Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sRf3ZpOv6OBoMMsKjvgu96U_4DU.roa
File:                     sRf3ZpOv6OBoMMsKjvgu96U_4DU.roa (raw, json)
Hash identifier:          rzPpnNn1JNFvEgoZJ8A7Pef0/6QA9BUJE9QDEvG7l8w=
Subject key identifier:   B1:17:F7:66:93:AF:E8:E0:68:30:CB:0A:8E:F8:2E:F7:A5:3F:E0:35
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       19DE7A13
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sRf3ZpOv6OBoMMsKjvgu96U_4DU.roa
Signing time:             Mon 25 Apr 2022 20:06:11 +0000
ROA not before:           Mon 25 Apr 2022 20:06:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50673
IP address blocks:        185.172.167.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 434010643 (0x19de7a13)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Apr 25 20:06:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b117f76693afe8e06830cb0a8ef82ef7a53fe035
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:b0:60:56:d1:6c:95:4d:06:14:57:df:3c:c1:
                    82:76:a5:9c:82:49:a4:d4:2e:ad:60:31:13:60:d1:
                    90:7d:c5:d2:73:4b:03:7b:c8:f8:77:36:99:2e:de:
                    b6:0b:f6:52:75:e2:b3:b7:bd:be:39:20:91:22:19:
                    7c:d7:91:67:6b:e1:0c:d1:fe:07:cf:58:55:f4:ff:
                    79:31:c9:c0:a9:c8:16:ce:d5:36:57:79:e4:bc:cc:
                    1c:d6:c5:0b:27:05:26:59:c1:3d:c2:d8:5e:e7:7f:
                    1a:27:dc:a5:0e:87:86:96:3d:53:d5:29:f2:a3:06:
                    ae:1a:78:ef:71:b8:20:33:e4:d7:a6:1c:34:c9:a7:
                    98:f3:77:33:ab:b7:3e:64:3b:f7:5d:df:4d:d2:8c:
                    84:d4:91:38:d0:d7:d4:c4:24:fc:72:a7:ee:3f:36:
                    4e:82:5f:24:13:7f:10:79:76:e3:de:9d:d8:7a:4a:
                    e6:d1:a1:f3:27:63:98:84:22:4a:3c:66:11:0c:27:
                    67:6a:b9:ce:18:34:6a:47:13:47:3e:68:3c:11:cd:
                    af:73:81:ec:25:2e:75:f2:8b:3f:42:3b:4f:78:c4:
                    0e:75:d5:00:0e:64:67:ea:66:5b:ab:5a:45:18:59:
                    8e:b8:6b:6d:ab:cb:55:1b:1f:b6:8a:00:6a:56:ef:
                    98:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:17:F7:66:93:AF:E8:E0:68:30:CB:0A:8E:F8:2E:F7:A5:3F:E0:35
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sRf3ZpOv6OBoMMsKjvgu96U_4DU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:00:1f:c8:72:8a:76:6a:dd:47:22:f5:16:2c:e2:6d:06:bc:
         46:a8:33:f0:b9:8c:b6:7b:a6:99:fd:41:7e:e6:d6:0c:f7:77:
         5e:96:4f:48:8d:df:36:c2:ea:cb:b2:68:23:f2:85:6a:6c:72:
         f5:f0:a9:38:74:f5:f0:40:15:37:f6:d4:e3:f6:4c:01:0f:cf:
         3a:a5:8e:ba:6b:d4:88:6b:92:03:ad:31:d7:a3:5d:97:94:c3:
         bb:a0:83:9a:07:62:eb:d7:31:68:61:f8:26:35:10:2f:7d:d4:
         30:b4:a3:42:b0:f9:3c:06:fa:9b:d9:2e:6b:75:c8:78:b1:c3:
         93:4b:9e:04:65:ed:a6:0e:b3:88:f3:a6:bc:55:12:ba:78:34:
         b5:db:1a:0a:6d:6f:8a:d0:7d:fd:e1:df:4a:dc:aa:cc:bb:91:
         e9:e7:fc:f8:52:30:f1:e2:a5:a4:06:eb:6d:4d:ec:e0:e5:10:
         bd:c2:d9:9c:be:db:da:d1:c7:55:76:6b:d5:51:23:59:a0:08:
         22:c1:e4:6b:5a:99:b2:ff:b5:1b:1a:bc:31:06:3b:cd:68:18:
         5b:92:2f:e6:06:c7:57:68:b1:78:10:5b:1e:cf:82:91:ac:b1:
         3a:96:20:bf:6b:ac:ed:24:a1:49:ab:17:ff:91:54:b2:db:f1:
         b5:ab:68:da
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGd56EzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQy
NTIwMDYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjExN2Y3NjY5M2Fm
ZThlMDY4MzBjYjBhOGVmODJlZjdhNTNmZTAzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSwYFbRbJVNBhRX3zzBgnalnIJJpNQurWAxE2DRkH3F0nNL
A3vI+Hc2mS7etgv2UnXis7e9vjkgkSIZfNeRZ2vhDNH+B89YVfT/eTHJwKnIFs7V
Nld55LzMHNbFCycFJlnBPcLYXud/GifcpQ6HhpY9U9Up8qMGrhp473G4IDPk16Yc
NMmnmPN3M6u3PmQ7913fTdKMhNSRONDX1MQk/HKn7j82ToJfJBN/EHl2496d2HpK
5tGh8ydjmIQiSjxmEQwnZ2q5zhg0akcTRz5oPBHNr3OB7CUudfKLP0I7T3jEDnXV
AA5kZ+pmW6taRRhZjrhrbavLVRsftooAalbvmK0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSxF/dmk6/o4GgwywqO+C73pT/gNTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3NSZjNacE92Nk9Cb01Nc0tqdmd1OTZVXzREVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmspzANBgkqhkiG9w0BAQsFAAOC
AQEAfwAfyHKKdmrdRyL1FizibQa8Rqgz8LmMtnummf1BfubWDPd3XpZPSI3fNsLq
y7JoI/KFamxy9fCpOHT18EAVN/bU4/ZMAQ/POqWOumvUiGuSA60x16Ndl5TDu6CD
mgdi69cxaGH4JjUQL33UMLSjQrD5PAb6m9kua3XIeLHDk0ueBGXtpg6ziPOmvFUS
ung0tdsaCm1vitB9/eHfStyqzLuR6ef8+FIw8eKlpAbrbU3s4OUQvcLZnL7b2tHH
VXZr1VEjWaAIIsHka1qZsv+1Gxq8MQY7zWgYW5Iv5gbHV2ixeBBbHs+CkayxOpYg
v2us7SShSasX/5FUstvxtato2g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org