9393e01d4fdb73c5ae027e0a4a8d1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:13:a1:d0:7f:cc:ab:a5:c2:3f:ac:8f:27:4c:
                    bc:64:4d:19:d7:63:36:cd:81:50:d5:93:7c:4c:36:
                    f3:a4:b9:af:be:10:58:c0:6f:2d:ae:4a:74:1c:57:
                    6f:45:8c:b7:91:61:92:79:45:d3:72:8d:41:49:54:
                    f4:6c:a8:95:1e:0c:47:2b:c9:cc:29:13:b1:84:ff:
                    b1:43:a3:c5:17:c1:66:62:de:05:01:2b:69:6d:c4:
                    c4:cf:9e:07:6d:d7:ab:c1:64:cb:a4:ea:e4:e6:a8:
                    55:7e:84:de:58:b8:bb:a6:5c:07:97:96:11:ce:a9:
                    51:bf:fb:c1:18:b2:6d:28:fc:f1:26:de:22:b4:8b:
                    2e:04:ba:d9:35:64:48:db:db:46:45:4f:a8:7a:44:
                    03:df:2d:da:c8:25:82:02:93:88:4a:f6:a3:97:d2:
                    97:e7:8e:c4:4d:31:3c:8f:02:57:b7:22:7b:79:9f:
                    ea:2c:ed:8d:b7:f9:76:e6:7a:8e:f9:99:7b:6f:5c:
                    36:8b:ef:bd:85:fe:97:cf:aa:ce:ca:7e:b6:bb:a5:
                    25:b5:ed:de:72:e0:9e:0c:cd:7a:72:f6:06:b9:e2:
                    2a:de:d5:aa:13:9b:18:12:64:78:9d:d5:41:51:7d:
                    e5:ea:74:74:5f:fe:a5:1f:c0:db:9a:f9:1c:0f:b8:
                    6f:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:2A:8E:0D:1D:93:93:E0:1D:4F:DB:73:C5:AE:02:7E:0A:4A:8D:1C
            X509v3 Authority Key Identifier:
                keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/2iqODR2Tk-AdT9tzxa4CfgpKjRw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.162.88.0/24
                  185.196.222.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1d:e3:7f:ed:4c:2b:f1:c9:c4:f7:6f:6d:0f:ed:35:73:77:c5:
         d0:3e:8f:94:5e:4b:12:17:76:1b:bb:c9:4c:91:e5:8d:63:8b:
         95:0c:be:38:c6:35:53:b9:c0:8e:fd:08:1f:c8:ce:36:9f:dc:
         ea:6a:49:b1:e4:c0:3a:af:89:06:e4:73:e0:56:ea:56:9a:9f:
         20:0f:b5:99:13:eb:c2:ed:99:13:ea:8d:36:10:18:8d:2a:cb:
         01:ac:bc:83:8f:02:e8:fe:8e:26:a4:77:3d:b3:b1:95:b4:42:
         50:f4:7f:54:20:8b:50:dd:63:47:4d:20:a9:8e:95:a3:ca:02:
         61:cb:14:91:de:24:2a:cb:ab:bc:71:dc:2e:fe:89:c8:ad:4e:
         aa:e2:58:26:93:11:cd:05:aa:16:58:36:0c:89:5a:39:e2:6b:
         43:7a:66:71:87:1a:7e:26:53:95:8f:c4:27:0e:f4:09:f2:c0:
         5c:ee:6e:3a:23:90:d3:be:28:2e:be:a1:7d:63:0d:c4:b6:97:
         a2:f3:9a:9f:42:a0:1b:d1:fc:49:a5:4a:48:1a:6d:44:e6:2a:
         5d:c5:d2:96:75:de:80:68:2e:0b:2b:6c:ea:01:f2:27:02:fa:
         7f:5c:1b:aa:cb:58:8d:9d:47:60:b3:d4:2b:88:e0:68:47:55:
         f0:23:32:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNByTLM6PARXw2BypVk3ZnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjIwOTE1MTUzNDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTJhOGUwZDFkOTM5M2UwMWQ0ZmRiNzNjNWFlMDI3ZTBhNGE4ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohOh0H/Mq6XCP6yPJ0y8ZE0Z12M2
zYFQ1ZN8TDbzpLmvvhBYwG8trkp0HFdvRYy3kWGSeUXTco1BSVT0bKiVHgxHK8nM
KROxhP+xQ6PFF8FmYt4FAStpbcTEz54HbderwWTLpOrk5qhVfoTeWLi7plwHl5YR
zqlRv/vBGLJtKPzxJt4itIsuBLrZNWRI29tGRU+oekQD3y3ayCWCApOISvajl9KX
547ETTE8jwJXtyJ7eZ/qLO2Nt/l25nqO+Zl7b1w2i++9hf6Xz6rOyn62u6Ulte3e
cuCeDM16cvYGueIq3tWqE5sYEmR4ndVBUX3l6nR0X/6lH8DbmvkcD7hvHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNoqjg0dk5PgHU/bc8WuAn4KSo0cMB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvMmlxT0RSMlRrLUFkVDl0enhhNENmZ3BLalJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaJYAwQB
ucTeMA0GCSqGSIb3DQEBCwUAA4IBAQAd43/tTCvxycT3b20P7TVzd8XQPo+UXksS
F3Ybu8lMkeWNY4uVDL44xjVTucCO/QgfyM42n9zqakmx5MA6r4kG5HPgVupWmp8g
D7WZE+vC7ZkT6o02EBiNKssBrLyDjwLo/o4mpHc9s7GVtEJQ9H9UIItQ3WNHTSCp
jpWjygJhyxSR3iQqy6u8cdwu/onIrU6q4lgmkxHNBaoWWDYMiVo54mtDemZxhxp+
JlOVj8QnDvQJ8sBc7m46I5DTviguvqF9Yw3Etpei85qfQqAb0fxJpUpIGm1E5ipd
xdKWdd6AaC4LK2zqAfInAvp/XBuqy1iNnUdgs9QriOBoR1XwIzIp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:21 2024 by rpki-client on console-ams.rpki-client.org