Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/QWHajk4uNKraTryzwaa9n23lkhc.roa
File:                     QWHajk4uNKraTryzwaa9n23lkhc.roa (raw, json)
Hash identifier:          hvRPo43a9ErRlgZ7cL1abABEf9W9gdzhGX5UM+lbR+s=
Subject key identifier:   41:61:DA:8E:4E:2E:34:AA:DA:4E:BC:B3:C1:A6:BD:9F:6D:E5:92:17
Certificate issuer:       /CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
Certificate serial:       0D981810
Authority key identifier: 6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/QWHajk4uNKraTryzwaa9n23lkhc.roa
Signing time:             Sat 01 Jan 2022 09:56:40 +0000
ROA not before:           Sat 01 Jan 2022 09:56:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201559
IP address blocks:        185.70.216.0/22 maxlen: 32
                          2a05:2c00::/30 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 228071440 (0xd981810)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
        Validity
            Not Before: Jan  1 09:56:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4161da8e4e2e34aada4ebcb3c1a6bd9f6de59217
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c9:10:80:d4:a3:22:b0:3a:8c:c4:e1:3a:b6:
                    74:40:dc:9c:f0:bf:96:22:d0:e7:81:56:7c:35:5d:
                    68:b1:1b:71:dc:dd:90:b8:c9:d8:bd:a8:d0:81:4b:
                    34:36:a6:02:c7:8b:16:16:ec:15:64:fc:92:55:46:
                    b4:5a:14:2c:a4:78:31:2a:da:28:0f:b4:3d:47:28:
                    b0:3f:f6:0b:73:38:18:61:b8:80:ba:47:e9:8d:94:
                    f7:7e:d5:37:a5:1c:7b:44:63:51:c6:54:2a:70:91:
                    83:5d:4e:01:d5:93:0a:ac:06:89:13:22:09:49:8b:
                    2a:a9:af:07:8a:84:c9:5f:4c:e3:a4:5f:72:e4:85:
                    d0:8a:bb:59:42:53:8f:f5:3b:d9:c0:af:18:74:5f:
                    50:4f:54:9c:14:70:a1:84:78:73:8b:32:a6:34:c9:
                    b9:e0:27:d0:71:82:21:3f:28:bf:76:e6:5d:f9:7d:
                    ce:15:49:b0:b6:d5:08:55:6c:b0:ab:68:c5:5b:f5:
                    19:ed:4f:6b:c5:65:f2:b8:b4:dc:f2:86:50:3e:95:
                    f3:c7:8a:00:d2:43:08:c0:cf:ca:c9:f3:17:dd:21:
                    b0:ba:64:92:a7:e1:50:38:f5:0a:63:8a:9d:f2:52:
                    c8:b0:2b:0a:a5:ff:12:52:1e:e3:9a:b2:8e:d4:4f:
                    8d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:61:DA:8E:4E:2E:34:AA:DA:4E:BC:B3:C1:A6:BD:9F:6D:E5:92:17
            X509v3 Authority Key Identifier:
                keyid:6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/QWHajk4uNKraTryzwaa9n23lkhc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/bss_s76ozI4249p9nEcEm_xv-xQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.70.216.0/22
                IPv6:
                  2a05:2c00::/30

