Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/hTdc0wMrvX1RkCWw81vIbOXoXTs.roa
File:                     hTdc0wMrvX1RkCWw81vIbOXoXTs.roa (raw, json)
Hash identifier:          gVv3r5wiuLxvTqtPmGJU3M7E7Ljv9BVixXbia9KenFo=
Subject key identifier:   85:37:5C:D3:03:2B:BD:7D:51:90:25:B0:F3:5B:C8:6C:E5:E8:5D:3B
Certificate issuer:       /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial:       380E19FE
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/hTdc0wMrvX1RkCWw81vIbOXoXTs.roa
Signing time:             Wed 26 Jan 2022 06:27:39 +0000
ROA not before:           Wed 26 Jan 2022 06:27:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15435
IP address blocks:        141.224.192.0/18 maxlen: 24
                          149.143.32.0/19 maxlen: 24
                          204.168.128.0/17 maxlen: 24
                          149.143.64.0/18 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 940448254 (0x380e19fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
        Validity
            Not Before: Jan 26 06:27:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=85375cd3032bbd7d519025b0f35bc86ce5e85d3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:bc:79:96:99:ec:25:65:ed:7c:a7:f4:7a:33:
                    53:a3:40:e4:18:4d:c8:c4:5c:55:9e:03:f4:25:81:
                    a7:0c:f9:e2:6b:4f:76:2a:df:e9:c2:57:dd:38:ba:
                    1d:a0:86:82:3f:69:96:a6:6a:de:fd:52:57:5d:62:
                    c6:57:5c:9c:d0:75:0d:3d:d8:27:d3:19:6a:63:12:
                    67:f1:4a:cd:20:38:ec:4c:83:96:cc:3b:9a:ff:84:
                    3d:74:55:04:7e:28:0b:ff:df:0a:47:77:62:ef:42:
                    3a:ef:ac:77:0d:e0:18:90:78:ae:7c:b3:65:88:42:
                    99:4e:de:f9:05:27:63:bc:37:21:4e:87:8a:94:3b:
                    57:0c:6c:b5:d4:31:21:32:d2:43:67:10:27:59:60:
                    aa:34:0d:81:07:99:50:b4:d7:54:4a:42:6c:34:e6:
                    57:34:67:ba:2f:da:5a:6d:aa:16:94:43:eb:03:c8:
                    15:49:30:3e:70:ff:70:0d:70:49:bd:a9:95:a7:31:
                    2b:f1:a7:38:ce:81:cd:a4:44:89:db:29:3a:13:0f:
                    b1:38:b5:0b:6a:e1:bd:cd:8f:7f:e0:cd:6f:31:a3:
                    ae:a2:bf:b3:aa:49:50:55:c6:a8:f1:94:0d:77:ed:
                    90:3e:ad:5f:c5:69:43:76:60:90:b5:f2:17:73:04:
                    46:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:37:5C:D3:03:2B:BD:7D:51:90:25:B0:F3:5B:C8:6C:E5:E8:5D:3B
            X509v3 Authority Key Identifier:
                keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/hTdc0wMrvX1RkCWw81vIbOXoXTs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.224.192.0/18
                  149.143.32.0-149.143.127.255
