Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/H3Uv7ZXeyoOXUNyA0ppWEdFyxIg.roa
File:                     H3Uv7ZXeyoOXUNyA0ppWEdFyxIg.roa (raw, json)
Hash identifier:          tnB6XSLIr+ZpNZBdlQE7DPkMkioKrqcBnxmbre6EMM0=
Subject key identifier:   1F:75:2F:ED:95:DE:CA:83:97:50:DC:80:D2:9A:56:11:D1:72:C4:88
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       199027DC
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/H3Uv7ZXeyoOXUNyA0ppWEdFyxIg.roa
Signing time:             Fri 03 Jun 2022 15:28:24 +0000
ROA not before:           Fri 03 Jun 2022 15:28:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202843
IP address blocks:        185.60.64.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 428877788 (0x199027dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jun  3 15:28:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1f752fed95deca839750dc80d29a5611d172c488
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:3b:9b:47:f1:4c:b0:f6:36:c6:20:8d:72:2b:
                    b5:0b:47:c1:5b:e8:23:ee:38:0a:a2:c6:1d:2f:7c:
                    46:ca:8a:0c:68:a3:37:f4:cb:4e:3f:e8:ad:67:0a:
                    2b:06:be:89:c5:e7:63:19:3a:f1:cd:1f:26:d9:b4:
                    cc:dd:44:c3:25:67:a1:ac:14:e7:d7:f9:67:f2:dc:
                    29:e6:c2:7d:5d:a9:8f:28:df:e9:d3:32:71:2f:70:
                    d8:5a:4d:19:3e:5f:92:e3:ac:0b:83:c5:bf:7e:0b:
                    d2:d0:5f:d6:3a:61:19:d8:af:b1:2e:b8:e0:cc:5e:
                    4f:15:f3:93:68:8b:92:36:a4:ef:d8:63:ac:d4:57:
                    d8:46:28:5f:38:aa:c1:98:f6:02:80:73:d7:d3:5d:
                    b8:e7:3f:19:09:48:2f:c2:be:aa:68:e3:ed:45:3f:
                    eb:5a:21:90:78:8e:8d:4a:41:ab:b5:b9:8b:b6:e9:
                    78:3e:07:91:76:ba:76:b2:7e:33:30:fd:e1:6a:51:
                    52:98:30:2a:04:c8:b2:60:6a:f6:bd:38:0c:da:3e:
                    de:f8:f2:a4:51:2b:91:1a:2f:3a:dd:8e:a6:21:c0:
                    97:7e:4f:95:21:75:4a:43:77:3f:9e:17:1e:00:aa:
                    6c:39:41:6d:5d:11:35:a4:96:a0:2a:d4:7a:da:aa:
                    a1:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:75:2F:ED:95:DE:CA:83:97:50:DC:80:D2:9A:56:11:D1:72:C4:88
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/H3Uv7ZXeyoOXUNyA0ppWEdFyxIg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.60.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:2e:cf:ea:06:6a:8a:97:ad:ad:0e:8e:4e:a7:e9:d7:25:15:
         04:dd:cc:91:c1:36:cb:57:5d:2a:5e:16:8f:90:09:0c:52:50:
         52:b3:93:c5:ec:96:23:80:6a:c3:e4:b6:3a:98:3f:1a:cd:d0:
         1b:4d:c4:ad:3e:cf:c6:30:01:d9:c6:2e:40:93:70:1b:ee:a2:
         22:e8:45:d1:99:81:3e:ba:5a:fc:47:31:f6:6d:04:d4:63:58:
         6b:63:ba:cb:7e:8d:cc:f2:56:5e:37:bb:b7:ce:dd:e8:12:77:
         1f:7a:19:cd:cd:86:7e:30:17:d5:56:4d:00:33:6e:18:62:f3:
         be:2d:2b:70:02:b6:11:10:ec:3d:85:24:8b:fe:f1:ea:82:29:
         9f:a3:23:22:35:c2:1c:65:ef:83:24:6b:58:a6:33:70:4a:7f:
         cb:8e:f2:3a:ad:c9:a6:3f:f5:4e:17:c7:f5:6c:bd:14:5e:e2:
         6b:23:67:fc:cc:a3:1a:69:8c:73:b2:8b:ff:ad:56:08:72:ba:
         19:a7:dc:e6:aa:53:ff:cc:3e:c8:0d:0a:86:2f:b3:6e:03:11:
         e1:ea:ce:24:5f:f3:44:73:13:36:2c:42:b7:34:ec:8e:1c:1f:
         2e:1c:6b:04:a0:fd:ff:18:17:e9:be:4c:61:f8:c9:fb:b9:77:
         be:23:7b:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGZAn3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDYw
MzE1MjgyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY3NTJmZWQ5NWRl
Y2E4Mzk3NTBkYzgwZDI5YTU2MTFkMTcyYzQ4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANI7m0fxTLD2NsYgjXIrtQtHwVvoI+44CqLGHS98RsqKDGij
N/TLTj/orWcKKwa+icXnYxk68c0fJtm0zN1EwyVnoawU59f5Z/LcKebCfV2pjyjf
6dMycS9w2FpNGT5fkuOsC4PFv34L0tBf1jphGdivsS644MxeTxXzk2iLkjak79hj
rNRX2EYoXziqwZj2AoBz19NduOc/GQlIL8K+qmjj7UU/61ohkHiOjUpBq7W5i7bp
eD4HkXa6drJ+MzD94WpRUpgwKgTIsmBq9r04DNo+3vjypFErkRovOt2OpiHAl35P
lSF1SkN3P54XHgCqbDlBbV0RNaSWoCrUetqqoe8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQfdS/tld7Kg5dQ3IDSmlYR0XLEiDAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L0gzVXY3WlhleW9PWFVOeUEwcHBXRWRGeXhJZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALk8QDANBgkqhkiG9w0BAQsFAAOC
AQEAKS7P6gZqipetrQ6OTqfp1yUVBN3MkcE2y1ddKl4Wj5AJDFJQUrOTxeyWI4Bq
w+S2Opg/Gs3QG03ErT7PxjAB2cYuQJNwG+6iIuhF0ZmBPrpa/Ecx9m0E1GNYa2O6
y36NzPJWXje7t87d6BJ3H3oZzc2GfjAX1VZNADNuGGLzvi0rcAK2ERDsPYUki/7x
6oIpn6MjIjXCHGXvgyRrWKYzcEp/y47yOq3Jpj/1ThfH9Wy9FF7iayNn/MyjGmmM
c7KL/61WCHK6Gafc5qpT/8w+yA0Khi+zbgMR4erOJF/zRHMTNixCtzTsjhwfLhxr
BKD9/xgX6b5MYfjJ+7l3viN7Og==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org