Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/5jCDEzJ6twzpGTksHed9unOJXJM.roa
File:                     5jCDEzJ6twzpGTksHed9unOJXJM.roa (raw, json)
Hash identifier:          dkWGb5L9GOfp+KitEmmpaB2Z5Z8oxyOfMrZUaZen8yY=
Subject key identifier:   E6:30:83:13:32:7A:B7:0C:E9:19:39:2C:1D:E7:7D:BA:73:89:5C:93
Certificate issuer:       /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial:       021693EF
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/5jCDEzJ6twzpGTksHed9unOJXJM.roa
Signing time:             Sat 01 Jan 2022 13:55:59 +0000
ROA not before:           Sat 01 Jan 2022 13:55:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60601
IP address blocks:        185.11.216.0/24 maxlen: 24
                          2a03:69c0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35034095 (0x21693ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
        Validity
            Not Before: Jan  1 13:55:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e6308313327ab70ce919392c1de77dba73895c93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:1c:85:b4:f1:99:aa:2d:fb:fe:e1:32:58:9d:
                    04:01:5d:ce:c4:72:64:33:c1:12:24:da:aa:59:4d:
                    2e:30:32:b6:ab:8d:fc:83:2d:30:a9:5d:ec:77:dc:
                    87:69:1b:d1:6e:7a:bd:29:6a:cf:d9:f1:dd:90:a7:
                    44:a3:55:c1:98:e6:1b:46:47:d1:b3:7a:68:ca:6a:
                    a5:e0:84:58:9b:7e:a4:24:65:8f:f6:83:40:a3:f5:
                    af:82:1a:7a:f8:c9:f2:6b:4d:85:b8:ca:51:f7:44:
                    83:ee:56:a7:6f:db:86:92:83:c1:42:ed:db:d7:f4:
                    88:00:31:35:f0:23:fa:98:c1:74:72:6e:53:79:0e:
                    b2:f5:6c:81:57:fb:36:21:43:cc:d7:45:5a:2a:c6:
                    d7:75:e6:48:a4:9b:e9:b6:bb:32:46:0c:02:67:50:
                    5e:f8:50:88:6e:52:4d:15:a0:16:19:6c:27:d1:f9:
                    41:be:83:d3:69:98:e6:a7:d2:b8:79:e1:bb:d8:06:
                    20:d0:32:c6:69:b1:99:0c:32:2a:03:68:92:db:75:
                    5c:a1:ed:67:84:6b:c7:06:f8:c1:ed:d1:3a:ee:f0:
                    99:ed:b7:72:dd:44:d9:48:7e:b5:f9:cb:23:81:98:
                    e7:d6:c3:dc:42:de:2c:3e:2f:d9:fe:2e:cf:cb:44:
                    ae:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:30:83:13:32:7A:B7:0C:E9:19:39:2C:1D:E7:7D:BA:73:89:5C:93
            X509v3 Authority Key Identifier:
                keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/5jCDEzJ6twzpGTksHed9unOJXJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.11.216.0/24
                IPv6:
                  2a03:69c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:52:da:07:70:18:59:96:31:f6:38:37:21:51:5c:6e:59:07:
         49:7f:bb:5a:1a:b9:78:3d:de:e3:d8:af:91:26:f9:54:97:ca:
         85:30:68:7c:56:7a:ca:2f:55:a9:05:17:96:3a:82:33:88:ae:
         a5:95:07:c0:6f:85:10:23:51:f2:f4:d4:39:15:02:5b:a8:b7:
         72:38:e9:38:f6:ae:ad:50:ec:76:1b:b6:0f:8c:12:80:fd:56:
         62:84:3e:17:e7:d9:de:da:fa:b1:34:e4:86:4c:21:42:bb:ee:
         88:4e:e4:d5:f9:5e:0a:a3:4f:18:ad:39:ea:09:5c:a5:89:26:
         e3:04:2f:dd:5d:05:10:b7:94:4e:fc:0a:a8:a3:65:30:9b:ab:
         0b:4b:4a:22:4a:75:9b:5d:4d:a1:c1:83:33:93:61:28:ce:8d:
         a2:70:e9:a6:f7:6e:87:86:d4:38:41:fe:3a:b2:16:80:41:55:
         66:78:b9:58:6a:2c:65:e2:cc:a1:39:82:ab:7f:25:6f:35:bc:
         d4:f9:a8:d4:6e:f9:66:a9:b6:b6:63:66:6a:6f:2b:58:83:72:
         87:fc:00:33:88:14:c5:d3:7a:6e:69:d4:5a:f6:8e:e5:2c:29:
         82:3c:32:37:87:0f:89:71:57:55:96:de:45:7a:3d:78:2b:8e:
         b1:8f:fe:b1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAhaT7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTAyMTRhMWJmMWQzYWZkMmRkNjZiMjNhOTk3MzEwNmI1ZDMxNmNhMB4XDTIyMDEw
MTEzNTU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTYzMDgzMTMzMjdh
YjcwY2U5MTkzOTJjMWRlNzdkYmE3Mzg5NWM5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMchbTxmaot+/7hMlidBAFdzsRyZDPBEiTaqllNLjAytquN
/IMtMKld7Hfch2kb0W56vSlqz9nx3ZCnRKNVwZjmG0ZH0bN6aMpqpeCEWJt+pCRl
j/aDQKP1r4IaevjJ8mtNhbjKUfdEg+5Wp2/bhpKDwULt29f0iAAxNfAj+pjBdHJu
U3kOsvVsgVf7NiFDzNdFWirG13XmSKSb6ba7MkYMAmdQXvhQiG5STRWgFhlsJ9H5
Qb6D02mY5qfSuHnhu9gGINAyxmmxmQwyKgNoktt1XKHtZ4Rrxwb4we3ROu7wme23
ct1E2Uh+tfnLI4GY59bD3ELeLD4v2f4uz8tEro0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTmMIMTMnq3DOkZOSwd5326c4lckzAfBgNVHSMEGDAWgBQKAhShvx06/S3W
ayOplzEGtdMWyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NnSVVvYjhkT3YwdDFtc2pxWmN4QnJYVEZzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvMDRlY2MwLTY2M2MtNDYwZS05MjBkLTMzMmVlNTQyNWM3YS8x
LzVqQ0RFeko2dHd6cEdUa3NIZWQ5dW5PSlhKTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
MDRlY2MwLTY2M2MtNDYwZS05MjBkLTMzMmVlNTQyNWM3YS8xL0NnSVVvYjhkT3Yw
dDFtc2pxWmN4QnJYVEZzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALkL2DAPBAIAAjAJAwcAKgNpwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCgUtoHcBhZljH2ODchUVxuWQdJf7taGrl4Pd7j
2K+RJvlUl8qFMGh8VnrKL1WpBReWOoIziK6llQfAb4UQI1Hy9NQ5FQJbqLdyOOk4
9q6tUOx2G7YPjBKA/VZihD4X59ne2vqxNOSGTCFCu+6ITuTV+V4Ko08YrTnqCVyl
iSbjBC/dXQUQt5RO/Aqoo2Uwm6sLS0oiSnWbXU2hwYMzk2Eozo2icOmm926HhtQ4
Qf46shaAQVVmeLlYaixl4syhOYKrfyVvNbzU+ajUbvlmqba2Y2ZqbytYg3KH/AAz
iBTF03puadRa9o7lLCmCPDI3hw+JcVdVlt5Fej14K46xj/6x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:02 2024 by rpki-client on console-ams.rpki-client.org