Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/a90dbf-86d6-48ce-8a6c-86aa00e13746/1/bIBGGcT_3-91Xxj52CD3SlubStU.roa
File:                     bIBGGcT_3-91Xxj52CD3SlubStU.roa (raw, json)
Hash identifier:          86qwd6F86tJrzXNqu+PxNmXKdCDyEfZZqz3alSkieGc=
Subject key identifier:   6C:80:46:19:C4:FF:DF:EF:75:5F:18:F9:D8:20:F7:4A:5B:9B:4A:D5
Certificate issuer:       /CN=fc79488ab4e1ac0f4bd467d2b4d3621c6b18eea0
Certificate serial:       0A4E57C8
Authority key identifier: FC:79:48:8A:B4:E1:AC:0F:4B:D4:67:D2:B4:D3:62:1C:6B:18:EE:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_HlIirThrA9L1GfStNNiHGsY7qA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/a90dbf-86d6-48ce-8a6c-86aa00e13746/1/bIBGGcT_3-91Xxj52CD3SlubStU.roa
Signing time:             Sat 01 Jan 2022 05:02:37 +0000
ROA not before:           Sat 01 Jan 2022 05:02:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206765
IP address blocks:        185.177.16.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 172906440 (0xa4e57c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc79488ab4e1ac0f4bd467d2b4d3621c6b18eea0
        Validity
            Not Before: Jan  1 05:02:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c804619c4ffdfef755f18f9d820f74a5b9b4ad5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e2:a0:c7:36:66:09:63:b7:b0:d3:f0:68:07:
                    ac:e6:eb:0f:6f:e0:29:4d:a8:42:81:3c:23:aa:11:
                    1d:47:7e:5b:d6:2d:e4:e7:88:4a:2e:ae:27:f9:5b:
                    40:1f:98:63:62:99:28:e6:2a:4a:0a:68:e6:95:a1:
                    78:f7:aa:b7:d2:4a:73:ae:9e:a5:52:d1:64:f6:e0:
                    29:cb:d4:e4:70:5b:e1:51:08:18:0e:65:04:78:a9:
                    c1:d0:e4:e6:79:18:7d:f0:7d:ba:2c:c4:80:1a:47:
                    19:09:eb:1a:f0:0e:94:f2:fa:9d:8b:ec:07:8e:ae:
                    31:ac:8b:b7:0a:ee:0c:5b:c2:55:17:a9:78:f2:d7:
                    99:54:3f:25:ca:26:48:f2:19:94:5c:5d:4b:04:d4:
                    ff:2f:f9:38:a7:fe:0d:47:22:e4:c1:b2:a3:2c:69:
                    0f:3d:28:59:8f:d2:a4:d8:ec:86:b3:5c:52:eb:e9:
                    8c:a8:ff:84:15:a0:aa:63:29:06:09:a8:f3:67:6c:
                    e0:42:c2:19:ec:5e:57:b6:4a:f6:18:9e:39:45:63:
                    b7:fa:09:5e:e5:f3:57:aa:7f:15:2e:92:ec:e5:ba:
                    fa:38:60:e3:4a:f2:d0:8d:50:23:3c:e8:ac:da:86:
                    8b:be:54:f7:62:82:c7:8d:f6:c6:25:71:bd:f2:bf:
                    cf:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:80:46:19:C4:FF:DF:EF:75:5F:18:F9:D8:20:F7:4A:5B:9B:4A:D5
            X509v3 Authority Key Identifier:
