Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/TLVVWYBDVeSRFH6pxvpNCFJUhl0.roa
File:                     TLVVWYBDVeSRFH6pxvpNCFJUhl0.roa (raw, json)
Hash identifier:          Af0bKR66cuROaeM9ihI19WTfYjCe4DZIUM1Ziu2fVT0=
Subject key identifier:   4C:B5:55:59:80:43:55:E4:91:14:7E:A9:C6:FA:4D:08:52:54:86:5D
Certificate issuer:       /CN=6a4abe8a8fa378951afa6859735bbe6b18148b57
Certificate serial:       09A59800
Authority key identifier: 6A:4A:BE:8A:8F:A3:78:95:1A:FA:68:59:73:5B:BE:6B:18:14:8B:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/akq-io-jeJUa-mhZc1u-axgUi1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/TLVVWYBDVeSRFH6pxvpNCFJUhl0.roa
Signing time:             Fri 18 Feb 2022 06:07:57 +0000
ROA not before:           Fri 18 Feb 2022 06:07:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203367
IP address blocks:        185.137.84.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 161847296 (0x9a59800)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a4abe8a8fa378951afa6859735bbe6b18148b57
        Validity
            Not Before: Feb 18 06:07:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4cb55559804355e491147ea9c6fa4d085254865d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b8:69:85:80:58:cf:7e:69:71:45:d5:4c:e8:
                    f1:49:c3:62:12:71:fc:c5:36:44:f7:00:32:6a:75:
                    c1:76:60:cb:7c:0c:35:20:28:6f:a1:9f:61:a7:74:
                    23:d9:9a:87:43:b9:84:2c:e7:a3:a9:28:ed:29:cd:
                    e9:6d:6a:02:6d:4b:10:ad:a0:b0:cf:5b:a7:8a:00:
                    20:6c:66:5d:f8:3b:e0:11:5b:66:46:d0:80:db:0b:
                    ba:51:6d:7f:3a:83:5a:ab:2c:c5:ef:18:d6:d0:68:
                    b1:a1:f8:90:c4:6a:1b:36:a4:1f:7d:56:6e:1b:cb:
                    46:df:2a:c9:a5:5e:c8:42:ec:f5:95:bc:60:8d:4c:
                    02:bd:9c:88:93:e9:2b:d8:33:27:2f:86:2c:f0:ce:
                    0a:28:e9:ec:8a:be:e2:d4:1f:38:62:22:47:e6:5d:
                    e4:0e:b3:13:f1:59:d9:03:f0:16:7e:22:9f:b3:75:
                    2e:44:61:9e:55:e1:2b:e9:01:2f:09:1e:fa:b2:70:
                    03:32:23:e9:31:83:25:91:c8:b3:15:23:f7:81:4d:
                    9a:f4:16:85:59:34:44:cb:8d:5c:df:95:d1:3d:27:
                    71:a7:ef:2b:50:73:f7:19:15:f6:3e:65:6c:d5:96:
                    34:af:d7:ba:5d:97:bc:9d:ed:ef:29:b7:cf:e8:bf:
                    c1:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:B5:55:59:80:43:55:E4:91:14:7E:A9:C6:FA:4D:08:52:54:86:5D
            X509v3 Authority Key Identifier:
                keyid:6A:4A:BE:8A:8F:A3:78:95:1A:FA:68:59:73:5B:BE:6B:18:14:8B:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/akq-io-jeJUa-mhZc1u-axgUi1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/TLVVWYBDVeSRFH6pxvpNCFJUhl0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/akq-io-jeJUa-mhZc1u-axgUi1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:de:39:23:49:4f:b6:d3:12:13:5e:78:1d:62:34:92:68:b5:
