Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/963d75-4cff-4b14-83df-b774320d997f/1/6IrKBiqNndlbY6dYsuKN-HSDpls.roa
File:                     6IrKBiqNndlbY6dYsuKN-HSDpls.roa (raw, json)
Hash identifier:          fiQONATzqeQenPDgfRHFmnsjK+BfD2U0ifTeqHNcdLs=
Subject key identifier:   E8:8A:CA:06:2A:8D:9D:D9:5B:63:A7:58:B2:E2:8D:F8:74:83:A6:5B
Certificate issuer:       /CN=b7b67ba579f48a4207ac409abf4f01194046ea3a
Certificate serial:       1758F76E
Authority key identifier: B7:B6:7B:A5:79:F4:8A:42:07:AC:40:9A:BF:4F:01:19:40:46:EA:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t7Z7pXn0ikIHrECav08BGUBG6jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/963d75-4cff-4b14-83df-b774320d997f/1/6IrKBiqNndlbY6dYsuKN-HSDpls.roa
Signing time:             Sat 01 Jan 2022 13:58:22 +0000
ROA not before:           Sat 01 Jan 2022 13:58:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199332
IP address blocks:        185.19.236.0/22 maxlen: 24
                          2a02:fe00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 391706478 (0x1758f76e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b7b67ba579f48a4207ac409abf4f01194046ea3a
        Validity
            Not Before: Jan  1 13:58:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e88aca062a8d9dd95b63a758b2e28df87483a65b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:37:37:ba:17:45:7b:df:18:d6:ae:07:94:9d:
                    e6:48:77:5f:b8:48:88:0b:8d:4e:97:f2:9f:7e:01:
                    cf:49:16:ad:a3:64:3a:de:6e:90:b1:ba:d2:05:e9:
                    a4:d6:3f:de:a9:60:08:0e:c9:b8:56:93:00:c4:8f:
                    7d:1f:4a:85:88:88:fe:ba:34:d4:98:a1:78:a8:66:
                    d9:a2:06:b7:16:50:86:68:50:db:e0:02:bf:2e:76:
                    a9:0e:c3:f5:56:02:3c:12:8c:35:a2:a3:9c:5f:0d:
                    35:0b:c3:40:53:19:c3:6b:f4:e0:53:7a:61:ed:2a:
                    6b:2c:4c:9c:3d:bd:1d:9a:98:e8:f7:22:04:95:7f:
                    a6:b8:8d:26:95:48:af:35:2e:90:71:47:35:8a:22:
                    fa:a6:a9:e6:94:9c:34:58:35:bb:25:c0:74:43:ae:
                    4f:45:db:2d:65:f6:96:03:f1:e3:6a:74:98:f2:ed:
                    fd:54:56:56:36:17:a0:ea:9c:77:62:0e:fe:18:e3:
                    05:a0:ce:fd:ed:a5:d4:43:65:c4:35:66:74:97:8a:
                    06:a0:87:be:34:20:5f:63:ba:16:37:83:fd:39:d0:
                    2f:d4:86:5b:3b:ce:e3:e2:af:32:e6:5e:19:62:86:
                    46:eb:e2:43:5a:e8:97:ec:e3:fc:16:f7:29:a2:d4:
                    5f:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:8A:CA:06:2A:8D:9D:D9:5B:63:A7:58:B2:E2:8D:F8:74:83:A6:5B
            X509v3 Authority Key Identifier:
                keyid:B7:B6:7B:A5:79:F4:8A:42:07:AC:40:9A:BF:4F:01:19:40:46:EA:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t7Z7pXn0ikIHrECav08BGUBG6jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/963d75-4cff-4b14-83df-b774320d997f/1/6IrKBiqNndlbY6dYsuKN-HSDpls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/963d75-4cff-4b14-83df-b774320d997f/1/t7Z7pXn0ikIHrECav08BGUBG6jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.19.236.0/22
