Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/6ca5b6-c423-4b54-9655-7c5964990397/1/zW2lPv-ON2HLfvIqDU5XDpeCS3E.roa
File:                     zW2lPv-ON2HLfvIqDU5XDpeCS3E.roa (raw, json)
Hash identifier:          6B/nVM9w2768hf04VD70Bt3VjNIVFFB6HaE5JijinsM=
Subject key identifier:   CD:6D:A5:3E:FF:8E:37:61:CB:7E:F2:2A:0D:4E:57:0E:97:82:4B:71
Certificate issuer:       /CN=a036af22669183ba26f23976530e349b34651968
Certificate serial:       06AEE893
Authority key identifier: A0:36:AF:22:66:91:83:BA:26:F2:39:76:53:0E:34:9B:34:65:19:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oDavImaRg7om8jl2Uw40mzRlGWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/6ca5b6-c423-4b54-9655-7c5964990397/1/zW2lPv-ON2HLfvIqDU5XDpeCS3E.roa
Signing time:             Sat 01 Jan 2022 15:55:13 +0000
ROA not before:           Sat 01 Jan 2022 15:55:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199757
IP address blocks:        185.39.19.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112126099 (0x6aee893)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a036af22669183ba26f23976530e349b34651968
        Validity
            Not Before: Jan  1 15:55:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cd6da53eff8e3761cb7ef22a0d4e570e97824b71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3a:27:ab:49:8d:cc:44:f6:a8:6e:79:d2:06:
                    73:af:48:f5:3a:ab:2a:9b:43:69:4a:8c:a5:ff:f6:
                    4a:50:63:a3:f0:3b:28:1a:42:c6:7a:e5:b0:bf:9e:
                    dd:18:6c:ef:1a:6e:f3:4f:17:a5:b8:8d:77:67:18:
                    74:cf:29:fe:42:c8:61:c5:e7:e6:66:50:f2:46:00:
                    98:b5:a6:cc:66:4a:bc:39:7b:e3:32:4c:76:9a:84:
                    eb:04:e7:b0:5a:c2:a0:a9:c0:19:e3:58:3a:3b:ae:
                    69:22:61:78:0a:be:5a:f0:aa:8d:81:06:a1:7d:0b:
                    69:d7:96:14:3d:09:d8:29:ef:95:bc:59:4a:04:44:
                    55:02:4a:0d:b2:28:3f:56:1f:ba:54:f9:6c:a7:ec:
                    2c:af:4a:70:1f:aa:57:b1:6b:02:58:b7:8c:7a:8c:
                    89:29:50:16:a4:e5:c3:62:0d:66:11:39:b5:f6:77:
                    16:58:ba:66:a0:79:89:65:8d:51:a7:85:31:33:09:
                    3b:00:b2:0c:6d:29:bd:47:0e:a5:84:8f:bc:90:73:
                    52:1d:51:13:8d:71:65:e2:9c:09:eb:be:9a:43:96:
                    87:7c:7e:e9:43:75:c3:0a:18:86:0f:fa:17:c4:ae:
                    9f:86:56:85:bb:99:19:c6:08:7b:ca:df:fa:26:7f:
                    6d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:6D:A5:3E:FF:8E:37:61:CB:7E:F2:2A:0D:4E:57:0E:97:82:4B:71
            X509v3 Authority Key Identifier:
