Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_bTk_9tloBkg_wrQfh4HJZqLGE0.roa
File:                     _bTk_9tloBkg_wrQfh4HJZqLGE0.roa (raw, json)
Hash identifier:          xQOoMtKpV3WELIbulWzuGGfwJTds+SpCaEjWW5KXpEY=
Subject key identifier:   FD:B4:E4:FF:DB:65:A0:19:20:FF:0A:D0:7E:1E:07:25:9A:8B:18:4D
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       17E5988F
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_bTk_9tloBkg_wrQfh4HJZqLGE0.roa
Signing time:             Sat 01 Jan 2022 03:59:54 +0000
ROA not before:           Sat 01 Jan 2022 03:59:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29286
IP address blocks:        95.43.198.0/24 maxlen: 24
                          46.10.162.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 400922767 (0x17e5988f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 03:59:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fdb4e4ffdb65a01920ff0ad07e1e07259a8b184d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6b:85:26:2d:b1:2d:04:48:eb:23:5c:fb:b0:
                    57:4c:b3:08:50:3b:63:b6:bc:b4:31:3f:ec:7f:c4:
                    3c:3a:03:bb:22:cd:71:c4:de:3c:57:d3:ad:78:bd:
                    bc:06:3c:18:a4:95:81:e2:af:3d:80:f4:eb:3e:35:
                    a2:75:8a:85:3a:68:35:00:a6:fc:1d:f4:4c:ce:0d:
                    3c:00:5e:11:c7:78:41:dd:89:89:c0:ba:17:03:c1:
                    88:05:e8:5c:ea:83:25:cd:19:26:cd:a1:22:de:08:
                    b5:91:a7:90:56:5c:63:b2:e5:5c:c6:37:0c:71:44:
                    94:0d:3b:54:82:bf:bf:c5:2a:a9:0e:e8:28:4f:78:
                    8b:c1:2d:54:98:2c:0b:10:2f:c2:39:26:f9:b0:bc:
                    9d:1b:cc:a0:88:d1:84:29:87:55:b9:66:72:c1:41:
                    e2:f3:ea:6a:f5:2a:61:5f:a6:4e:d9:ea:ef:c3:ad:
                    a5:60:8f:e9:71:ff:90:aa:ae:d2:f7:83:b0:96:11:
                    60:ae:a8:37:a9:7b:14:de:74:25:22:3f:b6:59:17:
                    63:4d:5a:3d:8a:e8:f1:97:ec:bd:97:9e:1a:34:56:
                    48:81:80:2a:b6:87:a4:ae:bd:d8:46:f4:5e:b0:95:
                    54:d2:2b:1a:17:0d:33:07:c0:21:db:a4:66:bb:ab:
                    71:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:B4:E4:FF:DB:65:A0:19:20:FF:0A:D0:7E:1E:07:25:9A:8B:18:4D
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_bTk_9tloBkg_wrQfh4HJZqLGE0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.10.162.0/23
                  95.43.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:85:cd:6a:7b:0a:e9:4e:18:0d:1a:c2:c4:8e:8c:a1:5a:e5:
         47:87:98:82:4e:fe:81:61:d9:8f:e8:bd:e7:50:41:38:95:47:
         ab:6f:da:08:44:b2:dc:e0:5a:53:25:11:dc:e7:88:29:31:37:
         0a:77:ae:7c:41:bc:23:db:7d:ca:b3:13:4b:9b:d8:15:48:23:
         80:53:c9:76:50:52:fa:98:8b:a3:4a:83:c8:20:27:88:8a:79:
         23:81:c5:82:27:52:de:10:a2:c2:81:60:8a:c1:4d:38:2c:36:
         45:02:99:b5:4a:86:a0:32:34:cc:71:f0:33:5a:27:4a:1c:6e:
         4c:1c:32:0e:6e:5a:e2:06:ca:a1:11:4e:ca:73:d6:b6:15:ca:
         ef:98:71:f2:bc:42:56:42:9e:6c:38:f6:23:8d:98:52:bd:29:
         fb:e4:cd:d6:74:22:5f:73:c5:ba:4b:21:8f:90:c6:67:01:49:
         be:ce:2d:09:d0:d3:c4:ad:3f:45:43:a8:ff:65:6b:96:c9:cb:
         4b:4d:df:ec:8e:84:8c:b2:aa:dd:85:2f:71:cb:ca:19:d0:97:
         5d:57:56:0b:6c:56:85:14:11:a9:b7:a2:91:e6:08:20:fa:cf:
         8d:da:00:e7:bc:08:8f:4e:7f:8a:ff:0e:2d:6d:27:ce:20:4f:
         ce:9e:58:66
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF+WYjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDEw
MTAzNTk1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmRiNGU0ZmZkYjY1
YTAxOTIwZmYwYWQwN2UxZTA3MjU5YThiMTg0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBrhSYtsS0ESOsjXPuwV0yzCFA7Y7a8tDE/7H/EPDoDuyLN
ccTePFfTrXi9vAY8GKSVgeKvPYD06z41onWKhTpoNQCm/B30TM4NPABeEcd4Qd2J
icC6FwPBiAXoXOqDJc0ZJs2hIt4ItZGnkFZcY7LlXMY3DHFElA07VIK/v8UqqQ7o
KE94i8EtVJgsCxAvwjkm+bC8nRvMoIjRhCmHVblmcsFB4vPqavUqYV+mTtnq78Ot
pWCP6XH/kKqu0veDsJYRYK6oN6l7FN50JSI/tlkXY01aPYro8ZfsvZeeGjRWSIGA
KraHpK692Eb0XrCVVNIrGhcNMwfAIdukZrurcV0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT9tOT/22WgGSD/CtB+HgclmosYTTAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L19iVGtfOXRsb0JrZ193clFmaDRISlpxTEdFMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAS4KogMEAF8rxjANBgkqhkiG9w0B
AQsFAAOCAQEARIXNansK6U4YDRrCxI6MoVrlR4eYgk7+gWHZj+i951BBOJVHq2/a
CESy3OBaUyUR3OeIKTE3CneufEG8I9t9yrMTS5vYFUgjgFPJdlBS+piLo0qDyCAn
iIp5I4HFgidS3hCiwoFgisFNOCw2RQKZtUqGoDI0zHHwM1onShxuTBwyDm5a4gbK
oRFOynPWthXK75hx8rxCVkKebDj2I42YUr0p++TN1nQiX3PFukshj5DGZwFJvs4t
CdDTxK0/RUOo/2VrlsnLS03f7I6EjLKq3YUvccvKGdCXXVdWC2xWhRQRqbeikeYI
IPrPjdoA57wIj05/iv8OLW0nziBPzp5YZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:05 2024 by rpki-client on console-fra.rpki-client.org