Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/74f9e0-1f4c-4720-8e69-ea4a6dc163c9/1/8s29mZMEKhKzHwYeDqnjfB6eV-0.roa
File:                     8s29mZMEKhKzHwYeDqnjfB6eV-0.roa (raw, json)
Hash identifier:          63bKLh3f+WSUWZ6f58bVF4Qc6AAqI1YwBN8fNDt9JhA=
Subject key identifier:   F2:CD:BD:99:93:04:2A:12:B3:1F:06:1E:0E:A9:E3:7C:1E:9E:57:ED
Certificate issuer:       /CN=12e108b46c25d932b6506c3ef0a87e8b8212ea18
Certificate serial:       17180DF7
Authority key identifier: 12:E1:08:B4:6C:25:D9:32:B6:50:6C:3E:F0:A8:7E:8B:82:12:EA:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EuEItGwl2TK2UGw-8Kh-i4IS6hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/74f9e0-1f4c-4720-8e69-ea4a6dc163c9/1/8s29mZMEKhKzHwYeDqnjfB6eV-0.roa
Signing time:             Sat 01 Jan 2022 14:58:22 +0000
ROA not before:           Sat 01 Jan 2022 14:58:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34624
IP address blocks:        185.246.0.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 387452407 (0x17180df7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12e108b46c25d932b6506c3ef0a87e8b8212ea18
        Validity
            Not Before: Jan  1 14:58:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f2cdbd9993042a12b31f061e0ea9e37c1e9e57ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:32:ca:df:cd:a4:e5:f2:73:d6:09:ee:d9:c1:
                    ad:eb:82:9a:dd:ab:6e:b2:bf:e6:08:30:62:a7:85:
                    03:b1:16:28:a7:34:47:e1:a6:28:0a:88:6a:b5:aa:
                    7c:9b:bf:f1:5f:60:04:1a:91:2c:bb:4e:a8:d1:12:
                    e1:ae:af:8b:d2:33:70:ec:7b:4e:b2:1f:da:a2:19:
                    b9:a8:f9:6e:0a:ef:5d:15:c7:6a:8a:13:f0:a0:03:
                    98:ac:c9:02:f6:76:f8:41:0b:5f:23:a3:0a:60:a7:
                    1f:26:91:81:6c:d2:37:3d:a9:f9:ab:e3:c2:9c:04:
                    c0:61:0c:ec:6a:cf:41:05:28:82:b5:cf:bc:2e:07:
                    77:25:53:30:c6:c5:f7:59:83:36:48:ab:0d:5b:1f:
                    3e:20:3a:ea:0f:63:9a:77:c1:5f:8d:35:50:2e:3a:
                    95:17:fe:40:19:70:02:5b:7e:c3:e8:1c:e5:b1:0c:
                    df:b5:5e:68:93:b7:78:8b:10:2a:f3:ba:02:71:a7:
                    cc:40:a5:b1:48:b9:09:8a:0a:e8:ef:a2:05:e9:02:
                    01:db:09:c3:9d:f4:d3:a5:2c:dd:09:87:f6:1d:f6:
                    65:ee:51:7e:a3:9c:2e:f8:05:80:55:10:d6:c1:59:
                    c1:7f:d4:36:05:41:86:f3:54:4d:db:12:2d:55:03:
                    b3:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:CD:BD:99:93:04:2A:12:B3:1F:06:1E:0E:A9:E3:7C:1E:9E:57:ED
            X509v3 Authority Key Identifier:
