Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/6fCCp92TW9EGHJbuwO16FU3ZTVY.roa
File:                     6fCCp92TW9EGHJbuwO16FU3ZTVY.roa (raw, json)
Hash identifier:          7g8aMtZ4wJP6HxSMTTHD3OAUBaaiDqn8NmZHfGDY9/U=
Subject key identifier:   E9:F0:82:A7:DD:93:5B:D1:06:1C:96:EE:C0:ED:7A:15:4D:D9:4D:56
Certificate issuer:       /CN=c66dc60d16dfe1649d86c1693e17858c2306387f
Certificate serial:       045E28A2
Authority key identifier: C6:6D:C6:0D:16:DF:E1:64:9D:86:C1:69:3E:17:85:8C:23:06:38:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm3GDRbf4WSdhsFpPheFjCMGOH8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/6fCCp92TW9EGHJbuwO16FU3ZTVY.roa
Signing time:             Sat 01 Jan 2022 10:58:24 +0000
ROA not before:           Sat 01 Jan 2022 10:58:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39371
IP address blocks:        185.99.204.0/22 maxlen: 24
                          2a06:1480::/29 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73279650 (0x45e28a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66dc60d16dfe1649d86c1693e17858c2306387f
        Validity
            Not Before: Jan  1 10:58:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e9f082a7dd935bd1061c96eec0ed7a154dd94d56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:88:6b:01:74:e5:0a:ce:14:92:70:f8:73:8b:
                    fb:ad:ec:87:a9:e1:3b:ee:30:02:85:d8:38:49:32:
                    63:f6:5c:65:1e:14:4a:12:19:96:5d:44:d4:c6:54:
                    7b:7c:ac:12:82:d8:44:b2:f9:5f:50:63:e2:1d:07:
                    a6:7d:ed:ce:e5:40:52:63:b9:b6:09:c2:9a:a3:84:
                    52:b5:8b:c6:23:17:65:f9:db:a6:cc:1f:84:49:15:
                    78:ff:37:0c:fe:f8:9d:03:db:2b:ee:0d:43:50:23:
                    a0:95:4a:21:cb:75:89:62:75:2b:83:ab:f8:f2:f0:
                    3c:95:22:2d:7c:8f:06:5e:54:fc:a5:41:84:bc:ac:
                    0a:6c:66:fd:6b:50:60:89:52:ff:f3:cf:92:87:d3:
                    18:50:f8:b0:9f:d8:f1:61:d9:1c:25:37:9f:ac:5e:
                    76:f3:70:38:74:7e:76:8b:f4:f4:84:3f:90:21:8b:
                    f2:4b:f1:91:cc:a4:be:c7:66:e6:0a:ba:d6:48:11:
                    9f:50:71:2a:c9:25:d1:2b:4d:8b:ca:b1:3f:7f:88:
                    da:2a:52:78:6c:77:df:93:79:97:2e:dc:94:43:73:
                    62:41:38:13:eb:fb:37:64:73:b2:b2:d3:15:84:83:
                    ab:eb:06:85:59:ea:75:9b:ca:4c:1a:09:bc:86:d7:
                    75:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:F0:82:A7:DD:93:5B:D1:06:1C:96:EE:C0:ED:7A:15:4D:D9:4D:56
            X509v3 Authority Key Identifier:
                keyid:C6:6D:C6:0D:16:DF:E1:64:9D:86:C1:69:3E:17:85:8C:23:06:38:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm3GDRbf4WSdhsFpPheFjCMGOH8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/6fCCp92TW9EGHJbuwO16FU3ZTVY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/xm3GDRbf4WSdhsFpPheFjCMGOH8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.99.204.0/22
