Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/b8WkQjn0U4PISe82ghTy-laRCnk.roa
File:                     b8WkQjn0U4PISe82ghTy-laRCnk.roa (raw, json)
Hash identifier:          Bu6Z4cmBvof+Q19sXG8LD/VwV0jeRk/9Ot9ffYglwHk=
Subject key identifier:   6F:C5:A4:42:39:F4:53:83:C8:49:EF:36:82:14:F2:FA:56:91:0A:79
Certificate issuer:       /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial:       0661104B
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/b8WkQjn0U4PISe82ghTy-laRCnk.roa
Signing time:             Thu 06 Jan 2022 16:13:57 +0000
ROA not before:           Thu 06 Jan 2022 16:13:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.103.4.0/22 maxlen: 22
                          185.103.5.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107024459 (0x661104b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
        Validity
            Not Before: Jan  6 16:13:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6fc5a44239f45383c849ef368214f2fa56910a79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:aa:86:20:de:9b:61:bc:1c:ce:15:99:c4:8e:
                    89:02:df:c7:47:3e:66:c1:d6:00:a2:66:ec:a7:75:
                    41:15:06:ff:74:0c:4d:fb:3a:94:0b:b8:41:c7:1e:
                    bb:58:ec:5a:f2:f1:bb:81:6e:e3:66:25:1b:5f:54:
                    dd:f1:de:46:93:1c:6a:02:42:3f:00:18:5f:99:48:
                    62:c2:6f:c6:b0:b8:9b:27:06:e4:2e:12:31:fb:01:
                    d9:78:57:42:ce:ba:48:52:db:58:3f:b2:ba:55:83:
                    b7:36:43:ce:ec:58:9d:52:c1:bf:8b:65:b5:0d:d4:
                    93:74:2e:ff:77:36:92:26:c2:80:4e:e7:64:26:de:
                    a4:4c:8d:ed:8f:ce:68:53:36:f6:07:48:ea:6e:e8:
                    30:2b:12:4e:2d:a3:42:30:81:c4:72:36:3c:bb:80:
                    4d:4b:0f:65:3f:2b:a7:5e:ab:34:35:ab:04:47:bf:
                    22:9e:05:92:8d:34:38:af:5a:3a:1a:7a:c0:47:c0:
                    09:a5:0e:51:9c:47:e5:70:88:4d:bd:b0:17:4b:e0:
                    68:54:bc:33:7e:92:0a:d5:10:6d:76:ae:eb:78:11:
                    8a:fb:50:c4:b6:b5:1b:0e:0f:7d:62:09:8e:35:5a:
                    f2:86:f3:80:22:88:58:14:f8:30:33:cd:57:cd:fd:
                    74:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:C5:A4:42:39:F4:53:83:C8:49:EF:36:82:14:F2:FA:56:91:0A:79
            X509v3 Authority Key Identifier:
                keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/b8WkQjn0U4PISe82ghTy-laRCnk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.103.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5e:72:38:92:e5:ff:92:3f:b3:a9:1a:48:56:01:20:b2:a7:d1:
         9b:9a:f4:8e:c8:14:a2:76:1c:8b:59:00:fc:57:9f:b3:8a:e4:
         e1:6b:0e:ba:29:5b:87:47:5c:2f:5f:3e:f0:eb:4f:76:23:d3:
         c3:fc:1b:b1:07:e4:15:6e:14:86:71:a2:91:e5:5f:98:24:86:
         9b:44:9b:d4:96:19:2c:95:a0:65:ad:e9:c8:52:73:67:59:a1:
         df:93:a6:16:7b:95:db:a6:40:d1:e0:b2:48:98:9e:75:82:3e:
         1e:df:73:20:77:be:cb:cf:af:a9:eb:be:d7:c4:cd:d0:db:c9:
         aa:12:46:b8:43:d3:60:8b:74:e4:b0:c2:76:b8:43:7d:68:18:
         22:d6:2d:a2:d2:60:0b:ff:41:7d:2f:20:9c:bd:c0:d7:04:b1:
         34:3d:10:c5:4c:b0:ae:2a:56:f0:8b:91:e0:66:88:87:02:57:
         a8:ce:7b:60:48:09:1c:07:e7:c9:69:2b:9e:f8:f7:8a:a9:90:
         48:56:10:90:4a:f6:e9:84:5d:81:cd:19:6a:75:76:59:e8:2e:
         d1:ad:35:17:38:3d:07:28:15:10:8c:0b:d5:aa:48:bd:da:61:
         f1:7d:7e:4f:40:b6:65:35:96:1e:9d:53:e1:68:ab:c9:84:83:
         ba:eb:b0:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBmEQSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzIxOWVjNzM4M2ZhMDYxMDQ4MGRkZmE2MmMzZjgyYzQwMGNkNTZmMB4XDTIyMDEw
NjE2MTM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZjNWE0NDIzOWY0
NTM4M2M4NDllZjM2ODIxNGYyZmE1NjkxMGE3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmqhiDem2G8HM4VmcSOiQLfx0c+ZsHWAKJm7Kd1QRUG/3QM
Tfs6lAu4Qcceu1jsWvLxu4Fu42YlG19U3fHeRpMcagJCPwAYX5lIYsJvxrC4mycG
5C4SMfsB2XhXQs66SFLbWD+yulWDtzZDzuxYnVLBv4tltQ3Uk3Qu/3c2kibCgE7n
ZCbepEyN7Y/OaFM29gdI6m7oMCsSTi2jQjCBxHI2PLuATUsPZT8rp16rNDWrBEe/
Ip4Fko00OK9aOhp6wEfACaUOUZxH5XCITb2wF0vgaFS8M36SCtUQbXau63gRivtQ
xLa1Gw4PfWIJjjVa8obzgCKIWBT4MDPNV839dFMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRvxaRCOfRTg8hJ7zaCFPL6VpEKeTAfBgNVHSMEGDAWgBTXIZ7HOD+gYQSA
3fpiw/gsQAzVbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF5R2V4emdfb0dFRWdOMzZZc1A0TEVBTTFXOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvZmJmZmJjLWFiODItNDA1OC1iOGI3LWQwYzgyYTNjZjRiNi8x
L2I4V2tRam4wVTRQSVNlODJnaFR5LWxhUkNuay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
ZmJmZmJjLWFiODItNDA1OC1iOGI3LWQwYzgyYTNjZjRiNi8xLzF5R2V4emdfb0dF
RWdOMzZZc1A0TEVBTTFXOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlnBDANBgkqhkiG9w0BAQsFAAOC
AQEAXnI4kuX/kj+zqRpIVgEgsqfRm5r0jsgUonYci1kA/Fefs4rk4WsOuilbh0dc
L18+8OtPdiPTw/wbsQfkFW4UhnGikeVfmCSGm0Sb1JYZLJWgZa3pyFJzZ1mh35Om
FnuV26ZA0eCySJiedYI+Ht9zIHe+y8+vqeu+18TN0NvJqhJGuEPTYIt05LDCdrhD
fWgYItYtotJgC/9BfS8gnL3A1wSxND0QxUywripW8IuR4GaIhwJXqM57YEgJHAfn
yWkrnvj3iqmQSFYQkEr26YRdgc0ZanV2Wegu0a01Fzg9BygVEIwL1apIvdph8X1+
T0C2ZTWWHp1T4WiryYSDuuuw5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:39 2024 by rpki-client on console-ams.rpki-client.org