                keyid:FC:79:48:8A:B4:E1:AC:0F:4B:D4:67:D2:B4:D3:62:1C:6B:18:EE:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_HlIirThrA9L1GfStNNiHGsY7qA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/a90dbf-86d6-48ce-8a6c-86aa00e13746/1/bIBGGcT_3-91Xxj52CD3SlubStU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/a90dbf-86d6-48ce-8a6c-86aa00e13746/1/_HlIirThrA9L1GfStNNiHGsY7qA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:5d:93:c3:63:bb:84:40:e1:dc:91:bc:12:8e:67:bc:cc:8a:
         f7:e9:50:25:e7:9c:f5:a3:7d:cb:f9:65:b2:c7:a5:d3:62:be:
         6a:03:94:b6:b5:c5:1b:f0:f0:be:23:62:fc:53:7a:63:41:27:
         a1:c8:aa:dd:67:79:1b:fe:7a:86:4a:ff:05:cb:1b:d0:27:3c:
         c1:1f:fd:71:54:20:8b:41:a9:a5:3b:0f:d0:0b:0e:a0:a1:a9:
         13:54:53:ec:3c:b4:96:bf:b8:12:2b:d9:ac:00:ce:54:6f:0d:
         12:44:e6:3c:02:38:6d:06:22:fd:70:40:ed:fd:a5:07:a0:37:
         0f:ea:c6:f7:d9:e1:ff:7e:d4:03:ee:50:27:68:c4:ef:fc:0b:
         e9:89:f3:2b:60:bb:c6:41:2d:59:db:e6:f0:5f:92:d3:9a:a3:
         49:df:68:a8:26:ec:0f:e2:33:a1:a7:9a:84:6b:0f:ad:fc:06:
         cd:d1:df:1b:d8:80:07:e5:9d:dd:cd:ac:9b:88:a1:c7:1f:50:
         db:45:d1:9d:99:59:34:75:29:96:c2:5d:57:09:c6:d6:ec:c5:
         c4:29:66:21:e0:78:f5:39:af:29:17:b2:16:29:4e:b6:0a:ae:
         0b:fc:23:63:bf:8a:f7:a9:12:d8:8c:3c:23:85:1c:b7:5d:05:
         bf:fc:0f:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECk5XyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yzc5NDg4YWI0ZTFhYzBmNGJkNDY3ZDJiNGQzNjIxYzZiMThlZWEwMB4XDTIyMDEw
MTA1MDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM4MDQ2MTljNGZm
ZGZlZjc1NWYxOGY5ZDgyMGY3NGE1YjliNGFkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzioMc2Zgljt7DT8GgHrObrD2/gKU2oQoE8I6oRHUd+W9Yt
5OeISi6uJ/lbQB+YY2KZKOYqSgpo5pWhePeqt9JKc66epVLRZPbgKcvU5HBb4VEI
GA5lBHipwdDk5nkYffB9uizEgBpHGQnrGvAOlPL6nYvsB46uMayLtwruDFvCVRep
ePLXmVQ/JcomSPIZlFxdSwTU/y/5OKf+DUci5MGyoyxpDz0oWY/SpNjshrNcUuvp
jKj/hBWgqmMpBgmo82ds4ELCGexeV7ZK9hieOUVjt/oJXuXzV6p/FS6S7OW6+jhg
40ry0I1QIzzorNqGi75U92KCx432xiVxvfK/z6ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRsgEYZxP/f73VfGPnYIPdKW5tK1TAfBgNVHSMEGDAWgBT8eUiKtOGsD0vU
Z9K002IcaxjuoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19IbElpclRockE5TDFHZlN0Tk5pSEdzWTdxQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvYTkwZGJmLTg2ZDYtNDhjZS04YTZjLTg2YWEwMGUxMzc0Ni8x
L2JJQkdHY1RfMy05MVh4ajUyQ0QzU2x1YlN0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
YTkwZGJmLTg2ZDYtNDhjZS04YTZjLTg2YWEwMGUxMzc0Ni8xL19IbElpclRockE5
TDFHZlN0Tk5pSEdzWTdxQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmxEDANBgkqhkiG9w0BAQsFAAOC
AQEALV2Tw2O7hEDh3JG8Eo5nvMyK9+lQJeec9aN9y/llssel02K+agOUtrXFG/Dw
viNi/FN6Y0Enociq3Wd5G/56hkr/Bcsb0Cc8wR/9cVQgi0GppTsP0AsOoKGpE1RT
7Dy0lr+4EivZrADOVG8NEkTmPAI4bQYi/XBA7f2lB6A3D+rG99nh/37UA+5QJ2jE
7/wL6YnzK2C7xkEtWdvm8F+S05qjSd9oqCbsD+IzoaeahGsPrfwGzdHfG9iAB+Wd
3c2sm4ihxx9Q20XRnZlZNHUplsJdVwnG1uzFxClmIeB49TmvKReyFilOtgquC/wj
Y7+K96kS2Iw8I4Uct10Fv/wP9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:55 2024 by rpki-client on console-ams.rpki-client.org