Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1-IeStNPSG3xBvoFxEEnVVzN2wyM.roa
File:                     1-IeStNPSG3xBvoFxEEnVVzN2wyM.roa (raw, json)
Hash identifier:          Q6q/PSdVAKfDd7BhheHHMSiPlgngeuSAHiskdStvtbM=
Subject key identifier:   F8:87:92:B4:D3:D2:1B:7C:41:BE:81:71:10:49:D5:57:33:76:C3:23
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       1B24FB
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1-IeStNPSG3xBvoFxEEnVVzN2wyM.roa
Signing time:             Thu 17 Feb 2022 10:44:28 +0000
ROA not before:           Thu 17 Feb 2022 10:44:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        185.191.146.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1778939 (0x1b24fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Feb 17 10:44:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f88792b4d3d21b7c41be81711049d5573376c323
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ed:71:55:a9:5f:86:c5:fa:a4:4c:c3:2d:ab:
                    24:88:ac:3a:f6:8b:1c:3a:bb:c8:4f:75:b9:2d:11:
                    2c:f8:96:55:08:4c:d3:6d:ba:cf:e0:f8:9c:38:b7:
                    08:8f:9c:ef:0e:28:26:c8:0e:2b:3f:2c:67:02:21:
                    45:21:44:23:82:7a:17:66:a5:ac:15:40:ed:79:91:
                    21:b1:81:4f:42:c1:96:92:0f:82:ec:e9:9f:60:c6:
                    fd:66:83:2d:7a:52:89:77:8d:e0:49:1f:50:53:e3:
                    8a:26:2a:11:25:7c:55:91:12:1b:8a:b7:40:7d:3a:
                    cc:48:e2:b3:f8:c1:d7:9f:82:57:b8:7c:16:75:1d:
                    26:c8:72:3c:36:b1:67:28:68:b9:99:68:8a:2c:73:
                    76:72:59:26:93:62:0a:99:f6:3b:d6:b3:da:56:6c:
                    37:75:d1:74:93:82:ba:0d:57:fb:dc:e7:b3:4c:ff:
                    ca:85:ce:5d:c1:a1:1b:04:d1:6b:f0:c5:81:dd:07:
                    f8:4d:68:1d:1c:b6:02:ea:38:90:5f:97:c9:b8:b7:
                    02:b0:74:3d:75:fa:7b:d5:cc:eb:4c:d7:0f:a6:89:
                    6a:3c:2a:51:25:e3:a0:85:dd:34:e9:2b:bc:5a:59:
                    f0:21:1b:76:f9:87:89:11:26:84:79:32:fc:9e:2c:
                    f7:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:87:92:B4:D3:D2:1B:7C:41:BE:81:71:10:49:D5:57:33:76:C3:23
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1-IeStNPSG3xBvoFxEEnVVzN2wyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bb:ba:ac:5c:1a:12:39:04:fa:b1:c1:52:80:05:7e:16:97:7d:
         19:bd:42:52:e7:fb:ab:6f:6e:99:2f:c3:9d:d6:69:56:f3:a4:
         c3:59:e4:2b:fe:1e:22:63:71:0a:99:4b:05:37:7a:3a:1d:7e:
         dc:87:c0:10:55:34:33:7f:d2:2d:49:a7:e5:96:4c:5d:d1:d8:
         27:4d:9f:88:98:10:d4:e8:58:7c:2e:18:e7:65:8e:e2:82:43:
         ae:41:64:6f:62:ee:60:60:4a:03:e7:13:25:4b:14:63:e9:a8:
         82:4b:73:1b:8a:6b:22:9c:ae:5a:86:ff:e3:1b:dd:4a:d7:8d:
         10:03:ff:f9:26:ab:3f:1a:a4:dd:ee:91:a0:24:15:d0:bc:b9:
         a4:d7:b1:1b:43:38:1c:00:ad:8c:fc:f2:e3:1f:15:f0:f4:e8:
         dc:c4:36:d5:a9:38:7c:1e:3c:4b:14:42:07:3f:ef:1b:cc:da:
         8c:7d:17:10:39:2b:f6:dc:5a:84:ad:c5:a2:55:20:be:90:3c:
         09:c6:6b:f8:21:86:cf:22:e8:04:8d:99:fe:d5:c5:ed:9b:ae:
         7c:75:41:e2:52:58:e6:7e:a7:04:75:90:3a:eb:4a:0c:dd:8a:
         d7:d3:c4:b4:45:6b:b3:30:4c:d4:1e:ac:27:27:87:5c:d1:57:
         f9:f6:d0:58
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDGyT7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRk
NjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQyYjg3OTYwHhcNMjIwMjE3
MTA0NDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmODg3OTJiNGQzZDIx
YjdjNDFiZTgxNzExMDQ5ZDU1NzMzNzZjMzIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3+1xValfhsX6pEzDLaskiKw69oscOrvIT3W5LREs+JZVCEzT
bbrP4PicOLcIj5zvDigmyA4rPyxnAiFFIUQjgnoXZqWsFUDteZEhsYFPQsGWkg+C
7OmfYMb9ZoMtelKJd43gSR9QU+OKJioRJXxVkRIbirdAfTrMSOKz+MHXn4JXuHwW
dR0myHI8NrFnKGi5mWiKLHN2clkmk2IKmfY71rPaVmw3ddF0k4K6DVf73OezTP/K
hc5dwaEbBNFr8MWB3Qf4TWgdHLYC6jiQX5fJuLcCsHQ9dfp71czrTNcPpolqPCpR
JeOghd006Su8WlnwIRt2+YeJESaEeTL8niz30QIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFPiHkrTT0ht8Qb6BcRBJ1VczdsMjMB8GA1UdIwQYMBaAFN1kAznlmt3HX9l4
EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCBjgYIKwYBBQUHAQsEgYEw
fzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRiLzEv
MS1JZVN0TlBTRzN4QnZvRnhFRW5WVnpOMnd5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
NzYxNmU1LWE4Y2MtNDVkMS1iM2QwLTYxYjczMzU0YWJkYi8xLzNXUURPZVdhM2Nk
ZjJYZ1FHMEFJSzEwcmg1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbm/kjANBgkqhkiG9w0BAQsFAAOC
AQEAu7qsXBoSOQT6scFSgAV+Fpd9Gb1CUuf7q29umS/DndZpVvOkw1nkK/4eImNx
CplLBTd6Oh1+3IfAEFU0M3/SLUmn5ZZMXdHYJ02fiJgQ1OhYfC4Y52WO4oJDrkFk
b2LuYGBKA+cTJUsUY+mogktzG4prIpyuWob/4xvdSteNEAP/+SarPxqk3e6RoCQV
0Ly5pNexG0M4HACtjPzy4x8V8PTo3MQ21ak4fB48SxRCBz/vG8zajH0XEDkr9txa
hK3FolUgvpA8CcZr+CGGzyLoBI2Z/tXF7ZuufHVB4lJY5n6nBHWQOutKDN2K19PE
tEVrszBM1B6sJyeHXNFX+fbQWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org