Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/S2BnTjb1lnHHQ7PAgzUvoMB-16Y.roa
File:                     S2BnTjb1lnHHQ7PAgzUvoMB-16Y.roa (raw, json)
Hash identifier:          KayxCZnrEJiCQm6lKLKh6CBAFTCAC2+l+6NVkno8DgU=
Subject key identifier:   4B:60:67:4E:36:F5:96:71:C7:43:B3:C0:83:35:2F:A0:C0:7E:D7:A6
Certificate issuer:       /CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
Certificate serial:       0A61B720
Authority key identifier: FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/S2BnTjb1lnHHQ7PAgzUvoMB-16Y.roa
Signing time:             Thu 27 Jan 2022 19:13:28 +0000
ROA not before:           Thu 27 Jan 2022 19:13:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35332
IP address blocks:        185.100.192.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 174176032 (0xa61b720)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
        Validity
            Not Before: Jan 27 19:13:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4b60674e36f59671c743b3c083352fa0c07ed7a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:31:04:d3:54:2a:a5:12:99:ff:6a:15:ff:58:
                    41:d6:bc:85:1a:a6:c2:f6:47:3b:ad:64:07:2a:e5:
                    f7:24:7a:37:50:e1:36:3a:08:7e:24:3f:75:c0:8b:
                    db:26:6b:9b:c1:9d:9d:9f:de:68:a2:23:92:a4:27:
                    47:2b:87:7c:d8:b2:83:40:49:ac:47:67:16:da:50:
                    4e:28:23:0f:37:65:5f:e1:3b:8e:a8:b2:20:c2:28:
                    cb:ea:29:3c:1a:da:24:36:30:98:80:64:35:12:bf:
                    af:f3:c1:9f:4f:30:e5:18:66:17:fd:02:82:57:e2:
                    2b:e2:63:c8:c5:10:6a:e6:c1:b8:83:6b:bd:35:48:
                    0f:a1:d1:e4:2d:31:6b:cf:8f:cd:46:55:55:98:b6:
                    68:b7:37:98:9f:a1:18:49:92:9c:a3:b0:97:57:41:
                    ad:3f:01:a6:70:06:60:2f:2c:17:3a:10:ea:65:18:
                    c1:43:11:33:ba:ec:26:46:54:0e:91:ce:b1:f7:eb:
                    fa:e7:c5:11:5e:3f:5c:69:57:57:38:58:82:d5:97:
                    96:c4:3c:f3:98:db:1f:b2:af:dc:5d:b0:f8:15:cb:
                    b1:c9:4b:a7:b4:87:fc:28:22:1b:ae:b5:40:51:a8:
                    5b:fb:36:e7:ab:ee:9c:af:6c:4e:fb:1f:f3:4e:aa:
                    cf:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:60:67:4E:36:F5:96:71:C7:43:B3:C0:83:35:2F:A0:C0:7E:D7:A6
            X509v3 Authority Key Identifier:
                keyid:FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/S2BnTjb1lnHHQ7PAgzUvoMB-16Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.100.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2c:e5:89:e6:7f:9e:31:6a:d0:32:9c:2d:24:91:70:b0:9a:6a:
         06:2d:95:69:61:ed:28:3b:b7:d4:68:6c:34:df:8f:d0:6f:a1:
         78:41:7a:af:69:20:7e:53:b1:8f:5d:15:c4:7b:c9:19:b4:6f:
         d1:df:a9:ab:3e:13:76:e7:c8:36:61:58:6d:06:7e:a6:e2:61:
         9a:cb:06:0b:45:da:f5:8c:ed:a3:fb:2a:1a:49:e6:98:8b:08:
         ac:4d:63:55:06:58:62:a8:4a:f1:9c:c6:20:48:86:9c:51:ae:
         7f:ce:1b:27:fb:77:cd:fd:bc:30:0b:3a:c1:95:12:01:e0:1b:
         18:fb:57:e9:9c:eb:7a:f6:00:76:54:83:db:45:84:a6:a4:f8:
         c5:d6:49:28:0b:64:81:dd:cb:1f:28:4e:8d:eb:0e:b9:3e:b0:
         32:ac:9a:58:e5:ed:6d:63:36:4d:0e:3c:51:b6:9e:73:a6:9d:
         29:65:8b:07:ef:b2:4f:18:99:44:3a:34:4e:14:28:31:c0:02:
         7b:b8:09:84:5f:cd:4a:1c:24:71:4f:5c:91:da:13:75:29:f0:
         f7:d1:48:25:06:26:72:ad:c7:9b:67:1f:da:24:91:3c:e0:b6:
         39:d8:24:ac:ce:01:dc:26:ad:58:96:37:37:f4:72:78:ad:71:
         38:83:b9:75
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECmG3IDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTcwYjQyZDdhZjZhZDc4MjIyYjMwZjA1ZjJiNzkxM2Y4MDYzNTcwMB4XDTIyMDEy
NzE5MTMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI2MDY3NGUzNmY1
OTY3MWM3NDNiM2MwODMzNTJmYTBjMDdlZDdhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwxBNNUKqUSmf9qFf9YQda8hRqmwvZHO61kByrl9yR6N1Dh
NjoIfiQ/dcCL2yZrm8GdnZ/eaKIjkqQnRyuHfNiyg0BJrEdnFtpQTigjDzdlX+E7
jqiyIMIoy+opPBraJDYwmIBkNRK/r/PBn08w5RhmF/0CglfiK+JjyMUQaubBuINr
vTVID6HR5C0xa8+PzUZVVZi2aLc3mJ+hGEmSnKOwl1dBrT8BpnAGYC8sFzoQ6mUY
wUMRM7rsJkZUDpHOsffr+ufFEV4/XGlXVzhYgtWXlsQ885jbH7Kv3F2w+BXLsclL
p7SH/CgiG661QFGoW/s256vunK9sTvsf806qz0ECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRLYGdONvWWccdDs8CDNS+gwH7XpjAfBgNVHSMEGDAWgBT6cLQtevateCIr
MPBfK3kT+AY1cDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtbkMwTFhyMnJYZ2lLekR3WHl0NUVfZ0dOWEEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzZhL2QzYmZlNi03OGI1LTQzN2ItOThlOS1iOTE0MTU5YmE4YWQv
MS9TMkJuVGpiMWxuSEhRN1BBZ3pVdm9NQi0xNlkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZh
L2QzYmZlNi03OGI1LTQzN2ItOThlOS1iOTE0MTU5YmE4YWQvMS8xLW5DMExYcjJy
WGdpS3pEd1h5dDVFX2dHTlhBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWTAMA0GCSqGSIb3DQEBCwUA
A4IBAQAs5Ynmf54xatAynC0kkXCwmmoGLZVpYe0oO7fUaGw034/Qb6F4QXqvaSB+
U7GPXRXEe8kZtG/R36mrPhN258g2YVhtBn6m4mGaywYLRdr1jO2j+yoaSeaYiwis
TWNVBlhiqErxnMYgSIacUa5/zhsn+3fN/bwwCzrBlRIB4BsY+1fpnOt69gB2VIPb
RYSmpPjF1kkoC2SB3csfKE6N6w65PrAyrJpY5e1tYzZNDjxRtp5zpp0pZYsH77JP
GJlEOjROFCgxwAJ7uAmEX81KHCRxT1yR2hN1KfD30UglBiZyrcebZx/aJJE84LY5
2CSszgHcJq1Yljc39HJ4rXE4g7l1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:15 2024 by rpki-client on console-ams.rpki-client.org