Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/48f964-a431-4de6-99ce-84ee488566f1/1/bhXt06x_NW9Ft2OPzgOO8lJeQQw.roa
File:                     bhXt06x_NW9Ft2OPzgOO8lJeQQw.roa (raw, json)
Hash identifier:          LJv+RfF4uDK1ef5leKNrrx1XBc/3bf5HxE/qiJwF138=
Subject key identifier:   6E:15:ED:D3:AC:7F:35:6F:45:B7:63:8F:CE:03:8E:F2:52:5E:41:0C
Certificate issuer:       /CN=06785117986adaa437bec30a2bf9f157a9257df2
Certificate serial:       018409ED53808089AF14F7A5F24E2B0DC8D1
Authority key identifier: 06:78:51:17:98:6A:DA:A4:37:BE:C3:0A:2B:F9:F1:57:A9:25:7D:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BnhRF5hq2qQ3vsMKK_nxV6klffI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/48f964-a431-4de6-99ce-84ee488566f1/1/bhXt06x_NW9Ft2OPzgOO8lJeQQw.roa
Signing time:             Mon 24 Oct 2022 12:17:39 +0000
ROA not before:           Mon 24 Oct 2022 12:17:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56327
IP address blocks:        185.219.224.0/22 maxlen: 22
                          2a0f:78c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:09:ed:53:80:80:89:af:14:f7:a5:f2:4e:2b:0d:c8:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06785117986adaa437bec30a2bf9f157a9257df2
        Validity
            Not Before: Oct 24 12:17:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e15edd3ac7f356f45b7638fce038ef2525e410c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:77:6d:d7:3f:e6:6f:be:0a:ec:b9:70:53:e5:
                    65:e7:2f:01:d7:d9:f3:f4:35:e4:cf:89:5e:a4:59:
                    36:b7:6a:2b:ff:b7:f5:2b:c2:c7:a6:25:e0:92:c0:
                    67:91:02:4b:ab:54:51:f5:e4:f1:f4:5c:42:f1:dd:
                    05:86:a3:6e:b8:21:f2:3c:fd:6b:51:34:0d:b7:35:
                    56:d4:25:34:49:11:b8:ac:14:20:33:43:cd:61:22:
                    ed:68:7f:9d:05:80:b6:22:76:9a:5b:e7:e8:eb:0a:
                    d6:da:db:9c:5b:7f:e5:14:90:d2:dc:3c:59:fa:c8:
                    f6:e8:26:9a:18:95:30:2c:69:f6:4e:80:6a:f4:df:
                    86:f0:37:66:b7:6b:54:93:b9:e8:8c:b7:e5:a8:08:
                    9b:13:8a:54:ea:04:f0:f7:f3:28:20:6b:da:61:2b:
                    7b:01:9f:7f:c5:e7:f4:0c:23:5c:99:09:94:15:79:
                    39:0f:d5:fd:f8:0a:ff:91:ed:ee:0a:7f:71:60:ec:
                    75:90:3a:83:93:2a:a3:5f:b2:94:e1:fa:fd:30:17:
                    c9:1d:5c:e7:70:7d:42:83:fd:d7:4d:05:6f:93:20:
                    ab:67:f1:97:1c:26:26:2c:99:8e:b6:14:04:98:b5:
                    87:54:bf:a3:a0:07:82:2e:e9:e8:e2:f9:db:1b:f7:
                    a4:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:15:ED:D3:AC:7F:35:6F:45:B7:63:8F:CE:03:8E:F2:52:5E:41:0C
            X509v3 Authority Key Identifier:
                keyid:06:78:51:17:98:6A:DA:A4:37:BE:C3:0A:2B:F9:F1:57:A9:25:7D:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnhRF5hq2qQ3vsMKK_nxV6klffI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/48f964-a431-4de6-99ce-84ee488566f1/1/bhXt06x_NW9Ft2OPzgOO8lJeQQw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/48f964-a431-4de6-99ce-84ee488566f1/1/BnhRF5hq2qQ3vsMKK_nxV6klffI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.219.224.0/22
