Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/FAZc8sE5PLeUbTkpAkZZeYTPTws.roa
File:                     FAZc8sE5PLeUbTkpAkZZeYTPTws.roa (raw, json)
Hash identifier:          Tw6hXar+HaJfSaJTJpzVtClghugmL+geA5D9EbsdXXQ=
Subject key identifier:   14:06:5C:F2:C1:39:3C:B7:94:6D:39:29:02:46:59:79:84:CF:4F:0B
Certificate issuer:       /CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
Certificate serial:       18D0E54D
Authority key identifier: B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/FAZc8sE5PLeUbTkpAkZZeYTPTws.roa
Signing time:             Sat 01 Jan 2022 10:03:30 +0000
ROA not before:           Sat 01 Jan 2022 10:03:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.53.16.0/22 maxlen: 22
                          2a04:c980::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 416343373 (0x18d0e54d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
        Validity
            Not Before: Jan  1 10:03:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14065cf2c1393cb7946d39290246597984cf4f0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:89:3c:3d:73:dd:77:61:54:46:bf:ad:32:7b:
                    f5:ae:3d:c4:be:b2:09:06:34:2f:e8:30:1a:37:cf:
                    e9:30:a9:7b:45:d0:65:c9:c2:83:9d:81:ab:20:6b:
                    6a:5f:82:99:d9:c6:34:10:d5:ca:8e:ce:3c:8d:a0:
                    38:7b:39:83:03:76:37:07:fb:cd:f7:09:26:c0:d3:
                    8d:81:f8:ba:fd:1b:7c:90:93:e6:c1:13:4a:b6:2d:
                    2d:a7:a3:62:93:5f:e7:69:f8:51:47:d7:ca:e6:3e:
                    98:e7:7b:ed:c7:83:1e:72:0e:4b:2b:cb:5a:d0:1d:
                    51:8e:be:b9:49:f9:cf:45:66:7f:cf:d2:04:48:54:
                    db:95:cc:67:03:6d:15:c9:56:9b:f4:45:85:3e:6f:
                    04:ee:6b:5f:80:66:e8:2b:4f:1a:a7:c0:e5:20:2b:
                    2c:31:56:54:8b:74:c7:01:14:ba:71:4c:78:0f:61:
                    3d:60:66:2f:86:dd:e8:e3:f7:c7:30:7c:54:a0:5e:
                    23:68:fc:32:a9:86:f4:ee:c9:fa:86:b7:a5:45:79:
                    6b:32:71:91:b1:32:7d:84:a6:9d:6c:67:df:65:1d:
                    e7:3e:e4:6e:0d:84:c1:bf:46:a5:31:10:9a:f1:e5:
                    e3:a3:43:71:e9:55:bb:ff:92:55:ff:f1:ae:73:46:
                    14:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:06:5C:F2:C1:39:3C:B7:94:6D:39:29:02:46:59:79:84:CF:4F:0B
            X509v3 Authority Key Identifier:
                keyid:B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/FAZc8sE5PLeUbTkpAkZZeYTPTws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.53.16.0/22
                IPv6:
                  2a04:c980::/29

    Signature Algorithm: sha256WithRSAEncryption
