Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/F6aXq8N3gODU2-lPOCjuH5ScRI8.roa
File:                     F6aXq8N3gODU2-lPOCjuH5ScRI8.roa (raw, json)
Hash identifier:          TWbkilM4YaQrSRoJzlZKcw1Sq7l5lfKDaeW5qA497i4=
Subject key identifier:   17:A6:97:AB:C3:77:80:E0:D4:DB:E9:4F:38:28:EE:1F:94:9C:44:8F
Certificate issuer:       /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial:       A9537D
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/F6aXq8N3gODU2-lPOCjuH5ScRI8.roa
Signing time:             Sat 01 Jan 2022 02:59:46 +0000
ROA not before:           Sat 01 Jan 2022 02:59:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60972
IP address blocks:        185.38.28.0/22 maxlen: 24
                          185.95.252.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11096957 (0xa9537d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
        Validity
            Not Before: Jan  1 02:59:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=17a697abc37780e0d4dbe94f3828ee1f949c448f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:70:cb:c5:64:01:a7:04:44:26:0d:d3:e7:83:
                    04:d6:45:26:bb:64:c2:78:db:d9:6d:71:87:25:c1:
                    9f:4d:3e:2b:6c:90:0d:83:2e:5d:d9:4b:55:b1:f8:
                    cf:a4:4e:54:a5:1f:ca:62:0f:f1:27:fc:c5:08:d3:
                    61:a4:02:de:3e:92:13:e7:35:f5:4e:2a:e6:fc:11:
                    92:e2:f3:9b:e4:e4:88:c8:bd:cb:55:a1:77:e0:90:
                    3d:38:19:9a:bd:08:9a:92:4c:de:82:c8:e8:aa:0b:
                    a6:5e:a6:37:0e:92:c8:21:24:63:5b:7a:ee:b5:fb:
                    a2:ad:8f:27:49:e1:eb:5c:6f:83:3d:d2:b6:94:3f:
                    ba:74:c9:2c:fc:d9:db:34:a3:d6:82:4e:7d:8b:01:
                    fc:1d:89:12:8b:16:9c:1d:52:71:72:85:a1:0e:f0:
                    fb:e0:aa:67:c1:f1:34:5d:b6:25:ed:d2:c7:76:d3:
                    27:bb:01:8b:90:c9:84:b1:1f:b7:dd:1a:af:d8:90:
                    31:23:ac:3c:5b:15:bc:2a:fc:78:c0:33:32:ad:bd:
                    e6:11:36:2b:6e:44:9f:dd:d4:99:a0:a3:6e:6b:9e:
                    0f:85:ae:05:e6:49:f4:b6:7c:6e:e2:23:de:9a:ee:
                    91:2d:8c:fa:be:66:ab:d0:1a:c0:43:eb:bb:ad:94:
                    10:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:A6:97:AB:C3:77:80:E0:D4:DB:E9:4F:38:28:EE:1F:94:9C:44:8F
            X509v3 Authority Key Identifier:
                keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/F6aXq8N3gODU2-lPOCjuH5ScRI8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.38.28.0/22
                  185.95.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:32:74:7e:b8:b4:e5:c9:a9:7f:fc:aa:12:6c:92:1c:22:e9:
         bf:04:cd:7f:03:d4:95:03:68:25:67:de:ca:a3:43:68:79:65:
         47:13:a0:af:5b:22:9d:21:88:4f:5d:66:af:a7:3e:83:1b:a2:
         72:fb:ff:47:82:23:1e:2b:24:46:26:92:8f:f2:d8:1b:7c:78:
         0d:86:29:7d:f1:0f:41:88:c6:9f:2e:4e:3e:3b:24:80:3a:34:
         6d:dc:fc:54:94:70:27:ac:22:e0:76:45:16:c8:d9:c5:c3:ec:
         65:09:e0:56:d7:21:fa:0c:12:dd:e4:0f:e7:61:29:26:e2:5e:
         dc:80:e4:14:59:32:e7:40:91:3f:6a:0e:77:88:81:ba:9a:ed:
         73:8e:f4:b4:e0:f7:ac:77:14:a3:c5:e6:6b:8f:09:c5:9c:a5:
         c3:2d:85:c6:7b:19:cf:e5:b7:cc:c7:58:dc:14:c3:e4:ed:8f:
         f7:f6:a1:27:49:68:be:c3:94:f0:70:92:20:d7:93:1d:e8:57:
         73:5e:8c:1c:46:88:60:0d:ff:4d:c7:d2:14:e7:3d:68:e3:63:
         44:cc:d1:aa:e5:89:89:8c:8b:27:18:0f:17:ed:9b:59:a9:ac:
         d8:7a:4a:ed:57:02:c8:70:a7:8b:7e:06:de:2b:7e:33:3e:c6:
         8c:10:06:26
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAKlTfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDg0N2Y4MjIxODk3ZDZlOTUyZTg2ZWEyYzMzOWFiYWFjYzEzMWY1MB4XDTIyMDEw
MTAyNTk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTdhNjk3YWJjMzc3
ODBlMGQ0ZGJlOTRmMzgyOGVlMWY5NDljNDQ4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZwy8VkAacERCYN0+eDBNZFJrtkwnjb2W1xhyXBn00+K2yQ
DYMuXdlLVbH4z6ROVKUfymIP8Sf8xQjTYaQC3j6SE+c19U4q5vwRkuLzm+TkiMi9
y1Whd+CQPTgZmr0ImpJM3oLI6KoLpl6mNw6SyCEkY1t67rX7oq2PJ0nh61xvgz3S
tpQ/unTJLPzZ2zSj1oJOfYsB/B2JEosWnB1ScXKFoQ7w++CqZ8HxNF22Je3Sx3bT
J7sBi5DJhLEft90ar9iQMSOsPFsVvCr8eMAzMq295hE2K25En93UmaCjbmueD4Wu
BeZJ9LZ8buIj3prukS2M+r5mq9AawEPru62UEDkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQXpperw3eA4NTb6U84KO4flJxEjzAfBgNVHSMEGDAWgBRwhH+CIYl9bpUu
huosM5q6rMEx9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NJUl9naUdKZlc2VkxvYnFMRE9hdXF6Qk1mVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8x
L0Y2YVhxOE4zZ09EVTItbFBPQ2p1SDVTY1JJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8xL2NJUl9naUdKZlc2
VkxvYnFMRE9hdXF6Qk1mVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkmHAMEArlf/DANBgkqhkiG9w0B
AQsFAAOCAQEAYzJ0fri05cmpf/yqEmySHCLpvwTNfwPUlQNoJWfeyqNDaHllRxOg
r1sinSGIT11mr6c+gxuicvv/R4IjHiskRiaSj/LYG3x4DYYpffEPQYjGny5OPjsk
gDo0bdz8VJRwJ6wi4HZFFsjZxcPsZQngVtch+gwS3eQP52EpJuJe3IDkFFky50CR
P2oOd4iBuprtc470tOD3rHcUo8Xma48JxZylwy2FxnsZz+W3zMdY3BTD5O2P9/ah
J0lovsOU8HCSINeTHehXc16MHEaIYA3/TcfSFOc9aONjRMzRquWJiYyLJxgPF+2b
Wams2HpK7VcCyHCni34G3it+Mz7GjBAGJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:12 2024 by rpki-client on console-fra.rpki-client.org