Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/aMkt1qoJVSwAXYgJeLtBJkCr2b4.roa
File:                     aMkt1qoJVSwAXYgJeLtBJkCr2b4.roa (raw, json)
Hash identifier:          pq51k2OeL1QSR9lJII5V4axdzu6fFpodumRudgILMyc=
Subject key identifier:   68:C9:2D:D6:AA:09:55:2C:00:5D:88:09:78:BB:41:26:40:AB:D9:BE
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       07391A8B
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/aMkt1qoJVSwAXYgJeLtBJkCr2b4.roa
Signing time:             Mon 13 Jun 2022 11:43:30 +0000
ROA not before:           Mon 13 Jun 2022 11:43:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        185.81.28.0/22 maxlen: 24
                          188.64.104.0/22 maxlen: 24
                          188.64.108.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121182859 (0x7391a8b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jun 13 11:43:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=68c92dd6aa09552c005d880978bb412640abd9be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:5c:9f:8a:19:3b:32:eb:cc:7c:2d:2d:18:c9:
                    d4:f1:03:c5:5e:21:1a:0f:79:d7:0b:9a:b2:fe:c9:
                    c1:0f:bf:da:7c:dd:e7:71:f4:86:59:58:9d:42:c3:
                    6c:bd:73:56:00:f1:f5:7b:91:6f:26:58:4e:f4:31:
                    ea:f2:9c:df:1a:1e:b9:63:fa:16:4e:fb:90:6b:40:
                    6f:6c:69:c9:82:70:8e:a0:f0:c0:df:ca:39:f6:ec:
                    78:77:fe:bc:98:6f:06:dd:45:af:f1:dd:04:13:09:
                    6c:c4:d2:aa:18:91:1d:8a:47:57:fb:83:6f:01:ff:
                    fa:99:b0:b3:8a:2f:8d:46:e0:e9:cf:2b:c4:e7:5f:
                    96:11:95:ee:fe:bc:fa:31:88:8d:c0:13:10:e4:f4:
                    c5:3a:78:51:42:7c:e2:78:1b:98:00:7b:68:2b:5b:
                    36:9c:dc:b5:a1:38:69:7b:60:4e:a1:c5:56:e9:a4:
                    9d:35:81:f5:22:f8:0e:0f:fc:3e:c4:d0:9e:f7:5a:
                    a8:ec:aa:9d:28:79:30:c0:79:7b:f7:8c:f3:d7:b4:
                    25:fd:99:47:57:06:01:43:01:ef:97:9f:c7:23:81:
                    1d:37:ec:f8:62:9b:42:8b:7a:1b:36:ce:e1:9a:c4:
                    29:d0:ee:26:73:b8:21:24:69:7f:6a:61:86:2d:1d:
                    c1:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:C9:2D:D6:AA:09:55:2C:00:5D:88:09:78:BB:41:26:40:AB:D9:BE
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/aMkt1qoJVSwAXYgJeLtBJkCr2b4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.28.0/22
                  188.64.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         08:2a:7a:a5:5b:48:ea:58:d5:4c:3e:60:d4:5c:28:19:1f:11:
         55:6b:6d:d7:a0:c6:43:37:ae:e3:41:6c:6e:cc:28:2f:cc:80:
         9f:33:8a:c2:55:75:85:fa:ca:04:1c:5e:f7:68:38:03:02:8c:
         23:c8:bb:3c:66:57:a2:26:2c:c2:93:02:b7:f2:1a:62:27:07:
         f5:08:42:d4:62:9b:21:f0:65:b9:4a:54:74:5b:78:b3:5f:09:
         3d:fe:0e:76:61:83:bb:d9:e2:c8:0e:62:e5:a0:1f:a9:72:b9:
         3a:f2:27:9a:1e:9b:7a:98:72:f9:03:fd:15:67:6e:11:92:e7:
         59:fd:fc:03:8d:bd:92:d6:6f:70:5d:46:24:67:bf:3e:f5:9f:
         c8:a0:db:3b:b9:7d:38:4e:10:b5:c3:0f:9f:d0:e7:0d:25:f6:
         8d:f4:1c:bf:2f:93:38:02:0c:0b:b5:90:18:83:eb:53:81:c8:
         07:f1:e7:74:99:e2:a5:09:41:db:8b:95:d9:a4:28:14:86:80:
         00:45:6e:8b:11:cb:85:14:73:96:5a:a4:4c:74:e7:5d:a9:71:
         7b:ad:ce:94:6e:8d:e0:d1:1c:dc:29:58:1b:3a:00:a5:9e:ae:
         aa:c3:22:a5:c5:3f:41:56:2d:66:f7:04:62:6d:00:c6:7a:63:
         64:a9:43:9c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBzkaizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDYx
MzExNDMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhjOTJkZDZhYTA5
NTUyYzAwNWQ4ODA5NzhiYjQxMjY0MGFiZDliZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAONcn4oZOzLrzHwtLRjJ1PEDxV4hGg951wuasv7JwQ+/2nzd
53H0hllYnULDbL1zVgDx9XuRbyZYTvQx6vKc3xoeuWP6Fk77kGtAb2xpyYJwjqDw
wN/KOfbseHf+vJhvBt1Fr/HdBBMJbMTSqhiRHYpHV/uDbwH/+pmws4ovjUbg6c8r
xOdflhGV7v68+jGIjcATEOT0xTp4UUJ84ngbmAB7aCtbNpzctaE4aXtgTqHFVumk
nTWB9SL4Dg/8PsTQnvdaqOyqnSh5MMB5e/eM89e0Jf2ZR1cGAUMB75efxyOBHTfs
+GKbQot6GzbO4ZrEKdDuJnO4ISRpf2phhi0dwdkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRoyS3WqglVLABdiAl4u0EmQKvZvjAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
L2FNa3QxcW9KVlN3QVhZZ0plTHRCSmtDcjJiNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlRHAMEA7xAaDANBgkqhkiG9w0B
AQsFAAOCAQEACCp6pVtI6ljVTD5g1FwoGR8RVWtt16DGQzeu40FsbswoL8yAnzOK
wlV1hfrKBBxe92g4AwKMI8i7PGZXoiYswpMCt/IaYicH9QhC1GKbIfBluUpUdFt4
s18JPf4OdmGDu9niyA5i5aAfqXK5OvInmh6bephy+QP9FWduEZLnWf38A429ktZv
cF1GJGe/PvWfyKDbO7l9OE4QtcMPn9DnDSX2jfQcvy+TOAIMC7WQGIPrU4HIB/Hn
dJnipQlB24uV2aQoFIaAAEVuixHLhRRzllqkTHTnXalxe63OlG6N4NEc3ClYGzoA
pZ6uqsMipcU/QVYtZvcEYm0AxnpjZKlDnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org