Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/BbVSnkyn-JnFYaxn6tqxrM0UBEE.roa
File:                     BbVSnkyn-JnFYaxn6tqxrM0UBEE.roa (raw, json)
Hash identifier:          vpFT/+c7G/A7L9HFMp1xIMGXS2puLKFyeectqDgidHE=
Subject key identifier:   05:B5:52:9E:4C:A7:F8:99:C5:61:AC:67:EA:DA:B1:AC:CD:14:04:41
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       0181D0A9E653DA177FDCC7B5B3CDB2E2ED88
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/BbVSnkyn-JnFYaxn6tqxrM0UBEE.roa
Signing time:             Tue 05 Jul 2022 23:20:04 +0000
ROA not before:           Tue 05 Jul 2022 23:20:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213151
IP address blocks:        185.197.135.0/24 maxlen: 24
                          2a06:e881:7300::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:d0:a9:e6:53:da:17:7f:dc:c7:b5:b3:cd:b2:e2:ed:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Jul  5 23:20:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=05b5529e4ca7f899c561ac67eadab1accd140441
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d6:65:be:fe:fb:77:61:f3:35:05:57:69:9c:
                    d1:41:38:72:51:93:e1:79:c7:d3:5c:6e:ed:ac:e8:
                    d2:54:7c:da:ff:2e:00:66:37:18:9d:d3:39:b0:21:
                    ce:06:e8:a5:f2:51:64:97:de:04:64:6b:61:f1:32:
                    54:96:44:25:fb:63:39:89:01:72:c5:ca:88:fc:ef:
                    be:cc:19:9c:1e:4d:5e:c7:4c:74:c3:f3:e2:d3:4f:
                    30:b4:00:33:91:49:11:34:98:fa:f6:e7:7f:03:7b:
                    38:4a:6d:6d:6c:ce:3d:40:49:da:63:5a:d1:b7:92:
                    10:bb:78:f1:95:5a:40:95:ad:4e:12:f8:d3:12:cf:
                    b7:16:49:9a:3a:2d:55:f1:78:b3:62:24:bd:80:8e:
                    b4:c8:f6:92:6d:3e:99:23:f8:6b:b7:2d:e9:cb:cc:
                    09:02:69:60:b4:65:f9:ea:ad:07:b8:a1:8c:0b:89:
                    70:9c:5a:53:9c:5a:52:f5:ae:ca:00:fa:80:bf:04:
                    8d:82:89:03:85:94:ef:e1:76:b2:1d:0e:f1:92:af:
                    1b:05:83:09:99:f0:c1:42:aa:8e:84:ef:25:fa:d6:
                    0b:5a:8a:fb:17:33:a0:87:46:1f:24:b7:77:fc:c9:
                    ec:e4:69:5f:55:84:05:f5:6a:39:1c:65:14:1a:ff:
                    e7:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:B5:52:9E:4C:A7:F8:99:C5:61:AC:67:EA:DA:B1:AC:CD:14:04:41
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/BbVSnkyn-JnFYaxn6tqxrM0UBEE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.135.0/24
                IPv6:
                  2a06:e881:7300::/40

    Signature Algorithm: sha256WithRSAEncryption
         89:c5:29:a8:0c:52:be:33:f9:3a:5a:7a:9f:cd:70:fc:c6:4d:
         65:fe:19:81:d3:a0:ad:19:96:49:42:62:5b:94:1e:1f:56:82:
         88:e0:0d:4e:6b:8a:b0:38:c6:b9:06:7f:e5:79:2a:79:cd:8b:
         9d:f7:3e:20:e6:a1:21:46:5c:a9:b7:a8:34:32:ad:c6:07:e3:
         e2:19:2e:c6:69:3a:6e:6c:b0:f8:1b:12:4e:31:64:f1:15:8a:
         ef:6b:0b:73:8c:54:0f:20:4e:13:77:55:4b:20:be:a0:05:ff:
         4e:70:37:e2:8e:ca:a7:8e:b9:19:71:5b:88:3b:1b:57:7d:5f:
         d2:82:6d:0c:a6:ba:4a:bd:d0:3c:f9:f0:4e:ed:95:54:ff:0c:
         2d:79:3d:1c:f0:3b:c3:d5:99:3a:4c:3f:2c:11:2a:e1:3a:68:
         d9:9f:fc:1f:04:7f:aa:a3:05:d3:c4:0c:5a:99:56:de:f7:5d:
         c6:9c:39:13:ca:19:57:16:24:41:46:32:eb:4e:69:90:60:31:
         e2:24:c2:f6:c2:dd:ab:4e:21:3c:51:18:de:37:ad:13:ca:ef:
         5b:35:65:d3:41:25:43:a4:dc:ac:c1:f7:6a:3f:9f:c5:b4:fd:
         13:b6:40:16:33:91:f3:75:c4:28:7b:83:40:37:1e:a3:63:53:
         28:31:b3:b3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYHQqeZT2hd/3Me1s82y4u2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjIwNzA1MjMyMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWI1NTI5ZTRjYTdmODk5YzU2MWFjNjdlYWRhYjFhY2NkMTQwNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NZlvv77d2HzNQVXaZzRQThyUZPh
ecfTXG7trOjSVHza/y4AZjcYndM5sCHOBuil8lFkl94EZGth8TJUlkQl+2M5iQFy
xcqI/O++zBmcHk1ex0x0w/Pi008wtAAzkUkRNJj69ud/A3s4Sm1tbM49QEnaY1rR
t5IQu3jxlVpAla1OEvjTEs+3FkmaOi1V8XizYiS9gI60yPaSbT6ZI/hrty3py8wJ
AmlgtGX56q0HuKGMC4lwnFpTnFpS9a7KAPqAvwSNgokDhZTv4XayHQ7xkq8bBYMJ
mfDBQqqOhO8l+tYLWor7FzOgh0YfJLd3/Mns5GlfVYQF9Wo5HGUUGv/nMQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAW1Up5Mp/iZxWGsZ+rasazNFARBMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvQmJWU25reW4tSm5GWWF4bjZ0cXhyTTBVQkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAucWHMA4E
AgACMAgDBgAqBuiBczANBgkqhkiG9w0BAQsFAAOCAQEAicUpqAxSvjP5Olp6n81w
/MZNZf4ZgdOgrRmWSUJiW5QeH1aCiOANTmuKsDjGuQZ/5Xkqec2Lnfc+IOahIUZc
qbeoNDKtxgfj4hkuxmk6bmyw+BsSTjFk8RWK72sLc4xUDyBOE3dVSyC+oAX/TnA3
4o7Kp465GXFbiDsbV31f0oJtDKa6Sr3QPPnwTu2VVP8MLXk9HPA7w9WZOkw/LBEq
4Tpo2Z/8HwR/qqMF08QMWplW3vddxpw5E8oZVxYkQUYy605pkGAx4iTC9sLdq04h
PFEY3jetE8rvWzVl00ElQ6TcrMH3aj+fxbT9E7ZAFjOR83XEKHuDQDceo2NTKDGz
sw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org