    Signature Algorithm: sha256WithRSAEncryption
         83:46:0b:13:35:81:6a:23:e1:39:e4:c4:8b:a0:96:70:ab:c1:
         4f:4e:62:eb:11:6b:4c:38:14:0d:17:d8:6f:5a:f3:79:07:46:
         10:5f:77:20:c0:69:fc:fb:b9:d1:f0:20:24:6a:10:bc:82:17:
         25:75:8a:ed:0e:0c:f9:4f:b1:d0:c9:dd:e8:fd:fe:33:2f:ad:
         73:70:53:ec:6a:98:58:d0:a8:86:df:df:ab:b0:f2:12:62:26:
         d4:cf:cd:09:6c:bb:92:e2:bc:9e:0e:e9:4c:3e:ab:2a:01:f9:
         77:a1:5f:ea:51:f7:3d:be:30:0a:c0:5b:9d:9e:18:84:03:a8:
         9c:48:e6:d3:84:f8:1b:ee:2d:ce:f7:40:5a:f6:fd:00:f4:64:
         89:54:5c:fc:c2:f4:bf:db:e2:59:4d:55:1c:90:94:a6:d8:be:
         81:c2:18:9f:b2:db:26:91:f8:10:ef:7e:9d:3f:42:fa:51:33:
         5b:a8:02:08:75:89:39:50:71:ce:51:fb:de:89:f0:06:84:60:
         b2:01:bd:15:be:12:0f:eb:23:56:02:b6:4e:a2:c5:86:27:26:
         b2:81:24:bc:90:c6:06:e1:f8:27:ab:b7:fd:cb:6c:62:55:27:
         11:74:1d:37:c5:8c:2d:71:41:78:9d:96:b9:99:59:6b:e5:21:
         93:02:52:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDZgYEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZWNiM2ZiM2JlYThjYzhlMzZlM2RhN2Q5YzQ3MDQ5YmZjNmZmYjE0MB4XDTIyMDEw
MTA5NTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDE2MWRhOGU0ZTJl
MzRhYWRhNGViY2IzYzFhNmJkOWY2ZGU1OTIxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbJEIDUoyKwOozE4Tq2dEDcnPC/liLQ54FWfDVdaLEbcdzd
kLjJ2L2o0IFLNDamAseLFhbsFWT8klVGtFoULKR4MSraKA+0PUcosD/2C3M4GGG4
gLpH6Y2U937VN6Uce0RjUcZUKnCRg11OAdWTCqwGiRMiCUmLKqmvB4qEyV9M46Rf
cuSF0Iq7WUJTj/U72cCvGHRfUE9UnBRwoYR4c4sypjTJueAn0HGCIT8ov3bmXfl9
zhVJsLbVCFVssKtoxVv1Ge1Pa8Vl8ri03PKGUD6V88eKANJDCMDPysnzF90hsLpk
kqfhUDj1CmOKnfJSyLArCqX/ElIe45qyjtRPjT0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRBYdqOTi40qtpOvLPBpr2fbeWSFzAfBgNVHSMEGDAWgBRuyz+zvqjMjjbj
2n2cRwSb/G/7FDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Jzc19zNzZvekk0MjQ5cDluRWNFbV94di14US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvMGJhN2UyLTYzYTItNGM0MS04NmI1LWEzNzBmNGJhMmQyYi8x
L1FXSGFqazR1TktyYVRyeXp3YWE5bjIzbGtoYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
MGJhN2UyLTYzYTItNGM0MS04NmI1LWEzNzBmNGJhMmQyYi8xL2Jzc19zNzZvekk0
MjQ5cDluRWNFbV94di14US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlG2DANBAIAAjAHAwUCKgUsADAN
BgkqhkiG9w0BAQsFAAOCAQEAg0YLEzWBaiPhOeTEi6CWcKvBT05i6xFrTDgUDRfY
b1rzeQdGEF93IMBp/Pu50fAgJGoQvIIXJXWK7Q4M+U+x0Mnd6P3+My+tc3BT7GqY
WNCoht/fq7DyEmIm1M/NCWy7kuK8ng7pTD6rKgH5d6Ff6lH3Pb4wCsBbnZ4YhAOo
nEjm04T4G+4tzvdAWvb9APRkiVRc/ML0v9viWU1VHJCUpti+gcIYn7LbJpH4EO9+
nT9C+lEzW6gCCHWJOVBxzlH73onwBoRgsgG9Fb4SD+sjVgK2TqLFhicmsoEkvJDG
BuH4J6u3/ctsYlUnEXQdN8WMLXFBeJ2WuZlZa+UhkwJSPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:27 2024 by rpki-client on console-fra.rpki-client.org