Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/BA1EZFd93gVOEvOsWXS71mwkf0U.roa
File:                     BA1EZFd93gVOEvOsWXS71mwkf0U.roa (raw, json)
Hash identifier:          vD5Und1uxpdrPKDfq35fF1ezp8lO9ojBTuK7eegVJ1c=
Subject key identifier:   04:0D:44:64:57:7D:DE:05:4E:12:F3:AC:59:74:BB:D6:6C:24:7F:45
Certificate issuer:       /CN=617252ebbb33484adcec7405adea4de08a0afb04
Certificate serial:       0E3AAD94
Authority key identifier: 61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/BA1EZFd93gVOEvOsWXS71mwkf0U.roa
Signing time:             Sat 01 Jan 2022 10:05:55 +0000
ROA not before:           Sat 01 Jan 2022 10:05:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41608
IP address blocks:        185.213.174.0/24 maxlen: 24
                          185.213.172.0/24 maxlen: 24
                          185.213.172.0/23 maxlen: 23
                          2a0b:8bc0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 238726548 (0xe3aad94)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=617252ebbb33484adcec7405adea4de08a0afb04
        Validity
            Not Before: Jan  1 10:05:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=040d4464577dde054e12f3ac5974bbd66c247f45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ec:8f:a3:48:e5:03:31:a1:89:2f:9c:43:9f:
                    20:4a:17:ed:d2:5d:2b:48:68:55:b1:14:1f:4c:89:
                    75:fd:48:a5:7a:04:88:d0:0e:44:f7:a4:47:5f:6d:
                    f8:a8:06:e9:5a:09:1f:22:4b:be:88:67:66:0f:bb:
                    f4:df:b6:c0:74:02:ee:9e:d2:a0:02:54:62:b6:b7:
                    1d:81:9f:c4:89:25:65:05:54:30:79:84:6a:6b:68:
                    3b:74:3e:e8:75:bc:b1:79:ff:ef:d7:6d:ea:8e:6b:
                    80:b3:a1:06:b7:f6:f5:52:4e:4a:c4:9f:25:23:4a:
                    ac:87:69:96:1a:7b:3d:4a:bd:12:9e:27:44:cd:4f:
                    80:74:f5:65:9a:8b:f1:e4:48:11:42:cd:39:0c:2f:
                    9c:c9:fa:b9:69:43:f6:f5:63:cb:56:05:07:4a:aa:
                    61:26:6e:4b:ca:56:9e:ea:96:87:6f:22:65:27:0e:
                    8e:3a:ec:42:f0:cf:b4:02:ee:64:3d:d4:9a:ca:1f:
                    ad:49:2f:15:25:b9:69:ed:6c:4b:45:da:13:10:20:
                    71:49:df:87:10:66:0f:b4:51:51:3a:31:67:57:a4:
                    9c:f1:c3:8b:13:ac:76:af:e6:53:0d:dd:0e:6f:d8:
                    ca:4a:80:d4:eb:dc:5f:3e:a7:80:10:8d:d2:fd:e2:
                    21:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:0D:44:64:57:7D:DE:05:4E:12:F3:AC:59:74:BB:D6:6C:24:7F:45
            X509v3 Authority Key Identifier:
                keyid:61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/BA1EZFd93gVOEvOsWXS71mwkf0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.213.172.0-185.213.174.255
                IPv6:
