Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/trf0bRP_iCPke9Bnl5rOnk1_Oko.roa
File:                     trf0bRP_iCPke9Bnl5rOnk1_Oko.roa (raw, json)
Hash identifier:          pYfEJy00rHBesgEi2EcHeSKOUiRplhJGsghfdi0WSO0=
Subject key identifier:   B6:B7:F4:6D:13:FF:88:23:E4:7B:D0:67:97:9A:CE:9E:4D:7F:3A:4A
Certificate issuer:       /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial:       0182119BF7006B4F127E0413662E3778C4AE
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/trf0bRP_iCPke9Bnl5rOnk1_Oko.roa
Signing time:             Mon 18 Jul 2022 14:00:10 +0000
ROA not before:           Mon 18 Jul 2022 14:00:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60800
IP address blocks:        185.181.116.0/22 maxlen: 24
                          91.197.228.0/22 maxlen: 24
                          2a0a:cb80::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:11:9b:f7:00:6b:4f:12:7e:04:13:66:2e:37:78:c4:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
        Validity
            Not Before: Jul 18 14:00:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b6b7f46d13ff8823e47bd067979ace9e4d7f3a4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c1:95:d9:29:1c:c4:0b:6f:88:02:cd:ec:07:
                    79:7c:91:41:7c:d3:21:1e:81:b5:59:63:8a:ea:1a:
                    ce:1b:d4:ca:61:51:63:f4:6b:3c:28:73:81:16:d4:
                    00:a8:91:4c:72:09:a0:4f:6c:0e:9d:ca:ea:d4:94:
                    dc:5e:74:c1:e8:f1:e7:0e:ba:36:9c:c4:75:e7:75:
                    dd:f3:82:4d:15:fa:84:0e:3a:e8:89:b3:8f:b0:e6:
                    fb:fb:6e:88:29:b6:ba:b5:19:35:fb:52:ab:83:d0:
                    c8:33:bd:4c:d0:18:80:b4:c8:0d:dc:9f:c6:7e:d0:
                    2f:60:4b:f3:a7:2d:1d:4e:2c:8d:1c:d5:95:81:c0:
                    46:e6:4b:64:9a:25:6e:1e:00:8d:80:74:68:09:d1:
                    6d:eb:52:ea:55:ba:de:3e:e5:9b:37:9f:11:ec:2d:
                    80:cc:2d:fa:e4:5a:e9:9b:3c:46:3e:f8:67:1d:5e:
                    9a:b0:4c:07:3c:85:49:41:a9:23:59:7f:01:ca:9d:
                    08:8f:a1:eb:50:3d:f8:28:4a:ca:dc:2d:68:2a:d5:
                    e7:7b:ff:1a:c8:0a:6c:8d:d2:d4:ea:05:d4:37:f5:
                    24:73:64:a8:34:98:85:d4:d5:8f:f6:a1:f5:9f:4f:
                    dc:48:87:a6:38:16:2f:5a:ff:cc:ea:7c:e0:f6:80:
                    a8:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:B7:F4:6D:13:FF:88:23:E4:7B:D0:67:97:9A:CE:9E:4D:7F:3A:4A
            X509v3 Authority Key Identifier:
                keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/trf0bRP_iCPke9Bnl5rOnk1_Oko.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.197.228.0/22
                  185.181.116.0/22
                IPv6:
                  2a0a:cb80::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:32:15:2f:ce:fd:62:1f:45:e8:e4:e5:fa:61:ba:7d:b9:38:
         6d:f5:34:b0:3c:3b:dd:2f:5c:f1:34:c3:ef:c1:fd:de:a5:82:
         a0:ff:88:db:ec:01:1d:0a:0d:77:73:38:93:a2:11:b4:16:a2:
         ff:63:37:fb:bf:60:84:e6:eb:ed:be:60:bd:c9:dd:4b:73:66:
         8d:fc:61:7e:c9:f4:4c:5b:52:c2:86:5e:15:14:c8:ab:2e:e6:
         33:43:38:ac:f6:8f:93:03:39:a6:38:dc:e2:78:14:ba:0d:cd:
         5d:38:ca:d3:e7:24:ef:85:94:e7:fe:8d:88:b6:2c:10:c5:79:
         54:c5:83:26:bc:fb:58:10:4b:c0:22:b4:39:13:9c:5f:7e:e1:
         ee:a4:10:d3:92:3d:c0:a7:88:c8:33:74:ef:bf:f1:ec:50:18:
         88:8a:e7:32:ff:27:fc:42:16:63:03:6d:32:ba:5a:34:c6:3f:
         5d:35:7e:eb:60:86:5e:dd:f1:34:a5:a9:84:0a:43:78:2c:cc:
         63:53:d9:ce:29:21:6f:dd:f7:77:81:da:fb:a1:fd:16:bd:8e:
         a6:17:23:da:2f:7b:86:6f:f6:21:ea:92:a5:ea:dd:29:cd:d9:
         05:0e:95:80:61:ad:c2:34:a2:9f:66:72:0f:3e:41:49:b8:82:
         a5:e3:fa:f2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYIRm/cAa08SfgQTZi43eMSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjIwNzE4MTQwMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmI3ZjQ2ZDEzZmY4ODIzZTQ3YmQwNjc5NzlhY2U5ZTRkN2YzYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8GV2SkcxAtviALN7Ad5fJFBfNMh
HoG1WWOK6hrOG9TKYVFj9Gs8KHOBFtQAqJFMcgmgT2wOncrq1JTcXnTB6PHnDro2
nMR153Xd84JNFfqEDjroibOPsOb7+26IKba6tRk1+1Krg9DIM71M0BiAtMgN3J/G
ftAvYEvzpy0dTiyNHNWVgcBG5ktkmiVuHgCNgHRoCdFt61LqVbrePuWbN58R7C2A
zC365FrpmzxGPvhnHV6asEwHPIVJQakjWX8Byp0Ij6HrUD34KErK3C1oKtXne/8a
yApsjdLU6gXUN/Ukc2SoNJiF1NWP9qH1n0/cSIemOBYvWv/M6nzg9oCoJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLa39G0T/4gj5HvQZ5eazp5NfzpKMB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvdHJmMGJSUF9pQ1BrZTlCbmw1ck9uazFfT2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQBAMhUvzv1iH0Xo
5OX6Ybp9uTht9TSwPDvdL1zxNMPvwf3epYKg/4jb7AEdCg13cziTohG0FqL/Yzf7
v2CE5uvtvmC9yd1Lc2aN/GF+yfRMW1LChl4VFMirLuYzQzis9o+TAzmmONzieBS6
Dc1dOMrT5yTvhZTn/o2ItiwQxXlUxYMmvPtYEEvAIrQ5E5xffuHupBDTkj3Ap4jI
M3Tvv/HsUBiIiucy/yf8QhZjA20yulo0xj9dNX7rYIZe3fE0pamECkN4LMxjU9nO
KSFv3fd3gdr7of0WvY6mFyPaL3uGb/Yh6pKl6t0pzdkFDpWAYa3CNKKfZnIPPkFJ
uIKl4/ry
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org