Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9e96a3-ce89-442e-bc48-addefa6911b9/1/IhRSR0QEGMs8t3F4eNTWWgTR9RQ.roa
File:                     IhRSR0QEGMs8t3F4eNTWWgTR9RQ.roa (raw, json)
Hash identifier:          qaSvEu5aVvQQrCZmSKsulZsyxgtIZDOAQTkjMqR2Pok=
Subject key identifier:   22:14:52:47:44:04:18:CB:3C:B7:71:78:78:D4:D6:5A:04:D1:F5:14
Certificate issuer:       /CN=634c53abd0dda68ca67fc8066bc165a2b32dc82b
Certificate serial:       054AB64D
Authority key identifier: 63:4C:53:AB:D0:DD:A6:8C:A6:7F:C8:06:6B:C1:65:A2:B3:2D:C8:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y0xTq9Ddpoymf8gGa8FlorMtyCs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/9e96a3-ce89-442e-bc48-addefa6911b9/1/IhRSR0QEGMs8t3F4eNTWWgTR9RQ.roa
Signing time:             Sat 01 Jan 2022 13:57:16 +0000
ROA not before:           Sat 01 Jan 2022 13:57:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204439
IP address blocks:        185.248.216.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 88782413 (0x54ab64d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=634c53abd0dda68ca67fc8066bc165a2b32dc82b
        Validity
            Not Before: Jan  1 13:57:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22145247440418cb3cb7717878d4d65a04d1f514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:c0:60:d0:1f:2e:13:ac:64:96:1c:f1:c2:94:
                    99:86:f1:b4:f1:21:89:44:86:74:2c:1b:d5:aa:ac:
                    f2:3f:c2:3f:3f:ed:06:7c:45:ee:4c:19:97:3d:87:
                    a6:67:bd:11:87:d3:13:06:64:36:6a:8d:df:5c:99:
                    32:91:4d:dc:c7:d4:4b:e9:40:87:6c:01:37:85:9e:
                    4e:4d:fe:13:c5:84:28:b6:89:09:22:7a:6d:8e:98:
                    2f:24:1b:27:9f:1d:36:49:05:e7:86:51:ce:38:c7:
                    18:b2:35:f4:62:87:7f:91:ec:1c:e0:7e:35:b4:26:
                    d2:08:9f:05:44:a8:47:0e:3a:6a:55:11:a2:65:ce:
                    9f:51:13:c4:b1:00:43:92:2c:b7:c3:29:62:4b:2c:
                    65:0f:55:17:86:f5:67:f5:80:fd:01:76:0e:b1:e2:
                    a3:93:2c:f1:f2:79:24:6b:f3:f0:33:e2:ff:8b:12:
                    73:35:a5:b1:30:69:cb:d4:00:54:d0:0e:99:92:48:
                    91:f6:43:1b:5e:52:e0:be:a4:eb:ad:7d:cd:3e:ff:
                    31:3b:fa:47:58:ee:fd:96:84:89:c8:98:74:26:b7:
                    f4:3d:0d:60:ab:26:05:34:f7:f2:83:47:7a:ca:79:
                    aa:fe:d4:93:19:7f:83:91:29:91:a5:2b:4d:c3:a4:
                    65:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:14:52:47:44:04:18:CB:3C:B7:71:78:78:D4:D6:5A:04:D1:F5:14
            X509v3 Authority Key Identifier:
                keyid:63:4C:53:AB:D0:DD:A6:8C:A6:7F:C8:06:6B:C1:65:A2:B3:2D:C8:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0xTq9Ddpoymf8gGa8FlorMtyCs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9e96a3-ce89-442e-bc48-addefa6911b9/1/IhRSR0QEGMs8t3F4eNTWWgTR9RQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9e96a3-ce89-442e-bc48-addefa6911b9/1/Y0xTq9Ddpoymf8gGa8FlorMtyCs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:dc:0a:36:fa:c0:10:a0:5d:c2:66:ba:2a:79:e1:10:12:11:
         b2:0b:7d:26:41:3a:47:5f:ac:54:28:94:37:39:e5:5f:d6:1d:
         14:c2:df:0b:3b:d3:1c:8a:42:e1:87:dc:85:5b:02:31:84:16:
         8d:7b:6e:01:26:8e:16:09:09:eb:cd:cb:6d:49:d4:62:e0:62:
         85:a5:af:04:c5:f9:b1:28:c5:3e:e2:e6:27:e9:3e:b1:18:41:
         3f:9d:0d:e6:ed:82:7a:ea:64:4c:db:ff:7e:0d:97:3a:02:42:
         56:94:2d:12:b9:81:6f:8d:7c:32:b0:3e:69:c3:01:d9:57:05:
         ef:b0:b8:06:9a:24:ac:c5:4a:1b:30:40:24:a5:ff:bc:31:bf:
         0a:43:af:8c:bd:a5:7f:54:73:ad:55:eb:6b:03:ac:0e:30:16:
         9e:8b:0e:69:ad:f4:b4:99:f1:01:eb:c6:5c:3d:4c:bf:97:0b:
         f8:29:7f:64:92:0c:df:ee:15:7e:e2:13:14:c2:1b:e9:88:a8:
         2b:95:66:54:26:e4:b2:c4:70:2b:26:e5:5f:82:f7:16:d3:28:
         f2:4e:54:c4:19:3b:93:52:cc:94:54:13:7a:7d:a1:9c:db:77:
         21:71:18:d7:ba:69:f6:c1:56:1c:80:c5:52:13:19:19:b8:5a:
         cb:f5:01:67
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBUq2TTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MzRjNTNhYmQwZGRhNjhjYTY3ZmM4MDY2YmMxNjVhMmIzMmRjODJiMB4XDTIyMDEw
MTEzNTcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjIxNDUyNDc0NDA0
MThjYjNjYjc3MTc4NzhkNGQ2NWEwNGQxZjUxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7AYNAfLhOsZJYc8cKUmYbxtPEhiUSGdCwb1aqs8j/CPz/t
BnxF7kwZlz2Hpme9EYfTEwZkNmqN31yZMpFN3MfUS+lAh2wBN4WeTk3+E8WEKLaJ
CSJ6bY6YLyQbJ58dNkkF54ZRzjjHGLI19GKHf5HsHOB+NbQm0gifBUSoRw46alUR
omXOn1ETxLEAQ5Ist8MpYkssZQ9VF4b1Z/WA/QF2DrHio5Ms8fJ5JGvz8DPi/4sS
czWlsTBpy9QAVNAOmZJIkfZDG15S4L6k6619zT7/MTv6R1ju/ZaEiciYdCa39D0N
YKsmBTT38oNHesp5qv7Ukxl/g5EpkaUrTcOkZUkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQiFFJHRAQYyzy3cXh41NZaBNH1FDAfBgNVHSMEGDAWgBRjTFOr0N2mjKZ/
yAZrwWWisy3IKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kweFRxOURkcG95bWY4Z0dhOEZsb3JNdHlDcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvOWU5NmEzLWNlODktNDQyZS1iYzQ4LWFkZGVmYTY5MTFiOS8x
L0loUlNSMFFFR01zOHQzRjRlTlRXV2dUUjlSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
OWU5NmEzLWNlODktNDQyZS1iYzQ4LWFkZGVmYTY5MTFiOS8xL1kweFRxOURkcG95
bWY4Z0dhOEZsb3JNdHlDcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn42DANBgkqhkiG9w0BAQsFAAOC
AQEAatwKNvrAEKBdwma6KnnhEBIRsgt9JkE6R1+sVCiUNznlX9YdFMLfCzvTHIpC
4YfchVsCMYQWjXtuASaOFgkJ683LbUnUYuBihaWvBMX5sSjFPuLmJ+k+sRhBP50N
5u2CeupkTNv/fg2XOgJCVpQtErmBb418MrA+acMB2VcF77C4BpokrMVKGzBAJKX/
vDG/CkOvjL2lf1RzrVXrawOsDjAWnosOaa30tJnxAevGXD1Mv5cL+Cl/ZJIM3+4V
fuITFMIb6YioK5VmVCbkssRwKyblX4L3FtMo8k5UxBk7k1LMlFQTen2hnNt3IXEY
17pp9sFWHIDFUhMZGbhay/UBZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:01 2024 by rpki-client on console-ams.rpki-client.org