Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5d3f1c-cff5-4b2b-9e46-67847c76cb76/1/IbQ8aH69S7nLdHsRGAXJE9lHkiY.roa
File:                     IbQ8aH69S7nLdHsRGAXJE9lHkiY.roa (raw, json)
Hash identifier:          cQNLgtK6Pds2Tlw81HLmcXyAneORJTWTKJLru68CJtc=
Subject key identifier:   21:B4:3C:68:7E:BD:4B:B9:CB:74:7B:11:18:05:C9:13:D9:47:92:26
Certificate issuer:       /CN=eb41956d12dcb982bed47a9fac4a7e48e7787c79
Certificate serial:       0C6C7D2E
Authority key identifier: EB:41:95:6D:12:DC:B9:82:BE:D4:7A:9F:AC:4A:7E:48:E7:78:7C:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/60GVbRLcuYK-1HqfrEp-SOd4fHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/5d3f1c-cff5-4b2b-9e46-67847c76cb76/1/IbQ8aH69S7nLdHsRGAXJE9lHkiY.roa
Signing time:             Sat 01 Jan 2022 13:55:40 +0000
ROA not before:           Sat 01 Jan 2022 13:55:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198423
IP address blocks:        192.41.216.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 208436526 (0xc6c7d2e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb41956d12dcb982bed47a9fac4a7e48e7787c79
        Validity
            Not Before: Jan  1 13:55:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=21b43c687ebd4bb9cb747b111805c913d9479226
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:71:5b:cc:c8:11:aa:86:09:e1:3a:e8:4f:d3:
                    fc:97:2c:9f:cf:79:8e:20:af:64:94:ee:35:39:6f:
                    f5:bb:1d:0b:c3:15:50:12:15:f8:f1:51:ed:10:a1:
                    c9:44:43:a8:bf:a1:ae:84:ca:14:62:d0:0d:e7:14:
                    35:7f:f3:2e:c7:6f:89:e1:85:db:af:e8:a0:7b:a7:
                    e4:74:de:42:53:3b:81:45:eb:16:b6:00:af:77:a8:
                    68:f0:83:77:25:78:4e:a1:48:bd:1e:92:45:a4:74:
                    d0:b1:16:6b:d7:9b:5b:78:4d:80:8d:cb:60:1d:66:
                    a2:fb:b9:7c:af:46:e8:54:3a:e0:0b:b5:c1:4f:09:
                    f2:4e:98:d1:d3:b1:09:bf:93:19:56:1e:18:30:3c:
                    cf:cb:2a:5f:5d:c2:62:8b:41:98:74:95:a1:0b:90:
                    02:c7:ad:c9:88:63:37:4b:73:b5:94:fc:9f:4f:1e:
                    61:d1:49:a2:c6:70:b7:3d:9b:2e:1d:59:ec:c4:4f:
                    7e:ac:db:20:35:0e:88:40:86:99:06:20:9d:b6:81:
                    7e:06:86:50:9d:c5:5c:1f:00:ee:5e:2a:e4:e6:02:
                    47:aa:c1:0f:bb:c9:fb:26:e7:fb:86:e8:ae:03:26:
                    09:2f:38:90:b2:42:2f:ba:ca:10:81:96:25:02:26:
                    18:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:B4:3C:68:7E:BD:4B:B9:CB:74:7B:11:18:05:C9:13:D9:47:92:26
            X509v3 Authority Key Identifier:
                keyid:EB:41:95:6D:12:DC:B9:82:BE:D4:7A:9F:AC:4A:7E:48:E7:78:7C:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/60GVbRLcuYK-1HqfrEp-SOd4fHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5d3f1c-cff5-4b2b-9e46-67847c76cb76/1/IbQ8aH69S7nLdHsRGAXJE9lHkiY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5d3f1c-cff5-4b2b-9e46-67847c76cb76/1/60GVbRLcuYK-1HqfrEp-SOd4fHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.41.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:bb:2a:df:1f:10:89:71:db:bf:11:c2:1f:94:f8:a2:01:01:
         00:4f:4c:b2:2e:cc:12:6e:61:f2:80:8b:46:7e:61:d4:05:b6:
         2e:6d:54:ef:66:26:1b:c4:6c:0e:b1:db:9c:ab:9d:8b:7a:1c:
         da:55:9b:da:f9:ed:0b:fd:a9:ae:31:48:4b:8c:4e:9d:e0:ba:
         b6:c5:09:0e:a6:50:75:da:c5:92:a2:5c:22:3d:0d:99:14:5a:
         41:aa:1a:ca:d1:56:d3:eb:f7:98:0f:c5:6f:63:d5:63:5f:12:
         49:87:2e:36:db:c9:9c:c1:98:7c:9f:d2:a9:48:07:bd:43:be:
         a8:a1:7b:1d:46:e3:e7:df:e4:e4:23:5b:27:65:a7:53:bd:65:
         96:0a:fc:b2:2c:b3:22:89:2e:f7:c4:90:cc:07:7b:97:ba:c4:
         01:a1:99:0c:fc:e3:96:a5:6e:fb:8d:25:77:cd:3b:d8:7d:8c:
         19:a7:23:1b:10:23:22:69:3b:ea:1b:ef:0b:5f:35:11:ca:76:
         5d:c2:df:89:0d:c5:00:1f:ca:0d:9d:06:0e:8b:09:38:f3:e9:
         48:f6:7f:2e:6f:a8:6e:da:29:bc:d6:6c:84:82:7a:b5:91:17:
         1e:77:e0:2d:91:1f:83:60:10:2c:2c:89:c9:e9:55:4c:8c:1d:
         44:a9:0e:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDGx9LjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjQxOTU2ZDEyZGNiOTgyYmVkNDdhOWZhYzRhN2U0OGU3Nzg3Yzc5MB4XDTIyMDEw
MTEzNTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFiNDNjNjg3ZWJk
NGJiOWNiNzQ3YjExMTgwNWM5MTNkOTQ3OTIyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxxW8zIEaqGCeE66E/T/Jcsn895jiCvZJTuNTlv9bsdC8MV
UBIV+PFR7RChyURDqL+hroTKFGLQDecUNX/zLsdvieGF26/ooHun5HTeQlM7gUXr
FrYAr3eoaPCDdyV4TqFIvR6SRaR00LEWa9ebW3hNgI3LYB1movu5fK9G6FQ64Au1
wU8J8k6Y0dOxCb+TGVYeGDA8z8sqX13CYotBmHSVoQuQAsetyYhjN0tztZT8n08e
YdFJosZwtz2bLh1Z7MRPfqzbIDUOiECGmQYgnbaBfgaGUJ3FXB8A7l4q5OYCR6rB
D7vJ+ybn+4borgMmCS84kLJCL7rKEIGWJQImGCUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQhtDxofr1Luct0exEYBckT2UeSJjAfBgNVHSMEGDAWgBTrQZVtEty5gr7U
ep+sSn5I53h8eTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYwR1ZiUkxjdVlLLTFIcWZyRXAtU09kNGZIay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNWQzZjFjLWNmZjUtNGIyYi05ZTQ2LTY3ODQ3Yzc2Y2I3Ni8x
L0liUThhSDY5UzduTGRIc1JHQVhKRTlsSGtpWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NWQzZjFjLWNmZjUtNGIyYi05ZTQ2LTY3ODQ3Yzc2Y2I3Ni8xLzYwR1ZiUkxjdVlL
LTFIcWZyRXAtU09kNGZIay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMAp2DANBgkqhkiG9w0BAQsFAAOC
AQEAe7sq3x8QiXHbvxHCH5T4ogEBAE9Msi7MEm5h8oCLRn5h1AW2Lm1U72YmG8Rs
DrHbnKudi3oc2lWb2vntC/2prjFIS4xOneC6tsUJDqZQddrFkqJcIj0NmRRaQaoa
ytFW0+v3mA/Fb2PVY18SSYcuNtvJnMGYfJ/SqUgHvUO+qKF7HUbj59/k5CNbJ2Wn
U71llgr8siyzIoku98SQzAd7l7rEAaGZDPzjlqVu+40ld8072H2MGacjGxAjImk7
6hvvC181Ecp2XcLfiQ3FAB/KDZ0GDosJOPPpSPZ/Lm+obtopvNZshIJ6tZEXHnfg
LZEfg2AQLCyJyelVTIwdRKkOag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:44 2024 by rpki-client on console-ams.rpki-client.org