Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/CkVU0Wb_aF0pVADHUzXIexfpP3I.roa
File:                     CkVU0Wb_aF0pVADHUzXIexfpP3I.roa (raw, json)
Hash identifier:          dEsgb87YuT65f4CfgIwxC4fXhIKa6Hufiaxqrd0V8Wk=
Subject key identifier:   0A:45:54:D1:66:FF:68:5D:29:54:00:C7:53:35:C8:7B:17:E9:3F:72
Certificate issuer:       /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial:       04418630
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/CkVU0Wb_aF0pVADHUzXIexfpP3I.roa
Signing time:             Wed 15 Jun 2022 13:45:44 +0000
ROA not before:           Wed 15 Jun 2022 13:45:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209372
IP address blocks:        85.28.59.0/24 maxlen: 24
                          85.28.60.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 71403056 (0x4418630)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
        Validity
            Not Before: Jun 15 13:45:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0a4554d166ff685d295400c75335c87b17e93f72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:40:7e:07:04:f3:10:14:4c:56:4a:ad:4c:fb:
                    4f:0b:bf:ae:93:5a:bd:0c:9c:a0:cc:4b:a0:2b:12:
                    1b:b1:7d:03:36:88:fc:dd:4e:f5:ad:80:3a:6e:aa:
                    4c:88:3f:0c:cc:ca:42:a7:75:6b:28:36:24:6a:4a:
                    eb:6b:72:22:78:14:be:60:15:6e:55:b4:a1:f4:de:
                    d9:ce:0c:f7:5f:4f:50:e7:8f:50:1a:d1:10:93:fc:
                    b1:af:b2:45:1e:e5:22:2d:25:2a:53:6f:30:34:85:
                    2d:51:a3:ec:01:07:ef:d4:e1:ed:c5:42:41:11:c1:
                    00:57:d7:90:30:d2:fa:a4:e9:af:d6:1a:53:81:9c:
                    59:08:b8:73:fd:2b:be:07:6a:fa:8a:d8:c6:23:99:
                    6b:f2:b6:de:78:c2:50:e5:5e:47:8b:72:b8:ee:a7:
                    33:3e:1c:64:a6:ef:68:ef:9a:4d:21:cc:2e:71:53:
                    d8:c3:22:b8:13:a1:6b:34:da:a4:31:07:7c:e4:25:
                    6b:04:9e:01:0f:00:16:06:94:36:63:e3:27:da:66:
                    5e:2c:c5:10:82:95:2a:fd:69:e7:78:92:dd:09:c7:
                    7b:26:56:b9:74:93:c1:a9:20:2b:96:10:31:d9:c2:
                    35:42:a6:b6:07:49:08:bf:2e:b8:03:3d:b3:ae:1c:
                    1e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:45:54:D1:66:FF:68:5D:29:54:00:C7:53:35:C8:7B:17:E9:3F:72
            X509v3 Authority Key Identifier:
                keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/CkVU0Wb_aF0pVADHUzXIexfpP3I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.28.59.0-85.28.63.255

    Signature Algorithm: sha256WithRSAEncryption
         63:f5:25:f2:5d:ec:81:42:15:4a:53:76:90:e8:29:b6:87:9b:
         34:d7:62:ba:25:13:96:21:f2:85:39:cd:ec:64:9d:11:aa:7c:
         4b:51:d3:2a:8f:4a:97:9a:dd:73:7b:d2:2f:7c:bd:31:46:cb:
         de:31:c1:51:17:30:18:71:98:bb:e7:0b:b8:e3:a3:0c:f3:0d:
         a8:15:83:f9:8f:ff:7e:06:a6:c3:72:38:0f:64:01:68:50:3c:
         72:24:2b:9c:93:a6:0e:d3:0e:f5:45:2f:53:0b:1c:52:26:43:
         0b:df:89:19:3d:e5:ad:25:96:f9:ba:ff:0f:38:3c:6c:f0:43:
         e7:01:6a:a6:8d:6b:4b:cc:3e:9d:78:dd:22:e8:31:3b:0d:8d:
         c6:73:2e:ff:da:d7:5d:e5:11:f0:9b:8a:c1:ec:85:3a:c9:74:
         15:6b:48:d5:6e:a3:8d:2a:d8:5e:e1:56:fa:bc:2f:e4:be:b9:
         26:f6:dc:78:12:b0:b6:98:0a:d3:b8:f5:60:d4:5a:08:4a:03:
         c4:4d:ca:9b:c9:21:86:b9:00:4b:4f:92:9d:cb:22:46:70:11:
         11:c5:49:42:b7:7e:05:07:5f:64:86:02:5a:49:02:85:6c:30:
         fc:1c:b0:19:6a:4a:89:a3:83:0a:66:19:74:b3:69:bf:31:b9:
         c6:00:bb:fa
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBEGGMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYzNDRhNjNkY2I3MGU4OTA1N2RlYjhlMjc2MWRjNDUxNjU4ODFhMB4XDTIyMDYx
NTEzNDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE0NTU0ZDE2NmZm
Njg1ZDI5NTQwMGM3NTMzNWM4N2IxN2U5M2Y3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5AfgcE8xAUTFZKrUz7Twu/rpNavQycoMxLoCsSG7F9AzaI
/N1O9a2AOm6qTIg/DMzKQqd1ayg2JGpK62tyIngUvmAVblW0ofTe2c4M919PUOeP
UBrREJP8sa+yRR7lIi0lKlNvMDSFLVGj7AEH79Th7cVCQRHBAFfXkDDS+qTpr9Ya
U4GcWQi4c/0rvgdq+orYxiOZa/K23njCUOVeR4tyuO6nMz4cZKbvaO+aTSHMLnFT
2MMiuBOhazTapDEHfOQlawSeAQ8AFgaUNmPjJ9pmXizFEIKVKv1p53iS3QnHeyZW
uXSTwakgK5YQMdnCNUKmtgdJCL8uuAM9s64cHkkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQKRVTRZv9oXSlUAMdTNch7F+k/cjAfBgNVHSMEGDAWgBQi80SmPctw6JBX
3rjidh3EUWWIGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TkVwajNMY09pUVY5NjQ0bllkeEZGbGlCby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8x
L0NrVlUwV2JfYUYwcFZBREhVelhJZXhmcFAzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8xL0l2TkVwajNMY09p
UVY5NjQ0bllkeEZGbGlCby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAVRw7AwQGVRwAMA0GCSqGSIb3
DQEBCwUAA4IBAQBj9SXyXeyBQhVKU3aQ6Cm2h5s012K6JROWIfKFOc3sZJ0RqnxL
UdMqj0qXmt1ze9IvfL0xRsveMcFRFzAYcZi75wu446MM8w2oFYP5j/9+BqbDcjgP
ZAFoUDxyJCuck6YO0w71RS9TCxxSJkML34kZPeWtJZb5uv8PODxs8EPnAWqmjWtL
zD6deN0i6DE7DY3Gcy7/2tdd5RHwm4rB7IU6yXQVa0jVbqONKthe4Vb6vC/kvrkm
9tx4ErC2mArTuPVg1FoISgPETcqbySGGuQBLT5KdyyJGcBERxUlCt34FB19khgJa
SQKFbDD8HLAZakqJo4MKZhl0s2m/MbnGALv6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:55 2024 by rpki-client on console-fra.rpki-client.org