Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/gHfZNkqP-DP4yeE5eYX7-IcBhsQ.roa
File:                     gHfZNkqP-DP4yeE5eYX7-IcBhsQ.roa (raw, json)
Hash identifier:          wyyV6+xh34V8+fNtt7JWfpL6tcWZVXhieAVaOg7G1Og=
Subject key identifier:   80:77:D9:36:4A:8F:F8:33:F8:C9:E1:39:79:85:FB:F8:87:01:86:C4
Certificate issuer:       /CN=6aa6f9e3e2622a7815a259e58d552439c255a31b
Certificate serial:       09733CAF
Authority key identifier: 6A:A6:F9:E3:E2:62:2A:78:15:A2:59:E5:8D:55:24:39:C2:55:A3:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aqb54-JiKngVolnljVUkOcJVoxs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/gHfZNkqP-DP4yeE5eYX7-IcBhsQ.roa
Signing time:             Sat 01 Jan 2022 10:58:29 +0000
ROA not before:           Sat 01 Jan 2022 10:58:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15830
IP address blocks:        185.157.205.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 158547119 (0x9733caf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6aa6f9e3e2622a7815a259e58d552439c255a31b
        Validity
            Not Before: Jan  1 10:58:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8077d9364a8ff833f8c9e1397985fbf8870186c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f8:cb:ce:3c:e5:3c:39:26:0a:e9:7b:6a:3c:
                    2c:9e:47:ca:a9:fb:b2:28:12:02:c4:c8:d7:8b:af:
                    2c:a3:3f:f4:76:80:20:04:ff:95:03:ca:63:c5:8c:
                    ed:2e:ba:97:22:fa:75:8e:ba:fb:ce:5e:98:de:eb:
                    71:90:d6:bf:da:fc:79:0e:9a:1a:c3:d8:08:9e:73:
                    e5:7b:ce:06:a9:a5:2d:82:2a:c7:a9:eb:4f:68:4f:
                    0b:aa:1a:36:2c:dc:07:35:1e:32:20:b3:bd:ad:97:
                    2c:4f:c8:f9:2e:8b:33:5c:19:d7:23:4d:ea:e9:dd:
                    57:f3:80:fe:65:4d:fd:5b:7e:63:e4:b9:87:58:f4:
                    6a:53:4b:b7:b7:b1:6a:4a:8c:e6:ee:a4:0a:34:f7:
                    08:5e:a6:eb:1e:be:c9:33:f2:4a:98:c1:fe:34:8e:
                    92:79:77:40:1b:19:85:44:ef:18:c4:12:e9:4d:52:
                    53:ba:0c:34:31:b3:63:d6:4e:20:ab:8c:96:10:15:
                    2b:11:e4:21:c0:33:a4:18:22:19:52:5e:98:f0:17:
                    50:d3:fe:ac:dc:fb:df:4f:39:3a:c5:1c:8c:6e:e0:
                    29:ff:74:3a:47:21:23:9b:ca:6d:99:47:5b:f8:f2:
                    32:75:57:7b:d6:21:70:b3:c9:c8:de:0c:25:2d:55:
                    5d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:77:D9:36:4A:8F:F8:33:F8:C9:E1:39:79:85:FB:F8:87:01:86:C4
            X509v3 Authority Key Identifier:
                keyid:6A:A6:F9:E3:E2:62:2A:78:15:A2:59:E5:8D:55:24:39:C2:55:A3:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqb54-JiKngVolnljVUkOcJVoxs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/gHfZNkqP-DP4yeE5eYX7-IcBhsQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/aqb54-JiKngVolnljVUkOcJVoxs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.157.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:ab:e0:90:75:b8:0d:af:81:72:44:1a:bc:5b:51:33:85:06:
         81:3f:01:f3:02:d0:36:31:aa:ad:65:e3:55:db:f7:30:ca:02:
         a6:3e:8a:9e:4c:34:19:9d:af:62:a4:40:ae:c2:44:09:3f:ea:
         e9:91:85:2b:87:aa:f6:a4:a0:17:15:22:41:9e:85:51:99:e2:
         aa:ae:91:59:13:2c:a6:1e:be:b5:c5:7a:8d:53:d7:4d:2d:45:
         0d:8c:21:75:a2:03:62:2d:d1:34:eb:b0:c7:d2:83:38:c5:05:
         4b:1f:ce:cf:86:2f:18:12:e7:89:e5:01:70:2a:69:24:af:33:
         fa:b0:68:f4:40:fb:e8:16:5c:70:fa:4e:d4:44:31:7a:94:c6:
         b0:93:6c:03:7d:65:68:a9:50:d5:4e:81:c0:eb:60:e3:a8:df:
         e6:c9:da:5c:cf:68:4a:f5:a1:b0:91:53:1d:32:4a:bd:22:c7:
         e1:c8:ac:41:56:b5:b8:e9:92:95:8f:a9:aa:ce:b6:9d:1d:49:
         96:5f:23:ea:e7:2b:22:e9:5e:69:c2:5d:fe:1e:ca:aa:20:69:
         d6:d7:0b:f0:d0:7d:85:49:b1:56:b7:87:f9:01:e2:b9:da:f3:
         e8:e9:3e:bd:f7:01:0c:b5:48:85:9e:56:28:33:03:2b:28:23:
         2c:d7:b6:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECXM8rzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YWE2ZjllM2UyNjIyYTc4MTVhMjU5ZTU4ZDU1MjQzOWMyNTVhMzFiMB4XDTIyMDEw
MTEwNTgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODA3N2Q5MzY0YThm
ZjgzM2Y4YzllMTM5Nzk4NWZiZjg4NzAxODZjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL34y8485Tw5Jgrpe2o8LJ5Hyqn7sigSAsTI14uvLKM/9HaA
IAT/lQPKY8WM7S66lyL6dY66+85emN7rcZDWv9r8eQ6aGsPYCJ5z5XvOBqmlLYIq
x6nrT2hPC6oaNizcBzUeMiCzva2XLE/I+S6LM1wZ1yNN6undV/OA/mVN/Vt+Y+S5
h1j0alNLt7exakqM5u6kCjT3CF6m6x6+yTPySpjB/jSOknl3QBsZhUTvGMQS6U1S
U7oMNDGzY9ZOIKuMlhAVKxHkIcAzpBgiGVJemPAXUNP+rNz73085OsUcjG7gKf90
OkchI5vKbZlHW/jyMnVXe9YhcLPJyN4MJS1VXU0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSAd9k2So/4M/jJ4Tl5hfv4hwGGxDAfBgNVHSMEGDAWgBRqpvnj4mIqeBWi
WeWNVSQ5wlWjGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FxYjU0LUppS25nVm9sbmxqVlVrT2NKVm94cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvOTM2ODA2LWJiNmQtNDVmMy04ODM3LWM1MDczNGQwMjBmMC8x
L2dIZlpOa3FQLURQNHllRTVlWVg3LUljQmhzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
OTM2ODA2LWJiNmQtNDVmMy04ODM3LWM1MDczNGQwMjBmMC8xL2FxYjU0LUppS25n
Vm9sbmxqVlVrT2NKVm94cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmdzTANBgkqhkiG9w0BAQsFAAOC
AQEAx6vgkHW4Da+BckQavFtRM4UGgT8B8wLQNjGqrWXjVdv3MMoCpj6Knkw0GZ2v
YqRArsJECT/q6ZGFK4eq9qSgFxUiQZ6FUZniqq6RWRMsph6+tcV6jVPXTS1FDYwh
daIDYi3RNOuwx9KDOMUFSx/Oz4YvGBLnieUBcCppJK8z+rBo9ED76BZccPpO1EQx
epTGsJNsA31laKlQ1U6BwOtg46jf5snaXM9oSvWhsJFTHTJKvSLH4cisQVa1uOmS
lY+pqs62nR1Jll8j6ucrIuleacJd/h7KqiBp1tcL8NB9hUmxVreH+QHiudrz6Ok+
vfcBDLVIhZ5WKDMDKygjLNe2BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:18 2024 by rpki-client on console-ams.rpki-client.org