Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vBiXKXCllpcEFXhx_larC0tKUbY.roa
File:                     vBiXKXCllpcEFXhx_larC0tKUbY.roa (raw, json)
Hash identifier:          rzH3ybtGcWB9m/nxFjonjb6jf6RTfFHuFumHwySWZr4=
Subject key identifier:   BC:18:97:29:70:A5:96:97:04:15:78:71:FE:56:AB:0B:4B:4A:51:B6
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0182CEB2C506966354FC4B15DA0E62263A2E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vBiXKXCllpcEFXhx_larC0tKUbY.roa
Signing time:             Wed 24 Aug 2022 07:13:18 +0000
ROA not before:           Wed 24 Aug 2022 07:13:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208911
IP address blocks:        164.40.185.0/24 maxlen: 24
                          80.76.49.0/24 maxlen: 24
                          185.218.139.0/24 maxlen: 24
                          193.222.98.0/24 maxlen: 24
                          194.48.248.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ce:b2:c5:06:96:63:54:fc:4b:15:da:0e:62:26:3a:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 24 07:13:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bc18972970a5969704157871fe56ab0b4b4a51b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:14:16:2c:0f:49:47:8b:8c:52:d6:3a:85:63:
                    fe:39:0c:e0:6e:0d:77:f4:1c:55:ab:5f:8b:6c:92:
                    f8:77:f6:d0:bb:40:fe:7c:c4:0f:28:de:7e:c2:81:
                    75:4c:77:82:a1:50:34:21:0f:a2:b9:9c:dd:c6:40:
                    b6:8b:03:7c:44:da:45:1c:08:3b:c1:4b:31:ae:9f:
                    b5:a1:e9:cc:a6:bf:00:84:69:bb:fd:b3:d9:37:df:
                    c9:5f:d5:01:36:44:c4:17:43:35:c6:51:82:0e:05:
                    0c:d8:56:4f:0d:f2:40:97:c7:a3:41:4c:65:9c:e0:
                    b9:5f:8c:60:7d:9e:72:f3:a8:94:67:a9:5e:18:4d:
                    8e:f8:1f:ff:4a:61:a0:3b:ba:b8:75:5f:2c:dc:f9:
                    04:b1:a7:c1:0c:3d:f9:8e:c9:bf:83:15:ff:17:e6:
                    b4:b7:25:7f:e2:06:af:b5:be:2a:93:70:3b:0d:fc:
                    e9:6c:9f:87:35:46:f6:87:92:f1:3c:59:8a:18:fe:
                    64:8f:dc:1f:5c:c5:45:8d:1f:6b:70:e2:93:f2:37:
                    3f:91:86:de:22:19:7c:63:0e:2c:bf:13:93:b2:3a:
                    e6:56:2f:03:a1:d3:bc:19:61:af:3f:57:d4:c8:99:
                    82:e1:7c:b7:14:d9:4e:c5:63:0b:26:08:59:a1:2f:
                    65:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:18:97:29:70:A5:96:97:04:15:78:71:FE:56:AB:0B:4B:4A:51:B6
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vBiXKXCllpcEFXhx_larC0tKUbY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.76.49.0/24
                  164.40.185.0/24
                  185.218.139.0/24
                  193.222.98.0/24
                  194.48.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:0c:aa:e8:71:b3:14:44:1f:f4:0b:95:2c:8b:1c:75:68:71:
         91:e3:66:06:37:64:e3:83:90:d0:e6:f8:95:96:d9:e2:06:85:
         d8:4b:3a:7a:7f:5b:1b:c7:66:a1:72:8e:7e:ee:bc:9a:cc:38:
         3f:e0:55:d9:01:6d:0c:b6:d3:dc:ff:20:1f:7b:27:0e:2a:d2:
         a0:68:5f:f8:9b:93:13:35:b1:2d:fa:04:8a:78:77:05:40:0d:
         74:7a:b9:07:cb:11:2b:71:ba:cc:f9:1c:6b:19:52:60:75:8b:
         f0:70:15:1b:5c:42:a0:6c:3b:d1:46:a0:37:f1:7d:12:c3:00:
         86:f7:52:17:42:ae:fb:8f:77:dd:f4:2e:04:09:8c:c4:90:52:
         30:4f:1a:1e:f5:5a:50:1f:b9:ce:66:8f:e2:0c:34:ba:03:ee:
         d8:58:84:29:97:db:d0:ba:6d:b5:e3:6e:eb:7e:4f:4c:b6:2e:
         40:6f:8c:79:e0:7b:a7:7b:44:1f:5d:df:79:8f:96:16:ae:4a:
         6b:c3:bf:c6:e7:80:96:26:ab:5c:25:8e:ef:a4:b0:61:f7:90:
         0e:49:e2:1c:f5:07:f7:c2:a0:f1:6d:a0:25:be:62:29:f8:b1:
         ae:88:7e:8b:38:c4:8e:4b:72:34:96:aa:39:50:e4:c4:79:35:
         a1:9d:12:ef
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYLOssUGlmNU/EsV2g5iJjouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODI0MDcxMzE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE4OTcyOTcwYTU5Njk3MDQxNTc4NzFmZTU2YWIwYjRiNGE1MWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBQWLA9JR4uMUtY6hWP+OQzgbg13
9BxVq1+LbJL4d/bQu0D+fMQPKN5+woF1THeCoVA0IQ+iuZzdxkC2iwN8RNpFHAg7
wUsxrp+1oenMpr8AhGm7/bPZN9/JX9UBNkTEF0M1xlGCDgUM2FZPDfJAl8ejQUxl
nOC5X4xgfZ5y86iUZ6leGE2O+B//SmGgO7q4dV8s3PkEsafBDD35jsm/gxX/F+a0
tyV/4gavtb4qk3A7DfzpbJ+HNUb2h5LxPFmKGP5kj9wfXMVFjR9rcOKT8jc/kYbe
Ihl8Yw4svxOTsjrmVi8DodO8GWGvP1fUyJmC4Xy3FNlOxWMLJghZoS9lHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLwYlylwpZaXBBV4cf5WqwtLSlG2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdkJpWEtYQ2xscGNFRlhoeF9sYXJDMHRLVWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEwxAwQA
pCi5AwQAudqLAwQAwd5iAwQAwjD4MA0GCSqGSIb3DQEBCwUAA4IBAQAEDKrocbMU
RB/0C5Usixx1aHGR42YGN2Tjg5DQ5viVltniBoXYSzp6f1sbx2ahco5+7ryazDg/
4FXZAW0MttPc/yAfeycOKtKgaF/4m5MTNbEt+gSKeHcFQA10erkHyxErcbrM+Rxr
GVJgdYvwcBUbXEKgbDvRRqA38X0SwwCG91IXQq77j3fd9C4ECYzEkFIwTxoe9VpQ
H7nOZo/iDDS6A+7YWIQpl9vQum21427rfk9Mti5Ab4x54Hune0QfXd95j5YWrkpr
w7/G54CWJqtcJY7vpLBh95AOSeIc9Qf3wqDxbaAlvmIp+LGuiH6LOMSOS3I0lqo5
UOTEeTWhnRLv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:45 2024 by rpki-client on console-ams.rpki-client.org