Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/vjbI1iehneCs4ns630u-U1HlgHc.roa
File:                     vjbI1iehneCs4ns630u-U1HlgHc.roa (raw, json)
Hash identifier:          zU/GWHv64JLsdmHYM0+3AVjlsYWzOwIJ0MMHZo1XPFw=
Subject key identifier:   BE:36:C8:D6:27:A1:9D:E0:AC:E2:7B:3A:DF:4B:BE:53:51:E5:80:77
Certificate issuer:       /CN=a01746cf6bbdc8bd5666f306811bdffd216b1aa6
Certificate serial:       0183F00C321B8A4D06B7CD5EDECB52122762
Authority key identifier: A0:17:46:CF:6B:BD:C8:BD:56:66:F3:06:81:1B:DF:FD:21:6B:1A:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oBdGz2u9yL1WZvMGgRvf_SFrGqY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/vjbI1iehneCs4ns630u-U1HlgHc.roa
Signing time:             Wed 19 Oct 2022 11:41:14 +0000
ROA not before:           Wed 19 Oct 2022 11:41:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12935
IP address blocks:        185.173.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f0:0c:32:1b:8a:4d:06:b7:cd:5e:de:cb:52:12:27:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a01746cf6bbdc8bd5666f306811bdffd216b1aa6
        Validity
            Not Before: Oct 19 11:41:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=be36c8d627a19de0ace27b3adf4bbe5351e58077
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:67:fe:e4:63:ee:dd:85:bd:3b:f4:4a:ea:e2:
                    3f:24:d2:bc:72:d4:aa:46:c4:12:83:8f:b0:a5:3d:
                    c1:30:06:49:90:51:4b:d4:a9:ce:45:a8:0d:d6:a9:
                    a3:0f:18:2e:30:6a:6f:b3:b2:d5:15:d9:9b:87:37:
                    db:b0:ef:61:57:1c:7a:20:b0:d6:e5:d2:2e:2a:92:
                    90:d2:86:e5:7a:aa:f0:30:f8:62:90:97:ed:00:1d:
                    ff:a0:e7:47:54:8b:16:1c:9b:3a:47:a4:47:85:9c:
                    fd:8f:68:e0:30:bc:7e:18:c2:13:c4:12:39:81:b3:
                    1b:6d:f7:a2:15:3d:fc:99:b0:8b:6a:b4:a4:e5:93:
                    91:a2:0e:85:d2:08:94:a3:62:d0:a5:07:98:5f:f1:
                    a1:8f:0b:22:18:0c:85:50:10:32:67:b0:e6:ee:72:
                    b0:34:aa:f2:63:24:9c:17:98:30:c6:ff:5e:44:ea:
                    c9:fd:38:85:be:6a:56:c3:f6:2a:ed:e9:30:01:67:
                    d5:af:3d:e8:df:a9:51:50:71:0e:cf:3b:af:71:1e:
                    fd:e1:d3:f0:65:4a:c3:88:2f:be:b7:8f:f7:8e:1e:
                    45:03:87:0e:cb:56:6c:f2:31:97:c7:29:34:e2:93:
                    a2:08:a2:d0:c6:2f:c7:79:07:32:e5:22:a1:0d:45:
                    05:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:36:C8:D6:27:A1:9D:E0:AC:E2:7B:3A:DF:4B:BE:53:51:E5:80:77
            X509v3 Authority Key Identifier:
                keyid:A0:17:46:CF:6B:BD:C8:BD:56:66:F3:06:81:1B:DF:FD:21:6B:1A:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oBdGz2u9yL1WZvMGgRvf_SFrGqY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/vjbI1iehneCs4ns630u-U1HlgHc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/oBdGz2u9yL1WZvMGgRvf_SFrGqY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.173.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:69:44:57:59:43:aa:62:7a:55:76:70:16:b1:3d:fb:3e:55:
         b5:9b:1d:18:75:49:ab:87:1d:bf:13:f4:6c:3f:37:65:16:0f:
         c3:fa:a1:37:ca:08:e4:ff:53:78:3f:bb:76:55:25:77:57:50:
         f3:96:bc:d1:1f:e7:5f:79:fe:d5:13:aa:97:fe:81:25:d5:47:
         ae:fc:cd:a7:c6:c9:29:a0:d4:37:d3:1e:b5:7a:bd:a4:01:29:
         9e:08:10:1c:ba:7a:00:c0:71:2c:76:99:0a:fd:b1:34:79:37:
         65:f5:5e:9e:fc:9a:d3:50:83:36:75:7e:44:c7:f8:22:d1:bd:
         df:4c:7f:28:60:d6:05:7d:fb:51:f6:88:c7:72:dc:62:43:45:
         66:dc:ba:a3:6b:bb:77:19:ab:e0:46:37:92:53:e4:e1:16:1b:
         a7:a3:cd:ad:8c:a5:3b:11:a3:42:54:e3:82:34:38:d1:e3:31:
         f8:1f:dd:3e:fa:b2:9a:8f:11:33:46:a0:99:7f:54:73:62:37:
         25:8f:b1:9a:34:af:20:e1:13:1d:27:49:b4:53:35:e9:cf:0f:
         27:31:ee:ee:3d:4d:20:dd:90:8b:42:2d:0e:75:e5:b6:47:f2:
         f3:b8:fc:73:86:41:fd:ff:4a:d1:f5:2c:84:03:1f:70:0a:93:
         0b:91:30:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPwDDIbik0Gt81e3stSEidiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMTc0NmNmNmJiZGM4YmQ1NjY2ZjMwNjgxMWJkZmZkMjE2
YjFhYTYwHhcNMjIxMDE5MTE0MTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTM2YzhkNjI3YTE5ZGUwYWNlMjdiM2FkZjRiYmU1MzUxZTU4MDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWf+5GPu3YW9O/RK6uI/JNK8ctSq
RsQSg4+wpT3BMAZJkFFL1KnORagN1qmjDxguMGpvs7LVFdmbhzfbsO9hVxx6ILDW
5dIuKpKQ0obleqrwMPhikJftAB3/oOdHVIsWHJs6R6RHhZz9j2jgMLx+GMITxBI5
gbMbbfeiFT38mbCLarSk5ZORog6F0giUo2LQpQeYX/GhjwsiGAyFUBAyZ7Dm7nKw
NKryYyScF5gwxv9eROrJ/TiFvmpWw/Yq7ekwAWfVrz3o36lRUHEOzzuvcR794dPw
ZUrDiC++t4/3jh5FA4cOy1Zs8jGXxyk04pOiCKLQxi/HeQcy5SKhDUUFvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL42yNYnoZ3grOJ7Ot9LvlNR5YB3MB8GA1UdIwQY
MBaAFKAXRs9rvci9VmbzBoEb3/0haxqmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0JkR3oydTl5TDFXWnZNR2dSdmZfU0ZyR3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNzY0Y2UtMTJhZS00MWI1LTgxYjYt
MDJhYmE1ZDFiM2E0LzEvdmpiSTFpZWhuZUNzNG5zNjMwdS1VMUhsZ0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNzY0Y2UtMTJhZS00MWI1LTgxYjYtMDJhYmE1ZDFiM2E0
LzEvb0JkR3oydTl5TDFXWnZNR2dSdmZfU0ZyR3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua0EMA0G
CSqGSIb3DQEBCwUAA4IBAQCUaURXWUOqYnpVdnAWsT37PlW1mx0YdUmrhx2/E/Rs
PzdlFg/D+qE3ygjk/1N4P7t2VSV3V1DzlrzRH+dfef7VE6qX/oEl1Ueu/M2nxskp
oNQ30x61er2kASmeCBAcunoAwHEsdpkK/bE0eTdl9V6e/JrTUIM2dX5Ex/gi0b3f
TH8oYNYFfftR9ojHctxiQ0Vm3Lqja7t3GavgRjeSU+ThFhuno82tjKU7EaNCVOOC
NDjR4zH4H90++rKajxEzRqCZf1RzYjclj7GaNK8g4RMdJ0m0UzXpzw8nMe7uPU0g
3ZCLQi0OdeW2R/LzuPxzhkH9/0rR9SyEAx9wCpMLkTDS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:43 2024 by rpki-client on console-fra.rpki-client.org