Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/T2aXupiVY8Ggdk6VM5Y3WrOxu_Q.roa
File:                     T2aXupiVY8Ggdk6VM5Y3WrOxu_Q.roa (raw, json)
Hash identifier:          yIORV54sfzZloATPiR3JE1lTbD6PHUkuHhPIPnSnyZw=
Subject key identifier:   4F:66:97:BA:98:95:63:C1:A0:76:4E:95:33:96:37:5A:B3:B1:BB:F4
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       05C29D76
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/T2aXupiVY8Ggdk6VM5Y3WrOxu_Q.roa
Signing time:             Sat 01 Jan 2022 11:59:16 +0000
ROA not before:           Sat 01 Jan 2022 11:59:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.81.28.0/22 maxlen: 24
                          185.114.144.0/22 maxlen: 24
                          185.179.216.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96640374 (0x5c29d76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 11:59:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f6697ba989563c1a0764e953396375ab3b1bbf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:0f:e8:1c:91:ba:cb:1d:c3:7a:6b:14:31:ee:
                    28:4c:5a:4d:7d:87:5b:13:31:04:f8:ec:29:2c:a3:
                    8b:9f:aa:5c:bd:9f:17:b6:60:3e:03:6e:0b:30:7c:
                    67:b1:94:ce:23:4f:e1:74:52:6b:80:27:bf:fc:73:
                    d2:66:37:40:16:e1:b2:02:fa:f4:48:b2:18:a0:1e:
                    15:49:7f:7a:a5:0d:13:6a:e5:46:42:21:9c:03:eb:
                    ab:8d:a2:e0:6e:fe:bc:f0:01:c7:a8:08:7f:43:19:
                    6e:1d:5a:a6:61:66:78:88:08:c2:04:96:14:e2:7d:
                    51:53:a3:a6:f4:30:24:d9:67:9d:e6:22:94:c2:9c:
                    02:d3:cf:bb:08:e7:3d:18:78:66:f6:1d:b3:33:89:
                    06:77:ff:48:6b:bb:d2:96:4e:5a:98:7e:09:7c:a6:
                    3a:c4:b2:6c:8a:32:34:ad:cd:9b:18:11:6a:18:5e:
                    3e:6b:d9:f1:c6:b1:57:f6:84:56:83:4f:11:91:52:
                    ac:44:ca:e4:c8:7f:dd:21:f3:7c:98:19:a0:48:dd:
                    6e:52:4c:89:07:57:9a:52:1d:09:f1:48:63:7e:6a:
                    63:9a:b2:0c:3c:f4:21:b6:c8:63:b3:27:f4:80:9e:
                    d6:97:3a:3f:97:64:f8:99:9a:a8:80:23:4c:59:d9:
                    59:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:66:97:BA:98:95:63:C1:A0:76:4E:95:33:96:37:5A:B3:B1:BB:F4
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/T2aXupiVY8Ggdk6VM5Y3WrOxu_Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.28.0/22
                  185.114.144.0/22
                  185.179.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:73:a5:94:b3:4c:d8:ef:9b:6c:78:3f:a8:02:f9:ac:c5:fd:
         32:6e:af:e6:dc:7f:62:ed:d8:8d:93:c1:77:22:c2:ed:77:94:
         c5:c7:69:bd:f3:1d:ef:97:77:8b:f5:02:35:fe:9c:83:d4:24:
         b9:13:46:3e:ab:48:f9:10:5a:a9:7c:30:cd:64:7a:83:4c:b5:
         e3:11:90:e1:99:a0:e7:11:b2:a2:8d:4e:30:93:8d:05:6f:0b:
         e0:e2:0e:bd:c5:6a:5a:1d:9e:24:59:52:ac:44:be:dd:f9:0d:
         20:26:bd:89:53:f0:03:8d:13:91:7b:cd:27:6f:7c:4f:bf:7f:
         76:dd:2e:fd:df:13:f6:fd:a5:2e:e4:91:eb:84:94:f8:3f:15:
         1a:e3:b6:8d:72:da:d5:bc:f2:b5:9a:dd:b7:1b:80:49:7d:38:
         76:4d:62:48:76:63:9c:11:eb:c8:c2:44:c0:9a:06:61:40:71:
         5b:41:c9:5a:83:16:25:5b:66:19:4d:fe:9a:df:11:40:20:36:
         1c:3e:b2:f7:49:cb:55:61:aa:06:7b:df:a3:b2:77:bf:de:f5:
         7a:a6:e7:61:82:aa:65:9d:30:1d:07:fd:32:12:a0:5d:1f:f3:
         80:2f:42:32:f9:cd:30:fb:6f:53:a1:4f:fd:50:0a:2f:d6:05:
         ae:19:71:ec
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBcKddjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDEw
MTExNTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY2Njk3YmE5ODk1
NjNjMWEwNzY0ZTk1MzM5NjM3NWFiM2IxYmJmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkP6ByRussdw3prFDHuKExaTX2HWxMxBPjsKSyji5+qXL2f
F7ZgPgNuCzB8Z7GUziNP4XRSa4Anv/xz0mY3QBbhsgL69EiyGKAeFUl/eqUNE2rl
RkIhnAPrq42i4G7+vPABx6gIf0MZbh1apmFmeIgIwgSWFOJ9UVOjpvQwJNlnneYi
lMKcAtPPuwjnPRh4ZvYdszOJBnf/SGu70pZOWph+CXymOsSybIoyNK3NmxgRahhe
PmvZ8caxV/aEVoNPEZFSrETK5Mh/3SHzfJgZoEjdblJMiQdXmlIdCfFIY35qY5qy
DDz0IbbIY7Mn9ICe1pc6P5dk+JmaqIAjTFnZWaUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRPZpe6mJVjwaB2TpUzljdas7G79DAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
L1QyYVh1cGlWWThHZ2RrNlZNNVkzV3JPeHVfUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArlRHAMEArlykAMEArmz2DANBgkq
hkiG9w0BAQsFAAOCAQEADnOllLNM2O+bbHg/qAL5rMX9Mm6v5tx/Yu3YjZPBdyLC
7XeUxcdpvfMd75d3i/UCNf6cg9QkuRNGPqtI+RBaqXwwzWR6g0y14xGQ4Zmg5xGy
oo1OMJONBW8L4OIOvcVqWh2eJFlSrES+3fkNICa9iVPwA40TkXvNJ298T79/dt0u
/d8T9v2lLuSR64SU+D8VGuO2jXLa1bzytZrdtxuASX04dk1iSHZjnBHryMJEwJoG
YUBxW0HJWoMWJVtmGU3+mt8RQCA2HD6y90nLVWGqBnvfo7J3v971eqbnYYKqZZ0w
HQf9MhKgXR/zgC9CMvnNMPtvU6FP/VAKL9YFrhlx7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org