Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/BwFo1j3Z2v60wKdK10QgVf54x3o.roa
File:                     BwFo1j3Z2v60wKdK10QgVf54x3o.roa (raw, json)
Hash identifier:          mZfJfXW68EJJbdb3W8EG0JIzK1ARCG93AogHPmZVbXg=
Subject key identifier:   07:01:68:D6:3D:D9:DA:FE:B4:C0:A7:4A:D7:44:20:55:FE:78:C7:7A
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       05C29BE7
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/BwFo1j3Z2v60wKdK10QgVf54x3o.roa
Signing time:             Sat 01 Jan 2022 11:59:16 +0000
ROA not before:           Sat 01 Jan 2022 11:59:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     52035
IP address blocks:        188.64.104.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96639975 (0x5c29be7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 11:59:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=070168d63dd9dafeb4c0a74ad7442055fe78c77a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:8d:fe:65:fd:74:9c:9f:c9:19:12:31:6d:94:
                    28:c8:89:9d:2d:1d:b2:27:74:30:40:f4:df:53:7a:
                    39:06:ef:08:af:e4:82:81:0c:08:3d:81:de:0c:e7:
                    f6:32:78:0e:74:57:a3:fb:54:58:aa:11:35:f5:7e:
                    0c:03:03:70:63:42:38:aa:d0:12:4e:e9:f9:a2:9a:
                    7c:8c:e1:f9:d0:b3:18:25:b5:1a:13:7c:f6:3b:c2:
                    c2:36:15:08:b1:5b:d9:38:05:bb:c3:59:14:45:ea:
                    04:ac:53:8b:a4:51:24:ac:d2:1f:88:c5:e9:47:46:
                    28:ff:fe:ae:35:42:cf:c5:1a:8e:64:a2:30:e7:86:
                    a0:ed:60:35:2b:16:8b:d8:08:c7:1c:e1:3b:33:d8:
                    eb:c0:b8:b3:bb:0d:b2:aa:2a:a0:29:6e:ab:c8:e6:
                    e8:01:ed:22:92:4f:c1:15:39:5d:da:95:43:2a:e3:
                    09:c6:16:fd:c8:c3:a5:08:c3:72:63:b1:0f:2c:b2:
                    c6:4f:89:0b:9d:ae:dd:3e:b0:49:80:61:18:8c:d0:
                    fc:f7:2c:62:cb:b7:a0:d9:ea:00:84:9e:b6:8f:36:
                    21:59:ab:1b:42:b1:9a:de:ee:15:ea:de:ec:36:5a:
                    d6:9f:3c:da:54:24:ed:9c:b1:4f:48:27:d4:84:d2:
                    eb:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:01:68:D6:3D:D9:DA:FE:B4:C0:A7:4A:D7:44:20:55:FE:78:C7:7A
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/BwFo1j3Z2v60wKdK10QgVf54x3o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0a:c7:c0:10:2e:44:c4:b2:e3:d3:03:e9:97:c0:08:ad:88:56:
         cd:1d:a8:5b:ec:93:49:65:ce:96:9d:9e:d9:52:aa:33:d9:5e:
         6b:65:ad:4d:05:84:3d:4d:4b:dd:0b:f2:1e:e7:f0:e3:a7:b7:
         fb:de:43:69:fa:cf:fb:41:e9:a2:2e:6b:f3:87:57:a4:9a:d7:
         1c:08:f3:d0:e7:e6:33:b7:64:8d:f4:07:9c:81:c3:9a:be:20:
         5d:12:82:4d:22:6a:40:7a:81:35:6a:fe:bf:26:e2:b3:bb:2f:
         13:c4:08:34:c6:92:6b:ba:9a:9d:e9:d6:21:29:18:62:9a:44:
         f2:ab:17:89:72:1f:d4:87:e8:0f:38:58:11:e3:99:4e:77:0d:
         a6:d1:9b:26:04:28:85:e7:11:34:ff:6a:5c:16:83:38:0c:90:
         51:a6:9f:c0:ef:8b:3f:7f:80:d3:e1:a6:25:b9:49:ce:49:7a:
         a0:ba:17:ac:87:4c:df:40:0c:b9:ea:cf:46:9c:13:c6:ff:1d:
         70:7a:2f:9a:4b:2a:87:ae:77:f2:c0:af:06:ea:42:21:3b:5a:
         df:b5:66:a6:aa:04:4d:0c:7a:48:fc:c9:ff:47:87:df:4c:f8:
         0d:50:81:fa:d3:1d:8f:38:64:e5:01:9e:02:26:f5:e2:dc:8b:
         f2:a7:04:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBcKb5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDEw
MTExNTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDcwMTY4ZDYzZGQ5
ZGFmZWI0YzBhNzRhZDc0NDIwNTVmZTc4Yzc3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIqN/mX9dJyfyRkSMW2UKMiJnS0dsid0MED031N6OQbvCK/k
goEMCD2B3gzn9jJ4DnRXo/tUWKoRNfV+DAMDcGNCOKrQEk7p+aKafIzh+dCzGCW1
GhN89jvCwjYVCLFb2TgFu8NZFEXqBKxTi6RRJKzSH4jF6UdGKP/+rjVCz8UajmSi
MOeGoO1gNSsWi9gIxxzhOzPY68C4s7sNsqoqoCluq8jm6AHtIpJPwRU5XdqVQyrj
CcYW/cjDpQjDcmOxDyyyxk+JC52u3T6wSYBhGIzQ/PcsYsu3oNnqAISeto82IVmr
G0Kxmt7uFere7DZa1p882lQk7ZyxT0gn1ITS698CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQHAWjWPdna/rTAp0rXRCBV/njHejAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
L0J3Rm8xajNaMnY2MHdLZEsxMFFnVmY1NHgzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7xAaDANBgkqhkiG9w0BAQsFAAOC
AQEACsfAEC5ExLLj0wPpl8AIrYhWzR2oW+yTSWXOlp2e2VKqM9lea2WtTQWEPU1L
3QvyHufw46e3+95DafrP+0Hpoi5r84dXpJrXHAjz0OfmM7dkjfQHnIHDmr4gXRKC
TSJqQHqBNWr+vybis7svE8QINMaSa7qanenWISkYYppE8qsXiXIf1IfoDzhYEeOZ
TncNptGbJgQohecRNP9qXBaDOAyQUaafwO+LP3+A0+GmJblJzkl6oLoXrIdM30AM
uerPRpwTxv8dcHovmksqh6538sCvBupCITta37VmpqoETQx6SPzJ/0eH30z4DVCB
+tMdjzhk5QGeAib14tyL8qcEGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org