Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/08bb92-6f00-4e5c-924a-ef6cce145d82/1/4pzE-YkNHt-xgDAhBkRgjykp6nE.roa
File:                     4pzE-YkNHt-xgDAhBkRgjykp6nE.roa (raw, json)
Hash identifier:          m/+xq9AllpIR+4g+sYViPJa1pXGtdT2L4BTWjWFZf84=
Subject key identifier:   E2:9C:C4:F9:89:0D:1E:DF:B1:80:30:21:06:44:60:8F:29:29:EA:71
Certificate issuer:       /CN=bcc7e674665440f6e6b80e6ff155aad6a89cb3f2
Certificate serial:       048F7671
Authority key identifier: BC:C7:E6:74:66:54:40:F6:E6:B8:0E:6F:F1:55:AA:D6:A8:9C:B3:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vMfmdGZUQPbmuA5v8VWq1qics_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/08bb92-6f00-4e5c-924a-ef6cce145d82/1/4pzE-YkNHt-xgDAhBkRgjykp6nE.roa
Signing time:             Sat 01 Jan 2022 03:53:09 +0000
ROA not before:           Sat 01 Jan 2022 03:53:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47195
IP address blocks:        185.13.85.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76510833 (0x48f7671)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcc7e674665440f6e6b80e6ff155aad6a89cb3f2
        Validity
            Not Before: Jan  1 03:53:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e29cc4f9890d1edfb18030210644608f2929ea71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:21:6a:12:3a:63:87:7c:c4:06:2a:d4:a0:4d:
                    5b:82:c4:04:ed:f6:0a:f2:23:15:9f:f7:2c:cd:23:
                    c4:0d:af:ae:2f:4b:5f:d4:5e:97:4d:a0:55:1f:1c:
                    d9:70:36:66:5f:6f:46:56:9c:ba:9a:65:68:5d:af:
                    f6:cf:87:90:c9:a3:8e:b7:69:86:ef:8e:b7:51:ef:
                    f6:20:d6:91:0c:4f:be:a4:0a:14:6a:fb:82:6a:b1:
                    27:13:44:25:28:04:42:47:e2:1b:cb:59:9a:de:08:
                    b5:21:55:dd:98:03:56:da:b5:8b:a1:b2:ed:fc:0d:
                    aa:68:fb:7f:07:24:14:90:21:e9:c3:28:d8:5f:fe:
                    23:64:4f:ba:3a:69:7b:df:d6:4f:c9:ef:0f:a7:41:
                    b2:2d:23:95:ec:8a:d0:c5:7b:f6:e9:8c:53:c2:ca:
                    b4:d0:25:90:a5:40:9d:e3:21:33:d1:ae:91:b0:c0:
                    ae:f2:26:b5:07:a0:f6:c2:d2:dd:6a:f0:60:15:47:
                    60:4f:8d:86:11:cf:8e:b6:70:39:24:06:fb:26:db:
                    63:d8:42:7b:9d:43:04:93:4e:b9:48:90:70:f3:27:
                    1c:c7:d0:06:cf:ff:a1:db:31:d2:6f:67:cc:6c:e6:
                    d6:e7:7d:47:a3:6c:41:bf:2e:d3:67:97:ce:2c:13:
                    b5:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:9C:C4:F9:89:0D:1E:DF:B1:80:30:21:06:44:60:8F:29:29:EA:71
            X509v3 Authority Key Identifier:
                keyid:BC:C7:E6:74:66:54:40:F6:E6:B8:0E:6F:F1:55:AA:D6:A8:9C:B3:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMfmdGZUQPbmuA5v8VWq1qics_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/08bb92-6f00-4e5c-924a-ef6cce145d82/1/4pzE-YkNHt-xgDAhBkRgjykp6nE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/08bb92-6f00-4e5c-924a-ef6cce145d82/1/vMfmdGZUQPbmuA5v8VWq1qics_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.13.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:68:47:62:d7:bd:0c:93:98:85:26:fe:37:d3:b8:99:ac:e5:
         be:d2:63:b2:c9:4d:05:b2:5e:20:94:2e:9c:6f:0d:42:ea:7a:
         3d:83:17:40:8e:6d:cd:2c:de:37:3e:c1:29:d7:6f:6d:69:e9:
         af:eb:bf:03:2a:a3:63:ac:42:17:64:1a:a8:50:6a:65:92:e1:
         99:ce:98:e3:b5:94:30:92:94:0d:26:6b:14:e3:68:43:df:49:
         6d:b2:e2:63:6b:9b:b7:5a:5a:c3:c4:8b:0e:79:36:77:0a:31:
         07:b8:a4:f4:da:ce:e1:8a:c9:f6:af:9c:ef:1b:7d:41:17:ec:
         67:7c:20:2d:3f:0a:00:95:c5:e5:b9:1c:fd:7c:ad:cc:18:82:
         95:9e:09:a6:0c:46:16:15:86:41:59:38:75:66:0a:bd:1d:66:
         ed:dd:80:af:16:07:43:c6:bd:be:73:ca:ee:48:a7:4a:db:e9:
         6a:20:bc:84:36:69:43:29:ac:f1:e9:ad:5d:8f:48:2c:88:ef:
         32:2a:db:71:a9:ea:81:b9:22:71:b1:32:f4:11:f6:55:32:b5:
         71:de:53:03:2f:06:c9:8f:e9:09:b2:1e:20:43:21:7d:2a:ef:
         7f:1d:a7:37:0e:76:22:d1:d9:53:b3:c1:2a:ed:a4:c4:82:9a:
         69:9e:6e:60
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBI92cTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Y2M3ZTY3NDY2NTQ0MGY2ZTZiODBlNmZmMTU1YWFkNmE4OWNiM2YyMB4XDTIyMDEw
MTAzNTMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI5Y2M0Zjk4OTBk
MWVkZmIxODAzMDIxMDY0NDYwOGYyOTI5ZWE3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwhahI6Y4d8xAYq1KBNW4LEBO32CvIjFZ/3LM0jxA2vri9L
X9Rel02gVR8c2XA2Zl9vRlacupplaF2v9s+HkMmjjrdphu+Ot1Hv9iDWkQxPvqQK
FGr7gmqxJxNEJSgEQkfiG8tZmt4ItSFV3ZgDVtq1i6Gy7fwNqmj7fwckFJAh6cMo
2F/+I2RPujppe9/WT8nvD6dBsi0jleyK0MV79umMU8LKtNAlkKVAneMhM9GukbDA
rvImtQeg9sLS3WrwYBVHYE+NhhHPjrZwOSQG+ybbY9hCe51DBJNOuUiQcPMnHMfQ
Bs//odsx0m9nzGzm1ud9R6NsQb8u02eXziwTtWkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTinMT5iQ0e37GAMCEGRGCPKSnqcTAfBgNVHSMEGDAWgBS8x+Z0ZlRA9ua4
Dm/xVarWqJyz8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZNZm1kR1pVUVBibXVBNXY4VldxMXFpY3NfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMDhiYjkyLTZmMDAtNGU1Yy05MjRhLWVmNmNjZTE0NWQ4Mi8x
LzRwekUtWWtOSHQteGdEQWhCa1JnanlrcDZuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
MDhiYjkyLTZmMDAtNGU1Yy05MjRhLWVmNmNjZTE0NWQ4Mi8xL3ZNZm1kR1pVUVBi
bXVBNXY4VldxMXFpY3NfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkNVTANBgkqhkiG9w0BAQsFAAOC
AQEAaGhHYte9DJOYhSb+N9O4mazlvtJjsslNBbJeIJQunG8NQup6PYMXQI5tzSze
Nz7BKddvbWnpr+u/AyqjY6xCF2QaqFBqZZLhmc6Y47WUMJKUDSZrFONoQ99JbbLi
Y2ubt1paw8SLDnk2dwoxB7ik9NrO4YrJ9q+c7xt9QRfsZ3wgLT8KAJXF5bkc/Xyt
zBiClZ4JpgxGFhWGQVk4dWYKvR1m7d2ArxYHQ8a9vnPK7kinStvpaiC8hDZpQyms
8emtXY9ILIjvMirbcanqgbkicbEy9BH2VTK1cd5TAy8GyY/pCbIeIEMhfSrvfx2n
Nw52ItHZU7PBKu2kxIKaaZ5uYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:12 2024 by rpki-client on console-ams.rpki-client.org