Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/d19zjlR_rbUxCc1N5hwcp5qGvhs.roa
File:                     d19zjlR_rbUxCc1N5hwcp5qGvhs.roa (raw, json)
Hash identifier:          x0DF4JNycioexu5aERgSvSxOoY6RYXm3HIqGQ2EiESY=
Subject key identifier:   77:5F:73:8E:54:7F:AD:B5:31:09:CD:4D:E6:1C:1C:A7:9A:86:BE:1B
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       0AB66E10
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/d19zjlR_rbUxCc1N5hwcp5qGvhs.roa
Signing time:             Sat 01 Jan 2022 08:05:48 +0000
ROA not before:           Sat 01 Jan 2022 08:05:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34984
IP address blocks:        185.169.181.0/24 maxlen: 24
                          185.174.22.0/24 maxlen: 24
                          185.174.23.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 179727888 (0xab66e10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Jan  1 08:05:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=775f738e547fadb53109cd4de61c1ca79a86be1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1f:0e:b9:af:c2:06:b6:34:b9:78:82:21:0f:
                    ca:78:47:06:a2:05:dc:81:d4:1e:df:6a:93:21:ac:
                    9e:02:d3:5b:4b:8e:d7:0a:aa:82:2c:75:0a:b7:ff:
                    f3:5d:46:0f:ae:22:c7:d8:a8:1f:c5:c0:e7:6f:07:
                    d0:61:01:b0:45:15:a1:26:5c:60:bb:88:23:3d:42:
                    a7:19:96:23:8c:87:ac:e3:07:c8:97:2e:5c:9b:e8:
                    58:12:5b:e0:a0:37:d5:b4:73:aa:0a:f3:f4:0f:6a:
                    b2:73:8a:6c:fc:ba:ad:68:40:ac:a0:f1:4f:57:13:
                    9f:89:0b:2a:69:03:fc:1f:e0:88:8a:f9:39:b3:48:
                    ce:6a:f9:65:ab:a6:f1:26:ca:3c:dc:30:06:f9:ff:
                    f6:e4:d0:04:f0:85:0d:08:32:b4:c9:95:95:d8:55:
                    7c:fd:c1:ae:0a:3e:7e:67:65:ae:94:22:c9:d4:45:
                    bb:01:43:34:3e:89:6a:18:37:69:25:c6:11:f0:b0:
                    08:58:38:06:39:03:69:de:7a:32:d1:e4:e0:0f:78:
                    1b:f9:fd:f2:35:f6:f0:17:a3:e6:04:2c:47:4f:52:
                    7a:14:54:2c:d4:b0:59:3d:0b:5d:31:d7:e4:80:e2:
                    49:89:f2:66:c1:6d:69:6f:5f:b7:4f:37:9c:25:03:
                    30:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:5F:73:8E:54:7F:AD:B5:31:09:CD:4D:E6:1C:1C:A7:9A:86:BE:1B
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/d19zjlR_rbUxCc1N5hwcp5qGvhs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.169.181.0/24
                  185.174.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9a:80:c9:fd:f9:19:4b:4c:9b:10:de:e4:fe:90:9f:4f:87:21:
         9d:a5:1a:ae:45:92:44:48:7f:2b:c5:04:09:92:bf:7f:c8:47:
         7a:24:fe:1e:91:bb:b7:01:75:4c:d4:70:df:02:98:11:4b:cc:
         72:8e:25:6a:5c:95:ab:8f:4e:e1:08:51:dd:c3:f2:63:65:45:
         d4:b1:b4:2c:e6:30:1b:04:7e:88:4b:3e:fb:68:56:a2:62:ed:
         bb:67:0f:75:7c:bb:17:81:6c:5d:3f:d0:f6:38:41:99:27:d1:
         a3:c9:e7:b1:b7:aa:24:42:c7:e2:e1:21:da:ac:56:fe:6a:dc:
         2d:5d:69:42:87:69:7f:38:1a:ca:7c:5c:a1:08:f3:44:9a:00:
         f3:6a:06:c3:86:4e:f4:51:ce:f9:df:cb:ed:c9:b0:58:28:59:
         23:56:eb:be:68:d9:c4:d4:ab:90:a5:f4:12:6b:02:ac:bd:a2:
         47:bf:ea:fc:d8:bd:39:fe:e6:d5:71:76:c1:20:17:fa:c0:82:
         f8:be:f5:43:08:cc:a1:10:1e:17:ee:22:3f:8f:02:f1:d2:12:
         b1:53:f5:92:d5:d9:f8:6b:a3:6b:ef:58:8d:8f:44:88:a8:a9:
         a4:f4:3a:33:3e:77:2f:32:09:ae:1e:af:c3:7f:39:1f:1f:b7:
         8d:1b:6d:c5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECrZuEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDBkYTQzYjRhNWQzZGI3OGJhM2Y3NzRlNWIzMWI3NzAzNzIwMmQ1MB4XDTIyMDEw
MTA4MDU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc1ZjczOGU1NDdm
YWRiNTMxMDljZDRkZTYxYzFjYTc5YTg2YmUxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwfDrmvwga2NLl4giEPynhHBqIF3IHUHt9qkyGsngLTW0uO
1wqqgix1Crf/811GD64ix9ioH8XA528H0GEBsEUVoSZcYLuIIz1CpxmWI4yHrOMH
yJcuXJvoWBJb4KA31bRzqgrz9A9qsnOKbPy6rWhArKDxT1cTn4kLKmkD/B/giIr5
ObNIzmr5Zaum8SbKPNwwBvn/9uTQBPCFDQgytMmVldhVfP3Brgo+fmdlrpQiydRF
uwFDND6Jahg3aSXGEfCwCFg4BjkDad56MtHk4A94G/n98jX28Bej5gQsR09SehRU
LNSwWT0LXTHX5IDiSYnyZsFtaW9ft083nCUDMNcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR3X3OOVH+ttTEJzU3mHBynmoa+GzAfBgNVHSMEGDAWgBStDaQ7Sl09t4uj
93Tlsxt3A3IC1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JRMmtPMHBkUGJlTG9fZDA1Yk1iZHdOeUF0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvZGQ4MDk2LTE0Y2MtNDg4ZC05MjU3LWM1MTVmMzU0Y2M1YS8x
L2QxOXpqbFJfcmJVeENjMU41aHdjcDVxR3Zocy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
ZGQ4MDk2LTE0Y2MtNDg4ZC05MjU3LWM1MTVmMzU0Y2M1YS8xL3JRMmtPMHBkUGJl
TG9fZDA1Yk1iZHdOeUF0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmptQMEAbmuFjANBgkqhkiG9w0B
AQsFAAOCAQEAmoDJ/fkZS0ybEN7k/pCfT4chnaUarkWSREh/K8UECZK/f8hHeiT+
HpG7twF1TNRw3wKYEUvMco4lalyVq49O4QhR3cPyY2VF1LG0LOYwGwR+iEs++2hW
omLtu2cPdXy7F4FsXT/Q9jhBmSfRo8nnsbeqJELH4uEh2qxW/mrcLV1pQodpfzga
ynxcoQjzRJoA82oGw4ZO9FHO+d/L7cmwWChZI1brvmjZxNSrkKX0EmsCrL2iR7/q
/Ni9Of7m1XF2wSAX+sCC+L71QwjMoRAeF+4iP48C8dISsVP1ktXZ+Guja+9YjY9E
iKippPQ6Mz53LzIJrh6vw385Hx+3jRttxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org