Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cc7247-6f0c-4b74-8690-051076744a65/1/bZaaalR6VIz_qI3oDePJt0pHLbI.roa
File:                     bZaaalR6VIz_qI3oDePJt0pHLbI.roa (raw, json)
Hash identifier:          zLauQC760SzsPwK4girhNstR1bbG4jnd3bUSYvPMbho=
Subject key identifier:   6D:96:9A:6A:54:7A:54:8C:FF:A8:8D:E8:0D:E3:C9:B7:4A:47:2D:B2
Certificate issuer:       /CN=6b3a735d09aaa7970def12c4ac60e827fdb3f825
Certificate serial:       035ABF64
Authority key identifier: 6B:3A:73:5D:09:AA:A7:97:0D:EF:12:C4:AC:60:E8:27:FD:B3:F8:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/azpzXQmqp5cN7xLErGDoJ_2z-CU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/cc7247-6f0c-4b74-8690-051076744a65/1/bZaaalR6VIz_qI3oDePJt0pHLbI.roa
Signing time:             Sat 01 Jan 2022 11:57:55 +0000
ROA not before:           Sat 01 Jan 2022 11:57:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.183.244.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56278884 (0x35abf64)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b3a735d09aaa7970def12c4ac60e827fdb3f825
        Validity
            Not Before: Jan  1 11:57:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d969a6a547a548cffa88de80de3c9b74a472db2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d3:e5:53:47:70:ba:74:33:de:a0:bd:73:ec:
                    93:b0:fc:50:32:d5:38:4d:a1:ad:79:a5:9b:0a:46:
                    8d:2e:b1:22:47:0d:53:6f:8b:11:e1:78:39:31:24:
                    c6:60:03:83:9e:f4:f9:8a:91:0e:d2:10:b6:b3:da:
                    80:3c:25:d8:34:1d:21:24:8a:a0:29:68:e9:7a:09:
                    22:e7:c3:a4:5c:a4:23:a8:d3:90:15:ae:7d:f9:00:
                    32:25:30:e2:64:8f:50:30:eb:9f:da:2a:4c:69:34:
                    74:a3:5b:c7:87:df:22:1e:cc:51:15:d1:a5:00:1c:
                    2d:b2:d6:50:4d:df:b3:73:32:ed:bf:8d:12:6a:58:
                    b4:00:88:13:f9:0a:a5:18:25:be:a8:a6:f9:75:8d:
                    fa:a0:f1:17:8f:3c:c6:a8:40:a8:69:4b:7f:88:c9:
                    58:50:f5:b8:65:31:94:9f:6d:12:a6:4c:7f:9c:a5:
                    d0:b1:b0:0e:5a:a7:46:c7:6a:e0:ef:0e:dd:b7:66:
                    8e:c6:4b:b6:1e:5f:a1:42:9e:79:3f:bc:f6:3f:9d:
                    13:9c:17:f5:19:5d:3b:2c:55:61:0a:f6:cb:de:9f:
                    7b:25:07:cf:4a:12:6c:c6:0b:75:f8:80:c9:bb:ed:
                    39:3b:fb:e0:c2:cc:19:42:2b:d0:39:4d:d2:b5:d9:
                    6c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:96:9A:6A:54:7A:54:8C:FF:A8:8D:E8:0D:E3:C9:B7:4A:47:2D:B2
            X509v3 Authority Key Identifier:
                keyid:6B:3A:73:5D:09:AA:A7:97:0D:EF:12:C4:AC:60:E8:27:FD:B3:F8:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/azpzXQmqp5cN7xLErGDoJ_2z-CU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cc7247-6f0c-4b74-8690-051076744a65/1/bZaaalR6VIz_qI3oDePJt0pHLbI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cc7247-6f0c-4b74-8690-051076744a65/1/azpzXQmqp5cN7xLErGDoJ_2z-CU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.183.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b1:ee:87:50:e2:62:ca:9e:8c:5c:d8:a8:93:d7:17:31:2f:15:
         e6:a6:7b:35:3d:72:41:dc:db:62:a5:c6:0d:5b:22:24:f6:e6:
         e6:9b:c8:25:af:f5:51:76:87:1a:b2:2b:36:72:a3:7d:37:86:
         15:ab:1f:fc:78:ff:37:fc:e0:7d:2d:43:05:cb:61:8d:b3:28:
         dd:3c:55:63:1f:34:4e:e0:f9:15:13:78:c7:cd:75:59:c1:1b:
         b5:51:7e:ba:e7:c4:4d:d3:3f:51:1f:e8:c0:3e:6a:c3:2c:34:
         85:17:e1:7b:d8:2a:d4:4b:7b:89:9e:fd:58:34:a7:f5:2c:3d:
         d0:ac:72:d9:96:1c:24:60:fd:66:ff:56:69:d6:73:0f:87:4f:
         dc:01:aa:67:7c:84:7a:53:91:68:4b:cb:81:0d:a0:61:d9:35:
         9c:a4:d9:a9:38:61:21:77:86:e5:e5:3f:00:69:a2:f0:41:1e:
         4e:7b:05:d4:26:34:c7:53:e4:79:33:f0:4f:6f:4f:6f:44:e9:
         fe:20:62:e4:e9:49:bf:67:2c:83:97:49:b7:91:82:b8:ec:f7:
         b9:73:8d:be:9a:9b:33:0f:31:d9:8d:2f:a5:52:4f:96:4f:13:
         15:73:bd:ca:ba:b9:fb:80:55:11:74:af:ad:f1:16:e0:f9:97:
         78:01:b2:92
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1q/ZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjNhNzM1ZDA5YWFhNzk3MGRlZjEyYzRhYzYwZTgyN2ZkYjNmODI1MB4XDTIyMDEw
MTExNTc1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ5NjlhNmE1NDdh
NTQ4Y2ZmYTg4ZGU4MGRlM2M5Yjc0YTQ3MmRiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbT5VNHcLp0M96gvXPsk7D8UDLVOE2hrXmlmwpGjS6xIkcN
U2+LEeF4OTEkxmADg570+YqRDtIQtrPagDwl2DQdISSKoClo6XoJIufDpFykI6jT
kBWuffkAMiUw4mSPUDDrn9oqTGk0dKNbx4ffIh7MURXRpQAcLbLWUE3fs3My7b+N
EmpYtACIE/kKpRglvqim+XWN+qDxF488xqhAqGlLf4jJWFD1uGUxlJ9tEqZMf5yl
0LGwDlqnRsdq4O8O3bdmjsZLth5foUKeeT+89j+dE5wX9RldOyxVYQr2y96feyUH
z0oSbMYLdfiAybvtOTv74MLMGUIr0DlN0rXZbLkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRtlppqVHpUjP+ojegN48m3SkctsjAfBgNVHSMEGDAWgBRrOnNdCaqnlw3v
EsSsYOgn/bP4JTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2F6cHpYUW1xcDVjTjd4TEVyR0RvSl8yei1DVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvY2M3MjQ3LTZmMGMtNGI3NC04NjkwLTA1MTA3Njc0NGE2NS8x
L2JaYWFhbFI2Vkl6X3FJM29EZVBKdDBwSExiSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
Y2M3MjQ3LTZmMGMtNGI3NC04NjkwLTA1MTA3Njc0NGE2NS8xL2F6cHpYUW1xcDVj
Tjd4TEVyR0RvSl8yei1DVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArm39DANBgkqhkiG9w0BAQsFAAOC
AQEAse6HUOJiyp6MXNiok9cXMS8V5qZ7NT1yQdzbYqXGDVsiJPbm5pvIJa/1UXaH
GrIrNnKjfTeGFasf/Hj/N/zgfS1DBcthjbMo3TxVYx80TuD5FRN4x811WcEbtVF+
uufETdM/UR/owD5qwyw0hRfhe9gq1Et7iZ79WDSn9Sw90Kxy2ZYcJGD9Zv9WadZz
D4dP3AGqZ3yEelORaEvLgQ2gYdk1nKTZqThhIXeG5eU/AGmi8EEeTnsF1CY0x1Pk
eTPwT29Pb0Tp/iBi5OlJv2csg5dJt5GCuOz3uXONvpqbMw8x2Y0vpVJPlk8TFXO9
yrq5+4BVEXSvrfEW4PmXeAGykg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:54 2024 by rpki-client on console-ams.rpki-client.org