         19:4d:e0:65:c0:a8:10:25:72:35:a0:ec:97:cb:1a:37:7f:cc:
         6d:27:4f:27:17:13:11:93:38:2e:de:1e:7a:04:a4:7d:31:e9:
         2d:7f:ba:75:0f:74:91:6e:ad:50:de:9a:c7:66:26:26:80:b7:
         e2:0d:a5:de:24:45:7e:56:25:3d:1f:2a:ae:a1:58:9d:e8:f0:
         b6:e8:2b:a5:33:8e:e0:19:53:42:81:91:1a:14:a6:da:c7:ec:
         e7:b7:7d:d6:84:d3:d9:38:39:89:59:a6:af:a0:65:8e:0e:80:
         08:59:8c:a5:15:d3:37:eb:37:e1:1e:6d:e9:35:ac:2a:5e:4d:
         a1:35:24:64:02:00:0a:24:a4:9f:f5:70:a4:11:75:63:9c:8c:
         5e:db:60:b2:94:72:1d:ad:d4:99:ae:fc:f1:ba:fa:d1:db:6f:
         77:0a:c2:38:91:06:e4:26:4d:00:89:9d:f9:09:ea:50:15:2d:
         f7:b1:42:0e:d9:52:cc:ff:12:d2:31:5a:90:12:f4:6c:28:ec:
         73:85:c2:4d:1f:6c:1a:d5:1e:54:18:10:ae:9d:d0:a4:23:00:
         4c:85:1e:ce:7f:1e:ff:22:01:03:e3:09:d9:fd:10:e4:36:22:
         fe:de:42:a8:7c:18:6d:b0:36:32:79:3d:c1:8c:e0:74:b2:72:
         67:88:c3:5c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGNDlTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTcwNTBkOGNhZjA5YTkxZDAwZjFjMDkwYTBiNzUyY2QxYjNkNTdjMB4XDTIyMDEw
MTEwMDMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQwNjVjZjJjMTM5
M2NiNzk0NmQzOTI5MDI0NjU5Nzk4NGNmNGYwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2JPD1z3XdhVEa/rTJ79a49xL6yCQY0L+gwGjfP6TCpe0XQ
ZcnCg52BqyBral+CmdnGNBDVyo7OPI2gOHs5gwN2Nwf7zfcJJsDTjYH4uv0bfJCT
5sETSrYtLaejYpNf52n4UUfXyuY+mOd77ceDHnIOSyvLWtAdUY6+uUn5z0Vmf8/S
BEhU25XMZwNtFclWm/RFhT5vBO5rX4Bm6CtPGqfA5SArLDFWVIt0xwEUunFMeA9h
PWBmL4bd6OP3xzB8VKBeI2j8MqmG9O7J+oa3pUV5azJxkbEyfYSmnWxn32Ud5z7k
bg2Ewb9GpTEQmvHl46NDcelVu/+SVf/xrnNGFCsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQUBlzywTk8t5RtOSkCRll5hM9PCzAfBgNVHSMEGDAWgBSxcFDYyvCakdAP
HAkKC3Us0bPVfDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NYQlEyTXJ3bXBIUUR4d0pDZ3QxTE5HejFYdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYTI3M2U4LTY3ZGMtNDc4Mi05YTM0LTRhZWI2YTc5NTUxMS8x
L0ZBWmM4c0U1UExlVWJUa3BBa1paZVlUUFR3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YTI3M2U4LTY3ZGMtNDc4Mi05YTM0LTRhZWI2YTc5NTUxMS8xL3NYQlEyTXJ3bXBI
UUR4d0pDZ3QxTE5HejFYdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk1EDANBAIAAjAHAwUDKgTJgDAN
BgkqhkiG9w0BAQsFAAOCAQEAGU3gZcCoECVyNaDsl8saN3/MbSdPJxcTEZM4Lt4e
egSkfTHpLX+6dQ90kW6tUN6ax2YmJoC34g2l3iRFflYlPR8qrqFYnejwtugrpTOO
4BlTQoGRGhSm2sfs57d91oTT2Tg5iVmmr6Bljg6ACFmMpRXTN+s34R5t6TWsKl5N
oTUkZAIACiSkn/VwpBF1Y5yMXttgspRyHa3Uma788br60dtvdwrCOJEG5CZNAImd
+QnqUBUt97FCDtlSzP8S0jFakBL0bCjsc4XCTR9sGtUeVBgQrp3QpCMATIUezn8e
/yIBA+MJ2f0Q5DYi/t5CqHwYbbA2Mnk9wYzgdLJyZ4jDXA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:44 2023 by rpki-client on console-ams.rpki-client.org