                IPv6:
                  2a06:1480::/29

    Signature Algorithm: sha256WithRSAEncryption
         8d:1d:3f:06:f6:3c:e1:74:38:fe:99:b2:c2:8f:b7:4f:3a:21:
         a5:32:9a:5b:bf:31:5c:74:41:86:3a:d1:b9:f8:99:66:05:7b:
         d8:ea:c6:79:08:17:a0:fe:d0:73:77:0b:b4:b2:7c:73:94:00:
         af:ee:bd:25:c5:68:96:fa:3b:19:50:80:52:16:71:60:72:36:
         eb:8f:ad:17:30:df:b4:b3:88:b9:30:b8:f1:1b:b3:77:eb:70:
         57:c3:5a:93:99:76:52:56:51:5c:a4:27:91:ca:d7:29:21:ab:
         01:f9:ec:e1:45:71:5a:5a:77:1b:bb:0e:35:0f:f9:0b:ca:82:
         a8:4a:6f:4a:a1:90:3b:4b:55:fa:49:fe:6e:9a:37:16:84:a1:
         3c:06:9f:5c:86:18:db:45:28:37:98:ef:3b:27:c5:98:fd:8a:
         49:01:2f:f6:da:cc:67:31:85:65:3b:09:c0:b0:0c:ef:b9:b7:
         e1:68:f5:e3:73:89:22:88:d1:03:3a:70:68:fe:eb:d8:cb:58:
         b8:33:12:ca:e9:ce:a5:14:ad:b8:aa:69:f9:42:69:ea:4d:33:
         26:fa:3d:0e:1f:f7:c5:e9:59:c8:e2:90:cd:44:28:9e:10:b5:
         56:60:91:85:8f:2d:4c:cb:5e:f6:f0:e7:4f:c4:9a:43:6f:d1:
         84:eb:e2:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBF4oojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjZkYzYwZDE2ZGZlMTY0OWQ4NmMxNjkzZTE3ODU4YzIzMDYzODdmMB4XDTIyMDEw
MTEwNTgyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTlmMDgyYTdkZDkz
NWJkMTA2MWM5NmVlYzBlZDdhMTU0ZGQ5NGQ1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeIawF05QrOFJJw+HOL+63sh6nhO+4wAoXYOEkyY/ZcZR4U
ShIZll1E1MZUe3ysEoLYRLL5X1Bj4h0Hpn3tzuVAUmO5tgnCmqOEUrWLxiMXZfnb
pswfhEkVeP83DP74nQPbK+4NQ1AjoJVKIct1iWJ1K4Or+PLwPJUiLXyPBl5U/KVB
hLysCmxm/WtQYIlS//PPkofTGFD4sJ/Y8WHZHCU3n6xedvNwOHR+dov09IQ/kCGL
8kvxkcykvsdm5gq61kgRn1BxKskl0StNi8qxP3+I2ipSeGx335N5ly7clENzYkE4
E+v7N2RzsrLTFYSDq+sGhVnqdZvKTBoJvIbXdTMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTp8IKn3ZNb0QYclu7A7XoVTdlNVjAfBgNVHSMEGDAWgBTGbcYNFt/hZJ2G
wWk+F4WMIwY4fzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3htM0dEUmJmNFdTZGhzRnBQaGVGakNNR09IOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvZjBlMTYxLWE0M2MtNGQzMS1iNjVkLWQ0ZmVkNTA4NTM5Mi8x
LzZmQ0NwOTJUVzlFR0hKYnV3TzE2RlUzWlRWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
ZjBlMTYxLWE0M2MtNGQzMS1iNjVkLWQ0ZmVkNTA4NTM5Mi8xL3htM0dEUmJmNFdT
ZGhzRnBQaGVGakNNR09IOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArljzDANBAIAAjAHAwUDKgYUgDAN
BgkqhkiG9w0BAQsFAAOCAQEAjR0/BvY84XQ4/pmywo+3TzohpTKaW78xXHRBhjrR
ufiZZgV72OrGeQgXoP7Qc3cLtLJ8c5QAr+69JcVolvo7GVCAUhZxYHI264+tFzDf
tLOIuTC48Ruzd+twV8Nak5l2UlZRXKQnkcrXKSGrAfns4UVxWlp3G7sONQ/5C8qC
qEpvSqGQO0tV+kn+bpo3FoShPAafXIYY20UoN5jvOyfFmP2KSQEv9trMZzGFZTsJ
wLAM77m34Wj143OJIojRAzpwaP7r2MtYuDMSyunOpRStuKpp+UJp6k0zJvo9Dh/3
xelZyOKQzUQonhC1VmCRhY8tTMte9vDnT8SaQ2/RhOviLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:50 2024 by rpki-client on console-ams.rpki-client.org