Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/f55d44-5893-4c22-b0b7-c655ad594193/1/ErK4BYzVpQtCvnhdfh1Adp-cs4o.roa
File:                     ErK4BYzVpQtCvnhdfh1Adp-cs4o.roa (raw, json)
Hash identifier:          rvSoi4xXb7fiyGKym7xH/hlG4yf97eh6ZS0nMYiaJ6g=
Subject key identifier:   12:B2:B8:05:8C:D5:A5:0B:42:BE:78:5D:7E:1D:40:76:9F:9C:B3:8A
Certificate issuer:       /CN=ec167bb6b061fffa629dd2a84ccf7db44c71a351
Certificate serial:       1BF6B6A9
Authority key identifier: EC:16:7B:B6:B0:61:FF:FA:62:9D:D2:A8:4C:CF:7D:B4:4C:71:A3:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7BZ7trBh__pindKoTM99tExxo1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/f55d44-5893-4c22-b0b7-c655ad594193/1/ErK4BYzVpQtCvnhdfh1Adp-cs4o.roa
Signing time:             Sat 01 Jan 2022 02:52:40 +0000
ROA not before:           Sat 01 Jan 2022 02:52:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     65011
IP address blocks:        185.3.30.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 469153449 (0x1bf6b6a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec167bb6b061fffa629dd2a84ccf7db44c71a351
        Validity
            Not Before: Jan  1 02:52:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=12b2b8058cd5a50b42be785d7e1d40769f9cb38a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:7d:68:ee:eb:9c:ab:b0:08:dc:f4:4c:38:7e:
                    b0:c3:34:b0:80:46:b5:ad:e9:69:19:87:3f:67:14:
                    de:98:76:5f:4e:1d:65:09:e3:7f:ea:be:6d:ee:a7:
                    9a:93:4b:58:cd:c1:93:34:5c:9c:59:8e:be:3b:b6:
                    ca:12:d3:68:e9:7f:c0:56:88:7e:f7:88:c5:c6:8e:
                    01:ec:20:aa:55:da:18:92:6e:5e:fd:8b:4c:79:49:
                    85:84:9a:3f:04:e2:70:4f:9b:41:72:75:8d:64:03:
                    7b:cb:76:f2:54:dc:8b:4b:9a:c1:7e:6f:26:fc:d3:
                    12:42:b4:40:95:07:08:59:d0:5c:11:3c:90:5b:13:
                    24:9e:a5:fb:a6:97:0a:98:7b:2d:5c:14:b0:f3:7a:
                    30:6f:1c:d2:d2:ee:75:cb:77:2a:0d:4c:38:59:41:
                    f6:4c:26:f4:4b:8a:c3:f7:c7:d4:1c:01:15:91:16:
                    55:3f:97:23:50:cd:08:18:01:f0:b7:71:46:38:55:
                    40:57:39:96:9e:c8:5a:90:c9:a3:94:dd:61:02:64:
                    61:77:c5:bd:99:3b:40:04:b3:f3:ac:17:19:1c:c0:
                    cd:df:08:75:a6:19:47:a6:2e:be:96:a7:3c:f6:46:
                    70:20:36:71:86:62:83:55:0e:01:2c:a3:d8:6d:be:
                    7a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:B2:B8:05:8C:D5:A5:0B:42:BE:78:5D:7E:1D:40:76:9F:9C:B3:8A
            X509v3 Authority Key Identifier:
                keyid:EC:16:7B:B6:B0:61:FF:FA:62:9D:D2:A8:4C:CF:7D:B4:4C:71:A3:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7BZ7trBh__pindKoTM99tExxo1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/f55d44-5893-4c22-b0b7-c655ad594193/1/ErK4BYzVpQtCvnhdfh1Adp-cs4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/f55d44-5893-4c22-b0b7-c655ad594193/1/7BZ7trBh__pindKoTM99tExxo1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.3.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:33:60:2c:df:98:72:3d:85:b9:9c:29:8c:8d:5a:57:84:2c:
         d9:b0:36:dd:7d:00:eb:dc:59:09:3e:cb:46:02:f5:29:d6:17:
         da:7d:76:34:06:df:8e:63:c9:ef:50:41:53:5a:43:c2:ce:70:
         a9:b5:61:b3:0c:8a:6c:4d:90:af:ee:a0:d0:c7:76:e9:0e:7c:
         5e:14:26:47:37:57:0a:cc:95:3f:06:3e:8e:18:91:78:f1:13:
         5a:13:f6:d2:79:8f:14:52:b8:f6:cb:61:80:18:bf:29:b8:0e:
         ef:b9:60:8f:6f:f0:cd:1e:8a:14:b0:64:c1:fc:10:77:7f:12:
         ae:57:f8:c4:0a:11:47:74:84:c9:0c:a2:a6:b5:d6:f1:43:5e:
         08:69:1b:68:47:93:cf:80:40:ec:d5:48:d8:dd:a4:33:df:ca:
         f6:33:26:da:7a:1f:4b:ee:24:b6:66:b7:fc:b1:ff:a0:f6:13:
         b9:ca:7e:4e:90:dd:a8:fd:ed:3d:e8:29:49:e7:a4:7d:f1:73:
         35:43:86:58:47:70:1b:64:43:60:4e:96:52:94:b9:1e:2d:fa:
         f2:9b:9d:8c:d4:b3:a6:bf:31:39:83:a7:e1:27:12:99:65:33:
         55:04:ff:ec:3a:c9:ed:84:e7:02:a3:cc:29:eb:59:04:e0:40:
         fd:f7:0e:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG/a2qTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzE2N2JiNmIwNjFmZmZhNjI5ZGQyYTg0Y2NmN2RiNDRjNzFhMzUxMB4XDTIyMDEw
MTAyNTI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTJiMmI4MDU4Y2Q1
YTUwYjQyYmU3ODVkN2UxZDQwNzY5ZjljYjM4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJF9aO7rnKuwCNz0TDh+sMM0sIBGta3paRmHP2cU3ph2X04d
ZQnjf+q+be6nmpNLWM3BkzRcnFmOvju2yhLTaOl/wFaIfveIxcaOAewgqlXaGJJu
Xv2LTHlJhYSaPwTicE+bQXJ1jWQDe8t28lTci0uawX5vJvzTEkK0QJUHCFnQXBE8
kFsTJJ6l+6aXCph7LVwUsPN6MG8c0tLudct3Kg1MOFlB9kwm9EuKw/fH1BwBFZEW
VT+XI1DNCBgB8LdxRjhVQFc5lp7IWpDJo5TdYQJkYXfFvZk7QASz86wXGRzAzd8I
daYZR6YuvpanPPZGcCA2cYZig1UOASyj2G2+ekUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQSsrgFjNWlC0K+eF1+HUB2n5yzijAfBgNVHSMEGDAWgBTsFnu2sGH/+mKd
0qhMz320THGjUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdCWjd0ckJoX19waW5kS29UTTk5dEV4eG8xRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZjU1ZDQ0LTU4OTMtNGMyMi1iMGI3LWM2NTVhZDU5NDE5My8x
L0VySzRCWXpWcFF0Q3ZuaGRmaDFBZHAtY3M0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZjU1ZDQ0LTU4OTMtNGMyMi1iMGI3LWM2NTVhZDU5NDE5My8xLzdCWjd0ckJoX19w
aW5kS29UTTk5dEV4eG8xRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkDHjANBgkqhkiG9w0BAQsFAAOC
AQEAATNgLN+Ycj2FuZwpjI1aV4Qs2bA23X0A69xZCT7LRgL1KdYX2n12NAbfjmPJ
71BBU1pDws5wqbVhswyKbE2Qr+6g0Md26Q58XhQmRzdXCsyVPwY+jhiRePETWhP2
0nmPFFK49sthgBi/KbgO77lgj2/wzR6KFLBkwfwQd38Srlf4xAoRR3SEyQyiprXW
8UNeCGkbaEeTz4BA7NVI2N2kM9/K9jMm2nofS+4ktma3/LH/oPYTucp+TpDdqP3t
PegpSeekffFzNUOGWEdwG2RDYE6WUpS5Hi368pudjNSzpr8xOYOn4ScSmWUzVQT/
7DrJ7YTnAqPMKetZBOBA/fcOIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:53 2024 by rpki-client on console-ams.rpki-client.org