                  2a0b:8bc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         3b:67:87:90:32:92:39:4b:2b:d2:08:eb:4d:ad:9d:94:ee:73:
         ff:21:f2:38:2e:0e:9b:c8:5c:f8:be:99:6d:95:01:04:7e:23:
         64:54:b3:48:50:49:43:28:96:60:57:56:0e:d5:6c:ad:65:46:
         79:ec:ad:fd:ec:35:5d:44:9b:0a:b4:2c:17:f5:70:33:3d:a6:
         6f:e4:c9:73:3a:93:88:9b:14:59:9f:d3:1d:62:a3:9c:e6:4e:
         06:ba:b9:5c:f0:83:c4:01:d2:2e:f7:20:75:57:72:6f:d9:d6:
         bf:28:94:ac:c8:ea:f7:24:7e:17:2d:7d:a4:93:cc:48:93:21:
         b8:90:fc:fa:65:3d:66:5d:8f:dc:26:2c:65:f5:f1:56:cd:34:
         2a:90:3e:2c:23:65:26:63:8c:ad:e0:55:28:ce:be:1a:2d:7f:
         a9:3c:d7:92:c6:10:bb:b4:1d:40:48:c3:c1:fe:ca:db:1c:96:
         33:b3:eb:ee:db:21:9a:c7:08:de:24:d9:10:b0:5e:ab:f2:fd:
         b2:86:48:19:68:d8:18:38:ad:56:ff:21:2b:5c:7d:c0:1a:93:
         d5:68:ba:9b:07:e4:57:ec:99:9e:f9:f8:4b:19:5e:e9:70:01:
         f1:d6:e7:89:a2:33:04:63:02:dc:20:8f:c2:d0:2c:b3:50:26:
         d8:56:93:f3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEDjqtlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MTcyNTJlYmJiMzM0ODRhZGNlYzc0MDVhZGVhNGRlMDhhMGFmYjA0MB4XDTIyMDEw
MTEwMDU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQwZDQ0NjQ1Nzdk
ZGUwNTRlMTJmM2FjNTk3NGJiZDY2YzI0N2Y0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTsj6NI5QMxoYkvnEOfIEoX7dJdK0hoVbEUH0yJdf1IpXoE
iNAORPekR19t+KgG6VoJHyJLvohnZg+79N+2wHQC7p7SoAJUYra3HYGfxIklZQVU
MHmEamtoO3Q+6HW8sXn/79dt6o5rgLOhBrf29VJOSsSfJSNKrIdplhp7PUq9Ep4n
RM1PgHT1ZZqL8eRIEULNOQwvnMn6uWlD9vVjy1YFB0qqYSZuS8pWnuqWh28iZScO
jjrsQvDPtALuZD3UmsofrUkvFSW5ae1sS0XaExAgcUnfhxBmD7RRUToxZ1eknPHD
ixOsdq/mUw3dDm/YykqA1OvcXz6ngBCN0v3iIacCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQEDURkV33eBU4S86xZdLvWbCR/RTAfBgNVHSMEGDAWgBRhclLruzNIStzs
dAWt6k3gigr7BDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lYSlM2N3N6U0VyYzdIUUZyZXBONElvSy13US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMzdhOTNiLTg3YjUtNDk5NS05ZThjLTY2MzVkZWJjMzk1Yy8x
L0JBMUVaRmQ5M2dWT0V2T3NXWFM3MW13a2YwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MzdhOTNiLTg3YjUtNDk5NS05ZThjLTY2MzVkZWJjMzk1Yy8xL1lYSlM2N3N6U0Vy
YzdIUUZyZXBONElvSy13US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQCudWsAwQAudWuMA0EAgACMAcD
BQMqC4vAMA0GCSqGSIb3DQEBCwUAA4IBAQA7Z4eQMpI5SyvSCOtNrZ2U7nP/IfI4
Lg6byFz4vpltlQEEfiNkVLNIUElDKJZgV1YO1WytZUZ57K397DVdRJsKtCwX9XAz
PaZv5MlzOpOImxRZn9MdYqOc5k4Gurlc8IPEAdIu9yB1V3Jv2da/KJSsyOr3JH4X
LX2kk8xIkyG4kPz6ZT1mXY/cJixl9fFWzTQqkD4sI2UmY4yt4FUozr4aLX+pPNeS
xhC7tB1ASMPB/srbHJYzs+vu2yGaxwjeJNkQsF6r8v2yhkgZaNgYOK1W/yErXH3A
GpPVaLqbB+RX7Jme+fhLGV7pcAHx1ueJojMEYwLcII/C0CyzUCbYVpPz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:02 2024 by rpki-client on console-ams.rpki-client.org