Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/rcs4MMr_BAmTF1AgOWw2TNyytis.roa
File:                     rcs4MMr_BAmTF1AgOWw2TNyytis.roa (raw, json)
Hash identifier:          T/dS5NgEPatb39RLeZKNafnen9AtDFKvZ2J6YHkPBRk=
Subject key identifier:   AD:CB:38:30:CA:FF:04:09:93:17:50:20:39:6C:36:4C:DC:B2:B6:2B
Certificate issuer:       /CN=faf7066da09a56224260e46ea26dc9cb1dba8e37
Certificate serial:       026F7ECA
Authority key identifier: FA:F7:06:6D:A0:9A:56:22:42:60:E4:6E:A2:6D:C9:CB:1D:BA:8E:37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-vcGbaCaViJCYORuom3Jyx26jjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/rcs4MMr_BAmTF1AgOWw2TNyytis.roa
Signing time:             Sat 01 Jan 2022 14:00:27 +0000
ROA not before:           Sat 01 Jan 2022 14:00:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57081
IP address blocks:        185.132.112.0/22 maxlen: 22
                          2a06:e180::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40861386 (0x26f7eca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=faf7066da09a56224260e46ea26dc9cb1dba8e37
        Validity
            Not Before: Jan  1 14:00:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=adcb3830caff040993175020396c364cdcb2b62b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:87:3c:01:b7:84:68:2d:c1:4e:32:d4:0e:f2:
                    87:fd:df:5c:18:11:64:55:3d:4e:aa:98:d2:17:c3:
                    13:0d:83:1d:45:45:f3:df:f7:16:e2:8f:e0:5d:83:
                    bc:ac:88:4f:d6:12:1a:53:10:a0:31:e7:7e:15:5b:
                    82:f1:a0:ef:6e:8b:3c:d7:6b:40:0a:90:9c:ed:81:
                    a9:a8:17:41:4a:3e:02:71:f5:c4:4f:e5:22:fa:d5:
                    2d:6e:0f:8c:f6:41:f7:e2:cb:08:5f:2d:40:6a:d0:
                    a8:05:17:58:1b:45:f9:64:41:26:c4:d0:9e:42:df:
                    69:73:e6:50:10:9c:2b:cf:cc:9d:d5:fb:b2:13:c9:
                    d5:1c:5c:08:00:4e:46:c4:70:fe:d7:dd:fc:7f:fc:
                    ed:f4:50:53:85:35:fc:e2:dd:4d:72:8f:29:d5:6e:
                    d8:10:be:cc:d5:27:c1:e3:76:a1:34:40:3c:0f:ad:
                    df:e0:8a:51:6e:96:7c:0a:07:d1:04:ba:8f:72:bf:
                    24:c1:06:21:a8:1f:8b:6a:16:ef:23:7c:6e:7c:b0:
                    09:0f:60:66:27:ca:d5:5b:14:f1:37:7f:0e:91:17:
                    fd:05:46:ca:f3:41:68:fe:4b:ed:b6:e6:16:ba:20:
                    7f:fa:f1:c0:b7:2d:01:1e:ba:39:0e:40:40:c3:dd:
                    42:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:CB:38:30:CA:FF:04:09:93:17:50:20:39:6C:36:4C:DC:B2:B6:2B
            X509v3 Authority Key Identifier:
                keyid:FA:F7:06:6D:A0:9A:56:22:42:60:E4:6E:A2:6D:C9:CB:1D:BA:8E:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-vcGbaCaViJCYORuom3Jyx26jjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/rcs4MMr_BAmTF1AgOWw2TNyytis.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/1-vcGbaCaViJCYORuom3Jyx26jjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.132.112.0/22
