Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/98d620-1599-4863-9629-356505303c49/1/6GgTQH83mioq0BRc629o54XkQos.roa
File:                     6GgTQH83mioq0BRc629o54XkQos.roa (raw, json)
Hash identifier:          RfN+iEmx5yzagyquZf6qUip/7Ni20qHHZWvnjIDibAA=
Subject key identifier:   E8:68:13:40:7F:37:9A:2A:2A:D0:14:5C:EB:6F:68:E7:85:E4:42:8B
Certificate issuer:       /CN=06cf19e197bdaf94e6100e0e17808e13d4854f9c
Certificate serial:       026B8063
Authority key identifier: 06:CF:19:E1:97:BD:AF:94:E6:10:0E:0E:17:80:8E:13:D4:85:4F:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bs8Z4Ze9r5TmEA4OF4COE9SFT5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/98d620-1599-4863-9629-356505303c49/1/6GgTQH83mioq0BRc629o54XkQos.roa
Signing time:             Sat 01 Jan 2022 07:58:01 +0000
ROA not before:           Sat 01 Jan 2022 07:58:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201602
IP address blocks:        185.241.144.0/24 maxlen: 24
                          185.241.145.0/24 maxlen: 24
                          185.241.146.0/24 maxlen: 24
                          185.241.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40599651 (0x26b8063)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06cf19e197bdaf94e6100e0e17808e13d4854f9c
        Validity
            Not Before: Jan  1 07:58:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e86813407f379a2a2ad0145ceb6f68e785e4428b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:8d:c5:b5:68:ca:3a:b2:97:5a:2d:c4:dc:d8:
                    81:f4:61:b5:f0:8b:61:1c:6c:33:f4:3b:1c:19:86:
                    18:88:04:8c:e0:f5:c2:a5:2f:d4:84:ee:9f:97:45:
                    03:d0:18:5e:a4:bd:ae:80:45:17:d1:76:6f:0b:c9:
                    7b:83:db:60:a9:de:5b:35:fa:97:e8:3f:3b:77:a6:
                    95:f2:8e:68:fb:ff:9a:8a:05:d0:20:dd:51:20:0f:
                    76:d3:82:5d:61:d7:84:79:08:4d:80:af:8f:8e:1b:
                    92:a6:d0:0d:98:6c:46:97:62:2e:9a:44:bc:19:1d:
                    fe:93:6d:90:ce:2e:d6:93:ad:84:9c:fd:d4:76:70:
                    31:a2:58:50:0e:68:f1:57:1d:19:9c:52:ed:8d:2b:
                    d8:c2:97:81:64:56:97:ff:db:fb:ce:44:ad:d5:12:
                    9f:69:f3:82:f7:3e:4c:1f:42:bb:dd:d4:43:14:0c:
                    bb:98:ce:f4:e3:f7:06:01:0f:82:2c:4b:ef:57:f3:
                    83:fe:7b:b5:d6:60:eb:18:29:28:f0:09:0c:7d:77:
                    f6:9e:db:78:13:fd:68:68:3e:57:38:11:a5:05:13:
                    52:82:76:f5:b9:34:88:2c:9e:b6:22:4a:f8:c5:b4:
                    d5:a3:7d:b1:b5:55:e8:e0:86:d8:56:61:a9:3f:6d:
                    71:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:68:13:40:7F:37:9A:2A:2A:D0:14:5C:EB:6F:68:E7:85:E4:42:8B
            X509v3 Authority Key Identifier:
                keyid:06:CF:19:E1:97:BD:AF:94:E6:10:0E:0E:17:80:8E:13:D4:85:4F:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bs8Z4Ze9r5TmEA4OF4COE9SFT5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/98d620-1599-4863-9629-356505303c49/1/6GgTQH83mioq0BRc629o54XkQos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/98d620-1599-4863-9629-356505303c49/1/Bs8Z4Ze9r5TmEA4OF4COE9SFT5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.241.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a7:a9:fc:28:3f:1e:47:7a:20:3d:5e:33:1f:ee:2b:db:0c:fb:
         14:23:16:0f:62:39:29:c5:38:46:10:a0:cb:75:63:e7:25:b1:
         5c:fd:fb:47:af:dc:c9:20:1f:a1:9d:cb:a5:5e:cd:35:99:be:
         a5:c0:c0:63:fb:b3:82:a2:ac:b9:04:6e:1f:91:29:9c:70:61:
         bc:67:2d:dc:fe:c7:f6:36:b9:3a:fe:3a:11:0e:56:b9:3c:92:
         66:95:65:5e:43:2f:d2:cd:fd:4a:2e:1a:86:2d:84:f0:70:f4:
         65:c2:b6:0b:57:b0:8b:03:0c:53:d8:e1:83:f7:37:0e:9f:f5:
         60:49:e5:77:c6:bf:8f:cc:95:f6:29:07:62:1b:0f:9e:41:65:
         53:95:55:19:90:49:11:c9:b3:8a:e2:d3:5f:e6:8b:b5:6e:d1:
         b9:4a:4a:e6:5e:26:b8:42:a1:d7:1c:e6:c1:76:4a:da:d1:77:
         12:f6:0c:73:f3:8b:68:d2:ab:a1:b3:87:c0:ae:7c:10:f7:44:
         7d:0f:f5:81:98:fb:28:76:78:22:d1:94:7a:56:1f:eb:fc:70:
         b7:ac:13:01:80:9a:5b:f1:73:62:71:82:be:28:5e:3b:6b:2b:
         18:84:12:84:fb:88:fe:96:a8:64:47:09:8f:56:e3:59:ef:23:
         db:b0:ac:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmuAYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NmNmMTllMTk3YmRhZjk0ZTYxMDBlMGUxNzgwOGUxM2Q0ODU0ZjljMB4XDTIyMDEw
MTA3NTgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTg2ODEzNDA3ZjM3
OWEyYTJhZDAxNDVjZWI2ZjY4ZTc4NWU0NDI4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6NxbVoyjqyl1otxNzYgfRhtfCLYRxsM/Q7HBmGGIgEjOD1
wqUv1ITun5dFA9AYXqS9roBFF9F2bwvJe4PbYKneWzX6l+g/O3emlfKOaPv/mooF
0CDdUSAPdtOCXWHXhHkITYCvj44bkqbQDZhsRpdiLppEvBkd/pNtkM4u1pOthJz9
1HZwMaJYUA5o8VcdGZxS7Y0r2MKXgWRWl//b+85ErdUSn2nzgvc+TB9Cu93UQxQM
u5jO9OP3BgEPgixL71fzg/57tdZg6xgpKPAJDH139p7beBP9aGg+VzgRpQUTUoJ2
9bk0iCyetiJK+MW01aN9sbVV6OCG2FZhqT9tcZ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBToaBNAfzeaKirQFFzrb2jnheRCizAfBgNVHSMEGDAWgBQGzxnhl72vlOYQ
Dg4XgI4T1IVPnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JzOFo0WmU5cjVUbUVBNE9GNENPRTlTRlQ1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvOThkNjIwLTE1OTktNDg2My05NjI5LTM1NjUwNTMwM2M0OS8x
LzZHZ1RRSDgzbWlvcTBCUmM2MjlvNTRYa1Fvcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
OThkNjIwLTE1OTktNDg2My05NjI5LTM1NjUwNTMwM2M0OS8xL0JzOFo0WmU5cjVU
bUVBNE9GNENPRTlTRlQ1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnxkDANBgkqhkiG9w0BAQsFAAOC
AQEAp6n8KD8eR3ogPV4zH+4r2wz7FCMWD2I5KcU4RhCgy3Vj5yWxXP37R6/cySAf
oZ3LpV7NNZm+pcDAY/uzgqKsuQRuH5EpnHBhvGct3P7H9ja5Ov46EQ5WuTySZpVl
XkMv0s39Si4ahi2E8HD0ZcK2C1ewiwMMU9jhg/c3Dp/1YEnld8a/j8yV9ikHYhsP
nkFlU5VVGZBJEcmziuLTX+aLtW7RuUpK5l4muEKh1xzmwXZK2tF3EvYMc/OLaNKr
obOHwK58EPdEfQ/1gZj7KHZ4ItGUelYf6/xwt6wTAYCaW/FzYnGCviheO2srGIQS
hPuI/paoZEcJj1bjWe8j27Cstw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:33 2024 by rpki-client on console-fra.rpki-client.org