                keyid:12:E1:08:B4:6C:25:D9:32:B6:50:6C:3E:F0:A8:7E:8B:82:12:EA:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EuEItGwl2TK2UGw-8Kh-i4IS6hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/74f9e0-1f4c-4720-8e69-ea4a6dc163c9/1/8s29mZMEKhKzHwYeDqnjfB6eV-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/74f9e0-1f4c-4720-8e69-ea4a6dc163c9/1/EuEItGwl2TK2UGw-8Kh-i4IS6hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.246.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:75:03:38:4d:05:1e:3a:e4:0f:50:26:f6:00:79:dc:6f:84:
         5c:8e:49:c6:e0:66:3b:43:19:18:8a:b0:ce:aa:07:2b:6e:bb:
         d2:7f:f2:e8:b6:f2:b7:02:73:eb:8a:e5:b2:67:eb:6f:77:91:
         5a:dd:7e:c6:24:1f:92:1e:fd:c5:4c:e0:1f:55:9a:73:eb:e7:
         89:e0:12:f8:ad:f9:8c:63:d0:8f:0c:22:50:8e:d4:02:1d:39:
         60:7a:d5:6b:11:23:d2:a5:69:69:55:d8:91:94:44:e7:c6:0b:
         58:1f:8a:6b:ee:df:74:fc:cc:f0:bc:1d:22:42:4b:fa:44:88:
         a6:c8:bf:ee:55:48:73:31:65:44:08:6c:c4:45:45:36:80:bc:
         d8:03:ea:33:89:f7:59:aa:e9:4c:e3:bc:ba:ba:fb:71:63:61:
         d1:cc:8b:b6:d0:64:5f:8a:fd:a7:c3:95:d7:79:5f:c8:f8:36:
         99:7f:93:d9:ce:c9:42:7e:05:0f:22:95:57:fd:a9:c7:09:97:
         00:9d:4a:61:52:a2:5c:aa:7c:e1:31:88:88:d4:7a:68:a3:1a:
         32:59:ab:2b:5e:bc:63:20:2e:09:56:57:e7:76:83:42:b1:50:
         8e:78:79:a0:15:c6:fb:ac:99:06:63:dd:c3:3c:52:2d:fd:7a:
         0e:d4:99:98
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFxgN9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MmUxMDhiNDZjMjVkOTMyYjY1MDZjM2VmMGE4N2U4YjgyMTJlYTE4MB4XDTIyMDEw
MTE0NTgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJjZGJkOTk5MzA0
MmExMmIzMWYwNjFlMGVhOWUzN2MxZTllNTdlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoyyt/NpOXyc9YJ7tnBreuCmt2rbrK/5ggwYqeFA7EWKKc0
R+GmKAqIarWqfJu/8V9gBBqRLLtOqNES4a6vi9IzcOx7TrIf2qIZuaj5bgrvXRXH
aooT8KADmKzJAvZ2+EELXyOjCmCnHyaRgWzSNz2p+avjwpwEwGEM7GrPQQUogrXP
vC4HdyVTMMbF91mDNkirDVsfPiA66g9jmnfBX401UC46lRf+QBlwAlt+w+gc5bEM
37VeaJO3eIsQKvO6AnGnzEClsUi5CYoK6O+iBekCAdsJw53006Us3QmH9h32Ze5R
fqOcLvgFgFUQ1sFZwX/UNgVBhvNUTdsSLVUDs4ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTyzb2ZkwQqErMfBh4OqeN8Hp5X7TAfBgNVHSMEGDAWgBQS4Qi0bCXZMrZQ
bD7wqH6LghLqGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0V1RUl0R3dsMlRLMlVHdy04S2gtaTRJUzZoZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvNzRmOWUwLTFmNGMtNDcyMC04ZTY5LWVhNGE2ZGMxNjNjOS8x
LzhzMjltWk1FS2hLekh3WWVEcW5qZkI2ZVYtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
NzRmOWUwLTFmNGMtNDcyMC04ZTY5LWVhNGE2ZGMxNjNjOS8xL0V1RUl0R3dsMlRL
MlVHdy04S2gtaTRJUzZoZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn2ADANBgkqhkiG9w0BAQsFAAOC
AQEAcXUDOE0FHjrkD1Am9gB53G+EXI5JxuBmO0MZGIqwzqoHK2670n/y6LbytwJz
64rlsmfrb3eRWt1+xiQfkh79xUzgH1Wac+vnieAS+K35jGPQjwwiUI7UAh05YHrV
axEj0qVpaVXYkZRE58YLWB+Ka+7fdPzM8LwdIkJL+kSIpsi/7lVIczFlRAhsxEVF
NoC82APqM4n3WarpTOO8urr7cWNh0cyLttBkX4r9p8OV13lfyPg2mX+T2c7JQn4F
DyKVV/2pxwmXAJ1KYVKiXKp84TGIiNR6aKMaMlmrK168YyAuCVZX53aDQrFQjnh5
oBXG+6yZBmPdwzxSLf16DtSZmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:55 2024 by rpki-client on console-ams.rpki-client.org