Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/RtK6ghVR6e5t9HmANqJz5IKhnNA.roa
File:                     RtK6ghVR6e5t9HmANqJz5IKhnNA.roa (raw, json)
Hash identifier:          REu+ymMAej9HZFxbQ6swEggi9DPMB8lGgYGHgEM3GrI=
Subject key identifier:   46:D2:BA:82:15:51:E9:EE:6D:F4:79:80:36:A2:73:E4:82:A1:9C:D0
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       F446
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/RtK6ghVR6e5t9HmANqJz5IKhnNA.roa
Signing time:             Sun 06 Feb 2022 11:17:44 +0000
ROA not before:           Sun 06 Feb 2022 11:17:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.191.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62534 (0xf446)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Feb  6 11:17:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=46d2ba821551e9ee6df4798036a273e482a19cd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e6:63:71:5d:a6:6a:ca:1f:a6:84:d5:af:b0:
                    a0:9e:7e:a9:f2:91:89:c4:f3:98:ad:12:87:14:8a:
                    c0:ec:eb:e4:fd:8b:d0:e3:80:ba:51:8e:1c:55:b0:
                    16:c7:e1:ee:e9:85:b7:2c:92:f8:63:d4:11:3f:26:
                    a9:fc:7f:88:a2:38:a9:dd:2a:50:9f:15:6d:40:6d:
                    16:f3:72:f6:42:39:71:f5:5e:90:a1:30:7e:a0:ae:
                    3f:dc:03:80:60:4c:e2:4f:86:3a:52:46:04:33:cc:
                    56:f5:f1:a7:8a:54:23:da:57:1e:58:d3:0d:73:30:
                    8a:99:6b:74:7d:b3:53:b3:3e:eb:58:b2:59:38:6a:
                    f3:78:7b:ca:58:28:10:15:cf:0b:ee:f3:70:c8:7b:
                    41:fd:fa:38:29:bf:f5:44:e9:48:52:63:28:ba:43:
                    c0:f5:7b:7c:a4:31:c1:91:c9:d1:b6:a8:3f:15:1a:
                    d6:74:01:60:52:42:47:22:0b:14:db:73:20:93:21:
                    38:3a:8f:af:43:02:62:b2:88:14:13:d2:34:b5:f6:
                    47:c4:9d:9b:b1:ff:f2:44:e3:61:9d:c7:e7:bc:d2:
                    e2:7e:b0:24:97:1e:2f:c3:19:8f:ca:6d:6a:9c:ee:
                    4b:ae:ce:4a:c1:4d:0b:78:9f:dc:73:0f:61:b6:93:
                    c6:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:D2:BA:82:15:51:E9:EE:6D:F4:79:80:36:A2:73:E4:82:A1:9C:D0
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/RtK6ghVR6e5t9HmANqJz5IKhnNA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:6e:22:4c:3b:ff:42:29:de:2d:64:56:45:9b:ee:c6:86:71:
         f6:d1:b0:15:aa:44:01:21:39:85:af:d5:d8:08:12:6f:b3:d1:
         c3:2f:e0:7e:59:2a:02:c2:ab:96:ab:3a:bf:84:70:88:a4:e9:
         eb:44:d1:2b:e1:18:16:9d:43:31:99:be:07:18:73:97:9d:5e:
         ed:1b:aa:26:2c:15:7d:01:a0:15:23:b4:ff:5c:db:d5:e0:ee:
         a3:4a:89:87:10:a6:ce:07:03:5c:09:69:9b:27:12:a4:2f:a7:
         69:19:d4:f8:40:82:8f:dc:24:18:e3:ac:31:ed:6e:71:d1:80:
         c7:8e:f3:97:5b:d0:3a:2d:ea:b9:22:3f:87:c5:5b:c0:f6:2b:
         95:8f:45:59:3d:0d:5c:0e:ef:85:65:00:e3:27:2e:60:75:19:
         49:b3:b3:44:93:ff:4d:cc:9f:55:dd:27:a4:fc:aa:5a:ee:fb:
         47:37:87:56:c4:fc:50:91:ff:e3:f5:26:bd:fd:df:68:f0:2f:
         10:16:42:43:58:b2:f0:34:98:ab:99:29:5b:af:43:21:bb:45:
         7e:e4:a9:fc:53:c6:ad:00:1c:ab:cf:35:7d:4c:df:15:93:0e:
         71:81:15:61:97:51:a2:85:58:1a:4f:2a:e8:e4:20:94:4a:42:
         df:bd:f3:e2
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAPRGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRk
NjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQyYjg3OTYwHhcNMjIwMjA2
MTExNzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NmQyYmE4MjE1NTFl
OWVlNmRmNDc5ODAzNmEyNzNlNDgyYTE5Y2QwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuOZjcV2masofpoTVr7Cgnn6p8pGJxPOYrRKHFIrA7Ovk/YvQ
44C6UY4cVbAWx+Hu6YW3LJL4Y9QRPyap/H+Iojip3SpQnxVtQG0W83L2Qjlx9V6Q
oTB+oK4/3AOAYEziT4Y6UkYEM8xW9fGnilQj2lceWNMNczCKmWt0fbNTsz7rWLJZ
OGrzeHvKWCgQFc8L7vNwyHtB/fo4Kb/1ROlIUmMoukPA9Xt8pDHBkcnRtqg/FRrW
dAFgUkJHIgsU23MgkyE4Oo+vQwJisogUE9I0tfZHxJ2bsf/yRONhncfnvNLifrAk
lx4vwxmPym1qnO5Lrs5KwU0LeJ/ccw9htpPGEwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFEbSuoIVUenubfR5gDaic+SCoZzQMB8GA1UdIwQYMBaAFN1kAznlmt3HX9l4
EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRiLzEv
UnRLNmdoVlI2ZTV0OUhtQU5xSno1SUtobk5BLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83
NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRiLzEvM1dRRE9lV2EzY2Rm
MlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+QMA0GCSqGSIb3DQEBCwUAA4IB
AQChbiJMO/9CKd4tZFZFm+7GhnH20bAVqkQBITmFr9XYCBJvs9HDL+B+WSoCwquW
qzq/hHCIpOnrRNEr4RgWnUMxmb4HGHOXnV7tG6omLBV9AaAVI7T/XNvV4O6jSomH
EKbOBwNcCWmbJxKkL6dpGdT4QIKP3CQY46wx7W5x0YDHjvOXW9A6Leq5Ij+HxVvA
9iuVj0VZPQ1cDu+FZQDjJy5gdRlJs7NEk/9NzJ9V3Sek/Kpa7vtHN4dWxPxQkf/j
9Sa9/d9o8C8QFkJDWLLwNJirmSlbr0Mhu0V+5Kn8U8atAByrzzV9TN8Vkw5xgRVh
l1GihVgaTyro5CCUSkLfvfPi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org