                IPv6:
                  2a02:fe00::/29

    Signature Algorithm: sha256WithRSAEncryption
         79:fe:c6:ac:37:ab:9d:db:14:35:19:5f:74:85:06:58:30:4a:
         39:f7:8f:1d:23:24:6f:f3:2b:b7:bc:2e:09:85:ec:02:78:40:
         36:a6:e5:51:4b:0e:29:4e:7f:b7:3a:9d:d9:6b:cd:33:7d:ce:
         49:16:05:12:90:69:d2:7c:d7:10:95:bd:c9:88:06:f6:50:2e:
         4b:d8:de:d7:be:93:fc:1b:f6:46:24:04:cf:e9:db:0c:9e:41:
         2d:98:b7:a1:c7:94:cf:3b:23:3b:bc:33:d5:49:25:1e:aa:ec:
         2e:55:75:5b:da:cd:bc:ff:39:68:3d:3e:bf:0d:99:67:bb:81:
         0a:cf:00:cb:89:8f:0d:06:14:c4:ad:13:57:a1:24:6d:c7:f3:
         ee:37:f6:13:7e:9b:c9:6a:59:75:e7:0b:3f:28:91:2b:32:d2:
         69:79:bf:23:4c:40:00:c3:ea:c3:1a:98:99:ab:80:0a:94:ca:
         83:c5:15:5b:d3:9e:68:f8:d0:de:ae:0e:07:7c:75:93:6e:f1:
         f7:9e:bc:66:b7:d0:5c:fe:e4:7d:2b:56:ab:a1:70:ae:f9:fe:
         31:19:16:db:fa:cc:71:34:13:95:ae:98:b6:65:0a:99:bd:a8:
         8e:75:e6:87:32:2c:9d:df:71:a5:f3:5c:2b:51:52:fa:8c:62:
         43:ce:3d:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEF1j3bjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
N2I2N2JhNTc5ZjQ4YTQyMDdhYzQwOWFiZjRmMDExOTQwNDZlYTNhMB4XDTIyMDEw
MTEzNTgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTg4YWNhMDYyYThk
OWRkOTViNjNhNzU4YjJlMjhkZjg3NDgzYTY1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM43N7oXRXvfGNauB5Sd5kh3X7hIiAuNTpfyn34Bz0kWraNk
Ot5ukLG60gXppNY/3qlgCA7JuFaTAMSPfR9KhYiI/ro01JiheKhm2aIGtxZQhmhQ
2+ACvy52qQ7D9VYCPBKMNaKjnF8NNQvDQFMZw2v04FN6Ye0qayxMnD29HZqY6Pci
BJV/priNJpVIrzUukHFHNYoi+qap5pScNFg1uyXAdEOuT0XbLWX2lgPx42p0mPLt
/VRWVjYXoOqcd2IO/hjjBaDO/e2l1ENlxDVmdJeKBqCHvjQgX2O6FjeD/TnQL9SG
WzvO4+KvMuZeGWKGRuviQ1rol+zj/Bb3KaLUX90CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBToisoGKo2d2Vtjp1iy4o34dIOmWzAfBgNVHSMEGDAWgBS3tnulefSKQges
QJq/TwEZQEbqOjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Q3WjdwWG4waWtJSHJFQ2F2MDhCR1VCRzZqby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvOTYzZDc1LTRjZmYtNGIxNC04M2RmLWI3NzQzMjBkOTk3Zi8x
LzZJcktCaXFObmRsYlk2ZFlzdUtOLUhTRHBscy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
OTYzZDc1LTRjZmYtNGIxNC04M2RmLWI3NzQzMjBkOTk3Zi8xL3Q3WjdwWG4waWtJ
SHJFQ2F2MDhCR1VCRzZqby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkT7DANBAIAAjAHAwUDKgL+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAef7GrDerndsUNRlfdIUGWDBKOfePHSMkb/Mrt7wu
CYXsAnhANqblUUsOKU5/tzqd2WvNM33OSRYFEpBp0nzXEJW9yYgG9lAuS9je176T
/Bv2RiQEz+nbDJ5BLZi3oceUzzsjO7wz1UklHqrsLlV1W9rNvP85aD0+vw2ZZ7uB
Cs8Ay4mPDQYUxK0TV6Ekbcfz7jf2E36byWpZdecLPyiRKzLSaXm/I0xAAMPqwxqY
mauACpTKg8UVW9OeaPjQ3q4OB3x1k27x9568ZrfQXP7kfStWq6Fwrvn+MRkW2/rM
cTQTla6YtmUKmb2ojnXmhzIsnd9xpfNcK1FS+oxiQ849Ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:20 2024 by rpki-client on console-fra.rpki-client.org