         19:88:41:81:0f:53:cc:70:0a:ad:9b:2f:50:1d:73:b5:81:8f:
         fd:c4:43:3c:d0:0f:81:7a:4c:b7:88:56:01:3d:2f:e0:e8:b6:
         00:43:58:da:0f:25:88:11:4d:da:1f:b2:47:27:e6:f8:03:64:
         f9:31:af:cb:aa:c9:1e:ca:3b:8e:13:bb:56:d7:57:46:dc:77:
         5e:1c:6e:9c:8a:a8:6a:36:86:29:fa:d9:48:ee:c5:0e:25:ea:
         92:93:cd:9b:92:97:b5:d7:d4:cc:73:1b:a5:82:5f:86:ea:3e:
         86:a5:0e:0a:22:98:99:de:de:66:52:11:09:f4:ad:7f:31:ab:
         c4:d3:c7:f6:fa:62:0d:c0:0d:0a:3d:cb:0c:4b:bd:2e:b3:c2:
         24:34:19:4f:b7:73:06:46:ae:a6:56:92:b5:07:2d:5a:37:d3:
         f3:02:f3:bb:69:21:91:5c:c2:3e:6a:5a:76:29:40:92:5b:38:
         15:cd:06:da:8f:c3:bc:39:a5:3b:0d:71:9b:44:89:12:b0:a6:
         22:9e:cb:58:ca:4d:db:71:02:54:17:a1:de:38:3f:8f:82:de:
         4f:e7:4f:b0:bc:18:1d:35:04:38:b2:ca:68:77:46:59:e1:d4:
         0d:b3:70:02
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECaWYADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YTRhYmU4YThmYTM3ODk1MWFmYTY4NTk3MzViYmU2YjE4MTQ4YjU3MB4XDTIyMDIx
ODA2MDc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGNiNTU1NTk4MDQz
NTVlNDkxMTQ3ZWE5YzZmYTRkMDg1MjU0ODY1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMO4aYWAWM9+aXFF1Uzo8UnDYhJx/MU2RPcAMmp1wXZgy3wM
NSAob6GfYad0I9mah0O5hCzno6ko7SnN6W1qAm1LEK2gsM9bp4oAIGxmXfg74BFb
ZkbQgNsLulFtfzqDWqssxe8Y1tBosaH4kMRqGzakH31WbhvLRt8qyaVeyELs9ZW8
YI1MAr2ciJPpK9gzJy+GLPDOCijp7Iq+4tQfOGIiR+Zd5A6zE/FZ2QPwFn4in7N1
LkRhnlXhK+kBLwke+rJwAzIj6TGDJZHIsxUj94FNmvQWhVk0RMuNXN+V0T0ncafv
K1Bz9xkV9j5lbNWWNK/Xul2XvJ3t7ym3z+i/wc0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMtVVZgENV5JEUfqnG+k0IUlSGXTAfBgNVHSMEGDAWgBRqSr6Kj6N4lRr6
aFlzW75rGBSLVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FrcS1pby1qZUpVYS1taFpjMXUtYXhnVWkxYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvYjAyOGI2LTQ3ODItNGM3Zi1iNmEyLTg3ZWI0NDhlOTJlZC8x
L1RMVlZXWUJEVmVTUkZINnB4dnBOQ0ZKVWhsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
YjAyOGI2LTQ3ODItNGM3Zi1iNmEyLTg3ZWI0NDhlOTJlZC8xL2FrcS1pby1qZUpV
YS1taFpjMXUtYXhnVWkxYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmJVDANBgkqhkiG9w0BAQsFAAOC
AQEAh945I0lPttMSE154HWI0kmi1GYhBgQ9TzHAKrZsvUB1ztYGP/cRDPNAPgXpM
t4hWAT0v4Oi2AENY2g8liBFN2h+yRyfm+ANk+TGvy6rJHso7jhO7VtdXRtx3Xhxu
nIqoajaGKfrZSO7FDiXqkpPNm5KXtdfUzHMbpYJfhuo+hqUOCiKYmd7eZlIRCfSt
fzGrxNPH9vpiDcANCj3LDEu9LrPCJDQZT7dzBkauplaStQctWjfT8wLzu2khkVzC
PmpadilAkls4Fc0G2o/DvDmlOw1xm0SJErCmIp7LWMpN23ECVBeh3jg/j4LeT+dP
sLwYHTUEOLLKaHdGWeHUDbNwAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:52 2024 by rpki-client on console-ams.rpki-client.org