Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/ZrHNrMgpV8kQBjD0rlgn36FPgQ8.roa
File:                     ZrHNrMgpV8kQBjD0rlgn36FPgQ8.roa (raw, json)
Hash identifier:          /ecBB2Rbf+RF70v3RdFXHTZByJaGtq9/kNKa+RAw5ik=
Subject key identifier:   66:B1:CD:AC:C8:29:57:C9:10:06:30:F4:AE:58:27:DF:A1:4F:81:0F
Certificate issuer:       /CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
Certificate serial:       184FD087
Authority key identifier: E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/ZrHNrMgpV8kQBjD0rlgn36FPgQ8.roa
Signing time:             Sat 01 Jan 2022 09:56:43 +0000
ROA not before:           Sat 01 Jan 2022 09:56:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202194
IP address blocks:        185.50.188.0/22 maxlen: 22
                          185.109.240.0/23 maxlen: 23
                          2a04:c000::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 407883911 (0x184fd087)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
        Validity
            Not Before: Jan  1 09:56:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=66b1cdacc82957c9100630f4ae5827dfa14f810f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:cc:ea:50:ba:73:5b:03:a5:3d:4f:18:29:07:
                    d5:69:02:fe:d4:0f:b2:f4:dc:43:5b:b9:bd:5d:22:
                    f8:76:a2:f2:50:03:6d:e3:6f:f4:e8:07:36:8c:15:
                    ba:17:25:e7:ea:69:42:94:7a:d3:f7:1d:b5:82:9c:
                    ba:b8:e8:77:8f:27:5f:d5:34:16:33:98:ab:84:45:
                    0a:39:b2:03:9f:d2:45:51:64:78:c6:ba:9c:f5:fe:
                    ed:65:a7:81:08:8f:dd:47:d2:fd:99:6e:24:81:29:
                    74:f1:95:15:f4:45:4d:df:41:62:d3:3f:8a:81:45:
                    34:f3:3b:54:80:84:bf:1a:6e:4c:02:f0:ab:05:e3:
                    7f:a7:f7:69:e7:33:83:7c:9c:df:55:e2:02:6d:f4:
                    09:98:04:7d:ea:ce:97:e4:7d:27:4e:33:fc:10:ae:
                    6e:4d:00:89:a1:16:d9:35:cf:54:6d:15:e6:9a:95:
                    30:f3:e0:93:a0:e2:e5:64:a0:4a:a6:08:40:7e:76:
                    01:ce:97:14:a6:d0:91:fd:d2:64:6b:84:ca:7e:b2:
                    f9:95:e4:06:56:11:6a:d8:18:a2:e0:27:fb:c8:81:
                    1d:4f:a7:68:de:73:2e:dd:e6:db:50:7c:aa:78:38:
                    7f:15:a8:f1:9e:1d:9f:63:8f:98:24:de:4e:c5:19:
                    dc:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:B1:CD:AC:C8:29:57:C9:10:06:30:F4:AE:58:27:DF:A1:4F:81:0F
            X509v3 Authority Key Identifier:
                keyid:E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/ZrHNrMgpV8kQBjD0rlgn36FPgQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/5HUh57azir-4i_cem8WgKy7M07M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.50.188.0/22
                  185.109.240.0/23
