Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/13b165-0986-4e93-b1b4-bbf7c70ef4b3/1/doEAu6P_67faJ8PXlH5gNnGHV10.roa
File:                     doEAu6P_67faJ8PXlH5gNnGHV10.roa (raw, json)
Hash identifier:          ruTAaKYQn1ktHsGuZQQbseRMll5mnt4FFRFgbasaZWM=
Subject key identifier:   76:81:00:BB:A3:FF:EB:B7:DA:27:C3:D7:94:7E:60:36:71:87:57:5D
Certificate issuer:       /CN=0d1a3131fe8bea9c8258313a0f24ba2a560b58d3
Certificate serial:       241A6F
Authority key identifier: 0D:1A:31:31:FE:8B:EA:9C:82:58:31:3A:0F:24:BA:2A:56:0B:58:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DRoxMf6L6pyCWDE6DyS6KlYLWNM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/13b165-0986-4e93-b1b4-bbf7c70ef4b3/1/doEAu6P_67faJ8PXlH5gNnGHV10.roa
Signing time:             Sat 01 Jan 2022 01:51:27 +0000
ROA not before:           Sat 01 Jan 2022 01:51:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207056
IP address blocks:        185.167.122.0/24 maxlen: 24
                          185.167.121.0/24 maxlen: 24
                          185.167.120.0/24 maxlen: 24
                          185.167.123.0/24 maxlen: 24
                          2a0b:6a00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2366063 (0x241a6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d1a3131fe8bea9c8258313a0f24ba2a560b58d3
        Validity
            Not Before: Jan  1 01:51:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=768100bba3ffebb7da27c3d7947e60367187575d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:40:22:a0:36:31:d4:64:f1:72:ed:f1:1e:c3:
                    81:24:d2:78:36:46:78:80:a8:5f:b5:de:cb:20:9a:
                    68:ce:b9:a0:87:28:57:a9:37:ef:6e:2b:ef:7c:bf:
                    e4:9d:28:8d:de:cb:0a:7c:66:62:ba:27:11:61:0c:
                    e2:5b:55:8e:07:1c:b9:04:3a:85:a2:5d:be:ad:ac:
                    64:3b:a4:92:be:37:04:9a:a9:86:b5:dd:17:90:5b:
                    e5:ce:7f:a8:bd:66:23:4a:35:01:38:ee:cd:27:cd:
                    7e:38:2b:9f:6d:1e:4f:66:6d:5e:e4:c0:8e:09:4f:
                    0e:b9:7e:f1:89:f1:05:d4:60:6c:5f:17:29:93:50:
                    3d:55:ec:49:e8:ef:13:0e:50:bc:44:80:72:7e:14:
                    bd:e6:5e:8a:70:07:aa:4b:3d:9d:f0:fe:21:47:b7:
                    3b:79:ef:9d:82:1d:82:59:20:1c:a0:af:dc:0f:ac:
                    65:2f:46:ff:de:be:aa:28:0f:22:8f:5b:4e:ad:46:
                    e0:ed:60:a1:39:7d:2f:21:85:01:2a:21:7e:76:02:
                    5d:a5:71:7a:47:19:b1:9b:65:27:86:90:02:bb:59:
                    26:f2:72:ee:ba:0e:06:fe:f9:05:40:f7:5a:c0:b0:
                    ab:5b:d3:6a:1b:37:ff:f8:f1:36:26:b6:50:05:c4:
                    88:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:81:00:BB:A3:FF:EB:B7:DA:27:C3:D7:94:7E:60:36:71:87:57:5D
            X509v3 Authority Key Identifier:
                keyid:0D:1A:31:31:FE:8B:EA:9C:82:58:31:3A:0F:24:BA:2A:56:0B:58:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRoxMf6L6pyCWDE6DyS6KlYLWNM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/13b165-0986-4e93-b1b4-bbf7c70ef4b3/1/doEAu6P_67faJ8PXlH5gNnGHV10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/13b165-0986-4e93-b1b4-bbf7c70ef4b3/1/DRoxMf6L6pyCWDE6DyS6KlYLWNM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.120.0/22
                IPv6:
                  2a0b:6a00::/29

    Signature Algorithm: sha256WithRSAEncryption
         2d:35:aa:5f:4a:b5:59:9d:68:09:66:57:9d:1e:b7:7c:67:1b:
         ef:4b:f9:55:06:9f:f5:69:c4:bf:77:45:13:bb:74:4d:ca:f1:
         e3:d1:5c:59:27:d1:36:d3:c9:f8:3d:89:6d:ec:0d:05:90:14:
         0b:2b:0c:55:24:56:59:c0:ed:c4:1d:f1:36:7d:18:5b:d8:80:
         c5:1e:57:f1:64:6d:30:4e:86:7a:4e:d1:f7:a3:4f:ae:84:03:
         5a:1d:09:d9:22:de:07:e3:3c:bd:d1:34:ef:66:bc:b7:a2:51:
         43:d6:6c:a0:bb:15:31:07:e1:8f:60:47:b4:52:2e:48:c6:39:
         47:1b:3b:1e:34:76:1a:7c:73:a4:81:4c:ca:a5:d2:ec:f4:8b:
         a1:df:52:6d:29:09:3c:b1:cc:47:78:8d:b3:f4:a2:d8:20:01:
         1e:9c:a5:c5:d8:12:0f:7c:5c:75:64:da:bc:0f:a9:6c:f6:50:
         9c:4d:f0:ca:c6:68:96:69:c8:e2:3c:8b:90:7b:1e:05:cf:2d:
         ab:40:3c:77:bd:f6:28:7b:a3:67:4b:fe:89:8c:01:7c:28:56:
         da:58:16:76:e1:b3:64:2a:f6:cd:e2:76:43:a6:f0:a0:5d:25:
         5e:9d:1f:77:c2:9c:29:cf:6d:1e:43:c8:c6:6b:93:98:9d:56:
         09:63:66:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDJBpvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBk
MWEzMTMxZmU4YmVhOWM4MjU4MzEzYTBmMjRiYTJhNTYwYjU4ZDMwHhcNMjIwMTAx
MDE1MTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3NjgxMDBiYmEzZmZl
YmI3ZGEyN2MzZDc5NDdlNjAzNjcxODc1NzVkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmUAioDYx1GTxcu3xHsOBJNJ4NkZ4gKhftd7LIJpozrmghyhX
qTfvbivvfL/knSiN3ssKfGZiuicRYQziW1WOBxy5BDqFol2+raxkO6SSvjcEmqmG
td0XkFvlzn+ovWYjSjUBOO7NJ81+OCufbR5PZm1e5MCOCU8OuX7xifEF1GBsXxcp
k1A9VexJ6O8TDlC8RIByfhS95l6KcAeqSz2d8P4hR7c7ee+dgh2CWSAcoK/cD6xl
L0b/3r6qKA8ij1tOrUbg7WChOX0vIYUBKiF+dgJdpXF6Rxmxm2UnhpACu1km8nLu
ug4G/vkFQPdawLCrW9NqGzf/+PE2JrZQBcSIcQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFHaBALuj/+u32ifD15R+YDZxh1ddMB8GA1UdIwQYMBaAFA0aMTH+i+qcglgx
Og8kuipWC1jTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RFJveE1mNkw2cHlDV0RFNkR5UzZLbFlMV05NLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZS8xM2IxNjUtMDk4Ni00ZTkzLWIxYjQtYmJmN2M3MGVmNGIzLzEv
ZG9FQXU2UF82N2ZhSjhQWGxINWdObkdIVjEwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8x
M2IxNjUtMDk4Ni00ZTkzLWIxYjQtYmJmN2M3MGVmNGIzLzEvRFJveE1mNkw2cHlD
V0RFNkR5UzZLbFlMV05NLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuad4MA0EAgACMAcDBQMqC2oAMA0G
CSqGSIb3DQEBCwUAA4IBAQAtNapfSrVZnWgJZledHrd8ZxvvS/lVBp/1acS/d0UT
u3RNyvHj0VxZJ9E208n4PYlt7A0FkBQLKwxVJFZZwO3EHfE2fRhb2IDFHlfxZG0w
ToZ6TtH3o0+uhANaHQnZIt4H4zy90TTvZry3olFD1myguxUxB+GPYEe0Ui5IxjlH
GzseNHYafHOkgUzKpdLs9Iuh31JtKQk8scxHeI2z9KLYIAEenKXF2BIPfFx1ZNq8
D6ls9lCcTfDKxmiWacjiPIuQex4Fzy2rQDx3vfYoe6NnS/6JjAF8KFbaWBZ24bNk
KvbN4nZDpvCgXSVenR93wpwpz20eQ8jGa5OYnVYJY2bo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:56 2024 by rpki-client on console-ams.rpki-client.org