Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/gXt45B3Vry9OYwfKZ1EWDmKdudc.roa
File:                     gXt45B3Vry9OYwfKZ1EWDmKdudc.roa (raw, json)
Hash identifier:          hOWF2MMOORtrlnDaTDiHqA6FvSqj+W2jElXdYSAOGko=
Subject key identifier:   81:7B:78:E4:1D:D5:AF:2F:4E:63:07:CA:67:51:16:0E:62:9D:B9:D7
Certificate issuer:       /CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
Certificate serial:       1C3BCCB8
Authority key identifier: 65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/gXt45B3Vry9OYwfKZ1EWDmKdudc.roa
Signing time:             Sat 01 Jan 2022 11:56:36 +0000
ROA not before:           Sat 01 Jan 2022 11:56:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61081
IP address blocks:        185.24.72.0/22 maxlen: 24
                          2a04:2ac0::/29 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 473681080 (0x1c3bccb8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
        Validity
            Not Before: Jan  1 11:56:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=817b78e41dd5af2f4e6307ca6751160e629db9d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:85:52:30:e2:4a:ab:8e:ea:e9:84:c1:75:98:
                    87:60:c9:46:4b:2e:15:c0:ba:14:cc:81:a1:e5:c0:
                    07:67:b8:27:6a:4f:e2:9b:18:85:95:8e:96:de:6f:
                    38:ed:b8:c7:90:0f:47:88:ed:3b:04:43:65:cc:2c:
                    37:12:07:7d:5e:6f:e9:7f:7f:35:7a:2b:1c:7d:b7:
                    46:b8:51:5d:f4:fa:b8:37:32:f0:c3:df:2e:93:f5:
                    84:6f:36:76:8b:0e:c0:1d:f1:8a:ab:6f:f4:b7:80:
                    35:49:de:a9:f4:1a:f9:a8:cd:96:41:b8:3a:a0:34:
                    03:26:fa:fd:98:82:cd:db:95:12:5c:a1:d7:5a:af:
                    d4:81:bd:5c:3a:61:01:70:ea:2f:58:4b:0f:d5:4c:
                    40:a0:e7:e9:35:4c:be:d5:ad:1c:12:54:81:31:b6:
                    0d:06:e0:9d:40:77:44:64:7d:f2:62:aa:30:4c:f1:
                    de:41:31:30:ac:5d:77:05:a4:fc:fc:c6:78:5e:d0:
                    e9:32:67:df:69:b5:8e:15:a2:c3:64:b5:54:e7:ff:
                    1c:c5:eb:a3:98:6c:eb:15:bc:b8:2c:73:fe:53:24:
                    8e:39:7c:44:9d:9f:05:43:52:34:f0:c1:b0:48:12:
                    0d:9f:9f:fa:ea:3d:8f:14:73:d7:1a:4f:72:c8:5a:
                    5f:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:7B:78:E4:1D:D5:AF:2F:4E:63:07:CA:67:51:16:0E:62:9D:B9:D7
            X509v3 Authority Key Identifier:
                keyid:65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/gXt45B3Vry9OYwfKZ1EWDmKdudc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.24.72.0/22
                IPv6:
                  2a04:2ac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         49:06:0a:9c:6d:57:85:11:25:2d:b4:ce:14:57:50:d9:dd:13:
         63:cd:69:3b:f0:34:71:bd:8d:e6:34:a0:1d:7e:ae:c9:e5:cc:
         25:26:78:17:86:d6:71:d6:66:0a:f9:b2:a9:69:d9:3e:34:8b:
         77:1f:4e:b4:40:92:4b:c7:2b:af:7f:58:7e:d3:4b:1a:14:d0:
         92:12:fd:fa:67:1a:db:58:f2:74:f0:2f:49:6a:54:57:58:96:
         b1:27:8b:c3:42:8b:80:9e:34:fc:b8:93:68:d9:3c:76:f7:bd:
         ad:31:05:41:37:31:ac:34:20:52:48:4f:18:76:52:0e:ab:9f:
         68:bc:05:f2:8a:99:49:2c:b1:3f:3d:37:e7:9e:99:ce:d4:bf:
         43:de:7a:a9:11:a9:ab:5e:04:e2:3c:e2:50:97:6f:2a:a6:f3:
         07:cf:b7:16:c1:59:08:28:24:44:df:3d:2b:cf:17:e4:e3:fe:
         5b:65:5a:b8:2b:90:31:be:5f:0e:17:5d:23:5e:5f:a0:5e:06:
         29:98:6f:df:85:4c:68:09:16:a5:e9:ce:64:79:d0:89:a1:fe:
         df:38:e1:8f:de:b6:2f:8b:df:2b:b3:fd:35:0a:30:53:cf:12:
         82:48:f5:11:28:18:e9:bd:58:7a:86:d0:ed:6e:b2:86:70:1c:
         1f:9d:12:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEHDvMuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWFiNDg1YWY5MjNkMWI0NmM1YTMyMWZjN2EzZjg1NmMwNGZiNmZjMB4XDTIyMDEw
MTExNTYzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE3Yjc4ZTQxZGQ1
YWYyZjRlNjMwN2NhNjc1MTE2MGU2MjlkYjlkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2FUjDiSquO6umEwXWYh2DJRksuFcC6FMyBoeXAB2e4J2pP
4psYhZWOlt5vOO24x5APR4jtOwRDZcwsNxIHfV5v6X9/NXorHH23RrhRXfT6uDcy
8MPfLpP1hG82dosOwB3xiqtv9LeANUneqfQa+ajNlkG4OqA0Ayb6/ZiCzduVElyh
11qv1IG9XDphAXDqL1hLD9VMQKDn6TVMvtWtHBJUgTG2DQbgnUB3RGR98mKqMEzx
3kExMKxddwWk/PzGeF7Q6TJn32m1jhWiw2S1VOf/HMXro5hs6xW8uCxz/lMkjjl8
RJ2fBUNSNPDBsEgSDZ+f+uo9jxRz1xpPcshaXy0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSBe3jkHdWvL05jB8pnURYOYp251zAfBgNVHSMEGDAWgBRlq0ha+SPRtGxa
Mh/Ho/hWwE+2/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1phdElXdmtqMGJSc1dqSWZ4NlA0VnNCUHR2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvMTY0ZDhkLTQxYWMtNDUyMi1iYjI1LTg5ODYzNDk0MjI4NS8x
L2dYdDQ1QjNWcnk5T1l3ZktaMUVXRG1LZHVkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
MTY0ZDhkLTQxYWMtNDUyMi1iYjI1LTg5ODYzNDk0MjI4NS8xL1phdElXdmtqMGJS
c1dqSWZ4NlA0VnNCUHR2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkYSDANBAIAAjAHAwUDKgQqwDAN
BgkqhkiG9w0BAQsFAAOCAQEASQYKnG1XhRElLbTOFFdQ2d0TY81pO/A0cb2N5jSg
HX6uyeXMJSZ4F4bWcdZmCvmyqWnZPjSLdx9OtECSS8crr39YftNLGhTQkhL9+mca
21jydPAvSWpUV1iWsSeLw0KLgJ40/LiTaNk8dve9rTEFQTcxrDQgUkhPGHZSDquf
aLwF8oqZSSyxPz03556ZztS/Q956qRGpq14E4jziUJdvKqbzB8+3FsFZCCgkRN89
K88X5OP+W2VauCuQMb5fDhddI15foF4GKZhv34VMaAkWpenOZHnQiaH+3zjhj962
L4vfK7P9NQowU88Sgkj1ESgY6b1YeobQ7W6yhnAcH50Scw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:45 2024 by rpki-client on console-ams.rpki-client.org