Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/t4YfN2Zrn2R6Nfmx33YSg7cycOQ.roa
File:                     t4YfN2Zrn2R6Nfmx33YSg7cycOQ.roa (raw, json)
Hash identifier:          JGgHyVByvBZB5JUPZAzVNSN8+d6hHhBpaREImXPwZUw=
Subject key identifier:   B7:86:1F:37:66:6B:9F:64:7A:35:F9:B1:DF:76:12:83:B7:32:70:E4
Certificate issuer:       /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial:       086E9B97
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/t4YfN2Zrn2R6Nfmx33YSg7cycOQ.roa
Signing time:             Sat 01 Jan 2022 14:57:00 +0000
ROA not before:           Sat 01 Jan 2022 14:57:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213301
IP address blocks:        185.174.71.0/24 maxlen: 24
                          185.174.70.0/24 maxlen: 24
                          185.174.69.0/24 maxlen: 24
                          185.174.68.0/24 maxlen: 24
                          185.78.85.0/24 maxlen: 24
                          185.78.84.0/24 maxlen: 24
                          185.78.87.0/24 maxlen: 24
                          185.78.86.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141466519 (0x86e9b97)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
        Validity
            Not Before: Jan  1 14:57:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b7861f37666b9f647a35f9b1df761283b73270e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:93:8f:46:8e:41:3c:02:48:eb:01:1b:96:7b:
                    ee:24:4d:59:95:57:cb:b5:3d:2e:59:17:d8:90:e4:
                    c9:7c:e2:7d:90:20:18:0c:f2:c1:53:76:c8:ba:80:
                    0c:c9:29:c0:94:74:07:ad:f8:56:9a:12:0c:10:47:
                    34:74:6f:9f:e0:d2:9b:e0:69:ed:d4:30:e2:6c:a4:
                    78:fc:08:10:f3:62:4c:20:83:4f:42:cc:f9:a0:a9:
                    08:f6:a3:96:53:c5:97:66:61:88:95:a7:ce:f5:5a:
                    cc:08:b1:97:46:ca:84:dc:30:d5:9c:1e:23:a8:ee:
                    5e:df:d1:3d:d7:c5:5a:cd:6f:50:bb:0c:16:6b:6b:
                    74:e9:5b:bb:5c:79:03:e0:b7:db:32:6a:f8:8f:f8:
                    08:64:2e:85:85:cc:d4:e8:5e:6f:04:69:07:fc:9b:
                    e2:88:d0:6c:83:1b:3d:96:ac:51:8a:c3:0c:a0:6c:
                    1e:a4:54:85:e8:6c:6b:11:db:2b:cc:c3:4d:94:95:
                    fb:47:ca:52:94:1c:f4:f5:f6:f5:b9:7f:1f:da:33:
                    1c:61:06:8b:ca:81:63:8a:3f:a9:0a:95:2e:a1:30:
                    e5:ec:8c:a2:e3:5b:53:c0:11:49:fa:ab:d2:04:d1:
                    dc:9e:85:38:a1:22:e7:d3:1b:de:05:d2:66:e3:dc:
                    69:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:86:1F:37:66:6B:9F:64:7A:35:F9:B1:DF:76:12:83:B7:32:70:E4
            X509v3 Authority Key Identifier:
                keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/t4YfN2Zrn2R6Nfmx33YSg7cycOQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.78.84.0/22
