Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/sARvwkuvXvEH1EDiRYqWh1nwy6A.roa
File:                     sARvwkuvXvEH1EDiRYqWh1nwy6A.roa (raw, json)
Hash identifier:          +hHps6c0xJQP15ELkeuFn2erGd/caohuuYKQWlwBAcw=
Subject key identifier:   B0:04:6F:C2:4B:AF:5E:F1:07:D4:40:E2:45:8A:96:87:59:F0:CB:A0
Certificate issuer:       /CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
Certificate serial:       02175862
Authority key identifier: 3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/sARvwkuvXvEH1EDiRYqWh1nwy6A.roa
Signing time:             Sun 16 Jan 2022 11:11:34 +0000
ROA not before:           Sun 16 Jan 2022 11:11:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        185.161.148.0/24 maxlen: 24
                          185.180.192.0/24 maxlen: 24
                          185.180.194.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35084386 (0x2175862)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
        Validity
            Not Before: Jan 16 11:11:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b0046fc24baf5ef107d440e2458a968759f0cba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:f6:e5:8d:5f:16:37:8d:5e:69:4f:95:a8:04:
                    c8:e9:f8:2e:08:4e:26:ba:48:52:42:32:8d:f5:92:
                    c1:1c:88:08:e4:ba:99:c7:6d:7b:1e:a0:2f:2d:6b:
                    bb:9c:eb:6c:76:84:e6:8d:c6:99:0f:92:91:be:54:
                    58:89:b7:3e:a5:95:7a:09:8c:a1:d4:bc:24:f2:81:
                    cb:6f:06:bc:37:8c:21:b0:1f:fe:59:15:d8:ee:02:
                    3a:30:7c:ac:61:2d:73:c2:0b:46:2d:6b:cf:46:fc:
                    58:47:c0:a1:56:9e:84:0a:a5:c6:d7:ee:81:37:8b:
                    6b:76:35:98:e5:0d:b0:62:fb:fd:5d:71:cc:86:da:
                    a9:d2:0c:89:f8:b4:53:b7:9c:62:16:ec:09:ce:ab:
                    e9:ef:c7:6d:04:c7:25:a5:d9:55:e4:e9:b4:aa:da:
                    f3:ad:57:26:6a:3f:41:8c:ae:5f:0d:8d:c7:91:ab:
                    2e:e3:61:3e:b4:8e:dd:87:b5:8e:77:af:eb:6c:75:
                    ee:72:65:c2:3d:7d:71:4e:22:98:8b:7a:6a:3f:7b:
                    6b:9b:15:ba:ac:d7:99:bf:94:c8:a6:45:c0:a7:a2:
                    64:85:c2:85:00:6a:1b:d1:cb:0f:1b:35:6b:9d:f8:
                    df:47:eb:0c:9e:42:6a:c6:eb:8f:c3:95:57:33:86:
                    cd:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:04:6F:C2:4B:AF:5E:F1:07:D4:40:E2:45:8A:96:87:59:F0:CB:A0
            X509v3 Authority Key Identifier:
                keyid:3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/sARvwkuvXvEH1EDiRYqWh1nwy6A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/Ol7CjoQfKfOAp84stc1Wc3AIIf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.161.148.0/24
                  185.180.192.0/24
