Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/i4N62oqAMCbQG3yXOwdwEqnO2bs.roa
File:                     i4N62oqAMCbQG3yXOwdwEqnO2bs.roa (raw, json)
Hash identifier:          k9HmtjNIkcpJwiRzOkGkxLNtk/ILy8ly3W5MhKd5tlk=
Subject key identifier:   8B:83:7A:DA:8A:80:30:26:D0:1B:7C:97:3B:07:70:12:A9:CE:D9:BB
Certificate issuer:       /CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Certificate serial:       0B637ECA
Authority key identifier: 31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/i4N62oqAMCbQG3yXOwdwEqnO2bs.roa
Signing time:             Thu 27 Jan 2022 15:02:26 +0000
ROA not before:           Thu 27 Jan 2022 15:02:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        185.255.11.0/24 maxlen: 24
                          202.22.167.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 191069898 (0xb637eca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
        Validity
            Not Before: Jan 27 15:02:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b837ada8a803026d01b7c973b077012a9ced9bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e1:72:ab:1b:a3:c4:65:bd:51:3c:2b:23:1a:
                    8b:99:38:21:99:a6:2b:2e:a5:77:8b:ab:a5:c8:00:
                    45:65:51:64:95:e6:45:19:a0:b7:47:98:2a:d6:5c:
                    62:7b:de:47:45:7c:df:ff:cb:a6:ca:b6:1c:6e:7c:
                    6e:69:07:e2:e1:ca:92:99:a2:9c:80:41:bd:89:e4:
                    48:a4:68:33:de:2e:cf:a4:62:68:03:14:62:5d:15:
                    68:6c:66:94:a7:7a:36:f7:56:b3:7d:5b:96:34:81:
                    c8:8d:b0:92:12:e4:e2:4c:0f:1a:91:23:27:1a:7c:
                    89:42:c7:59:24:4d:44:4e:91:07:0c:90:58:eb:90:
                    34:c7:82:57:72:12:52:7a:82:f7:c1:fb:62:30:d6:
                    e5:6e:79:31:3f:43:ef:f9:bb:29:eb:b7:7a:8a:51:
                    b2:87:a6:90:05:d8:ee:85:b9:9c:f0:5c:07:64:fa:
                    ee:bc:8d:36:5a:48:70:af:00:ae:c2:af:f2:26:22:
                    59:45:4e:b5:48:04:10:f9:67:e9:12:d5:ea:d7:84:
                    b4:44:22:d3:07:2f:ed:d3:df:43:2a:40:d5:39:9f:
                    f3:6e:c1:9f:33:2c:81:55:7b:f2:e5:2e:be:a3:6b:
                    ca:9a:54:86:5e:b1:c5:60:4b:84:f2:d0:1f:00:e1:
                    1b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:83:7A:DA:8A:80:30:26:D0:1B:7C:97:3B:07:70:12:A9:CE:D9:BB
            X509v3 Authority Key Identifier:
                keyid:31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/i4N62oqAMCbQG3yXOwdwEqnO2bs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.11.0/24
                  202.22.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:01:03:18:42:6a:5f:52:a2:44:8b:27:8e:d5:d3:7a:77:03:
         21:fe:c6:3e:72:14:3f:1f:c4:21:8d:e6:fd:7d:ee:84:b0:5b:
         b0:da:82:66:d8:97:e4:0c:64:eb:12:4f:ad:06:89:f2:ef:8b:
         bb:54:0e:03:79:b5:3b:fd:1d:e0:87:fb:20:71:5b:be:80:11:
         77:7f:24:43:26:69:66:32:df:14:18:85:6f:89:58:22:58:6b:
         03:1c:be:9c:9d:20:cf:c4:08:f2:42:fb:87:e3:ad:a0:9b:64:
         8b:33:9d:9d:06:75:73:ce:52:79:76:5f:1a:6f:d1:ba:ea:de:
         9f:58:04:6a:06:48:42:17:23:89:a6:c8:a9:f3:9f:fc:61:5f:
         21:c7:4d:46:be:73:f5:02:73:78:fb:a1:24:b5:6d:af:2b:fc:
         9a:64:f3:fa:14:a2:37:84:5a:86:ba:cb:b7:dc:94:1d:e9:5d:
         fc:76:a5:aa:aa:8d:45:b4:e4:cc:84:57:d7:fe:ee:74:42:bc:
         a9:d2:e5:5a:ba:b7:ce:8b:da:49:44:f2:0a:32:70:14:56:3d:
         6b:56:1c:1e:ec:a9:13:f3:e8:87:56:99:41:5f:c3:b1:9c:27:
         a3:ad:69:c8:53:ac:96:6f:bd:e8:db:80:b0:c8:21:75:8c:d8:
         a1:fb:72:d9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEC2N+yjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MWViOWIyZGI0YTNiZGRmOGM5MmZjNTBiOTcxMzA0M2RkNTZkYzM4MB4XDTIyMDEy
NzE1MDIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI4MzdhZGE4YTgw
MzAyNmQwMWI3Yzk3M2IwNzcwMTJhOWNlZDliYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3hcqsbo8RlvVE8KyMai5k4IZmmKy6ld4urpcgARWVRZJXm
RRmgt0eYKtZcYnveR0V83//Lpsq2HG58bmkH4uHKkpminIBBvYnkSKRoM94uz6Ri
aAMUYl0VaGxmlKd6NvdWs31bljSByI2wkhLk4kwPGpEjJxp8iULHWSRNRE6RBwyQ
WOuQNMeCV3ISUnqC98H7YjDW5W55MT9D7/m7Keu3eopRsoemkAXY7oW5nPBcB2T6
7ryNNlpIcK8ArsKv8iYiWUVOtUgEEPln6RLV6teEtEQi0wcv7dPfQypA1Tmf827B
nzMsgVV78uUuvqNryppUhl6xxWBLhPLQHwDhG0UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSLg3raioAwJtAbfJc7B3ASqc7ZuzAfBgNVHSMEGDAWgBQx65sttKO934yS
/FC5cTBD3VbcODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ldWJMYlNqdmQtTWt2eFF1WEV3UTkxVzNEZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvMjQ3MDA1LTU1OWQtNGViNC1iM2U4LWJkMjRmMDAzNTc4Zi8x
L2k0TjYyb3FBTUNiUUczeVhPd2R3RXFuTzJicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
MjQ3MDA1LTU1OWQtNGViNC1iM2U4LWJkMjRmMDAzNTc4Zi8xL01ldWJMYlNqdmQt
TWt2eFF1WEV3UTkxVzNEZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALn/CwMEAMoWpzANBgkqhkiG9w0B
AQsFAAOCAQEAMgEDGEJqX1KiRIsnjtXTencDIf7GPnIUPx/EIY3m/X3uhLBbsNqC
ZtiX5Axk6xJPrQaJ8u+Lu1QOA3m1O/0d4If7IHFbvoARd38kQyZpZjLfFBiFb4lY
IlhrAxy+nJ0gz8QI8kL7h+OtoJtkizOdnQZ1c85SeXZfGm/Ruuren1gEagZIQhcj
iabIqfOf/GFfIcdNRr5z9QJzePuhJLVtryv8mmTz+hSiN4RahrrLt9yUHeld/Hal
qqqNRbTkzIRX1/7udEK8qdLlWrq3zovaSUTyCjJwFFY9a1YcHuypE/Poh1aZQV/D
sZwno61pyFOslm+96NuAsMghdYzYofty2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:24 2024 by rpki-client on console-fra.rpki-client.org