                IPv6:
                  2a06:e180::/29

    Signature Algorithm: sha256WithRSAEncryption
         2d:62:4a:26:70:e4:1d:48:46:4c:f8:fa:d6:0f:d3:37:e2:3d:
         38:35:43:c4:5a:d6:1a:6e:f0:39:7f:e1:92:1b:ae:d4:c6:23:
         b4:19:7c:ae:ee:ef:dd:8d:b9:be:58:ab:24:33:cf:21:7d:39:
         17:3e:74:b0:33:6f:cf:7d:d5:a6:10:7c:e6:66:72:94:e2:68:
         40:08:f9:41:37:8b:53:51:98:a0:4d:f5:02:c3:7b:cd:00:c2:
         68:1a:7f:fe:36:38:1e:48:80:ac:31:3c:31:82:30:f4:1d:40:
         fd:da:7b:bd:17:b2:c8:2b:0a:e5:5d:42:11:d5:3f:41:d6:30:
         f4:f1:5c:41:95:ee:61:81:34:64:43:04:ed:8f:61:65:18:de:
         8b:6e:4e:72:a7:e7:93:5c:83:fb:c5:b5:62:70:ea:64:bc:b1:
         d5:85:07:a1:f4:5d:e3:70:4f:03:4f:12:e8:c8:d3:48:9f:2a:
         ff:bd:87:e6:c3:b7:f8:0b:90:98:e4:ed:8c:e4:f8:88:6c:41:
         98:d8:36:47:a3:1a:7a:c6:2b:73:f0:d4:89:7e:2e:90:86:71:
         ad:6b:b1:f9:94:20:a6:78:53:39:da:8d:23:b3:bf:43:9d:34:
         12:e7:a3:22:42:f9:85:50:5c:50:59:67:e0:c3:37:42:9e:f9:
         96:62:63:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAm9+yjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWY3MDY2ZGEwOWE1NjIyNDI2MGU0NmVhMjZkYzljYjFkYmE4ZTM3MB4XDTIyMDEw
MTE0MDAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWRjYjM4MzBjYWZm
MDQwOTkzMTc1MDIwMzk2YzM2NGNkY2IyYjYyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmHPAG3hGgtwU4y1A7yh/3fXBgRZFU9TqqY0hfDEw2DHUVF
89/3FuKP4F2DvKyIT9YSGlMQoDHnfhVbgvGg726LPNdrQAqQnO2BqagXQUo+AnH1
xE/lIvrVLW4PjPZB9+LLCF8tQGrQqAUXWBtF+WRBJsTQnkLfaXPmUBCcK8/MndX7
shPJ1RxcCABORsRw/tfd/H/87fRQU4U1/OLdTXKPKdVu2BC+zNUnweN2oTRAPA+t
3+CKUW6WfAoH0QS6j3K/JMEGIagfi2oW7yN8bnywCQ9gZifK1VsU8Td/DpEX/QVG
yvNBaP5L7bbmFrogf/rxwLctAR66OQ5AQMPdQoUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBStyzgwyv8ECZMXUCA5bDZM3LK2KzAfBgNVHSMEGDAWgBT69wZtoJpWIkJg
5G6ibcnLHbqONzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtdmNHYmFDYVZpSkNZT1J1b20zSnl4MjZqamMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2EzLzZkYmMyZi0wZjBiLTRhMmYtYjE0OS1iNzU5ODMxMjI0NTUv
MS9yY3M0TU1yX0JBbVRGMUFnT1d3MlROeXl0aXMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Ez
LzZkYmMyZi0wZjBiLTRhMmYtYjE0OS1iNzU5ODMxMjI0NTUvMS8xLXZjR2JhQ2FW
aUpDWU9SdW9tM0p5eDI2ampjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYRwMA0EAgACMAcDBQMqBuGA
MA0GCSqGSIb3DQEBCwUAA4IBAQAtYkomcOQdSEZM+PrWD9M34j04NUPEWtYabvA5
f+GSG67UxiO0GXyu7u/djbm+WKskM88hfTkXPnSwM2/PfdWmEHzmZnKU4mhACPlB
N4tTUZigTfUCw3vNAMJoGn/+NjgeSICsMTwxgjD0HUD92nu9F7LIKwrlXUIR1T9B
1jD08VxBle5hgTRkQwTtj2FlGN6Lbk5yp+eTXIP7xbVicOpkvLHVhQeh9F3jcE8D
TxLoyNNInyr/vYfmw7f4C5CY5O2M5PiIbEGY2DZHoxp6xitz8NSJfi6QhnGta7H5
lCCmeFM52o0js79DnTQS56MiQvmFUFxQWWfgwzdCnvmWYmMM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:12 2024 by rpki-client on console-fra.rpki-client.org