                IPv6:
                  2a0f:78c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         e9:70:f3:8e:05:14:69:0c:31:10:1c:17:30:b3:48:12:79:e0:
         da:cb:45:b8:e3:4d:8c:2a:45:90:72:8f:37:ce:ae:5c:9c:e5:
         e0:01:83:48:bf:b5:15:9a:da:2b:75:23:be:a8:84:fd:e1:46:
         f3:52:93:44:f2:f0:59:b3:31:5b:4b:54:1a:6e:e5:61:06:7b:
         11:ae:76:4f:9d:63:63:fa:af:88:0c:16:ad:6a:2a:e0:e4:f5:
         9b:78:9f:90:b6:a4:44:49:26:cb:24:15:d6:52:eb:0b:ed:00:
         df:16:45:fe:db:39:f9:92:b2:8e:40:4a:18:6f:fc:4d:8c:6e:
         8d:35:a4:8d:da:9c:90:67:b0:bd:96:df:d8:5d:9e:dd:bf:92:
         b0:44:fb:1e:b7:5e:9f:76:07:35:4d:b9:3a:fb:a2:f3:b7:da:
         8c:de:fc:d4:86:af:ba:16:c3:46:dc:9d:d6:0b:63:de:12:92:
         5f:62:8c:81:21:35:c0:06:f2:62:80:a2:5d:57:8a:71:e9:c0:
         4d:82:e5:fb:63:c0:e7:aa:29:bb:fc:bd:c2:61:84:30:cc:a9:
         35:a3:01:b6:c3:f4:86:e5:b1:2b:c5:0a:2e:89:e2:cd:fb:fe:
         b5:82:1a:e1:d7:a4:62:4a:e4:2f:5e:f5:77:d2:d1:fe:c6:59:
         00:0a:6e:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQJ7VOAgImvFPel8k4rDcjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2Nzg1MTE3OTg2YWRhYTQzN2JlYzMwYTJiZjlmMTU3YTky
NTdkZjIwHhcNMjIxMDI0MTIxNzM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE1ZWRkM2FjN2YzNTZmNDViNzYzOGZjZTAzOGVmMjUyNWU0MTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHdt1z/mb74K7LlwU+Vl5y8B19nz
9DXkz4lepFk2t2or/7f1K8LHpiXgksBnkQJLq1RR9eTx9FxC8d0FhqNuuCHyPP1r
UTQNtzVW1CU0SRG4rBQgM0PNYSLtaH+dBYC2InaaW+fo6wrW2tucW3/lFJDS3DxZ
+sj26CaaGJUwLGn2ToBq9N+G8Ddmt2tUk7nojLflqAibE4pU6gTw9/MoIGvaYSt7
AZ9/xef0DCNcmQmUFXk5D9X9+Ar/ke3uCn9xYOx1kDqDkyqjX7KU4fr9MBfJHVzn
cH1Cg/3XTQVvkyCrZ/GXHCYmLJmOthQEmLWHVL+joAeCLuno4vnbG/ek8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG4V7dOsfzVvRbdjj84DjvJSXkEMMB8GA1UdIwQY
MBaAFAZ4UReYatqkN77DCiv58VepJX3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5oUkY1aHEycVEzdnNNS0tfbnhWNmtsZmZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80OGY5NjQtYTQzMS00ZGU2LTk5Y2Ut
ODRlZTQ4ODU2NmYxLzEvYmhYdDA2eF9OVzlGdDJPUHpnT084bEplUVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80OGY5NjQtYTQzMS00ZGU2LTk5Y2UtODRlZTQ4ODU2NmYx
LzEvQm5oUkY1aHEycVEzdnNNS0tfbnhWNmtsZmZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudvgMA0E
AgACMAcDBQMqD3jAMA0GCSqGSIb3DQEBCwUAA4IBAQDpcPOOBRRpDDEQHBcws0gS
eeDay0W4402MKkWQco83zq5cnOXgAYNIv7UVmtordSO+qIT94UbzUpNE8vBZszFb
S1QabuVhBnsRrnZPnWNj+q+IDBatairg5PWbeJ+QtqRESSbLJBXWUusL7QDfFkX+
2zn5krKOQEoYb/xNjG6NNaSN2pyQZ7C9lt/YXZ7dv5KwRPset16fdgc1Tbk6+6Lz
t9qM3vzUhq+6FsNG3J3WC2PeEpJfYoyBITXABvJigKJdV4px6cBNguX7Y8Dnqim7
/L3CYYQwzKk1owG2w/SG5bErxQouieLN+/61ghrh16RiSuQvXvV30tH+xlkACm7J
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:12 2024 by rpki-client on console-ams.rpki-client.org