Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/1SvTr_Bwdf6xv7fmPYhW4bIS7j4.roa
File:                     1SvTr_Bwdf6xv7fmPYhW4bIS7j4.roa (raw, json)
Hash identifier:          VBLESY9a7IYEroiqsIIIBCEbnn48ENCKgNaYHrzKx6M=
Subject key identifier:   D5:2B:D3:AF:F0:70:75:FE:B1:BF:B7:E6:3D:88:56:E1:B2:12:EE:3E
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       05C1DF63
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/1SvTr_Bwdf6xv7fmPYhW4bIS7j4.roa
Signing time:             Sat 01 Jan 2022 11:59:15 +0000
ROA not before:           Sat 01 Jan 2022 11:59:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35471
IP address blocks:        185.81.28.0/22 maxlen: 22
                          188.64.104.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96591715 (0x5c1df63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 11:59:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d52bd3aff07075feb1bfb7e63d8856e1b212ee3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e3:20:9c:6f:cb:48:d2:09:8b:c0:0f:87:59:
                    42:08:cc:d9:76:5d:6b:8d:85:79:83:a3:fe:19:16:
                    18:78:81:84:c5:19:89:67:64:39:80:ee:ae:f5:a6:
                    4a:b2:4e:57:ea:c2:27:48:4d:ba:f8:bf:8f:1a:72:
                    0b:80:b4:d2:37:51:7e:51:ec:ab:e1:bb:be:30:20:
                    92:6e:1a:46:dd:ef:e7:14:22:ed:36:35:a6:90:3a:
                    07:ce:9f:96:cd:49:03:37:87:8c:90:45:3e:8b:cf:
                    98:79:46:54:f9:7e:e8:10:46:90:4e:cb:cd:b6:73:
                    6e:3f:ee:51:73:0d:e0:bf:75:c6:af:4c:39:7c:82:
                    c6:b7:ef:e2:de:ae:68:6a:42:5c:40:41:48:81:e3:
                    85:8e:2a:ce:43:55:0a:67:9a:88:23:2e:e3:df:57:
                    cf:dc:13:30:aa:07:62:75:ef:2a:ad:82:f3:4d:ef:
                    41:ff:57:86:28:94:08:7f:88:9d:f2:8c:be:2b:5c:
                    35:b9:f6:58:dd:28:a4:9d:79:e7:6b:64:42:d4:05:
                    12:0f:3d:d7:81:0a:34:15:4e:a3:a5:ab:11:db:44:
                    9a:99:d0:36:2d:42:5a:b5:a6:13:92:26:25:57:b8:
                    87:dc:e0:59:1a:7d:1e:5a:81:c7:49:01:09:67:0e:
                    99:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:2B:D3:AF:F0:70:75:FE:B1:BF:B7:E6:3D:88:56:E1:B2:12:EE:3E
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/1SvTr_Bwdf6xv7fmPYhW4bIS7j4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.28.0/22
                  188.64.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6a:79:e4:09:a0:fe:a5:e4:8a:0e:83:9d:1a:1a:f6:9b:43:f0:
         83:e1:6e:b3:4d:56:60:c1:57:30:69:8f:a1:26:b7:eb:08:e2:
         17:bb:b5:88:59:00:ec:02:b9:69:3f:73:ca:4b:21:1e:08:c7:
         71:cf:58:fb:b2:cf:7c:3b:0b:5d:a8:12:e8:ba:b4:9c:ef:78:
         78:ff:19:e4:69:5c:de:39:ee:59:23:5c:cf:2c:cb:dc:5c:97:
         ae:f2:52:2c:e4:c8:2b:8e:05:0f:9b:e8:bb:af:77:ee:04:17:
         43:14:41:f8:2c:93:87:96:7c:c9:14:b2:26:9e:84:50:3f:c0:
         ce:eb:0d:a6:6f:44:ff:d2:49:15:8b:ba:f4:3a:b6:32:0e:0a:
         40:66:79:18:93:11:2a:a3:fd:00:02:08:71:e1:13:f5:a4:21:
         2e:21:7e:7a:db:6d:50:fc:fa:74:aa:58:03:6b:fa:a7:e3:0d:
         a3:21:88:0d:3f:7b:97:dc:a6:40:e8:75:77:1e:c8:53:62:45:
         4c:98:db:ab:33:f5:cf:b0:85:bb:11:24:91:27:99:b5:84:95:
         b8:1d:bb:67:eb:f7:f3:f5:b1:f4:9f:fd:f1:40:ff:fb:42:4a:
         d7:8e:18:64:24:e8:fe:2e:46:53:2c:53:d0:9e:51:57:04:a6:
         5d:a9:3f:3f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBcHfYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDEw
MTExNTkxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUyYmQzYWZmMDcw
NzVmZWIxYmZiN2U2M2Q4ODU2ZTFiMjEyZWUzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7jIJxvy0jSCYvAD4dZQgjM2XZda42FeYOj/hkWGHiBhMUZ
iWdkOYDurvWmSrJOV+rCJ0hNuvi/jxpyC4C00jdRflHsq+G7vjAgkm4aRt3v5xQi
7TY1ppA6B86fls1JAzeHjJBFPovPmHlGVPl+6BBGkE7LzbZzbj/uUXMN4L91xq9M
OXyCxrfv4t6uaGpCXEBBSIHjhY4qzkNVCmeaiCMu499Xz9wTMKoHYnXvKq2C803v
Qf9XhiiUCH+InfKMvitcNbn2WN0opJ1552tkQtQFEg8914EKNBVOo6WrEdtEmpnQ
Ni1CWrWmE5ImJVe4h9zgWRp9HlqBx0kBCWcOmc0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTVK9Ov8HB1/rG/t+Y9iFbhshLuPjAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
LzFTdlRyX0J3ZGY2eHY3Zm1QWWhXNGJJUzdqNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlRHAMEA7xAaDANBgkqhkiG9w0B
AQsFAAOCAQEAannkCaD+peSKDoOdGhr2m0Pwg+Fus01WYMFXMGmPoSa36wjiF7u1
iFkA7AK5aT9zykshHgjHcc9Y+7LPfDsLXagS6Lq0nO94eP8Z5Glc3jnuWSNczyzL
3FyXrvJSLOTIK44FD5vou6937gQXQxRB+CyTh5Z8yRSyJp6EUD/AzusNpm9E/9JJ
FYu69Dq2Mg4KQGZ5GJMRKqP9AAIIceET9aQhLiF+etttUPz6dKpYA2v6p+MNoyGI
DT97l9ymQOh1dx7IU2JFTJjbqzP1z7CFuxEkkSeZtYSVuB27Z+v38/Wx9J/98UD/
+0JK144YZCTo/i5GUyxT0J5RVwSmXak/Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org