Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/S6GBlW5aNIWPZYeVO3AeKQFR4h8.roa
File:                     S6GBlW5aNIWPZYeVO3AeKQFR4h8.roa (raw, json)
Hash identifier:          Taon3b0MaNbvvTR2mNs6LtqsGAw53fLq0n562iGFGEw=
Subject key identifier:   4B:A1:81:95:6E:5A:34:85:8F:65:87:95:3B:70:1E:29:01:51:E2:1F
Certificate issuer:       /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial:       13E857D5
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/S6GBlW5aNIWPZYeVO3AeKQFR4h8.roa
Signing time:             Sat 01 Jan 2022 13:54:51 +0000
ROA not before:           Sat 01 Jan 2022 13:54:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        185.122.202.0/24 maxlen: 24
                          185.122.200.0/24 maxlen: 24
                          185.122.201.0/24 maxlen: 24
                          185.122.203.0/24 maxlen: 24
                          185.198.72.0/24 maxlen: 24
                          185.198.75.0/24 maxlen: 24
                          185.198.74.0/24 maxlen: 24
                          185.130.57.0/24 maxlen: 24
                          185.130.58.0/24 maxlen: 24
                          185.130.59.0/24 maxlen: 24
                          2a07:cd00::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 333993941 (0x13e857d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
        Validity
            Not Before: Jan  1 13:54:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4ba181956e5a34858f6587953b701e290151e21f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:34:20:fa:67:8d:f8:29:a7:f1:4d:8d:2d:d3:
                    b5:fa:c6:1f:5f:b5:22:8c:55:00:14:6e:ed:fa:d9:
                    3a:62:68:e0:37:6a:54:a9:c6:54:30:e7:dc:08:f4:
                    19:29:4a:e6:cf:83:ca:6c:f9:9d:83:0f:d5:a6:47:
                    8a:54:72:3c:8e:44:6d:fb:22:37:9c:61:b3:ca:2e:
                    c7:00:16:f1:1c:2c:03:34:d4:40:2e:98:f1:46:19:
                    54:03:3b:a6:31:85:96:13:22:de:c9:8f:57:d2:3b:
                    71:c0:98:f8:1a:fc:eb:68:88:42:c8:b7:ad:ad:9d:
                    05:03:4a:f2:8c:0d:8f:cd:1f:3b:f0:a3:34:2b:64:
                    23:98:de:d7:56:b7:66:79:55:42:bf:12:54:cc:99:
                    a3:72:81:41:94:8e:74:0f:46:2f:b0:28:53:be:31:
                    11:e8:f9:9b:3e:b1:fe:a0:a0:54:d5:98:5f:95:53:
                    07:2e:3c:33:67:51:92:99:78:c2:2f:2f:4f:1a:ad:
                    2a:fb:8d:5b:da:e2:cf:8e:ee:86:25:dd:2d:62:54:
                    0b:d0:99:21:d8:69:a0:46:5d:65:fd:76:7f:1a:1e:
                    2c:45:24:8e:10:21:96:52:bc:c8:4d:2b:b1:7e:9b:
                    31:80:e4:9f:97:fb:0f:d1:97:78:76:d2:03:bd:b6:
                    62:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:A1:81:95:6E:5A:34:85:8F:65:87:95:3B:70:1E:29:01:51:E2:1F
            X509v3 Authority Key Identifier:
                keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/S6GBlW5aNIWPZYeVO3AeKQFR4h8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.122.200.0/22
