Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/AtOLloZda0zB-70J6gsWkQhRp-I.roa
File:                     AtOLloZda0zB-70J6gsWkQhRp-I.roa (raw, json)
Hash identifier:          cLtirNzrmj8lQ+3Elk1K0DHVjFMPZKe7jgA6lugQyvg=
Subject key identifier:   02:D3:8B:96:86:5D:6B:4C:C1:FB:BD:09:EA:0B:16:91:08:51:A7:E2
Certificate issuer:       /CN=d03046d16cfc391b028b88743773ce005cf97b1d
Certificate serial:       08A666BD
Authority key identifier: D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/AtOLloZda0zB-70J6gsWkQhRp-I.roa
Signing time:             Sat 01 Jan 2022 12:02:54 +0000
ROA not before:           Sat 01 Jan 2022 12:02:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.163.152.0/24 maxlen: 24
                          185.163.153.0/24 maxlen: 24
                          185.163.155.0/24 maxlen: 24
                          185.163.154.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145123005 (0x8a666bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d03046d16cfc391b028b88743773ce005cf97b1d
        Validity
            Not Before: Jan  1 12:02:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=02d38b96865d6b4cc1fbbd09ea0b16910851a7e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:9d:e8:2e:2b:5c:12:ef:8f:4c:85:21:2b:4a:
                    07:22:e4:40:f3:d4:08:39:a9:6e:78:7c:0e:0a:14:
                    d8:97:d2:86:dd:72:03:bc:f4:9a:49:3d:aa:d2:ff:
                    e4:b4:b2:f1:48:a4:ab:1e:36:14:24:c5:6b:19:88:
                    3d:89:5c:d9:5b:38:ee:67:e8:fd:c5:5b:66:f3:4c:
                    6e:a4:8f:01:70:64:3b:8f:2f:07:8f:8e:bf:12:9f:
                    e4:df:d7:e5:c5:9b:02:04:20:f0:30:75:ef:6c:08:
                    5d:10:31:da:32:94:30:9d:f3:74:15:0a:b7:9e:f4:
                    01:5a:61:15:d6:a8:21:38:61:37:c9:a1:d8:00:93:
                    82:a0:9e:99:c8:3d:2c:d5:2a:7a:08:bb:55:f6:f3:
                    9b:8a:7d:17:10:3b:5a:b0:ed:ac:99:f2:a1:4e:fd:
                    ed:30:de:f9:a1:a7:a0:94:54:85:5c:41:b5:f0:57:
                    d8:20:46:8d:7f:21:de:d5:45:74:4f:ca:c0:0f:3b:
                    7f:96:6b:2e:cf:89:07:a4:74:fb:12:4c:53:ba:bb:
                    1a:2f:2c:86:3e:08:ca:3b:74:e8:11:0c:68:d2:d8:
                    99:94:a6:f4:b0:0e:44:14:1d:fc:ee:37:ba:c6:02:
                    ba:c6:b9:81:34:c9:f0:ce:ae:3d:cb:f1:ea:90:2d:
                    0e:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:D3:8B:96:86:5D:6B:4C:C1:FB:BD:09:EA:0B:16:91:08:51:A7:E2
            X509v3 Authority Key Identifier:
                keyid:D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/AtOLloZda0zB-70J6gsWkQhRp-I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.163.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         36:2e:c5:ea:d2:04:de:f1:49:bb:bf:1c:63:82:50:10:58:9f:
         92:59:00:46:45:fc:b5:e3:b8:cc:cd:66:84:0b:b1:60:9f:7b:
         ea:18:27:81:5f:12:b8:94:6a:8f:57:85:bc:82:c9:89:c5:d0:
         1e:34:9f:15:02:d6:5a:eb:5a:ee:d1:6e:52:ed:df:ff:86:07:
         44:eb:6e:b7:44:2a:ee:d6:f2:f7:01:45:32:2d:93:ca:b1:d6:
         80:2c:71:5d:41:33:f4:de:20:42:f0:15:81:80:04:8a:c5:55:
         a0:44:3e:ac:69:3a:a4:0d:d6:af:52:fb:09:95:d0:24:52:2e:
         e2:6a:0f:81:8c:10:da:c1:69:e4:39:e1:0a:80:7e:07:2a:a3:
         4c:86:a8:47:63:0c:7d:f6:ef:1f:db:a6:dc:7e:42:53:fa:a6:
         47:7e:89:2b:7c:cd:74:18:db:ab:7f:60:39:a1:a9:0c:8c:1b:
         e7:35:7d:f2:71:c5:8b:c6:1b:15:9a:32:e0:8e:cc:22:49:4c:
         5c:75:e9:4c:f5:c3:3f:45:92:2b:3d:cf:a3:bf:bc:65:69:22:
         99:c4:c3:c6:87:6a:d7:ee:84:80:1e:aa:56:7e:51:5e:9d:0e:
         53:95:81:11:7d:3a:66:8d:3c:d9:c2:3f:c6:f4:f6:02:62:64:
         95:9e:e8:2e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECKZmvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDMwNDZkMTZjZmMzOTFiMDI4Yjg4NzQzNzczY2UwMDVjZjk3YjFkMB4XDTIyMDEw
MTEyMDI1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJkMzhiOTY4NjVk
NmI0Y2MxZmJiZDA5ZWEwYjE2OTEwODUxYTdlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyd6C4rXBLvj0yFIStKByLkQPPUCDmpbnh8DgoU2JfSht1y
A7z0mkk9qtL/5LSy8Uikqx42FCTFaxmIPYlc2Vs47mfo/cVbZvNMbqSPAXBkO48v
B4+OvxKf5N/X5cWbAgQg8DB172wIXRAx2jKUMJ3zdBUKt570AVphFdaoIThhN8mh
2ACTgqCemcg9LNUqegi7Vfbzm4p9FxA7WrDtrJnyoU797TDe+aGnoJRUhVxBtfBX
2CBGjX8h3tVFdE/KwA87f5ZrLs+JB6R0+xJMU7q7Gi8shj4Iyjt06BEMaNLYmZSm
9LAORBQd/O43usYCusa5gTTJ8M6uPcvx6pAtDhECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQC04uWhl1rTMH7vQnqCxaRCFGn4jAfBgNVHSMEGDAWgBTQMEbRbPw5GwKL
iHQ3c84AXPl7HTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBEQkcwV3o4T1JzQ2k0aDBOM1BPQUZ6NWV4MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvMThkMTMyLTk5NTEtNDA1NS1iNWE2LWRjMGUxYTcyNTIyMS8x
L0F0T0xsb1pkYTB6Qi03MEo2Z3NXa1FoUnAtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
MThkMTMyLTk5NTEtNDA1NS1iNWE2LWRjMGUxYTcyNTIyMS8xLzBEQkcwV3o4T1Jz
Q2k0aDBOM1BPQUZ6NWV4MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmjmDANBgkqhkiG9w0BAQsFAAOC
AQEANi7F6tIE3vFJu78cY4JQEFifklkARkX8teO4zM1mhAuxYJ976hgngV8SuJRq
j1eFvILJicXQHjSfFQLWWuta7tFuUu3f/4YHROtut0Qq7tby9wFFMi2TyrHWgCxx
XUEz9N4gQvAVgYAEisVVoEQ+rGk6pA3Wr1L7CZXQJFIu4moPgYwQ2sFp5DnhCoB+
ByqjTIaoR2MMffbvH9um3H5CU/qmR36JK3zNdBjbq39gOaGpDIwb5zV98nHFi8Yb
FZoy4I7MIklMXHXpTPXDP0WSKz3Po7+8ZWkimcTDxodq1+6EgB6qVn5RXp0OU5WB
EX06Zo082cI/xvT2AmJklZ7oLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:44 2024 by rpki-client on console-ams.rpki-client.org