Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/17d0ad-801c-4814-b891-e0a652004878/1/Jg3hCerC1IGhN7RHKQ06RKJ2Z8Q.roa
File:                     Jg3hCerC1IGhN7RHKQ06RKJ2Z8Q.roa (raw, json)
Hash identifier:          bsSlna5JuJSxN0CQIcHD4XgGJ9AnEhbS/IbT66A70Ss=
Subject key identifier:   26:0D:E1:09:EA:C2:D4:81:A1:37:B4:47:29:0D:3A:44:A2:76:67:C4
Certificate issuer:       /CN=794f6b59b439d1769932059d198428cb806ae753
Certificate serial:       04EC06B8
Authority key identifier: 79:4F:6B:59:B4:39:D1:76:99:32:05:9D:19:84:28:CB:80:6A:E7:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eU9rWbQ50XaZMgWdGYQoy4Bq51M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/17d0ad-801c-4814-b891-e0a652004878/1/Jg3hCerC1IGhN7RHKQ06RKJ2Z8Q.roa
Signing time:             Sat 01 Jan 2022 09:58:45 +0000
ROA not before:           Sat 01 Jan 2022 09:58:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205743
IP address blocks:        185.208.4.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82577080 (0x4ec06b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=794f6b59b439d1769932059d198428cb806ae753
        Validity
            Not Before: Jan  1 09:58:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=260de109eac2d481a137b447290d3a44a27667c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:47:ba:50:98:71:e0:81:ee:c0:13:fe:3f:1b:
                    fb:b5:a3:34:da:34:dc:78:76:9c:5e:0a:b9:54:09:
                    ec:19:42:cf:5d:cd:6c:f1:f0:3e:af:f0:6c:96:3f:
                    b8:e8:20:d6:f4:06:09:16:4a:c2:81:b2:b3:cb:4c:
                    d3:80:24:ef:2a:84:ff:76:7e:e3:63:51:ee:51:10:
                    d5:78:cd:cd:de:11:f0:80:1f:0f:c3:f6:b8:ca:fc:
                    b8:14:b7:04:71:9c:ad:cb:60:af:fb:e4:a2:d5:24:
                    08:b9:78:4f:91:02:e5:ef:9f:48:99:a5:b8:20:8a:
                    32:ef:2c:a0:68:b1:fd:30:7d:1f:a7:47:ef:b9:80:
                    c9:b4:ca:06:bf:11:49:86:46:20:3e:ea:44:ad:e8:
                    04:7d:36:45:d2:55:0e:e8:c8:a1:a8:c3:28:8a:93:
                    23:27:75:7e:52:b8:d3:fa:47:8e:91:59:5c:a3:c7:
                    29:af:2b:cd:8c:4b:a3:a5:cb:cb:5f:38:5f:af:ae:
                    0f:c3:00:ed:4f:6b:75:10:ea:40:58:6d:d5:f4:7e:
                    eb:91:da:4e:0d:7e:3c:b7:29:7a:f0:c6:7c:f1:fb:
                    b5:82:84:84:bd:be:ad:38:60:93:8b:40:09:9d:23:
                    6d:63:50:f5:db:77:96:0b:85:23:4a:03:fb:69:47:
                    2a:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:0D:E1:09:EA:C2:D4:81:A1:37:B4:47:29:0D:3A:44:A2:76:67:C4
            X509v3 Authority Key Identifier:
                keyid:79:4F:6B:59:B4:39:D1:76:99:32:05:9D:19:84:28:CB:80:6A:E7:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eU9rWbQ50XaZMgWdGYQoy4Bq51M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17d0ad-801c-4814-b891-e0a652004878/1/Jg3hCerC1IGhN7RHKQ06RKJ2Z8Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17d0ad-801c-4814-b891-e0a652004878/1/eU9rWbQ50XaZMgWdGYQoy4Bq51M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.208.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         56:77:f9:d4:57:b6:19:73:2a:4a:4c:c1:c9:0b:de:70:5d:84:
         4e:92:85:c5:d3:ea:65:14:f1:64:f9:a6:9b:9b:6f:96:7c:a0:
         d8:c3:cb:c0:72:51:ee:e7:9e:2a:8e:aa:14:df:25:1b:fc:b6:
         13:4b:08:c8:5f:db:1b:df:b5:6c:80:9f:4a:98:fe:35:ef:d8:
         63:03:a6:5b:fe:9f:77:9d:0b:ee:17:f4:b1:61:b1:4d:20:91:
         16:e6:d9:b6:a4:f1:92:c8:ae:d4:65:f4:7a:93:6c:ac:66:6e:
         45:37:c5:a1:6f:14:3b:38:c4:c3:a3:f5:da:6e:3a:2d:18:4f:
         df:91:df:fa:83:65:1e:f2:aa:14:46:1e:ad:02:95:87:43:6a:
         2a:9f:c0:58:1a:1d:5d:92:75:ff:54:b0:f3:d7:c3:bf:4b:c4:
         47:c1:08:4d:f4:c0:34:f6:82:a6:05:df:61:7d:84:e5:8c:22:
         9f:6c:da:5c:df:cc:fe:8a:1a:49:dc:eb:6c:cf:51:9b:df:31:
         ac:ce:2b:7e:75:6b:4f:e3:25:50:13:24:b6:5a:50:4d:5b:49:
         d3:72:6f:5c:f4:4b:e2:2a:3d:17:13:7b:d6:bb:ec:9f:a2:0b:
         42:34:3a:e0:c6:ae:00:0f:30:a6:67:62:1d:93:ea:dd:60:59:
         5b:5a:dc:b2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBOwGuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTRmNmI1OWI0MzlkMTc2OTkzMjA1OWQxOTg0MjhjYjgwNmFlNzUzMB4XDTIyMDEw
MTA5NTg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjYwZGUxMDllYWMy
ZDQ4MWExMzdiNDQ3MjkwZDNhNDRhMjc2NjdjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1HulCYceCB7sAT/j8b+7WjNNo03Hh2nF4KuVQJ7BlCz13N
bPHwPq/wbJY/uOgg1vQGCRZKwoGys8tM04Ak7yqE/3Z+42NR7lEQ1XjNzd4R8IAf
D8P2uMr8uBS3BHGcrctgr/vkotUkCLl4T5EC5e+fSJmluCCKMu8soGix/TB9H6dH
77mAybTKBr8RSYZGID7qRK3oBH02RdJVDujIoajDKIqTIyd1flK40/pHjpFZXKPH
Ka8rzYxLo6XLy184X6+uD8MA7U9rdRDqQFht1fR+65HaTg1+PLcpevDGfPH7tYKE
hL2+rThgk4tACZ0jbWNQ9dt3lguFI0oD+2lHKjMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQmDeEJ6sLUgaE3tEcpDTpEonZnxDAfBgNVHSMEGDAWgBR5T2tZtDnRdpky
BZ0ZhCjLgGrnUzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VVOXJXYlE1MFhhWk1nV2RHWVFveTRCcTUxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMTdkMGFkLTgwMWMtNDgxNC1iODkxLWUwYTY1MjAwNDg3OC8x
L0pnM2hDZXJDMUlHaE43UkhLUTA2UktKMlo4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MTdkMGFkLTgwMWMtNDgxNC1iODkxLWUwYTY1MjAwNDg3OC8xL2VVOXJXYlE1MFhh
Wk1nV2RHWVFveTRCcTUxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnQBDANBgkqhkiG9w0BAQsFAAOC
AQEAVnf51Fe2GXMqSkzByQvecF2ETpKFxdPqZRTxZPmmm5tvlnyg2MPLwHJR7uee
Ko6qFN8lG/y2E0sIyF/bG9+1bICfSpj+Ne/YYwOmW/6fd50L7hf0sWGxTSCRFubZ
tqTxksiu1GX0epNsrGZuRTfFoW8UOzjEw6P12m46LRhP35Hf+oNlHvKqFEYerQKV
h0NqKp/AWBodXZJ1/1Sw89fDv0vER8EITfTANPaCpgXfYX2E5Ywin2zaXN/M/ooa
SdzrbM9Rm98xrM4rfnVrT+MlUBMktlpQTVtJ03JvXPRL4io9FxN71rvsn6ILQjQ6
4MauAA8wpmdiHZPq3WBZW1rcsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:54 2024 by rpki-client on console-fra.rpki-client.org