Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ahE2cQ8pBtFBvo6VxJ4wJ_8Awwc.roa
File:                     ahE2cQ8pBtFBvo6VxJ4wJ_8Awwc.roa (raw, json)
Hash identifier:          HPqXpPqqPPYvrCGKSOZC4N+0oH7nxmH5dlCYDtH0CyE=
Subject key identifier:   6A:11:36:71:0F:29:06:D1:41:BE:8E:95:C4:9E:30:27:FF:00:C3:07
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1ED21A4C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ahE2cQ8pBtFBvo6VxJ4wJ_8Awwc.roa
Signing time:             Tue 31 May 2022 14:55:37 +0000
ROA not before:           Tue 31 May 2022 14:55:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400377
IP address blocks:        185.216.71.0/24 maxlen: 24
                          185.218.138.0/24 maxlen: 24
                          94.154.173.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 517085772 (0x1ed21a4c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 31 14:55:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6a1136710f2906d141be8e95c49e3027ff00c307
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:8e:38:19:f1:0a:a6:92:8e:2b:e2:bb:b2:49:
                    e0:38:92:e3:89:85:84:ef:e1:37:68:f4:ea:a7:92:
                    5f:72:57:04:a0:15:32:73:c0:25:d7:e5:49:b7:07:
                    56:fd:03:3c:78:34:95:b1:53:5c:d5:4c:5e:8a:16:
                    7c:6a:45:d2:bd:8c:68:87:de:94:60:48:f5:74:2e:
                    e1:18:87:6b:db:24:32:02:18:46:f9:c9:52:7c:28:
                    c2:ee:fb:00:23:a8:6c:f3:5c:41:b7:52:6a:9e:9a:
                    ff:9e:0c:ca:13:8b:57:4d:01:c5:cc:d5:d1:ac:b6:
                    5f:4b:82:50:9d:4e:30:c6:2d:79:61:e1:61:59:eb:
                    c4:26:22:69:d7:67:76:eb:a9:12:e4:f1:b4:64:77:
                    61:55:db:c3:ad:77:33:54:af:9d:9b:c8:e1:3d:a3:
                    ad:d4:6b:f4:90:c4:3a:60:76:a6:82:6c:11:1a:20:
                    76:5e:33:3e:7b:ad:e3:14:e3:8e:b7:cb:75:6f:9f:
                    61:08:5b:d5:e4:25:c1:eb:db:bb:7b:ba:c3:f4:7a:
                    00:8f:02:8a:cc:d5:3f:f8:d3:1b:27:db:af:1b:87:
                    db:c4:80:de:29:8f:e9:e0:92:ea:5a:c7:b7:f0:83:
                    8f:c0:28:f1:96:b0:b6:e5:16:a0:a1:5a:9e:4a:60:
                    5a:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:11:36:71:0F:29:06:D1:41:BE:8E:95:C4:9E:30:27:FF:00:C3:07
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ahE2cQ8pBtFBvo6VxJ4wJ_8Awwc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.173.0/24
                  185.216.71.0/24
                  185.218.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:bb:26:91:a6:e3:05:fb:e3:76:2a:06:bc:d4:b1:ac:99:1a:
         8c:5b:db:8f:0a:2a:1b:2e:6e:80:61:b5:a5:82:1e:1d:d8:59:
         cd:09:be:47:31:57:47:4a:ec:3b:05:df:21:50:58:59:9e:d2:
         d4:92:32:bb:e1:d3:1f:56:38:4e:6b:5a:9a:be:37:eb:81:57:
         73:68:15:98:ea:1b:ef:8e:00:b0:5b:ff:d4:64:43:9d:1b:b1:
         63:07:1f:9c:0b:90:05:16:07:29:93:67:a5:a4:9c:fe:74:5b:
         47:eb:7c:34:49:f1:29:18:f6:f8:6e:1a:4a:cb:09:59:88:23:
         79:d5:a9:a6:d5:04:38:71:60:40:3f:22:d1:b6:b8:2b:c1:d4:
         28:38:83:5f:a6:bf:69:b6:63:3b:46:12:2f:d4:10:f1:79:9e:
         3a:d5:8c:13:de:b2:26:6f:56:74:8a:0c:d1:01:97:f2:2e:e4:
         61:ba:30:e2:89:4c:16:cd:de:61:1b:88:63:89:10:3d:d4:7b:
         29:c2:ab:fb:1a:22:57:5e:9c:f9:1a:38:f6:07:f6:1b:d8:f4:
         49:5b:44:0d:4c:c3:c3:21:f8:37:6a:4c:7c:1d:ac:e9:02:b5:
         5b:34:3b:fd:45:52:4c:9c:57:63:f8:2d:5a:01:e6:12:fd:04:
         98:a8:fd:9c
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEHtIaTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUz
MTE0NTUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmExMTM2NzEwZjI5
MDZkMTQxYmU4ZTk1YzQ5ZTMwMjdmZjAwYzMwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2OOBnxCqaSjiviu7JJ4DiS44mFhO/hN2j06qeSX3JXBKAV
MnPAJdflSbcHVv0DPHg0lbFTXNVMXooWfGpF0r2MaIfelGBI9XQu4RiHa9skMgIY
RvnJUnwowu77ACOobPNcQbdSap6a/54MyhOLV00BxczV0ay2X0uCUJ1OMMYteWHh
YVnrxCYiaddnduupEuTxtGR3YVXbw613M1SvnZvI4T2jrdRr9JDEOmB2poJsERog
dl4zPnut4xTjjrfLdW+fYQhb1eQlwevbu3u6w/R6AI8CiszVP/jTGyfbrxuH28SA
3imP6eCS6lrHt/CDj8Ao8ZawtuUWoKFankpgWiMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRqETZxDykG0UG+jpXEnjAn/wDDBzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2FoRTJjUThwQnRGQnZvNlZ4SjR3Sl84QXd3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAF6arQMEALnYRwMEALnaijANBgkq
hkiG9w0BAQsFAAOCAQEAXrsmkabjBfvjdioGvNSxrJkajFvbjwoqGy5ugGG1pYIe
HdhZzQm+RzFXR0rsOwXfIVBYWZ7S1JIyu+HTH1Y4Tmtamr4364FXc2gVmOob744A
sFv/1GRDnRuxYwcfnAuQBRYHKZNnpaSc/nRbR+t8NEnxKRj2+G4aSssJWYgjedWp
ptUEOHFgQD8i0ba4K8HUKDiDX6a/abZjO0YSL9QQ8XmeOtWME96yJm9WdIoM0QGX
8i7kYbow4olMFs3eYRuIY4kQPdR7KcKr+xoiV16c+Ro49gf2G9j0SVtEDUzDwyH4
N2pMfB2s6QK1WzQ7/UVSTJxXY/gtWgHmEv0EmKj9nA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:37 2024 by rpki-client on console-ams.rpki-client.org