                  185.174.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5e:4b:41:44:32:bb:32:53:e6:4e:0e:04:ea:7c:a2:ec:1b:8e:
         c7:7d:38:d8:9d:2b:d9:fa:cf:1f:ea:4c:d2:a1:61:0a:af:94:
         fb:ae:5b:a5:7e:04:a0:1f:34:17:02:67:a9:41:b9:1c:d7:c9:
         fe:00:49:b5:68:5e:e1:b7:4e:c5:78:4d:0e:0b:be:5d:75:c3:
         97:46:a5:9b:8d:6d:38:54:f3:5a:54:bb:24:01:8a:18:d4:db:
         9f:0c:2e:47:ab:91:60:20:c8:c7:18:5e:05:aa:78:b0:2a:c2:
         da:66:5e:a4:cc:22:9c:0a:1e:dd:d1:58:53:60:f4:52:e7:b0:
         75:30:92:ca:16:4c:7a:14:cd:a4:f2:b6:08:08:20:4f:2d:5c:
         27:a2:e0:b2:2a:56:10:48:f5:98:52:4a:c3:97:78:b4:c5:9c:
         ae:40:b4:58:98:92:30:e0:49:84:3a:b9:e7:56:09:83:a2:81:
         30:42:cf:72:0b:12:36:6d:d5:05:f7:c1:78:64:cf:e0:b0:f8:
         d6:14:33:d9:e8:17:19:47:52:84:ff:e5:8d:d0:7f:5e:ee:1b:
         95:66:e9:b0:f3:82:bc:45:f2:da:8c:db:f9:9a:3b:dc:4d:b4:
         aa:ac:de:08:e2:6e:df:8d:54:36:96:97:7b:f9:92:ef:ae:b0:
         bc:2d:93:9e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECG6blzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGE4NGQyNDdjZTM3Y2RjY2YwNmUxNTcxZDIyNmEyYjg1Njc3YmNkMB4XDTIyMDEw
MTE0NTcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc4NjFmMzc2NjZi
OWY2NDdhMzVmOWIxZGY3NjEyODNiNzMyNzBlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGTj0aOQTwCSOsBG5Z77iRNWZVXy7U9LlkX2JDkyXzifZAg
GAzywVN2yLqADMkpwJR0B634VpoSDBBHNHRvn+DSm+Bp7dQw4mykePwIEPNiTCCD
T0LM+aCpCPajllPFl2ZhiJWnzvVazAixl0bKhNww1ZweI6juXt/RPdfFWs1vULsM
FmtrdOlbu1x5A+C32zJq+I/4CGQuhYXM1OhebwRpB/yb4ojQbIMbPZasUYrDDKBs
HqRUhehsaxHbK8zDTZSV+0fKUpQc9PX29bl/H9ozHGEGi8qBY4o/qQqVLqEw5eyM
ouNbU8ARSfqr0gTR3J6FOKEi59Mb3gXSZuPcadcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS3hh83ZmufZHo1+bHfdhKDtzJw5DAfBgNVHSMEGDAWgBRNqE0kfON83M8G
4VcdImorhWd7zTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RhaE5KSHpqZk56UEJ1RlhIU0pxSzRWbmU4MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvMjEwZmJiLWFhNmUtNDljOS05MThiLTU1NThhOGI1M2UzZC8x
L3Q0WWZOMlpybjJSNk5mbXgzM1lTZzdjeWNPUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
MjEwZmJiLWFhNmUtNDljOS05MThiLTU1NThhOGI1M2UzZC8xL1RhaE5KSHpqZk56
UEJ1RlhIU0pxSzRWbmU4MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlOVAMEArmuRDANBgkqhkiG9w0B
AQsFAAOCAQEAXktBRDK7MlPmTg4E6nyi7BuOx3042J0r2frPH+pM0qFhCq+U+65b
pX4EoB80FwJnqUG5HNfJ/gBJtWhe4bdOxXhNDgu+XXXDl0alm41tOFTzWlS7JAGK
GNTbnwwuR6uRYCDIxxheBap4sCrC2mZepMwinAoe3dFYU2D0UuewdTCSyhZMehTN
pPK2CAggTy1cJ6LgsipWEEj1mFJKw5d4tMWcrkC0WJiSMOBJhDq551YJg6KBMELP
cgsSNm3VBffBeGTP4LD41hQz2egXGUdShP/ljdB/Xu4blWbpsPOCvEXy2ozb+Zo7
3E20qqzeCOJu341UNpaXe/mS766wvC2Tng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:44 2024 by rpki-client on console-ams.rpki-client.org