                  185.130.57.0-185.130.59.255
                  185.198.72.0/24
                  185.198.74.0/23
                IPv6:
                  2a07:cd00::/48

    Signature Algorithm: sha256WithRSAEncryption
         0e:86:9e:a0:65:ca:3c:c7:db:36:ec:76:bf:e4:90:d4:0a:ec:
         5b:0d:8c:8c:33:69:e5:fb:d6:37:fb:ea:48:15:38:2f:c7:1c:
         0a:69:71:a1:37:ae:35:21:f6:c3:db:d4:95:24:67:eb:eb:1a:
         28:d1:81:a9:84:ed:91:c9:89:d8:92:d9:e5:e8:11:80:fe:c6:
         a7:ac:e1:6a:60:23:cc:f2:6d:4b:ff:fc:49:72:a2:05:4b:03:
         ff:97:d6:6f:33:59:9e:52:e7:a4:1a:1a:76:c0:30:cf:fe:80:
         69:5d:4a:22:99:65:8d:5d:02:81:e4:d7:39:72:13:17:09:75:
         70:6e:50:86:8a:0e:4d:d2:0f:b6:73:15:1c:e3:3c:94:33:37:
         5d:37:9e:6c:d3:31:e1:48:ca:6d:43:6e:4e:3d:42:ae:dc:f2:
         da:e9:30:4b:b7:14:1e:be:69:93:c4:ab:ca:e8:a4:4d:a8:92:
         ad:80:03:9c:7e:dc:e3:db:32:d1:2e:78:62:66:1b:da:cf:9f:
         6c:e1:6a:be:0f:7f:2b:f2:a8:d3:03:cc:99:1f:89:67:5d:90:
         1e:59:9f:22:9c:b5:50:92:e4:be:bd:13:3c:2c:fd:e8:fc:d7:
         e9:0b:e2:c6:c6:3c:e6:86:51:f8:28:d7:09:ff:a9:4d:e1:e6:
         d4:ed:c8:a3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEE+hX1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MzFiY2UyZWU4MDZlOTM2MjExMTJkYmQ2MTg1MzZmNzc1ZjQ0ZmJhMB4XDTIyMDEw
MTEzNTQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJhMTgxOTU2ZTVh
MzQ4NThmNjU4Nzk1M2I3MDFlMjkwMTUxZTIxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN80IPpnjfgpp/FNjS3TtfrGH1+1IoxVABRu7frZOmJo4Ddq
VKnGVDDn3Aj0GSlK5s+Dymz5nYMP1aZHilRyPI5EbfsiN5xhs8ouxwAW8RwsAzTU
QC6Y8UYZVAM7pjGFlhMi3smPV9I7ccCY+Br862iIQsi3ra2dBQNK8owNj80fO/Cj
NCtkI5je11a3ZnlVQr8SVMyZo3KBQZSOdA9GL7AoU74xEej5mz6x/qCgVNWYX5VT
By48M2dRkpl4wi8vTxqtKvuNW9riz47uhiXdLWJUC9CZIdhpoEZdZf12fxoeLEUk
jhAhllK8yE0rsX6bMYDkn5f7D9GXeHbSA722YuUCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBRLoYGVblo0hY9lh5U7cB4pAVHiHzAfBgNVHSMEGDAWgBQzG84u6AbpNiER
Lb1hhTb3dfRPujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L014dk9MdWdHNlRZaEVTMjlZWVUyOTNYMFQ3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNGJhM2NhLWQ2ZmQtNDExNi05MTQ2LWFlYWMxNjIyN2MyNS8x
L1M2R0JsVzVhTklXUFpZZVZPM0FlS1FGUjRoOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NGJhM2NhLWQ2ZmQtNDExNi05MTQ2LWFlYWMxNjIyN2MyNS8xL014dk9MdWdHNlRZ
aEVTMjlZWVUyOTNYMFQ3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwJgQCAAEwIAMEArl6yDAMAwQAuYI5AwQCuYI4AwQA
ucZIAwQBucZKMA8EAgACMAkDBwAqB80AAAAwDQYJKoZIhvcNAQELBQADggEBAA6G
nqBlyjzH2zbsdr/kkNQK7FsNjIwzaeX71jf76kgVOC/HHAppcaE3rjUh9sPb1JUk
Z+vrGijRgamE7ZHJidiS2eXoEYD+xqes4WpgI8zybUv//ElyogVLA/+X1m8zWZ5S
56QaGnbAMM/+gGldSiKZZY1dAoHk1zlyExcJdXBuUIaKDk3SD7ZzFRzjPJQzN103
nmzTMeFIym1Dbk49Qq7c8trpMEu3FB6+aZPEq8ropE2okq2AA5x+3OPbMtEueGJm
G9rPn2zhar4PfyvyqNMDzJkfiWddkB5ZnyKctVCS5L69Ezws/ej81+kL4sbGPOaG
Ufgo1wn/qU3h5tTtyKM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:02 2024 by rpki-client on console-ams.rpki-client.org