Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cb537d-d7ef-409c-823c-eae4f6d33ca6/1/IJFpOlHP_bqeBi2k4AZb1xDaLuE.roa
File:                     IJFpOlHP_bqeBi2k4AZb1xDaLuE.roa (raw, json)
Hash identifier:          Ot100aWGbvyTWAR0HBROVfjOtUBLUksFkyHIEcs9+TY=
Subject key identifier:   20:91:69:3A:51:CF:FD:BA:9E:06:2D:A4:E0:06:5B:D7:10:DA:2E:E1
Certificate issuer:       /CN=c7da82e877933d9c2c952cb376c93aaa337dd7d2
Certificate serial:       073E28C3
Authority key identifier: C7:DA:82:E8:77:93:3D:9C:2C:95:2C:B3:76:C9:3A:AA:33:7D:D7:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x9qC6HeTPZwslSyzdsk6qjN919I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/cb537d-d7ef-409c-823c-eae4f6d33ca6/1/IJFpOlHP_bqeBi2k4AZb1xDaLuE.roa
Signing time:             Sat 01 Jan 2022 03:51:18 +0000
ROA not before:           Sat 01 Jan 2022 03:51:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198024
IP address blocks:        185.124.88.0/22 maxlen: 22
                          2a05:b080::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121514179 (0x73e28c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7da82e877933d9c2c952cb376c93aaa337dd7d2
        Validity
            Not Before: Jan  1 03:51:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2091693a51cffdba9e062da4e0065bd710da2ee1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:68:23:66:12:1c:42:8b:c6:a7:80:3d:16:2c:
                    c8:97:e5:bd:a3:20:b0:08:af:48:f2:f2:e7:0e:1c:
                    a7:30:d6:15:fe:f8:49:70:3d:93:e9:2d:3d:b1:7d:
                    6d:2e:65:35:02:0c:86:8f:70:79:eb:8e:93:2f:df:
                    26:3a:00:18:78:93:46:19:d0:3a:ea:c1:da:01:88:
                    1d:ed:e3:29:b0:a7:55:f6:ec:d5:03:97:71:39:ac:
                    35:00:3d:ee:f5:89:de:55:fb:66:1d:b9:97:ca:c9:
                    c9:90:86:7c:9d:de:a4:0b:49:15:8b:db:48:71:2f:
                    41:0e:59:34:3c:70:6f:29:f9:a0:45:22:d7:06:c6:
                    4e:85:eb:f0:a4:49:5c:33:3a:d3:b9:d8:a8:76:f7:
                    91:63:24:f4:88:13:36:07:7f:8c:75:9f:ab:b8:7c:
                    9d:3b:17:4c:a1:5b:23:de:7e:06:6b:ec:d9:d4:e2:
                    7b:9a:eb:51:77:47:c2:c5:06:0c:f5:1d:ad:18:62:
                    c2:03:53:59:77:39:0c:82:14:ec:2c:63:12:a6:8a:
                    30:3d:6e:d7:a9:a2:32:87:9e:6f:34:d0:26:74:a5:
                    cc:66:0a:dc:6d:8a:28:fd:02:b0:32:a5:c0:c7:da:
                    11:e2:76:72:c6:98:b1:87:f4:57:92:96:b6:83:65:
                    11:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:91:69:3A:51:CF:FD:BA:9E:06:2D:A4:E0:06:5B:D7:10:DA:2E:E1
            X509v3 Authority Key Identifier:
                keyid:C7:DA:82:E8:77:93:3D:9C:2C:95:2C:B3:76:C9:3A:AA:33:7D:D7:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x9qC6HeTPZwslSyzdsk6qjN919I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cb537d-d7ef-409c-823c-eae4f6d33ca6/1/IJFpOlHP_bqeBi2k4AZb1xDaLuE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cb537d-d7ef-409c-823c-eae4f6d33ca6/1/x9qC6HeTPZwslSyzdsk6qjN919I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.124.88.0/22
