Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/KBmB_sA0Qxj22xEKj1a81QdIRLc.roa
File:                     KBmB_sA0Qxj22xEKj1a81QdIRLc.roa (raw, json)
Hash identifier:          47Pwf+ATrpgGdkBqlmopyERlwWpjCbCw6jcVL2QKHO0=
Subject key identifier:   28:19:81:FE:C0:34:43:18:F6:DB:11:0A:8F:56:BC:D5:07:48:44:B7
Certificate issuer:       /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial:       0C3481EA
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/KBmB_sA0Qxj22xEKj1a81QdIRLc.roa
Signing time:             Mon 23 May 2022 08:58:29 +0000
ROA not before:           Mon 23 May 2022 08:58:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        185.254.28.0/24 maxlen: 24
                          109.236.49.0/24 maxlen: 24
                          193.160.143.0/24 maxlen: 24
                          193.160.141.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 204767722 (0xc3481ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
        Validity
            Not Before: May 23 08:58:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=281981fec0344318f6db110a8f56bcd5074844b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:1a:42:55:43:47:01:be:49:d3:67:f6:09:a3:
                    13:28:f9:34:f9:fa:6a:fd:c4:b0:fa:08:10:60:54:
                    7d:78:09:e1:9e:46:62:41:86:99:6b:5f:b6:a0:c2:
                    b8:e8:93:dd:a4:7a:50:0e:68:59:fd:11:94:bf:06:
                    6f:d8:c6:79:7a:fb:42:53:37:e9:29:d3:b8:fa:f6:
                    60:0a:83:01:88:cd:74:af:c8:d0:55:b8:8f:cc:e5:
                    c1:0d:09:63:03:66:dc:48:d9:3e:77:c8:21:17:28:
                    23:be:08:11:f0:7f:0f:f4:b0:bb:b4:ee:e1:17:34:
                    06:a0:2d:56:9b:31:61:55:16:37:4c:67:d2:74:d2:
                    27:2b:bd:e4:20:f4:ea:cb:43:c6:65:f0:42:9c:a9:
                    7e:4b:36:ae:d7:d5:cd:b5:14:85:30:c9:03:af:a8:
                    86:e0:49:78:c6:00:77:e5:77:b4:2b:d8:5d:b1:08:
                    2d:6b:b3:5e:21:4c:f7:f9:d6:c8:ff:7c:42:73:2e:
                    56:6c:64:77:95:89:81:67:54:c9:41:fd:0f:20:2c:
                    b0:6d:4e:74:5b:c2:4c:85:09:76:89:10:20:59:ba:
                    72:c1:c9:97:18:24:84:06:21:25:ac:38:55:09:e3:
                    12:db:2f:00:fb:3c:4d:79:cb:46:d3:59:cd:f6:15:
                    e0:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:19:81:FE:C0:34:43:18:F6:DB:11:0A:8F:56:BC:D5:07:48:44:B7
            X509v3 Authority Key Identifier:
                keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/KBmB_sA0Qxj22xEKj1a81QdIRLc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.236.49.0/24
                  185.254.28.0/24
                  193.160.141.0/24
                  193.160.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:03:8b:72:eb:b8:ec:77:3e:7c:cf:93:5d:d0:33:8d:a2:70:
         cf:3b:65:5b:2b:9a:83:d6:c1:31:f4:4b:eb:ca:43:20:d0:97:
         94:f5:a1:84:5c:b1:da:a7:18:ab:b5:58:a9:81:c6:fd:e9:bb:
         1d:c0:a8:ef:52:3a:4a:ad:28:56:3e:29:9c:f9:d4:e2:eb:23:
         ac:0f:27:1b:27:47:73:6d:9a:d1:fe:18:46:a7:b4:00:36:97:
         ac:53:d4:8a:41:a6:5c:5a:5b:19:bd:57:f7:21:71:fe:fe:d3:
         1e:c9:0c:54:7a:72:ef:0a:f2:ac:c6:6c:f3:b0:f2:a7:30:0a:
         07:c2:9b:0c:da:47:fa:54:48:6d:6f:67:5c:9d:d9:2e:af:c8:
         e2:21:83:ca:5d:ba:f4:ae:12:a1:c3:80:88:f6:f1:8d:37:8d:
         ce:01:da:fc:0e:cd:9f:17:76:d1:ce:b3:be:7a:f3:01:e2:e7:
         d6:f5:21:b1:13:96:81:a2:b3:e1:aa:c2:9b:4d:c4:0a:b9:bc:
         5b:e6:d8:9a:89:7b:65:58:56:87:9c:59:3c:39:ed:c2:69:a9:
         0b:ea:83:c7:72:af:85:15:b0:8a:14:1f:0c:0c:89:59:24:cf:
         25:eb:72:e7:a4:df:e4:0f:95:ed:73:e6:c7:73:f1:5f:ff:de:
         5a:71:86:0e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDDSB6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMB4XDTIyMDUy
MzA4NTgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgxOTgxZmVjMDM0
NDMxOGY2ZGIxMTBhOGY1NmJjZDUwNzQ4NDRiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcaQlVDRwG+SdNn9gmjEyj5NPn6av3EsPoIEGBUfXgJ4Z5G
YkGGmWtftqDCuOiT3aR6UA5oWf0RlL8Gb9jGeXr7QlM36SnTuPr2YAqDAYjNdK/I
0FW4j8zlwQ0JYwNm3EjZPnfIIRcoI74IEfB/D/Swu7Tu4Rc0BqAtVpsxYVUWN0xn
0nTSJyu95CD06stDxmXwQpypfks2rtfVzbUUhTDJA6+ohuBJeMYAd+V3tCvYXbEI
LWuzXiFM9/nWyP98QnMuVmxkd5WJgWdUyUH9DyAssG1OdFvCTIUJdokQIFm6csHJ
lxgkhAYhJaw4VQnjEtsvAPs8TXnLRtNZzfYV4McCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQoGYH+wDRDGPbbEQqPVrzVB0hEtzAfBgNVHSMEGDAWgBTGFsQZUVLv/tv3
s6/uKqcuGQkOTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hoYkVHVkZTN183Yjk3T3Y3aXFuTGhrSkRrMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvYWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8x
L0tCbUJfc0EwUXhqMjJ4RUtqMWE4MVFkSVJMYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
YWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183
Yjk3T3Y3aXFuTGhrSkRrMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAG3sMQMEALn+HAMEAMGgjQMEAMGg
jzANBgkqhkiG9w0BAQsFAAOCAQEADgOLcuu47Hc+fM+TXdAzjaJwzztlWyuag9bB
MfRL68pDINCXlPWhhFyx2qcYq7VYqYHG/em7HcCo71I6Sq0oVj4pnPnU4usjrA8n
GydHc22a0f4YRqe0ADaXrFPUikGmXFpbGb1X9yFx/v7THskMVHpy7wryrMZs87Dy
pzAKB8KbDNpH+lRIbW9nXJ3ZLq/I4iGDyl269K4SocOAiPbxjTeNzgHa/A7Nnxd2
0c6zvnrzAeLn1vUhsROWgaKz4arCm03ECrm8W+bYmol7ZVhWh5xZPDntwmmpC+qD
x3KvhRWwihQfDAyJWSTPJety56Tf5A+V7XPmx3PxX//eWnGGDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org