                keyid:A0:36:AF:22:66:91:83:BA:26:F2:39:76:53:0E:34:9B:34:65:19:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oDavImaRg7om8jl2Uw40mzRlGWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/6ca5b6-c423-4b54-9655-7c5964990397/1/zW2lPv-ON2HLfvIqDU5XDpeCS3E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/6ca5b6-c423-4b54-9655-7c5964990397/1/oDavImaRg7om8jl2Uw40mzRlGWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.39.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:e3:e2:95:34:de:d3:9e:fd:f7:93:41:01:2b:84:3b:99:b8:
         20:e2:60:97:52:2f:06:a6:4e:4e:d2:28:4c:2a:72:4c:74:6e:
         71:c0:71:58:26:fd:02:03:5c:e9:0b:ed:49:25:d2:d2:be:92:
         8f:d9:28:0f:c5:45:71:9e:24:f9:3a:10:a1:4f:07:2c:93:4c:
         d7:9a:03:f6:c7:ac:88:79:85:06:a8:55:13:20:5d:56:6f:bb:
         a1:de:99:3c:b0:20:d6:88:cd:4a:f9:2d:e8:5b:cd:75:01:f7:
         eb:54:36:fc:82:b6:f4:7a:1b:3f:e4:19:79:2f:21:45:eb:cf:
         84:d8:62:19:a5:51:10:81:1f:84:c9:b4:32:54:60:f3:ce:ae:
         73:e3:1a:a2:b2:22:06:f7:37:3e:f6:93:c5:45:2f:62:65:e1:
         ad:33:a7:16:1f:83:53:d3:88:b1:f2:3c:ed:1d:05:de:76:94:
         90:75:06:bf:ca:ef:7d:32:ae:5d:e0:4a:bc:08:68:1a:98:04:
         8c:2d:27:a1:49:19:19:4f:74:39:83:15:3a:2f:8d:49:1a:25:
         b3:d0:b2:17:ee:3d:de:10:1b:1e:94:d3:a1:e6:df:62:e1:f5:
         5d:30:15:a1:2f:2e:e3:9f:0d:68:49:19:c8:9d:f2:77:5e:02:
         58:3d:55:c7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBq7okzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDM2YWYyMjY2OTE4M2JhMjZmMjM5NzY1MzBlMzQ5YjM0NjUxOTY4MB4XDTIyMDEw
MTE1NTUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q2ZGE1M2VmZjhl
Mzc2MWNiN2VmMjJhMGQ0ZTU3MGU5NzgyNGI3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ06J6tJjcxE9qhuedIGc69I9TqrKptDaUqMpf/2SlBjo/A7
KBpCxnrlsL+e3Rhs7xpu808XpbiNd2cYdM8p/kLIYcXn5mZQ8kYAmLWmzGZKvDl7
4zJMdpqE6wTnsFrCoKnAGeNYOjuuaSJheAq+WvCqjYEGoX0LadeWFD0J2CnvlbxZ
SgREVQJKDbIoP1YfulT5bKfsLK9KcB+qV7FrAli3jHqMiSlQFqTlw2INZhE5tfZ3
Fli6ZqB5iWWNUaeFMTMJOwCyDG0pvUcOpYSPvJBzUh1RE41xZeKcCeu+mkOWh3x+
6UN1wwoYhg/6F8Sun4ZWhbuZGcYIe8rf+iZ/beMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTNbaU+/443Yct+8ioNTlcOl4JLcTAfBgNVHSMEGDAWgBSgNq8iZpGDuiby
OXZTDjSbNGUZaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29EYXZJbWFSZzdvbThqbDJVdzQwbXpSbEdXZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvNmNhNWI2LWM0MjMtNGI1NC05NjU1LTdjNTk2NDk5MDM5Ny8x
L3pXMmxQdi1PTjJITGZ2SXFEVTVYRHBlQ1MzRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
NmNhNWI2LWM0MjMtNGI1NC05NjU1LTdjNTk2NDk5MDM5Ny8xL29EYXZJbWFSZzdv
bThqbDJVdzQwbXpSbEdXZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALknEzANBgkqhkiG9w0BAQsFAAOC
AQEAK+PilTTe057995NBASuEO5m4IOJgl1IvBqZOTtIoTCpyTHRuccBxWCb9AgNc
6QvtSSXS0r6Sj9koD8VFcZ4k+ToQoU8HLJNM15oD9sesiHmFBqhVEyBdVm+7od6Z
PLAg1ojNSvkt6FvNdQH361Q2/IK29HobP+QZeS8hRevPhNhiGaVREIEfhMm0MlRg
886uc+MaorIiBvc3PvaTxUUvYmXhrTOnFh+DU9OIsfI87R0F3naUkHUGv8rvfTKu
XeBKvAhoGpgEjC0noUkZGU90OYMVOi+NSRols9CyF+493hAbHpTToebfYuH1XTAV
oS8u458NaEkZyJ3yd14CWD1Vxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:45 2024 by rpki-client on console-ams.rpki-client.org