Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/EF2eALV-qUZGdYCFO2TxrDCftwg.roa
File:                     EF2eALV-qUZGdYCFO2TxrDCftwg.roa (raw, json)
Hash identifier:          UjLfXvBJv1F8R54uket9coy0wwqWJkJRJ+cYst/8ec4=
Subject key identifier:   10:5D:9E:00:B5:7E:A9:46:46:75:80:85:3B:64:F1:AC:30:9F:B7:08
Certificate issuer:       /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial:       0183F6EB7EBF9F6223C8CE3F619D7EF6A21A
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/EF2eALV-qUZGdYCFO2TxrDCftwg.roa
Signing time:             Thu 20 Oct 2022 19:42:51 +0000
ROA not before:           Thu 20 Oct 2022 19:42:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.103.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f6:eb:7e:bf:9f:62:23:c8:ce:3f:61:9d:7e:f6:a2:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
        Validity
            Not Before: Oct 20 19:42:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=105d9e00b57ea946467580853b64f1ac309fb708
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:31:ff:ca:26:de:a8:89:a1:25:21:6b:70:b4:
                    cc:b0:83:0a:01:93:fc:66:1e:08:78:3d:5f:1b:93:
                    b1:c5:d5:f7:61:6b:89:10:94:39:c2:62:81:6a:e8:
                    9b:bc:d3:5e:f4:9b:60:42:c0:05:ca:b5:78:40:d9:
                    e5:8f:57:e1:19:fc:f1:19:ba:d3:61:43:4b:7a:e0:
                    f9:83:7e:65:ee:26:6b:85:8a:73:97:3b:8a:95:bf:
                    2a:30:e3:3d:44:a5:53:a6:65:ea:6e:29:ea:af:eb:
                    72:7b:d0:90:5c:39:6c:9d:cb:f9:02:38:b6:31:11:
                    a2:0e:8f:06:44:1f:55:6c:a4:ab:03:bc:99:9b:55:
                    92:8b:73:02:3e:63:74:2e:f6:3a:d8:b7:09:a6:65:
                    dc:5b:2d:5e:bb:8c:f5:5b:95:74:73:4c:a8:de:09:
                    6b:58:f6:9e:b9:18:3d:f3:0c:31:f9:7f:6e:7e:73:
                    00:c1:4c:fc:5e:38:7f:1e:73:41:67:91:1d:23:51:
                    48:84:de:ac:bc:4b:5b:4c:47:d9:57:b4:29:34:a8:
                    da:46:04:41:15:1e:fd:f8:c4:ba:35:eb:89:4c:3a:
                    d4:d0:e1:ad:c4:61:6c:b3:68:04:06:9a:35:68:c1:
                    15:1b:fe:e3:59:7f:f3:0b:ed:b9:27:3a:82:0e:fe:
                    fc:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:5D:9E:00:B5:7E:A9:46:46:75:80:85:3B:64:F1:AC:30:9F:B7:08
            X509v3 Authority Key Identifier:
                keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/EF2eALV-qUZGdYCFO2TxrDCftwg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.103.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:19:ef:28:40:70:f4:53:50:19:b0:4f:4d:42:aa:44:36:12:
         9e:f0:ed:29:b4:16:c2:c9:d5:69:7b:9f:84:62:2c:8f:70:f6:
         ef:c0:ca:fc:09:5e:9f:1b:46:62:e9:75:12:a3:e7:52:aa:9c:
         dd:b3:ed:99:e7:97:d9:4d:05:3e:24:ff:b7:ec:93:8a:7e:a3:
         de:68:4c:d3:df:9e:7f:d2:ef:e6:23:e7:18:2e:4f:c4:a7:9d:
         34:56:80:79:e1:2e:65:01:b9:9f:e5:4a:b8:78:7a:d9:df:1b:
         d2:6b:3c:a4:4e:47:c3:e8:e7:65:ae:e8:ce:48:89:1f:90:cc:
         60:43:2d:01:34:b5:50:e6:03:c7:56:58:35:cf:8c:42:ce:43:
         46:5b:04:ab:80:56:fc:dd:0e:6e:23:ac:ca:17:3d:93:73:c0:
         66:53:21:ff:8e:eb:ea:a6:d5:5d:2a:ec:35:9a:1a:67:09:6a:
         29:3b:3e:e2:33:6d:31:11:3e:b3:cc:73:a7:66:9a:b2:21:7c:
         3c:96:b5:16:d6:d8:6f:de:b7:7f:7b:a0:f3:29:4a:f4:a1:d7:
         1f:3d:9c:b6:96:54:f8:b4:95:bd:d7:84:e1:4c:6b:e1:7f:64:
         87:e1:21:52:89:da:70:1b:b8:b9:0e:9f:97:08:ca:2d:8c:4a:
         b3:f4:3a:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP2636/n2IjyM4/YZ1+9qIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MjE5ZWM3MzgzZmEwNjEwNDgwZGRmYTYyYzNmODJjNDAw
Y2Q1NmYwHhcNMjIxMDIwMTk0MjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDVkOWUwMGI1N2VhOTQ2NDY3NTgwODUzYjY0ZjFhYzMwOWZiNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzH/yibeqImhJSFrcLTMsIMKAZP8
Zh4IeD1fG5OxxdX3YWuJEJQ5wmKBauibvNNe9JtgQsAFyrV4QNnlj1fhGfzxGbrT
YUNLeuD5g35l7iZrhYpzlzuKlb8qMOM9RKVTpmXqbinqr+tye9CQXDlsncv5Aji2
MRGiDo8GRB9VbKSrA7yZm1WSi3MCPmN0LvY62LcJpmXcWy1eu4z1W5V0c0yo3glr
WPaeuRg98wwx+X9ufnMAwUz8Xjh/HnNBZ5EdI1FIhN6svEtbTEfZV7QpNKjaRgRB
FR79+MS6NeuJTDrU0OGtxGFss2gEBpo1aMEVG/7jWX/zC+25JzqCDv78TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBBdngC1fqlGRnWAhTtk8awwn7cIMB8GA1UdIwQY
MBaAFNchnsc4P6BhBIDd+mLD+CxADNVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4Yjct
ZDBjODJhM2NmNGI2LzEvRUYyZUFMVi1xVVpHZFlDRk8yVHhyRENmdHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4YjctZDBjODJhM2NmNGI2
LzEvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWcEMA0G
CSqGSIb3DQEBCwUAA4IBAQAnGe8oQHD0U1AZsE9NQqpENhKe8O0ptBbCydVpe5+E
YiyPcPbvwMr8CV6fG0Zi6XUSo+dSqpzds+2Z55fZTQU+JP+37JOKfqPeaEzT355/
0u/mI+cYLk/Ep500VoB54S5lAbmf5Uq4eHrZ3xvSazykTkfD6OdlrujOSIkfkMxg
Qy0BNLVQ5gPHVlg1z4xCzkNGWwSrgFb83Q5uI6zKFz2Tc8BmUyH/juvqptVdKuw1
mhpnCWopOz7iM20xET6zzHOnZpqyIXw8lrUW1thv3rd/e6DzKUr0odcfPZy2llT4
tJW914ThTGvhf2SH4SFSidpwG7i5Dp+XCMotjEqz9Dop
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:10 2024 by rpki-client on console-fra.rpki-client.org