Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/IRs-TJ9blQWhNow7_Go5ozwAd6c.roa
File:                     IRs-TJ9blQWhNow7_Go5ozwAd6c.roa (raw, json)
Hash identifier:          EnXb/lSktgJnsvOjOY5IKt0C9X4+rwuyOvW53IplG/Q=
Subject key identifier:   21:1B:3E:4C:9F:5B:95:05:A1:36:8C:3B:FC:6A:39:A3:3C:00:77:A7
Certificate issuer:       /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial:       0183996493848CADC01886418796AA3330BC
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/IRs-TJ9blQWhNow7_Go5ozwAd6c.roa
Signing time:             Sun 02 Oct 2022 15:50:48 +0000
ROA not before:           Sun 02 Oct 2022 15:50:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59432
IP address blocks:        185.126.134.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:99:64:93:84:8c:ad:c0:18:86:41:87:96:aa:33:30:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
        Validity
            Not Before: Oct  2 15:50:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=211b3e4c9f5b9505a1368c3bfc6a39a33c0077a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a9:62:ce:02:97:a0:d3:94:8b:9e:aa:19:20:
                    a9:cf:0e:82:06:2e:81:b4:2d:14:96:cc:1f:88:6e:
                    15:61:0d:d6:71:7e:57:eb:8b:e1:f1:65:41:2e:fe:
                    49:e8:96:73:4f:38:16:e8:c3:0d:39:07:76:89:a5:
                    de:87:24:10:f5:7f:e4:31:85:64:86:99:2d:16:28:
                    bd:5a:ff:90:e4:b2:bc:0b:f3:db:57:f1:eb:48:8e:
                    c7:ef:d1:a4:9a:2e:3a:07:8d:69:75:88:ed:26:d9:
                    3d:9b:69:e7:37:32:e0:51:5d:cf:cc:e9:b9:80:0a:
                    66:58:29:94:68:ca:36:d8:0d:2d:00:10:00:37:3b:
                    77:ff:b4:fd:6e:c5:94:f3:3b:71:a2:7d:0f:fa:7b:
                    33:41:a1:9c:48:d7:d9:b2:72:36:7b:80:7c:66:e0:
                    f1:d6:86:b0:f7:38:b0:cd:9e:06:bd:f5:fd:91:c8:
                    3b:90:3a:07:db:02:c7:69:cd:1d:72:aa:61:cd:a7:
                    8a:94:3b:95:56:4b:83:af:e5:5a:6d:7b:5f:d1:5f:
                    40:23:e6:4e:97:1a:12:7c:2f:8d:7b:05:d4:45:83:
                    80:25:2b:29:7c:2b:e5:63:8b:1a:f4:ca:38:d8:1a:
                    49:42:54:14:f5:bb:db:f4:d4:bf:83:bf:72:51:da:
                    53:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:1B:3E:4C:9F:5B:95:05:A1:36:8C:3B:FC:6A:39:A3:3C:00:77:A7
            X509v3 Authority Key Identifier:
                keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/IRs-TJ9blQWhNow7_Go5ozwAd6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.126.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:3a:52:88:b7:94:78:a2:96:7a:af:9f:7e:eb:60:67:e0:25:
         29:71:4a:0f:7e:62:95:d4:de:38:e4:b1:c6:71:4b:dd:bc:09:
         57:84:31:c4:ad:36:e9:68:de:1e:1a:7a:72:4c:32:da:b0:57:
         92:9b:9c:17:47:80:5e:8b:ad:e3:b4:ef:95:da:3d:d6:ac:bd:
         10:4e:3d:ae:9c:ed:3c:4f:06:59:59:55:00:c7:37:0e:26:ef:
         6c:a3:fc:b2:3a:7e:4d:a1:4b:86:da:53:02:69:8e:1e:b0:7e:
         d3:8c:b1:ce:e9:19:a0:a6:8c:24:32:03:23:92:bf:38:be:8c:
         7e:96:db:32:66:79:a7:6b:c0:7a:9a:8c:67:ba:3d:dc:ac:3f:
         1f:b6:bc:f1:29:81:fc:57:92:1f:86:b8:9a:f1:56:82:e9:f3:
         09:01:1a:82:09:13:92:e6:e0:08:a8:0c:10:d7:79:98:32:ce:
         cc:26:8a:8d:9e:c1:0f:43:6b:dd:9b:8d:50:78:a2:6f:9f:81:
         12:55:70:29:f3:4a:d8:f4:99:8d:56:70:e7:e4:db:2c:43:d6:
         0a:5d:a8:fc:f0:19:3c:eb:50:26:7a:70:1d:e2:aa:4d:7e:c7:
         94:d7:af:c6:05:42:9d:43:c5:e3:75:1e:17:8b:cf:c6:11:93:
         d9:16:2f:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOZZJOEjK3AGIZBh5aqMzC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjIxMDAyMTU1MDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTFiM2U0YzlmNWI5NTA1YTEzNjhjM2JmYzZhMzlhMzNjMDA3N2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6lizgKXoNOUi56qGSCpzw6CBi6B
tC0UlswfiG4VYQ3WcX5X64vh8WVBLv5J6JZzTzgW6MMNOQd2iaXehyQQ9X/kMYVk
hpktFii9Wv+Q5LK8C/PbV/HrSI7H79Gkmi46B41pdYjtJtk9m2nnNzLgUV3PzOm5
gApmWCmUaMo22A0tABAANzt3/7T9bsWU8ztxon0P+nszQaGcSNfZsnI2e4B8ZuDx
1oaw9ziwzZ4GvfX9kcg7kDoH2wLHac0dcqphzaeKlDuVVkuDr+VabXtf0V9AI+ZO
lxoSfC+NewXURYOAJSspfCvlY4sa9Mo42BpJQlQU9bvb9NS/g79yUdpTwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEbPkyfW5UFoTaMO/xqOaM8AHenMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvSVJzLVRKOWJsUVdoTm93N19HbzVvendBZDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX6GMA0G
CSqGSIb3DQEBCwUAA4IBAQCMOlKIt5R4opZ6r59+62Bn4CUpcUoPfmKV1N445LHG
cUvdvAlXhDHErTbpaN4eGnpyTDLasFeSm5wXR4Bei63jtO+V2j3WrL0QTj2unO08
TwZZWVUAxzcOJu9so/yyOn5NoUuG2lMCaY4esH7TjLHO6RmgpowkMgMjkr84vox+
ltsyZnmna8B6moxnuj3crD8ftrzxKYH8V5Ifhria8VaC6fMJARqCCROS5uAIqAwQ
13mYMs7MJoqNnsEPQ2vdm41QeKJvn4ESVXAp80rY9JmNVnDn5NssQ9YKXaj88Bk8
61AmenAd4qpNfseU16/GBUKdQ8XjdR4Xi8/GEZPZFi8m
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:38 2024 by rpki-client on console-ams.rpki-client.org