Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/Kvp0fpDMlUXZmjZb9b0x4hsaHVI.roa
File:                     Kvp0fpDMlUXZmjZb9b0x4hsaHVI.roa (raw, json)
Hash identifier:          jDcZaobw/seW+dMZ5DDwgt6b1YOH79iHlWil3GzN4RE=
Subject key identifier:   2A:FA:74:7E:90:CC:95:45:D9:9A:36:5B:F5:BD:31:E2:1B:1A:1D:52
Certificate issuer:       /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial:       389672E6
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/Kvp0fpDMlUXZmjZb9b0x4hsaHVI.roa
Signing time:             Sat 01 Jan 2022 10:05:26 +0000
ROA not before:           Sat 01 Jan 2022 10:05:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206065
IP address blocks:        185.84.220.0/22 maxlen: 22
                          109.122.243.0/24 maxlen: 24
                          109.122.244.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 949383910 (0x389672e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
        Validity
            Not Before: Jan  1 10:05:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2afa747e90cc9545d99a365bf5bd31e21b1a1d52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:19:ae:f3:73:82:3e:76:7d:b2:6b:69:f8:69:
                    8c:27:52:8f:54:78:8f:3b:2a:b7:b2:b5:97:00:72:
                    79:7d:0e:cd:32:a6:59:00:6c:ba:e4:2b:cc:7d:77:
                    31:90:0f:97:fe:34:33:31:32:02:3c:d2:31:cb:0a:
                    6a:03:9e:2e:f1:67:9d:40:10:25:a1:76:32:ce:1e:
                    3d:1a:db:6b:4e:22:cf:55:45:b3:06:cb:55:e5:24:
                    cf:d7:dd:2f:28:61:8d:08:57:bc:54:43:e4:da:5e:
                    19:5f:77:5b:38:cb:65:9d:f9:c0:3e:ed:9c:6b:d8:
                    5d:c3:01:72:95:bb:a8:ba:5d:7a:e1:0e:9f:10:f4:
                    49:b5:cd:22:33:95:1c:d4:03:89:ed:88:a3:85:70:
                    96:4a:4c:7e:8e:13:7e:b5:7a:47:87:df:af:49:0c:
                    5d:3d:b8:e0:f0:7d:cf:62:a3:e0:76:92:17:05:74:
                    41:3f:fb:2f:6c:04:78:03:43:05:8e:09:d3:7b:af:
                    f8:ae:10:7f:d9:df:d4:30:c4:d8:d3:4b:c9:cd:11:
                    36:76:88:e3:c2:56:42:a0:8c:c6:8b:b3:7f:d0:f3:
                    a5:5d:1f:74:b3:09:f5:d7:e2:af:8d:38:cf:45:7e:
                    68:ba:74:c5:55:29:8a:39:f2:be:fd:41:dc:39:75:
                    19:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:FA:74:7E:90:CC:95:45:D9:9A:36:5B:F5:BD:31:E2:1B:1A:1D:52
            X509v3 Authority Key Identifier:
                keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/Kvp0fpDMlUXZmjZb9b0x4hsaHVI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.122.243.0-109.122.247.255
                  185.84.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:11:f6:2b:8c:b6:36:44:4c:2f:cd:99:cb:a2:44:95:de:6a:
         30:55:98:88:05:35:4e:1a:82:f3:55:a8:cd:e9:c1:df:d4:f0:
         4f:ee:8e:f2:0d:1e:2e:ef:19:1d:55:89:be:bf:82:fb:9c:d6:
         20:a9:77:3e:24:0e:a4:95:d8:e0:19:cb:8c:67:64:6b:57:86:
         30:c3:a4:6e:9f:11:34:11:0e:6b:6d:0a:ae:ca:5f:98:4e:45:
         93:c9:f2:a5:15:aa:53:24:3e:94:f6:cb:f8:53:ea:9c:20:0f:
         19:ea:30:eb:23:4b:19:87:2b:63:7c:d8:32:aa:d1:52:59:66:
         5a:bd:27:23:17:48:c6:4d:41:c0:56:2f:c9:1c:21:44:e3:16:
         78:0f:7e:fc:56:87:d8:d5:c9:f4:5c:a1:58:b5:7d:a0:97:47:
         20:0c:46:10:34:9d:70:78:59:56:e9:84:b5:14:be:ec:75:b4:
         2a:42:bf:e1:7d:bc:a7:ef:8a:c2:be:2b:bc:ef:47:0e:97:ee:
         27:66:58:75:b0:32:50:f2:82:f6:d9:4b:02:ed:6c:f3:4b:3d:
         7e:08:86:98:6f:51:4e:7a:5b:e4:7b:dc:ba:81:00:fa:6e:a4:
         e7:8e:74:31:ac:16:98:77:c8:50:59:ba:a1:3a:4a:73:79:2c:
         9c:8a:e5:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEOJZy5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDZkYTllNDE2ODZkMjFjMTI3OTljOGU4NGIyNzRhYTgyNDE1MDhjMB4XDTIyMDEw
MTEwMDUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFmYTc0N2U5MGNj
OTU0NWQ5OWEzNjViZjViZDMxZTIxYjFhMWQ1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcZrvNzgj52fbJrafhpjCdSj1R4jzsqt7K1lwByeX0OzTKm
WQBsuuQrzH13MZAPl/40MzEyAjzSMcsKagOeLvFnnUAQJaF2Ms4ePRrba04iz1VF
swbLVeUkz9fdLyhhjQhXvFRD5NpeGV93WzjLZZ35wD7tnGvYXcMBcpW7qLpdeuEO
nxD0SbXNIjOVHNQDie2Io4VwlkpMfo4TfrV6R4ffr0kMXT244PB9z2Kj4HaSFwV0
QT/7L2wEeANDBY4J03uv+K4Qf9nf1DDE2NNLyc0RNnaI48JWQqCMxouzf9DzpV0f
dLMJ9dfir404z0V+aLp0xVUpijnyvv1B3Dl1Gd0CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQq+nR+kMyVRdmaNlv1vTHiGxodUjAfBgNVHSMEGDAWgBTtbankFobSHBJ5
nI6EsnSqgkFQjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdXMnA1QmFHMGh3U2VaeU9oTEowcW9KQlVJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvYWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8x
L0t2cDBmcERNbFVYWm1qWmI5YjB4NGhzYUhWSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
YWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8xLzdXMnA1QmFHMGh3
U2VaeU9oTEowcW9KQlVJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAbXrzAwQDbXrwAwQCuVTcMA0G
CSqGSIb3DQEBCwUAA4IBAQCjEfYrjLY2REwvzZnLokSV3mowVZiIBTVOGoLzVajN
6cHf1PBP7o7yDR4u7xkdVYm+v4L7nNYgqXc+JA6kldjgGcuMZ2RrV4Yww6RunxE0
EQ5rbQquyl+YTkWTyfKlFapTJD6U9sv4U+qcIA8Z6jDrI0sZhytjfNgyqtFSWWZa
vScjF0jGTUHAVi/JHCFE4xZ4D378VofY1cn0XKFYtX2gl0cgDEYQNJ1weFlW6YS1
FL7sdbQqQr/hfbyn74rCviu870cOl+4nZlh1sDJQ8oL22UsC7WzzSz1+CIaYb1FO
elvke9y6gQD6bqTnjnQxrBaYd8hQWbqhOkpzeSyciuXp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:37 2024 by rpki-client on console-ams.rpki-client.org