Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/6_LNunQF3vHx_Gh9k8jO3sj41II.roa
File:                     6_LNunQF3vHx_Gh9k8jO3sj41II.roa (raw, json)
Hash identifier:          8Vaed7vJ3GrXiZsXsFVrt5F4uDGSCRbyZKyy0H7tCmQ=
Subject key identifier:   EB:F2:CD:BA:74:05:DE:F1:F1:FC:68:7D:93:C8:CE:DE:C8:F8:D4:82
Certificate issuer:       /CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
Certificate serial:       1B1F0312
Authority key identifier: 87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/6_LNunQF3vHx_Gh9k8jO3sj41II.roa
Signing time:             Sat 01 Jan 2022 10:58:00 +0000
ROA not before:           Sat 01 Jan 2022 10:58:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208599
IP address blocks:        185.151.76.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 455017234 (0x1b1f0312)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
        Validity
            Not Before: Jan  1 10:58:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ebf2cdba7405def1f1fc687d93c8cedec8f8d482
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:dd:e0:38:17:1e:2a:4a:7f:72:a5:ea:bd:08:
                    43:47:2c:60:55:73:3f:a2:f2:e8:54:5d:69:52:68:
                    32:07:ce:5d:15:f0:54:91:4c:10:d7:17:c8:25:9d:
                    ea:2b:9c:fe:2c:0a:10:57:2c:36:bb:30:20:6a:20:
                    fe:57:8f:87:15:5f:a7:e7:09:fd:f6:23:e6:ec:b2:
                    03:31:8a:1a:ce:97:7a:6b:79:69:b1:60:65:4a:29:
                    ec:b0:67:60:8f:04:03:37:71:00:87:28:3a:80:1c:
                    19:99:2f:74:45:a7:fa:2a:e6:ab:c3:7a:fe:3b:3d:
                    7c:6b:e9:e9:06:8e:6a:55:ff:d2:5a:9e:43:10:80:
                    21:6a:e7:c1:c4:5f:85:70:8b:3a:d4:c2:ef:33:1e:
                    d2:93:29:6b:c9:6f:0e:58:8c:51:dd:28:0d:2b:05:
                    63:bd:a6:c7:a2:18:85:09:1d:d5:2d:0f:f4:26:71:
                    1a:67:7f:f0:fe:4c:b6:b0:5a:78:87:43:72:ad:bc:
                    5e:66:24:0f:aa:30:59:a7:4f:af:1d:27:ef:8c:39:
                    83:ce:e6:8c:25:38:6e:47:c4:0f:e4:2c:0c:f3:58:
                    9b:38:da:9a:f6:78:a8:6d:8a:4c:dc:e9:e0:ac:90:
                    a8:7a:ae:7a:0c:a8:8d:69:47:7e:76:1d:f9:23:49:
                    81:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:F2:CD:BA:74:05:DE:F1:F1:FC:68:7D:93:C8:CE:DE:C8:F8:D4:82
            X509v3 Authority Key Identifier:
                keyid:87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/6_LNunQF3vHx_Gh9k8jO3sj41II.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/h_Qa4HeeN978abKlsPerj9QM0-c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:53:f7:88:39:c0:83:44:7b:2a:bc:3c:a5:03:7b:e0:ef:f0:
         19:5b:f8:9f:51:91:28:c9:c6:f7:99:32:24:1e:02:72:9c:f1:
         fa:9c:e6:45:7d:82:99:12:78:b7:a8:2e:3d:fd:a6:6e:cb:aa:
         d8:5c:82:d3:30:bb:33:63:ff:ff:80:36:b4:34:f6:18:52:fe:
         e7:e1:7d:d1:84:81:75:d9:1d:a8:4a:a8:dc:60:ce:52:36:3f:
         a6:0c:4f:27:a3:da:6c:4d:e8:50:8a:ce:c9:67:34:49:d9:99:
         d6:03:12:12:23:e4:03:ad:c2:a9:74:ec:7c:cb:5d:42:fc:de:
         9c:c0:96:8a:65:6c:09:2f:0e:2f:41:50:e6:1c:55:da:a7:44:
         a0:ec:af:cc:1a:7b:9b:5f:20:b7:dc:05:4e:86:53:6e:6e:dc:
         a7:03:47:2a:10:df:f4:90:5d:d6:39:12:9e:21:b1:a5:51:af:
         54:92:1e:80:7e:95:c7:cc:3f:4e:0b:df:26:12:68:97:e6:93:
         a3:5e:a3:a7:90:d1:50:0b:f8:d4:67:db:a3:c0:06:f2:bb:3f:
         08:80:d9:08:f9:b0:d2:7a:c0:95:0a:1b:a1:5b:7d:a2:46:36:
         93:06:5a:e1:bd:59:85:64:66:72:14:a5:f5:fd:73:6b:46:45:
         05:20:44:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGx8DEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2Y0MWFlMDc3OWUzN2RlZmM2OWIyYTViMGY3YWI4ZmQ0MGNkM2U3MB4XDTIyMDEw
MTEwNTgwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWJmMmNkYmE3NDA1
ZGVmMWYxZmM2ODdkOTNjOGNlZGVjOGY4ZDQ4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3d4DgXHipKf3Kl6r0IQ0csYFVzP6Ly6FRdaVJoMgfOXRXw
VJFMENcXyCWd6iuc/iwKEFcsNrswIGog/lePhxVfp+cJ/fYj5uyyAzGKGs6Xemt5
abFgZUop7LBnYI8EAzdxAIcoOoAcGZkvdEWn+irmq8N6/js9fGvp6QaOalX/0lqe
QxCAIWrnwcRfhXCLOtTC7zMe0pMpa8lvDliMUd0oDSsFY72mx6IYhQkd1S0P9CZx
Gmd/8P5MtrBaeIdDcq28XmYkD6owWadPrx0n74w5g87mjCU4bkfED+QsDPNYmzja
mvZ4qG2KTNzp4KyQqHquegyojWlHfnYd+SNJgVMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTr8s26dAXe8fH8aH2TyM7eyPjUgjAfBgNVHSMEGDAWgBSH9Brgd5433vxp
sqWw96uP1AzT5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hfUWE0SGVlTjk3OGFiS2xzUGVyajlRTTAtYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvMTg1Y2I1LTQ3NTItNDNiOC04ZTQ2LWM0M2FiMmExMmQ1NS8x
LzZfTE51blFGM3ZIeF9HaDlrOGpPM3NqNDFJSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
MTg1Y2I1LTQ3NTItNDNiOC04ZTQ2LWM0M2FiMmExMmQ1NS8xL2hfUWE0SGVlTjk3
OGFiS2xzUGVyajlRTTAtYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmXTDANBgkqhkiG9w0BAQsFAAOC
AQEAiFP3iDnAg0R7Krw8pQN74O/wGVv4n1GRKMnG95kyJB4Ccpzx+pzmRX2CmRJ4
t6guPf2mbsuq2FyC0zC7M2P//4A2tDT2GFL+5+F90YSBddkdqEqo3GDOUjY/pgxP
J6PabE3oUIrOyWc0SdmZ1gMSEiPkA63CqXTsfMtdQvzenMCWimVsCS8OL0FQ5hxV
2qdEoOyvzBp7m18gt9wFToZTbm7cpwNHKhDf9JBd1jkSniGxpVGvVJIegH6Vx8w/
TgvfJhJol+aTo16jp5DRUAv41Gfbo8AG8rs/CIDZCPmw0nrAlQoboVt9okY2kwZa
4b1ZhWRmchSl9f1za0ZFBSBEfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org