                  204.168.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         7b:2f:37:0e:c1:36:c5:65:6d:b2:5b:48:a1:b5:00:86:df:57:
         dd:90:66:cd:b5:47:75:7a:57:26:fb:a1:1b:03:ce:f7:20:3a:
         25:16:f6:ed:20:21:82:35:14:db:5c:68:c1:03:12:e0:f4:c4:
         cf:99:64:7b:5f:05:0b:5f:98:59:0a:f2:1a:75:cd:65:2f:e2:
         96:99:0c:8c:15:f2:4d:9b:7a:e4:d9:8e:57:8e:44:fb:a2:e9:
         b8:11:aa:35:ff:8a:eb:cf:65:41:fa:f6:32:1a:33:ff:08:52:
         7f:71:d1:84:5d:b5:cd:c1:83:d3:49:07:4a:c0:d9:2e:b3:89:
         6d:37:65:9e:49:26:4c:71:53:29:85:16:6a:71:1d:c6:de:93:
         9e:a3:ad:fb:1c:5b:f5:6e:4b:03:73:3a:3e:90:00:21:01:3c:
         bd:26:6c:93:27:02:52:82:bf:9d:42:99:95:c5:51:aa:c1:16:
         50:3a:8d:e7:a0:26:a6:27:13:b3:e5:39:44:9d:eb:65:ad:ba:
         bd:30:5b:a1:31:74:97:67:cf:f3:4f:64:e4:f1:d7:15:55:39:
         03:00:6b:7d:3d:47:fc:73:80:91:b6:aa:32:25:72:ef:d6:79:
         d3:69:45:bf:13:ef:03:fd:43:7c:86:96:89:b7:6e:04:b4:3b:
         0d:ee:5e:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEOA4Z/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE0YTYwMWNhMzVjNmM4Mzc2Yjg5YWFmNDQzYjYzZWE0MzljZGI4MB4XDTIyMDEy
NjA2MjczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUzNzVjZDMwMzJi
YmQ3ZDUxOTAyNWIwZjM1YmM4NmNlNWU4NWQzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPq8eZaZ7CVl7Xyn9HozU6NA5BhNyMRcVZ4D9CWBpwz54mtP
dirf6cJX3Ti6HaCGgj9plqZq3v1SV11ixldcnNB1DT3YJ9MZamMSZ/FKzSA47EyD
lsw7mv+EPXRVBH4oC//fCkd3Yu9COu+sdw3gGJB4rnyzZYhCmU7e+QUnY7w3IU6H
ipQ7VwxstdQxITLSQ2cQJ1lgqjQNgQeZULTXVEpCbDTmVzRnui/aWm2qFpRD6wPI
FUkwPnD/cA1wSb2placxK/GnOM6BzaREidspOhMPsTi1C2rhvc2Pf+DNbzGjrqK/
s6pJUFXGqPGUDXftkD6tX8VpQ3ZgkLXyF3MERjcCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSFN1zTAyu9fVGQJbDzW8hs5ehdOzAfBgNVHSMEGDAWgBSxpKYByjXGyDdr
iar0Q7Y+pDnNuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhU21BY28xeHNnM2E0bXE5RU8yUHFRNXpiZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZGZlYzQwLWI4NmUtNDk0Yy1iYTEwLTNhNTYyOGNjODFkOS8x
L2hUZGMwd01ydlgxUmtDV3c4MXZJYk9Yb1hUcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZGZlYzQwLWI4NmUtNDk0Yy1iYTEwLTNhNTYyOGNjODFkOS8xL3NhU21BY28xeHNn
M2E0bXE5RU8yUHFRNXpiZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEBo3gwDAMAwQFlY8gAwQHlY8AAwQH
zKiAMA0GCSqGSIb3DQEBCwUAA4IBAQB7LzcOwTbFZW2yW0ihtQCG31fdkGbNtUd1
elcm+6EbA873IDolFvbtICGCNRTbXGjBAxLg9MTPmWR7XwULX5hZCvIadc1lL+KW
mQyMFfJNm3rk2Y5XjkT7oum4Eao1/4rrz2VB+vYyGjP/CFJ/cdGEXbXNwYPTSQdK
wNkus4ltN2WeSSZMcVMphRZqcR3G3pOeo637HFv1bksDczo+kAAhATy9JmyTJwJS
gr+dQpmVxVGqwRZQOo3noCamJxOz5TlEnetlrbq9MFuhMXSXZ8/zT2Tk8dcVVTkD
AGt9PUf8c4CRtqoyJXLv1nnTaUW/E+8D/UN8hpaJt24EtDsN7l7P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:54 2024 by rpki-client on console-ams.rpki-client.org