Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/G-H_r5r_E3t7ptuSrrCEsw493FI.roa
File:                     G-H_r5r_E3t7ptuSrrCEsw493FI.roa (raw, json)
Hash identifier:          8bInRg2RIQWCLKBjLFG1UWIXg4hC+NjAuORN3zovSs8=
Subject key identifier:   1B:E1:FF:AF:9A:FF:13:7B:7B:A6:DB:92:AE:B0:84:B3:0E:3D:DC:52
Certificate issuer:       /CN=b1ffee7dbf7f4566ea9e30546b2c2a2e7336f2f4
Certificate serial:       1863C3EF
Authority key identifier: B1:FF:EE:7D:BF:7F:45:66:EA:9E:30:54:6B:2C:2A:2E:73:36:F2:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sf_ufb9_RWbqnjBUaywqLnM28vQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/G-H_r5r_E3t7ptuSrrCEsw493FI.roa
Signing time:             Sat 01 Jan 2022 04:02:22 +0000
ROA not before:           Sat 01 Jan 2022 04:02:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        185.144.16.0/22 maxlen: 24
                          2a04:2f81::/42 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 409191407 (0x1863c3ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1ffee7dbf7f4566ea9e30546b2c2a2e7336f2f4
        Validity
            Not Before: Jan  1 04:02:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1be1ffaf9aff137b7ba6db92aeb084b30e3ddc52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:be:7b:c7:53:4b:09:2f:89:c6:3a:5c:b0:5e:
                    77:9e:e2:bb:11:7d:95:54:aa:c9:af:36:99:ec:38:
                    05:66:09:e1:68:87:5f:9f:d1:17:f1:fe:87:01:15:
                    f2:6a:5f:2c:8b:86:e6:5d:e1:d1:c3:2f:e2:cf:cd:
                    ad:99:73:97:09:1a:c9:e1:12:d2:6e:b0:a3:a1:86:
                    79:ac:fa:5a:db:7a:e4:10:f6:a6:f0:54:3a:f3:df:
                    fa:07:33:f9:3d:32:b9:c6:54:6b:2d:97:ed:fa:28:
                    ba:5f:a8:dd:3f:28:e3:58:54:18:01:c8:66:32:f9:
                    79:47:f4:b5:12:8e:82:56:09:9d:91:01:a6:f2:11:
                    d4:f7:96:56:c4:12:5f:90:43:cd:8f:4f:af:f1:a2:
                    ed:37:7e:6f:1a:8d:b2:63:23:f8:e2:40:9c:d9:ca:
                    b9:c5:ab:df:21:1c:97:08:f5:18:57:19:37:b1:ac:
                    58:fe:3c:46:ff:e5:f7:83:5b:e4:88:56:c4:22:c4:
                    2c:6b:f1:4f:ee:ef:85:28:69:b8:e6:0a:e1:01:85:
                    53:0f:35:27:1a:b5:fb:39:20:46:65:a6:ad:c2:fe:
                    17:35:c4:5e:f2:b0:b1:87:cf:97:dc:ae:b9:dd:6f:
                    12:8a:18:81:a4:b7:71:7f:e9:5d:7a:ab:eb:f0:9f:
                    a0:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:E1:FF:AF:9A:FF:13:7B:7B:A6:DB:92:AE:B0:84:B3:0E:3D:DC:52
            X509v3 Authority Key Identifier:
                keyid:B1:FF:EE:7D:BF:7F:45:66:EA:9E:30:54:6B:2C:2A:2E:73:36:F2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sf_ufb9_RWbqnjBUaywqLnM28vQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/G-H_r5r_E3t7ptuSrrCEsw493FI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/sf_ufb9_RWbqnjBUaywqLnM28vQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.144.16.0/22
