Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/9o0YUidAcC-788KNV2RQyfpByI8.roa
File:                     9o0YUidAcC-788KNV2RQyfpByI8.roa (raw, json)
Hash identifier:          TnuvqYUbBgtEHjF/GwRsHFFEasomyTLSkfEJ287ySK4=
Subject key identifier:   F6:8D:18:52:27:40:70:2F:BB:F3:C2:8D:57:64:50:C9:FA:41:C8:8F
Certificate issuer:       /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial:       0C24FD71
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/9o0YUidAcC-788KNV2RQyfpByI8.roa
Signing time:             Sat 01 Jan 2022 04:03:10 +0000
ROA not before:           Sat 01 Jan 2022 04:03:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202140
IP address blocks:        185.249.143.0/24 maxlen: 24
                          185.249.140.0/24 maxlen: 24
                          185.249.140.0/22 maxlen: 22
                          185.249.141.0/24 maxlen: 24
                          185.249.142.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 203750769 (0xc24fd71)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
        Validity
            Not Before: Jan  1 04:03:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f68d18522740702fbbf3c28d576450c9fa41c88f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d1:a5:7d:c1:48:96:2b:e2:7f:bc:89:53:2a:
                    23:68:f6:32:97:89:9b:dc:dc:c4:9d:4c:77:88:d3:
                    3f:17:eb:32:fc:85:4d:d2:82:d8:92:3d:1c:a7:dd:
                    cb:00:a5:27:a2:45:58:e2:6d:cf:73:37:41:c5:61:
                    eb:65:87:d4:bc:6f:77:2c:60:71:95:ea:75:28:5d:
                    c4:eb:91:49:1c:66:1d:8e:a6:15:78:c6:dc:2f:75:
                    11:cd:a4:9d:68:e2:9f:76:20:72:1a:23:7e:6e:86:
                    54:2d:38:26:d2:b2:a2:07:1f:64:3a:4a:cb:de:f2:
                    99:d1:5c:62:8e:94:73:93:4e:77:0a:96:63:13:f5:
                    4a:e8:dc:01:69:a4:cf:ca:e0:89:f5:5c:0e:ac:40:
                    0e:f0:ca:84:2d:1e:7a:59:5f:05:de:99:a1:eb:68:
                    6f:7b:ae:80:20:48:2d:ab:7f:6d:0c:17:97:b7:92:
                    0a:53:71:4d:c8:a8:31:45:f6:a6:0e:fe:36:4a:e8:
                    0a:12:66:3b:38:72:43:7c:12:30:56:3d:d8:3e:51:
                    17:bb:50:fa:ea:28:a9:88:7c:34:93:51:ea:29:ab:
                    ae:b3:80:7d:ba:37:22:96:f1:b7:75:82:21:ef:e5:
                    c8:80:b5:96:a8:66:52:70:bf:ab:6e:94:a7:45:26:
                    89:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:8D:18:52:27:40:70:2F:BB:F3:C2:8D:57:64:50:C9:FA:41:C8:8F
            X509v3 Authority Key Identifier:
                keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/9o0YUidAcC-788KNV2RQyfpByI8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.249.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         dc:2c:ef:c6:3f:84:91:22:b9:34:86:c8:77:6b:ca:b6:ea:2b:
         95:2b:1b:cb:0f:53:70:49:a1:04:57:ac:6b:5c:3c:44:13:61:
         f2:aa:1f:14:e6:ed:34:02:63:52:23:23:78:b8:6a:e7:6f:af:
         6e:e9:bd:f7:68:d1:b2:09:a7:5a:eb:d6:54:38:2f:03:fd:09:
         e3:d7:d8:f3:c7:a7:f5:44:ef:14:fc:f3:4f:80:70:d6:34:26:
         1a:7e:6b:eb:96:ac:3b:8f:79:34:e5:1d:e0:d9:9b:97:74:26:
         6f:45:8c:aa:bd:37:99:c6:8a:4e:9c:e5:1a:df:e3:c9:86:00:
         b2:6a:62:e0:cf:2c:3e:43:c1:88:00:de:a2:89:e8:fb:ba:10:
         71:ef:0d:f7:82:dc:09:e8:12:56:a5:db:7a:23:ad:29:67:47:
         ac:cf:2d:2f:53:85:a3:9b:35:dd:ad:a6:9c:c0:8e:46:de:14:
         ca:8e:ba:62:30:7b:12:4c:fe:41:c5:b6:74:7c:0d:3c:e9:10:
         a8:e5:c5:39:22:55:fb:ed:a7:bc:cb:6e:07:68:3a:90:6b:99:
         e7:1f:b6:8b:e7:1c:bf:1d:75:27:9b:99:06:36:eb:f3:d3:3b:
         f1:6d:52:33:d5:72:13:cb:9c:43:69:62:98:d8:07:f5:f6:5f:
         89:72:14:df
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDCT9cTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OGJmMWU3MjMyMzc0MmFjNGQ4MTM2YWI2YzhlODVkZjdiYTM3ZWViMB4XDTIyMDEw
MTA0MDMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY4ZDE4NTIyNzQw
NzAyZmJiZjNjMjhkNTc2NDUwYzlmYTQxYzg4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnRpX3BSJYr4n+8iVMqI2j2MpeJm9zcxJ1Md4jTPxfrMvyF
TdKC2JI9HKfdywClJ6JFWOJtz3M3QcVh62WH1LxvdyxgcZXqdShdxOuRSRxmHY6m
FXjG3C91Ec2knWjin3Ygchojfm6GVC04JtKyogcfZDpKy97ymdFcYo6Uc5NOdwqW
YxP1SujcAWmkz8rgifVcDqxADvDKhC0eellfBd6Zoetob3uugCBILat/bQwXl7eS
ClNxTcioMUX2pg7+NkroChJmOzhyQ3wSMFY92D5RF7tQ+uooqYh8NJNR6imrrrOA
fbo3Ipbxt3WCIe/lyIC1lqhmUnC/q26Up0UmiRECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT2jRhSJ0BwL7vzwo1XZFDJ+kHIjzAfBgNVHSMEGDAWgBQovx5yMjdCrE2B
NqtsjoXfe6N+6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tMOGVjakkzUXF4TmdUYXJiSTZGMzN1amZ1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvYmE2ZGY3LWYzMjUtNDE4NC1hNTRhLTBjNDgxZjBhZDIwZS8x
LzlvMFlVaWRBY0MtNzg4S05WMlJReWZwQnlJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
YmE2ZGY3LWYzMjUtNDE4NC1hNTRhLTBjNDgxZjBhZDIwZS8xL0tMOGVjakkzUXF4
TmdUYXJiSTZGMzN1amZ1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn5jDANBgkqhkiG9w0BAQsFAAOC
AQEA3Czvxj+EkSK5NIbId2vKtuorlSsbyw9TcEmhBFesa1w8RBNh8qofFObtNAJj
UiMjeLhq52+vbum992jRsgmnWuvWVDgvA/0J49fY88en9UTvFPzzT4Bw1jQmGn5r
65asO495NOUd4Nmbl3Qmb0WMqr03mcaKTpzlGt/jyYYAsmpi4M8sPkPBiADeoono
+7oQce8N94LcCegSVqXbeiOtKWdHrM8tL1OFo5s13a2mnMCORt4Uyo66YjB7Ekz+
QcW2dHwNPOkQqOXFOSJV++2nvMtuB2g6kGuZ5x+2i+ccvx11J5uZBjbr89M78W1S
M9VyE8ucQ2limNgH9fZfiXIU3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:39 2024 by rpki-client on console-ams.rpki-client.org