Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/186a93-8e93-4652-9289-7ed51ca5af51/1/bo1oKazY0od26bPBkXdYltTiP60.roa
File:                     bo1oKazY0od26bPBkXdYltTiP60.roa (raw, json)
Hash identifier:          zT+eBY8C1PhnrObm84xPIhTT/1GwqqcwJwEMRN5KI20=
Subject key identifier:   6E:8D:68:29:AC:D8:D2:87:76:E9:B3:C1:91:77:58:96:D4:E2:3F:AD
Certificate issuer:       /CN=964335563d9b6f9e3e28de368d85988bc141371e
Certificate serial:       04A7396C
Authority key identifier: 96:43:35:56:3D:9B:6F:9E:3E:28:DE:36:8D:85:98:8B:C1:41:37:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkM1Vj2bb54-KN42jYWYi8FBNx4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/186a93-8e93-4652-9289-7ed51ca5af51/1/bo1oKazY0od26bPBkXdYltTiP60.roa
Signing time:             Sat 01 Jan 2022 03:01:35 +0000
ROA not before:           Sat 01 Jan 2022 03:01:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19905
IP address blocks:        185.180.82.0/24 maxlen: 24
                          185.180.83.0/24 maxlen: 24
                          185.180.80.0/24 maxlen: 24
                          185.180.80.0/22 maxlen: 22
                          185.180.81.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 78068076 (0x4a7396c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964335563d9b6f9e3e28de368d85988bc141371e
        Validity
            Not Before: Jan  1 03:01:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e8d6829acd8d28776e9b3c191775896d4e23fad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:74:c3:1e:72:fa:63:19:fc:60:9e:39:28:12:
                    8f:e9:8d:89:d7:ba:83:b1:41:1b:68:ee:61:9d:3e:
                    06:b8:e5:cf:af:97:47:06:fd:4e:1a:84:fe:f3:e3:
                    34:da:ed:5d:9c:bd:9f:d5:27:fc:12:92:fb:12:6b:
                    81:bd:d2:7f:9b:d8:2a:0c:52:81:00:c1:d0:3a:ea:
                    d0:3f:2b:c7:9d:33:3f:b8:be:a6:37:f4:46:d9:11:
                    5f:5a:17:46:79:51:1f:7b:7c:71:98:1e:21:4a:c4:
                    80:48:2c:60:df:75:d5:5a:f4:f3:3c:8f:7c:7f:1f:
                    bc:21:ae:0c:c8:9a:a3:7b:c5:08:88:4b:54:16:11:
                    1e:86:af:15:a2:4a:e0:4d:b7:ab:c7:ab:b2:58:8b:
                    23:6a:9e:ad:41:0c:0b:1a:99:7c:fa:91:5d:5f:39:
                    93:df:c4:ea:d5:27:18:a9:3e:a0:a4:62:75:b7:d2:
                    86:97:c3:8f:97:9c:ad:cd:5b:5a:cf:29:8b:85:d6:
                    91:43:a4:b3:47:6f:b5:b9:47:ea:c4:92:9e:42:fc:
                    76:66:7d:6a:69:32:f8:80:4d:d1:54:1c:e4:a8:d9:
                    c6:ad:e5:ae:b9:81:0f:21:25:09:15:f6:a8:b2:e9:
                    ce:69:19:61:5f:1d:b3:a2:19:5e:d9:90:20:f5:da:
                    f5:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:8D:68:29:AC:D8:D2:87:76:E9:B3:C1:91:77:58:96:D4:E2:3F:AD
            X509v3 Authority Key Identifier:
                keyid:96:43:35:56:3D:9B:6F:9E:3E:28:DE:36:8D:85:98:8B:C1:41:37:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkM1Vj2bb54-KN42jYWYi8FBNx4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/186a93-8e93-4652-9289-7ed51ca5af51/1/bo1oKazY0od26bPBkXdYltTiP60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/186a93-8e93-4652-9289-7ed51ca5af51/1/lkM1Vj2bb54-KN42jYWYi8FBNx4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.180.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         96:d4:91:e1:2b:75:39:ce:81:0d:64:12:0b:54:8d:b9:31:b9:
         d4:f6:94:ad:84:69:e6:81:68:c0:2e:c9:ed:a1:b7:71:79:07:
         79:42:90:98:0b:90:23:00:15:d1:ba:6d:3f:c0:81:f9:85:94:
         0c:aa:c4:cc:a5:ed:dd:ee:dc:e4:0b:71:ed:5f:ef:85:cd:0e:
         20:0e:5d:6d:a3:14:79:71:01:3f:52:fd:6e:78:b8:5e:b9:9b:
         6c:62:e1:3e:ce:e6:fd:27:e6:dd:b0:d3:44:27:cf:5e:31:1d:
         9f:59:b2:2d:6b:4d:fd:43:f6:89:1d:34:6d:99:b1:34:5a:b5:
         ca:9c:32:59:e8:78:52:5c:ce:ee:30:5f:a6:06:7e:e6:d5:af:
         40:97:35:4c:a5:e2:64:eb:ea:7c:a0:52:0f:a3:c7:08:63:7e:
         e5:b3:a0:f9:14:9e:f7:45:d4:73:cb:a5:7a:f8:26:00:a0:10:
         52:a8:2a:9e:81:a7:59:11:fa:6a:d4:f4:d9:d8:0a:20:46:03:
         0c:d0:fd:43:3a:77:c9:7b:df:93:e6:69:41:81:5d:50:6c:37:
         f8:0c:1d:72:ba:41:e5:f2:23:64:3a:7c:ce:af:17:93:87:fc:
         2a:30:c6:07:07:e2:d7:e2:7e:95:02:92:2f:db:7a:a6:b8:f2:
         ef:9b:13:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBKc5bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NjQzMzU1NjNkOWI2ZjllM2UyOGRlMzY4ZDg1OTg4YmMxNDEzNzFlMB4XDTIyMDEw
MTAzMDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmU4ZDY4MjlhY2Q4
ZDI4Nzc2ZTliM2MxOTE3NzU4OTZkNGUyM2ZhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKl0wx5y+mMZ/GCeOSgSj+mNide6g7FBG2juYZ0+Brjlz6+X
Rwb9ThqE/vPjNNrtXZy9n9Un/BKS+xJrgb3Sf5vYKgxSgQDB0Drq0D8rx50zP7i+
pjf0RtkRX1oXRnlRH3t8cZgeIUrEgEgsYN911Vr08zyPfH8fvCGuDMiao3vFCIhL
VBYRHoavFaJK4E23q8ersliLI2qerUEMCxqZfPqRXV85k9/E6tUnGKk+oKRidbfS
hpfDj5ecrc1bWs8pi4XWkUOks0dvtblH6sSSnkL8dmZ9amky+IBN0VQc5KjZxq3l
rrmBDyElCRX2qLLpzmkZYV8ds6IZXtmQIPXa9VcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRujWgprNjSh3bps8GRd1iW1OI/rTAfBgNVHSMEGDAWgBSWQzVWPZtvnj4o
3jaNhZiLwUE3HjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xrTTFWajJiYjU0LUtONDJqWVdZaThGQk54NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvMTg2YTkzLThlOTMtNDY1Mi05Mjg5LTdlZDUxY2E1YWY1MS8x
L2JvMW9LYXpZMG9kMjZiUEJrWGRZbHRUaVA2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
MTg2YTkzLThlOTMtNDY1Mi05Mjg5LTdlZDUxY2E1YWY1MS8xL2xrTTFWajJiYjU0
LUtONDJqWVdZaThGQk54NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArm0UDANBgkqhkiG9w0BAQsFAAOC
AQEAltSR4St1Oc6BDWQSC1SNuTG51PaUrYRp5oFowC7J7aG3cXkHeUKQmAuQIwAV
0bptP8CB+YWUDKrEzKXt3e7c5Atx7V/vhc0OIA5dbaMUeXEBP1L9bni4XrmbbGLh
Ps7m/Sfm3bDTRCfPXjEdn1myLWtN/UP2iR00bZmxNFq1ypwyWeh4UlzO7jBfpgZ+
5tWvQJc1TKXiZOvqfKBSD6PHCGN+5bOg+RSe90XUc8ulevgmAKAQUqgqnoGnWRH6
atT02dgKIEYDDND9Qzp3yXvfk+ZpQYFdUGw3+AwdcrpB5fIjZDp8zq8Xk4f8KjDG
Bwfi1+J+lQKSL9t6prjy75sTzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:45 2024 by rpki-client on console-fra.rpki-client.org