Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bgRQlU-pPfBnVo4gOsAl4HTQQuQ.roa
File:                     bgRQlU-pPfBnVo4gOsAl4HTQQuQ.roa (raw, json)
Hash identifier:          8NPrwCgHmGUFj+9F2GiUOJB7IB0mItnI4LK8Gt7VxiE=
Subject key identifier:   6E:04:50:95:4F:A9:3D:F0:67:56:8E:20:3A:C0:25:E0:74:D0:42:E4
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       070882B5
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bgRQlU-pPfBnVo4gOsAl4HTQQuQ.roa
Signing time:             Sat 01 Jan 2022 03:54:13 +0000
ROA not before:           Sat 01 Jan 2022 03:54:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208139
IP address blocks:        185.200.61.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117998261 (0x70882b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan  1 03:54:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e0450954fa93df067568e203ac025e074d042e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:fe:2b:ef:e9:fe:3a:41:22:6c:27:07:3d:97:
                    82:6c:de:a2:69:e0:07:5a:6d:54:ab:d3:9f:c2:c7:
                    4b:cb:6c:8e:42:b6:46:02:2f:ce:fd:6f:5c:96:57:
                    50:9c:bd:cd:be:c9:83:d5:06:5d:9e:e0:19:2a:20:
                    f2:74:33:62:ea:ed:51:bf:ca:bd:12:ba:21:66:f9:
                    a0:e8:f7:50:5b:83:60:ec:72:d8:00:0a:c1:d6:ff:
                    76:7e:eb:88:fc:b9:7c:00:d1:33:18:75:9e:02:e4:
                    23:36:3f:ca:ef:dd:25:d0:a5:23:f1:1e:db:9e:89:
                    5c:40:dc:7b:e1:ec:cf:3b:17:03:7b:c4:e1:28:ee:
                    40:58:aa:21:b5:e0:49:38:16:13:92:34:38:22:38:
                    00:66:70:f2:6b:70:a8:6d:55:79:59:9f:49:3d:89:
                    60:d9:02:4a:4c:68:92:ff:dc:27:06:25:21:d2:ef:
                    1f:3c:7f:bd:30:65:db:3a:64:3a:5c:39:a6:e7:a5:
                    0a:a9:dc:35:03:42:2b:25:81:ab:bb:6c:69:1f:de:
                    b1:bb:18:35:32:10:d8:e7:04:18:bb:56:6c:ec:b8:
                    be:64:c7:e8:af:c7:e0:a3:00:da:76:5c:9e:00:95:
                    59:2a:74:55:a1:67:c3:58:92:09:f8:10:34:6a:5b:
                    d3:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:04:50:95:4F:A9:3D:F0:67:56:8E:20:3A:C0:25:E0:74:D0:42:E4
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bgRQlU-pPfBnVo4gOsAl4HTQQuQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.200.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:93:bd:c3:35:f6:90:4d:3e:62:ed:9b:2e:89:f9:b5:52:d0:
         02:95:f3:81:85:4e:66:d1:b2:d8:38:0e:8c:20:22:a6:9a:2d:
         68:f9:01:54:fc:50:ad:a2:4a:d7:79:3b:23:9b:07:e3:7d:04:
         25:11:2d:2a:88:e4:70:49:a4:2a:18:63:04:86:29:b0:99:93:
         fc:de:48:5e:0a:b1:20:59:22:aa:3d:e5:c9:3e:f4:cf:da:ab:
         25:1e:c9:e9:59:bf:a1:30:0b:b3:44:76:af:8b:ee:5c:91:7e:
         a5:f0:41:27:c6:9e:d7:72:0c:d3:56:6c:3c:a0:bc:62:4b:29:
         bd:5f:7d:95:6a:36:3c:34:2f:a7:a6:57:f2:dd:09:68:6d:c3:
         3b:20:a7:03:5e:d4:f7:2d:26:29:c3:78:1f:20:b8:9d:af:52:
         51:e4:48:8d:e1:e7:42:ec:45:7c:97:0a:a2:4a:ea:04:76:48:
         ce:d6:50:25:9b:f9:b1:db:93:83:9e:66:55:41:10:7b:87:28:
         e5:f5:e2:cb:16:94:b5:6a:49:99:bb:aa:79:76:cc:4b:04:7e:
         5f:07:83:ea:81:a2:9a:e0:0c:77:14:d0:32:20:cd:29:52:21:
         82:29:3c:c9:a8:5d:84:db:67:47:3d:ac:a2:d7:be:81:ce:2d:
         cf:6c:3b:72
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBwiCtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDEw
MTAzNTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmUwNDUwOTU0ZmE5
M2RmMDY3NTY4ZTIwM2FjMDI1ZTA3NGQwNDJlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANP+K+/p/jpBImwnBz2XgmzeomngB1ptVKvTn8LHS8tsjkK2
RgIvzv1vXJZXUJy9zb7Jg9UGXZ7gGSog8nQzYurtUb/KvRK6IWb5oOj3UFuDYOxy
2AAKwdb/dn7riPy5fADRMxh1ngLkIzY/yu/dJdClI/Ee256JXEDce+HszzsXA3vE
4SjuQFiqIbXgSTgWE5I0OCI4AGZw8mtwqG1VeVmfST2JYNkCSkxokv/cJwYlIdLv
Hzx/vTBl2zpkOlw5puelCqncNQNCKyWBq7tsaR/esbsYNTIQ2OcEGLtWbOy4vmTH
6K/H4KMA2nZcngCVWSp0VaFnw1iSCfgQNGpb0xkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRuBFCVT6k98GdWjiA6wCXgdNBC5DAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L2JnUlFsVS1wUGZCblZvNGdPc0FsNEhUUVF1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnIPTANBgkqhkiG9w0BAQsFAAOC
AQEAgJO9wzX2kE0+Yu2bLon5tVLQApXzgYVOZtGy2DgOjCAippotaPkBVPxQraJK
13k7I5sH430EJREtKojkcEmkKhhjBIYpsJmT/N5IXgqxIFkiqj3lyT70z9qrJR7J
6Vm/oTALs0R2r4vuXJF+pfBBJ8ae13IM01ZsPKC8YkspvV99lWo2PDQvp6ZX8t0J
aG3DOyCnA17U9y0mKcN4HyC4na9SUeRIjeHnQuxFfJcKokrqBHZIztZQJZv5sduT
g55mVUEQe4co5fXiyxaUtWpJmbuqeXbMSwR+XweD6oGimuAMdxTQMiDNKVIhgik8
yahdhNtnRz2sote+gc4tz2w7cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org