Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/4RCsguf2wL_vdJruu1rNtIbIIfo.roa
File:                     4RCsguf2wL_vdJruu1rNtIbIIfo.roa (raw, json)
Hash identifier:          8yEz+OztQxP1LuyLKvLC+mT9mBTNPEbTqhSp71XzeKA=
Subject key identifier:   E1:10:AC:82:E7:F6:C0:BF:EF:74:9A:EE:BB:5A:CD:B4:86:C8:21:FA
Certificate issuer:       /CN=d4bbed63091439823ed391a472536c0fcafe8957
Certificate serial:       40D877BB
Authority key identifier: D4:BB:ED:63:09:14:39:82:3E:D3:91:A4:72:53:6C:0F:CA:FE:89:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1LvtYwkUOYI-05GkclNsD8r-iVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/4RCsguf2wL_vdJruu1rNtIbIIfo.roa
Signing time:             Sat 01 Jan 2022 13:56:29 +0000
ROA not before:           Sat 01 Jan 2022 13:56:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29266
IP address blocks:        159.20.0.0/21 maxlen: 21
                          195.85.253.0/24 maxlen: 24
                          195.137.194.0/23 maxlen: 23
                          2a03:2180::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1087928251 (0x40d877bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4bbed63091439823ed391a472536c0fcafe8957
        Validity
            Not Before: Jan  1 13:56:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e110ac82e7f6c0bfef749aeebb5acdb486c821fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:5b:53:5a:0b:e3:5c:bf:b7:60:2d:c4:2b:01:
                    29:c0:8e:61:90:80:91:d1:91:c2:a9:2e:56:c8:73:
                    25:b3:c1:79:55:d1:bc:02:20:2c:89:86:4b:1d:00:
                    0e:ff:6a:11:76:e2:54:3a:44:da:cc:25:72:94:27:
                    43:ce:22:f4:a5:f3:67:d7:2d:82:b4:9c:ea:15:fa:
                    4d:20:ef:b4:85:1a:8c:db:86:d2:85:f1:8d:39:01:
                    c5:da:06:88:0b:47:f8:b8:71:af:58:c3:1d:58:a6:
                    e5:a2:c3:05:d5:07:0b:87:5b:7a:d9:39:4f:ad:66:
                    78:08:36:4a:ab:2d:1e:f3:25:62:d2:60:b5:46:1c:
                    3c:ba:5f:22:36:af:f4:e4:88:50:6e:d9:bc:67:19:
                    ea:e3:34:e6:aa:2e:5b:54:af:b8:0d:33:55:4c:74:
                    b4:8f:a0:ff:16:44:8c:e9:8d:e9:6e:6f:84:83:62:
                    fd:2e:a4:87:68:bc:26:df:13:da:36:66:08:3d:7a:
                    6a:7c:c6:22:48:25:63:49:23:56:93:87:af:f4:1b:
                    18:da:e0:2f:7d:f7:64:02:98:e7:a5:a3:51:f9:03:
                    44:eb:5a:3a:55:08:4b:5f:b9:db:ef:73:42:ba:00:
                    fd:17:45:8b:c1:ac:9a:6a:6f:6a:8f:44:5d:8c:30:
                    35:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:10:AC:82:E7:F6:C0:BF:EF:74:9A:EE:BB:5A:CD:B4:86:C8:21:FA
            X509v3 Authority Key Identifier:
                keyid:D4:BB:ED:63:09:14:39:82:3E:D3:91:A4:72:53:6C:0F:CA:FE:89:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LvtYwkUOYI-05GkclNsD8r-iVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/4RCsguf2wL_vdJruu1rNtIbIIfo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/1LvtYwkUOYI-05GkclNsD8r-iVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.20.0.0/21
