Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/sTcGPFKVsbOzOwzINDyzGjjCfQM.roa
File:                     sTcGPFKVsbOzOwzINDyzGjjCfQM.roa (raw, json)
Hash identifier:          fCMcGTp+ElfS3JG/Dwr4UZG2fopWXQQ+TUBhXCbpn/Y=
Subject key identifier:   B1:37:06:3C:52:95:B1:B3:B3:3B:0C:C8:34:3C:B3:1A:38:C2:7D:03
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       018510A5B482DA0C093B96A3C0E6EC56098F
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/sTcGPFKVsbOzOwzINDyzGjjCfQM.roa
Signing time:             Wed 14 Dec 2022 12:39:33 +0000
ROA not before:           Wed 14 Dec 2022 12:39:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212609
IP address blocks:        185.191.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:10:a5:b4:82:da:0c:09:3b:96:a3:c0:e6:ec:56:09:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Dec 14 12:39:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b137063c5295b1b3b33b0cc8343cb31a38c27d03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:12:27:ec:d6:21:88:5d:53:10:8a:5a:19:cf:
                    be:d7:50:bc:4c:87:a4:64:08:f0:c4:85:2a:07:97:
                    7a:d6:07:60:e0:a6:8c:90:a7:48:61:77:b5:77:37:
                    fa:ce:46:74:75:8f:e0:c0:16:c7:92:a4:23:d3:9f:
                    86:ff:39:5c:38:23:41:f3:56:31:05:3b:a3:60:53:
                    7d:97:2a:18:74:2f:ac:c3:e1:cf:3d:f3:0e:76:43:
                    e7:bd:59:69:88:1d:71:c8:f1:b7:a2:b3:03:3a:3a:
                    b9:f3:89:bf:b0:b8:40:f8:1c:ce:72:a4:71:79:fa:
                    f5:35:85:0f:86:ae:f8:a6:d5:74:04:2e:3b:16:77:
                    f0:b8:8b:d5:a9:00:9b:31:7b:46:4f:33:e7:0c:ec:
                    44:c7:10:95:27:c0:42:f5:ae:d0:15:71:63:c1:c2:
                    c4:00:a2:01:28:ce:00:fe:19:64:5d:e2:c0:96:cb:
                    6d:ad:73:e8:83:da:e6:26:4d:c9:ed:26:db:aa:3d:
                    96:25:64:a9:ae:0a:62:3d:6f:f4:70:32:88:06:07:
                    79:bc:2b:25:72:f7:16:48:af:ac:0b:e5:2e:83:a4:
                    7f:c9:0f:7c:f1:f7:88:49:6a:ad:7e:33:e4:7d:fa:
                    d6:40:f5:b5:b9:76:37:14:27:bb:f6:74:c8:b4:43:
                    f6:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:37:06:3C:52:95:B1:B3:B3:3B:0C:C8:34:3C:B3:1A:38:C2:7D:03
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/sTcGPFKVsbOzOwzINDyzGjjCfQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:ce:16:64:9b:e1:45:0b:ba:44:e1:83:0c:7e:aa:3f:75:68:
         d7:d9:26:3c:51:05:0f:25:c1:8d:f5:e4:ed:c1:87:00:6b:38:
         67:58:f3:50:cd:8f:a7:49:b4:96:a7:4d:e7:d0:cf:27:31:0a:
         cd:0d:10:63:fa:ec:7b:a5:cc:4b:39:cd:47:5c:4d:ac:1a:18:
         ad:18:ef:86:ab:20:3a:e4:c4:e8:57:af:b8:c6:cd:f7:2b:98:
         b4:1f:96:b9:a9:ef:4c:a8:0c:37:41:39:c3:cd:8f:02:bd:5e:
         b6:d3:39:c4:0e:b2:ca:cb:5f:0c:1a:8d:c5:47:6e:83:f9:f6:
         76:85:6b:a7:92:62:9d:19:23:6a:9c:8a:3a:3d:19:0e:f0:15:
         6a:ae:cc:6f:4f:37:db:81:d2:63:fd:5f:de:5f:f0:62:85:62:
         20:a1:4d:92:9a:ca:7f:ba:27:6e:2a:4e:8a:ca:a4:02:90:db:
         7c:ae:d4:75:2b:b5:47:ce:4c:ad:16:49:67:7f:3e:82:05:9e:
         26:37:88:91:fd:66:56:e5:91:f9:89:1e:42:81:65:84:1a:70:
         cb:5e:1b:33:8e:d0:65:73:b3:a4:0a:d8:05:b8:6c:99:93:b6:
         6e:49:49:9d:36:ac:2e:28:de:6a:09:2e:1c:ee:fb:3a:12:b3:
         a7:60:39:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUQpbSC2gwJO5ajwObsVgmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjIxMjE0MTIzOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTM3MDYzYzUyOTViMWIzYjMzYjBjYzgzNDNjYjMxYTM4YzI3ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhIn7NYhiF1TEIpaGc++11C8TIek
ZAjwxIUqB5d61gdg4KaMkKdIYXe1dzf6zkZ0dY/gwBbHkqQj05+G/zlcOCNB81Yx
BTujYFN9lyoYdC+sw+HPPfMOdkPnvVlpiB1xyPG3orMDOjq584m/sLhA+BzOcqRx
efr1NYUPhq74ptV0BC47FnfwuIvVqQCbMXtGTzPnDOxExxCVJ8BC9a7QFXFjwcLE
AKIBKM4A/hlkXeLAlsttrXPog9rmJk3J7Sbbqj2WJWSprgpiPW/0cDKIBgd5vCsl
cvcWSK+sC+Uug6R/yQ988feISWqtfjPkffrWQPW1uXY3FCe79nTItEP2KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLE3BjxSlbGzszsMyDQ8sxo4wn0DMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvc1RjR1BGS1ZzYk96T3d6SU5EeXpHampDZlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+SMA0G
CSqGSIb3DQEBCwUAA4IBAQCwzhZkm+FFC7pE4YMMfqo/dWjX2SY8UQUPJcGN9eTt
wYcAazhnWPNQzY+nSbSWp03n0M8nMQrNDRBj+ux7pcxLOc1HXE2sGhitGO+GqyA6
5MToV6+4xs33K5i0H5a5qe9MqAw3QTnDzY8CvV620znEDrLKy18MGo3FR26D+fZ2
hWunkmKdGSNqnIo6PRkO8BVqrsxvTzfbgdJj/V/eX/BihWIgoU2Smsp/uiduKk6K
yqQCkNt8rtR1K7VHzkytFklnfz6CBZ4mN4iR/WZW5ZH5iR5CgWWEGnDLXhszjtBl
c7OkCtgFuGyZk7ZuSUmdNqwuKN5qCS4c7vs6ErOnYDlZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org