                IPv6:
                  2a05:b080::/29

    Signature Algorithm: sha256WithRSAEncryption
         9a:cd:4f:df:03:18:3c:e2:63:f6:15:97:73:7f:2b:f9:6b:68:
         1c:bc:8f:00:42:76:4f:1e:ac:89:db:ef:a9:cb:b2:9f:e0:5c:
         81:d1:2e:9e:60:c1:1a:06:a8:a0:c2:a4:22:94:bd:15:ca:0a:
         1e:ab:6d:99:17:d2:c8:d4:ae:dc:ee:a4:fe:31:80:7f:e9:4e:
         3d:2d:ce:06:79:de:a8:65:fb:c6:5a:6b:65:11:6f:a4:68:1a:
         94:7c:f5:75:38:84:7d:43:17:ce:35:1f:23:95:96:86:b7:2a:
         b6:bb:98:4b:5f:f1:43:5d:fc:fd:c3:73:c1:c9:d7:32:b6:3c:
         e0:4f:6c:dc:cd:e3:a7:72:5e:db:b9:3b:46:2e:d8:2c:c6:6a:
         d0:e0:15:b0:47:81:c5:83:85:6b:ad:3a:a0:9d:3c:97:63:97:
         68:1c:84:0b:6f:f3:ac:12:c5:72:ca:46:ea:5a:e1:53:48:bf:
         af:c7:34:26:79:fb:cf:74:12:ec:71:ec:70:fe:95:9a:4f:d2:
         02:62:03:11:b0:3a:c5:f0:09:53:99:5b:5b:a0:b4:00:f0:7a:
         34:30:6b:14:d0:01:c0:2d:54:bb:2e:2a:fa:7b:02:d0:77:10:
         fd:92:3f:74:c3:6d:d3:9b:29:7d:32:a7:fc:31:17:91:50:38:
         50:22:52:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBz4owzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
N2RhODJlODc3OTMzZDljMmM5NTJjYjM3NmM5M2FhYTMzN2RkN2QyMB4XDTIyMDEw
MTAzNTExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA5MTY5M2E1MWNm
ZmRiYTllMDYyZGE0ZTAwNjViZDcxMGRhMmVlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9oI2YSHEKLxqeAPRYsyJflvaMgsAivSPLy5w4cpzDWFf74
SXA9k+ktPbF9bS5lNQIMho9weeuOky/fJjoAGHiTRhnQOurB2gGIHe3jKbCnVfbs
1QOXcTmsNQA97vWJ3lX7Zh25l8rJyZCGfJ3epAtJFYvbSHEvQQ5ZNDxwbyn5oEUi
1wbGToXr8KRJXDM607nYqHb3kWMk9IgTNgd/jHWfq7h8nTsXTKFbI95+Bmvs2dTi
e5rrUXdHwsUGDPUdrRhiwgNTWXc5DIIU7CxjEqaKMD1u16miMoeebzTQJnSlzGYK
3G2KKP0CsDKlwMfaEeJ2csaYsYf0V5KWtoNlEX0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQgkWk6Uc/9up4GLaTgBlvXENou4TAfBgNVHSMEGDAWgBTH2oLod5M9nCyV
LLN2yTqqM33X0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g5cUM2SGVUUFp3c2xTeXpkc2s2cWpOOTE5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvY2I1MzdkLWQ3ZWYtNDA5Yy04MjNjLWVhZTRmNmQzM2NhNi8x
L0lKRnBPbEhQX2JxZUJpMms0QVpiMXhEYUx1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
Y2I1MzdkLWQ3ZWYtNDA5Yy04MjNjLWVhZTRmNmQzM2NhNi8xL3g5cUM2SGVUUFp3
c2xTeXpkc2s2cWpOOTE5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl8WDANBAIAAjAHAwUDKgWwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAms1P3wMYPOJj9hWXc38r+WtoHLyPAEJ2Tx6sidvv
qcuyn+BcgdEunmDBGgaooMKkIpS9FcoKHqttmRfSyNSu3O6k/jGAf+lOPS3OBnne
qGX7xlprZRFvpGgalHz1dTiEfUMXzjUfI5WWhrcqtruYS1/xQ138/cNzwcnXMrY8
4E9s3M3jp3Je27k7Ri7YLMZq0OAVsEeBxYOFa606oJ08l2OXaByEC2/zrBLFcspG
6lrhU0i/r8c0Jnn7z3QS7HHscP6Vmk/SAmIDEbA6xfAJU5lbW6C0APB6NDBrFNAB
wC1Uuy4q+nsC0HcQ/ZI/dMNt05spfTKn/DEXkVA4UCJSfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:02 2024 by rpki-client on console-ams.rpki-client.org