Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/ItT9SMUpizmpn_Fb6me4ayOpGh0.roa
File:                     ItT9SMUpizmpn_Fb6me4ayOpGh0.roa (raw, json)
Hash identifier:          U0Xbi88uMkmRsBR2kuh2ZIMK1F7SqMTrMxSCaEd+Xhc=
Subject key identifier:   22:D4:FD:48:C5:29:8B:39:A9:9F:F1:5B:EA:67:B8:6B:23:A9:1A:1D
Certificate issuer:       /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial:       1144982D
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/ItT9SMUpizmpn_Fb6me4ayOpGh0.roa
Signing time:             Sat 01 Jan 2022 05:58:17 +0000
ROA not before:           Sat 01 Jan 2022 05:58:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15510
IP address blocks:        84.19.112.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 289708077 (0x1144982d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
        Validity
            Not Before: Jan  1 05:58:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22d4fd48c5298b39a99ff15bea67b86b23a91a1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:22:3a:6e:44:f4:31:a3:5b:9e:ee:2a:0a:e0:
                    64:77:04:6d:1a:74:fb:51:99:b7:44:22:a2:2b:ca:
                    dc:85:cd:18:cb:e0:34:ba:fe:01:d7:9e:14:20:06:
                    b0:7c:be:e9:ad:f1:42:9f:ab:de:c1:cf:67:5c:96:
                    97:e9:73:3e:6f:88:69:31:7e:9a:1e:61:33:06:41:
                    7b:d7:e0:31:2f:f2:33:cb:16:54:03:28:d0:1d:69:
                    cf:89:a5:53:b9:85:cd:a4:55:ab:b6:f6:57:0e:16:
                    a3:a1:67:6f:5e:75:f0:a5:7e:d9:b4:a9:ac:a7:f4:
                    94:5e:11:df:98:db:7c:6c:21:47:60:68:8b:ca:7f:
                    f0:f7:63:ac:42:76:86:3c:90:44:65:18:0b:18:a2:
                    c6:c5:b7:a3:e4:19:39:2b:f3:c9:72:9a:8c:0b:8b:
                    06:8e:9e:31:6f:2d:b3:51:b2:cb:78:67:11:0e:1e:
                    87:c7:4b:1a:f1:34:58:10:e5:89:36:8d:82:47:40:
                    a0:b1:7f:c0:a0:55:73:7f:e7:5e:e4:a3:3a:5f:00:
                    60:4a:c3:7a:2c:b8:2a:af:08:88:a1:ca:fc:1d:58:
                    c8:5b:8e:1d:8b:24:9f:3f:a6:5e:05:64:dc:7f:fd:
                    01:88:4f:eb:c7:7c:59:91:e5:3b:fd:07:19:c5:3f:
                    92:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:D4:FD:48:C5:29:8B:39:A9:9F:F1:5B:EA:67:B8:6B:23:A9:1A:1D
            X509v3 Authority Key Identifier:
                keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/ItT9SMUpizmpn_Fb6me4ayOpGh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.19.112.0/21

    Signature Algorithm: sha256WithRSAEncryption
         69:d2:29:0b:82:77:68:c6:b5:fa:6a:37:de:3a:00:a7:2b:c0:
         e0:ba:c2:87:de:2e:10:ee:a5:16:51:f2:1b:fe:e1:28:f0:10:
         6b:78:b7:33:1b:20:f8:30:58:88:2b:51:7a:a2:4e:f7:e7:5d:
         fb:67:06:f3:e0:7f:e6:d6:ee:bc:c6:af:ae:27:68:18:15:19:
         2b:5b:7a:3b:9c:cb:01:f7:29:18:56:10:e5:8f:a2:ba:3c:24:
         3e:42:29:83:69:cb:7c:43:4c:2e:5a:81:9e:32:99:b1:12:60:
         7b:d4:31:62:13:ab:d1:03:f5:97:af:64:3a:32:51:9b:d0:08:
         bd:5a:63:f2:d1:a4:43:00:6c:f2:4a:29:f8:fd:5a:df:60:f0:
         af:55:d4:d5:45:fa:33:c6:3b:39:71:cc:4c:a0:db:dd:f8:b8:
         a4:ae:da:04:04:31:37:16:20:f8:c1:bf:d2:df:83:ec:47:fe:
         ff:ac:83:b3:36:8a:f4:f8:3c:66:40:18:f7:83:32:82:0b:df:
         70:5f:c3:0d:12:f1:01:da:e5:f1:fb:1e:7a:da:6d:f8:49:3d:
         5a:7a:f5:a7:10:a4:74:cc:94:03:67:a5:36:c9:f1:f6:a5:49:
         de:1a:e0:5d:b3:24:c1:d8:c5:fe:19:1e:44:31:81:c0:a6:19:
         38:ab:4f:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEUSYLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NjMwN2QyOWY1NTQzZjIxZWEzMDA5Yjk1MjNmZTcxYjhmMTM2OWNhMB4XDTIyMDEw
MTA1NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJkNGZkNDhjNTI5
OGIzOWE5OWZmMTViZWE2N2I4NmIyM2E5MWExZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoiOm5E9DGjW57uKgrgZHcEbRp0+1GZt0QioivK3IXNGMvg
NLr+AdeeFCAGsHy+6a3xQp+r3sHPZ1yWl+lzPm+IaTF+mh5hMwZBe9fgMS/yM8sW
VAMo0B1pz4mlU7mFzaRVq7b2Vw4Wo6Fnb1518KV+2bSprKf0lF4R35jbfGwhR2Bo
i8p/8PdjrEJ2hjyQRGUYCxiixsW3o+QZOSvzyXKajAuLBo6eMW8ts1Gyy3hnEQ4e
h8dLGvE0WBDliTaNgkdAoLF/wKBVc3/nXuSjOl8AYErDeiy4Kq8IiKHK/B1YyFuO
HYsknz+mXgVk3H/9AYhP68d8WZHlO/0HGcU/kq8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQi1P1IxSmLOamf8VvqZ7hrI6kaHTAfBgNVHSMEGDAWgBQWMH0p9VQ/Ieow
CblSP+cbjxNpyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZqQjlLZlZVUHlIcU1BbTVVal9uRzQ4VGFjby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvYmY1ZTcwLTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8x
L0l0VDlTTVVwaXptcG5fRmI2bWU0YXlPcEdoMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
YmY1ZTcwLTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8xL0ZqQjlLZlZVUHlI
cU1BbTVVal9uRzQ4VGFjby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1QTcDANBgkqhkiG9w0BAQsFAAOC
AQEAadIpC4J3aMa1+mo33joApyvA4LrCh94uEO6lFlHyG/7hKPAQa3i3Mxsg+DBY
iCtReqJO9+dd+2cG8+B/5tbuvMavridoGBUZK1t6O5zLAfcpGFYQ5Y+iujwkPkIp
g2nLfENMLlqBnjKZsRJge9QxYhOr0QP1l69kOjJRm9AIvVpj8tGkQwBs8kop+P1a
32Dwr1XU1UX6M8Y7OXHMTKDb3fi4pK7aBAQxNxYg+MG/0t+D7Ef+/6yDszaK9Pg8
ZkAY94MyggvfcF/DDRLxAdrl8fseetpt+Ek9Wnr1pxCkdMyUA2elNsnx9qVJ3hrg
XbMkwdjF/hkeRDGBwKYZOKtP5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:32 2024 by rpki-client on console-ams.rpki-client.org