                IPv6:
                  2a04:2f81::/42

    Signature Algorithm: sha256WithRSAEncryption
         0b:5f:29:4f:33:4a:ed:5e:9f:b5:28:f5:c5:6b:38:e8:34:1e:
         65:1c:6e:ab:4b:6d:49:71:bd:87:eb:88:34:07:ec:ba:c4:8e:
         cd:dc:9d:ff:d0:ec:35:d0:0d:60:f7:b1:88:f8:45:e3:93:87:
         9c:47:93:18:27:7b:fa:ea:4f:b1:c4:f9:92:15:3d:59:4d:ef:
         0a:5f:a8:db:99:b1:b6:05:da:91:04:2d:10:04:58:bc:4f:84:
         f6:d5:99:b9:98:24:2d:9b:ad:ae:d2:74:6a:9d:e3:71:a2:1b:
         b4:14:4b:6b:5f:3c:34:7e:b4:19:b6:43:2c:1f:84:44:5c:74:
         23:b6:f2:2d:d9:7f:e4:47:20:d1:36:74:85:e3:20:ed:66:50:
         a7:94:2a:23:e9:3e:2e:a7:91:40:f1:e4:3c:c4:14:fe:9c:67:
         c3:69:08:e6:c5:e9:a3:8b:df:14:9f:72:1d:b9:79:88:4e:d4:
         c9:40:9f:e6:d7:57:a9:75:37:10:33:35:8b:23:e2:dd:c7:a7:
         14:11:a9:bb:c6:5f:88:f5:6a:53:9d:5a:52:a4:c6:9b:fa:bd:
         58:ed:2d:a9:92:36:c9:45:76:01:8b:58:45:fb:b7:68:14:10:
         d5:c7:ea:48:ef:1f:aa:d5:ac:c0:0b:af:7f:8c:41:a8:4e:93:
         64:0f:94:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEGGPD7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWZmZWU3ZGJmN2Y0NTY2ZWE5ZTMwNTQ2YjJjMmEyZTczMzZmMmY0MB4XDTIyMDEw
MTA0MDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJlMWZmYWY5YWZm
MTM3YjdiYTZkYjkyYWViMDg0YjMwZTNkZGM1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKy+e8dTSwkvicY6XLBed57iuxF9lVSqya82mew4BWYJ4WiH
X5/RF/H+hwEV8mpfLIuG5l3h0cMv4s/NrZlzlwkayeES0m6wo6GGeaz6Wtt65BD2
pvBUOvPf+gcz+T0yucZUay2X7fooul+o3T8o41hUGAHIZjL5eUf0tRKOglYJnZEB
pvIR1PeWVsQSX5BDzY9Pr/Gi7Td+bxqNsmMj+OJAnNnKucWr3yEclwj1GFcZN7Gs
WP48Rv/l94Nb5IhWxCLELGvxT+7vhShpuOYK4QGFUw81Jxq1+zkgRmWmrcL+FzXE
XvKwsYfPl9yuud1vEooYgaS3cX/pXXqr6/CfoKsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQb4f+vmv8Te3um25KusISzDj3cUjAfBgNVHSMEGDAWgBSx/+59v39FZuqe
MFRrLCouczby9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NmX3VmYjlfUldicW5qQlVheXdxTG5NMjh2US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvMmZjYmIyLWMzYzAtNGIxZS04YWQ1LTdmNWY3ODM0NmQ2Zi8x
L0ctSF9yNXJfRTN0N3B0dVNyckNFc3c0OTNGSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
MmZjYmIyLWMzYzAtNGIxZS04YWQ1LTdmNWY3ODM0NmQ2Zi8xL3NmX3VmYjlfUldi
cW5qQlVheXdxTG5NMjh2US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArmQEDAPBAIAAjAJAwcGKgQvgQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQALXylPM0rtXp+1KPXFazjoNB5lHG6rS21Jcb2H
64g0B+y6xI7N3J3/0Ow10A1g97GI+EXjk4ecR5MYJ3v66k+xxPmSFT1ZTe8KX6jb
mbG2BdqRBC0QBFi8T4T21Zm5mCQtm62u0nRqneNxohu0FEtrXzw0frQZtkMsH4RE
XHQjtvIt2X/kRyDRNnSF4yDtZlCnlCoj6T4up5FA8eQ8xBT+nGfDaQjmxemji98U
n3IduXmITtTJQJ/m11epdTcQMzWLI+Ldx6cUEam7xl+I9WpTnVpSpMab+r1Y7S2p
kjbJRXYBi1hF+7doFBDVx+pI7x+q1azAC69/jEGoTpNkD5R0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:53 2024 by rpki-client on console-ams.rpki-client.org