                IPv6:
                  2a04:c000::/29

    Signature Algorithm: sha256WithRSAEncryption
         0a:83:76:11:70:dd:b0:ca:ec:be:f8:9c:70:6e:3b:a5:2a:5d:
         6b:69:72:08:b8:0f:59:75:af:41:b1:d8:58:69:1f:42:9b:1d:
         73:96:0f:d8:55:ff:4c:11:b2:a0:2c:bc:58:41:af:a2:92:e8:
         10:ff:ac:1a:7a:2f:f8:eb:28:b3:d4:e0:12:1f:c8:e3:d3:38:
         d9:30:2f:5b:84:cc:7f:68:26:23:34:18:25:26:1d:62:f7:7a:
         3e:67:a8:0b:08:d7:60:e7:4a:99:a9:07:3c:8d:83:2a:f5:3e:
         aa:93:64:ae:02:e6:0c:45:60:99:e5:1d:af:9c:1b:c1:3f:e6:
         dd:4e:e7:95:fe:ee:a2:ad:73:d0:f3:4e:96:d4:9a:1b:47:43:
         a2:14:91:16:9e:2b:0f:b8:42:d8:b8:41:30:b6:66:bf:96:f2:
         47:27:e5:df:97:ee:2f:71:9f:8e:ba:a6:ff:fc:1b:8e:c7:cd:
         5f:ea:05:5b:fa:5a:df:31:68:bc:ac:ec:f5:08:6b:03:bc:67:
         1e:7e:ef:3a:fe:51:45:96:e8:b6:a4:aa:3a:f0:8b:00:76:98:
         2f:a0:45:ed:0c:51:d1:66:e8:e6:f3:f9:30:84:7d:ef:97:a2:
         6f:63:ea:3f:f2:96:42:74:bd:6f:fd:18:2e:2c:be:5e:e5:bc:
         91:1e:cf:89
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGE/QhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDc1MjFlN2I2YjM4YWJmYjg4YmY3MWU5YmM1YTAyYjJlY2NkM2IzMB4XDTIyMDEw
MTA5NTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZiMWNkYWNjODI5
NTdjOTEwMDYzMGY0YWU1ODI3ZGZhMTRmODEwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTM6lC6c1sDpT1PGCkH1WkC/tQPsvTcQ1u5vV0i+Hai8lAD
beNv9OgHNowVuhcl5+ppQpR60/cdtYKcurjod48nX9U0FjOYq4RFCjmyA5/SRVFk
eMa6nPX+7WWngQiP3UfS/ZluJIEpdPGVFfRFTd9BYtM/ioFFNPM7VICEvxpuTALw
qwXjf6f3aeczg3yc31XiAm30CZgEferOl+R9J04z/BCubk0AiaEW2TXPVG0V5pqV
MPPgk6Di5WSgSqYIQH52Ac6XFKbQkf3SZGuEyn6y+ZXkBlYRatgYouAn+8iBHU+n
aN5zLt3m21B8qng4fxWo8Z4dn2OPmCTeTsUZ3IECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRmsc2syClXyRAGMPSuWCffoU+BDzAfBgNVHSMEGDAWgBTkdSHntrOKv7iL
9x6bxaArLszTszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVIVWg1N2F6aXItNGlfY2VtOFdnS3k3TTA3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvMTkxMzZlLTQyOWYtNDNhZC05NGVmLTgzNjFhODMwMzUyMi8x
L1pySE5yTWdwVjhrUUJqRDBybGduMzZGUGdROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
MTkxMzZlLTQyOWYtNDNhZC05NGVmLTgzNjFhODMwMzUyMi8xLzVIVWg1N2F6aXIt
NGlfY2VtOFdnS3k3TTA3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkyvAMEAblt8DANBAIAAjAHAwUD
KgTAADANBgkqhkiG9w0BAQsFAAOCAQEACoN2EXDdsMrsvviccG47pSpda2lyCLgP
WXWvQbHYWGkfQpsdc5YP2FX/TBGyoCy8WEGvopLoEP+sGnov+Osos9TgEh/I49M4
2TAvW4TMf2gmIzQYJSYdYvd6PmeoCwjXYOdKmakHPI2DKvU+qpNkrgLmDEVgmeUd
r5wbwT/m3U7nlf7uoq1z0PNOltSaG0dDohSRFp4rD7hC2LhBMLZmv5byRyfl35fu
L3Gfjrqm//wbjsfNX+oFW/pa3zFovKzs9QhrA7xnHn7vOv5RRZbotqSqOvCLAHaY
L6BF7QxR0Wbo5vP5MIR975eib2PqP/KWQnS9b/0YLiy+XuW8kR7PiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:10 2024 by rpki-client on console-fra.rpki-client.org