                  195.85.253.0/24
                  195.137.194.0/23
                IPv6:
                  2a03:2180::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:4e:02:65:23:73:e7:ee:3b:cd:ff:11:49:79:77:dc:9a:58:
         11:87:2f:11:7a:ea:f7:5c:15:0f:b9:21:77:df:0e:69:9e:3a:
         0d:9a:a3:57:9a:1d:99:7a:83:a3:61:d2:bc:43:5a:5f:87:bb:
         fd:18:ff:f4:2f:47:9a:b4:b7:e2:ea:fc:4e:be:90:9d:3a:37:
         7b:c1:84:93:db:20:0a:68:50:00:ab:d2:12:96:d0:1e:c8:3b:
         b0:e3:f2:d3:b3:e8:8d:db:77:64:5d:2a:32:6e:07:d1:42:26:
         67:6b:fe:6c:7f:ee:06:c1:4c:7e:cd:52:38:04:26:87:22:0e:
         a2:1e:32:81:e4:3c:14:07:61:13:e0:07:45:d5:29:45:89:f6:
         4d:5f:91:82:8b:ae:47:3e:d3:2b:ab:4e:55:0f:67:a3:72:64:
         3d:f9:7a:4f:83:c7:39:4c:ac:3d:3c:17:07:1f:c2:cc:c6:f6:
         6c:d6:0c:2f:7f:88:a2:66:7b:d8:4c:6b:79:b9:52:29:fa:d6:
         69:9e:22:64:0b:3a:fa:f0:28:a6:dc:38:b4:ed:10:1e:d4:40:
         4e:b3:c7:f3:c6:25:87:c4:54:aa:1b:10:43:ac:fa:ea:05:a4:
         56:03:fb:85:3e:22:91:81:cd:50:7f:a6:ea:39:39:1b:78:71:
         06:8e:87:44
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEQNh3uzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGJiZWQ2MzA5MTQzOTgyM2VkMzkxYTQ3MjUzNmMwZmNhZmU4OTU3MB4XDTIyMDEw
MTEzNTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTExMGFjODJlN2Y2
YzBiZmVmNzQ5YWVlYmI1YWNkYjQ4NmM4MjFmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdbU1oL41y/t2AtxCsBKcCOYZCAkdGRwqkuVshzJbPBeVXR
vAIgLImGSx0ADv9qEXbiVDpE2swlcpQnQ84i9KXzZ9ctgrSc6hX6TSDvtIUajNuG
0oXxjTkBxdoGiAtH+Lhxr1jDHVim5aLDBdUHC4dbetk5T61meAg2SqstHvMlYtJg
tUYcPLpfIjav9OSIUG7ZvGcZ6uM05qouW1SvuA0zVUx0tI+g/xZEjOmN6W5vhINi
/S6kh2i8Jt8T2jZmCD16anzGIkglY0kjVpOHr/QbGNrgL333ZAKY56WjUfkDROta
OlUIS1+52+9zQroA/RdFi8Gsmmpvao9EXYwwNbECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBThEKyC5/bAv+90mu67Ws20hsgh+jAfBgNVHSMEGDAWgBTUu+1jCRQ5gj7T
kaRyU2wPyv6JVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFMdnRZd2tVT1lJLTA1R2tjbE5zRDhyLWlWYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvNzc1N2VkLWQwMjAtNDcxZi1iYmM1LTE3YmYyMDJlNWVlZS8x
LzRSQ3NndWYyd0xfdmRKcnV1MXJOdEliSUlmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
Nzc1N2VkLWQwMjAtNDcxZi1iYmM1LTE3YmYyMDJlNWVlZS8xLzFMdnRZd2tVT1lJ
LTA1R2tjbE5zRDhyLWlWYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA58UAAMEAMNV/QMEAcOJwjANBAIA
AjAHAwUAKgMhgDANBgkqhkiG9w0BAQsFAAOCAQEAaE4CZSNz5+47zf8RSXl33JpY
EYcvEXrq91wVD7khd98OaZ46DZqjV5odmXqDo2HSvENaX4e7/Rj/9C9HmrS34ur8
Tr6QnTo3e8GEk9sgCmhQAKvSEpbQHsg7sOPy07Pojdt3ZF0qMm4H0UImZ2v+bH/u
BsFMfs1SOAQmhyIOoh4ygeQ8FAdhE+AHRdUpRYn2TV+RgouuRz7TK6tOVQ9no3Jk
Pfl6T4PHOUysPTwXBx/CzMb2bNYML3+IomZ72ExreblSKfrWaZ4iZAs6+vAoptw4
tO0QHtRATrPH88Ylh8RUqhsQQ6z66gWkVgP7hT4ikYHNUH+m6jk5G3hxBo6HRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:47 2024 by rpki-client on console-ams.rpki-client.org