                  185.180.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:da:b5:cc:e7:60:2f:ef:a9:b1:71:5f:25:e4:23:8e:82:c4:
         28:0f:40:d0:17:c0:09:cb:7f:9d:de:16:90:77:53:62:f7:ae:
         63:8c:82:34:f8:fb:53:d9:91:9a:2e:2d:11:7f:f0:23:72:0b:
         f9:ef:85:83:69:48:d7:72:2a:c7:b6:a5:59:d1:ec:7a:2f:59:
         e2:24:c1:26:d6:4f:a8:69:05:a4:56:28:cd:0c:f8:56:51:19:
         61:ff:a3:99:75:56:3b:42:d9:4c:19:00:23:6e:1f:a0:0a:c9:
         01:62:3c:fa:65:f5:48:61:ff:ac:44:0e:47:b0:47:38:7b:d3:
         ed:e1:ba:7d:9c:99:7e:c4:31:80:63:3b:69:c7:be:bf:3e:f4:
         e3:6d:0a:91:e0:31:de:62:6a:bc:b9:f0:30:e5:40:3b:ba:eb:
         75:14:85:e7:54:61:97:4c:1b:b4:ee:9e:71:c1:26:48:84:00:
         39:b8:a4:c8:4f:b1:45:2b:7d:01:d2:ae:41:7f:c5:93:b8:0f:
         40:3b:9a:b3:1d:d5:23:12:d7:8b:80:ba:d4:d0:71:0c:19:fa:
         fe:3e:32:52:0a:5e:8b:c5:02:74:c6:32:09:f0:e8:1c:5c:82:
         33:00:c1:06:83:38:d1:17:21:76:6a:a0:1c:6b:dd:47:65:4b:
         86:1f:d3:29
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAhdYYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTVlYzI4ZTg0MWYyOWYzODBhN2NlMmNiNWNkNTY3MzcwMDgyMWZkMB4XDTIyMDEx
NjExMTEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjAwNDZmYzI0YmFm
NWVmMTA3ZDQ0MGUyNDU4YTk2ODc1OWYwY2JhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK325Y1fFjeNXmlPlagEyOn4LghOJrpIUkIyjfWSwRyICOS6
mcdtex6gLy1ru5zrbHaE5o3GmQ+Skb5UWIm3PqWVegmModS8JPKBy28GvDeMIbAf
/lkV2O4COjB8rGEtc8ILRi1rz0b8WEfAoVaehAqlxtfugTeLa3Y1mOUNsGL7/V1x
zIbaqdIMifi0U7ecYhbsCc6r6e/HbQTHJaXZVeTptKra861XJmo/QYyuXw2Nx5Gr
LuNhPrSO3Ye1jnev62x17nJlwj19cU4imIt6aj97a5sVuqzXmb+UyKZFwKeiZIXC
hQBqG9HLDxs1a53430frDJ5Casbrj8OVVzOGzTUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSwBG/CS69e8QfUQOJFipaHWfDLoDAfBgNVHSMEGDAWgBQ6XsKOhB8p84Cn
ziy1zVZzcAgh/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09sN0Nqb1FmS2ZPQXA4NHN0YzFXYzNBSUlmMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvYzEyMDIwLWExYTEtNDAwZS05MWYzLTgzNTU5OTI2MGZmNi8x
L3NBUnZ3a3V2WHZFSDFFRGlSWXFXaDFud3k2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
YzEyMDIwLWExYTEtNDAwZS05MWYzLTgzNTU5OTI2MGZmNi8xL09sN0Nqb1FmS2ZP
QXA4NHN0YzFXYzNBSUlmMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALmhlAMEALm0wAMEALm0wjANBgkq
hkiG9w0BAQsFAAOCAQEAENq1zOdgL++psXFfJeQjjoLEKA9A0BfACct/nd4WkHdT
YveuY4yCNPj7U9mRmi4tEX/wI3IL+e+Fg2lI13Iqx7alWdHsei9Z4iTBJtZPqGkF
pFYozQz4VlEZYf+jmXVWO0LZTBkAI24foArJAWI8+mX1SGH/rEQOR7BHOHvT7eG6
fZyZfsQxgGM7ace+vz70420KkeAx3mJqvLnwMOVAO7rrdRSF51Rhl0wbtO6eccEm
SIQAObikyE+xRSt9AdKuQX/Fk7gPQDuasx3VIxLXi4C61NBxDBn6/j4yUgpei8UC
dMYyCfDoHFyCMwDBBoM40RchdmqgHGvdR2VLhh/TKQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:51 2023 by rpki-client on console-ams.rpki-client.org