Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/itRofzvX6r26o789Ms6SaOM0Ybw.roa
File:                     itRofzvX6r26o789Ms6SaOM0Ybw.roa (raw, json)
Hash identifier:          Rb+wyd0YQi2z+gppodnrjSwJcweV+a3VUSwDamotexs=
Subject key identifier:   8A:D4:68:7F:3B:D7:EA:BD:BA:A3:BF:3D:32:CE:92:68:E3:34:61:BC
Certificate issuer:       /CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
Certificate serial:       037F4983
Authority key identifier: BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/itRofzvX6r26o789Ms6SaOM0Ybw.roa
Signing time:             Sat 01 Jan 2022 00:54:46 +0000
ROA not before:           Sat 01 Jan 2022 00:54:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29014
IP address blocks:        185.168.228.0/22 maxlen: 24
                          2a0b:f080::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58673539 (0x37f4983)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
        Validity
            Not Before: Jan  1 00:54:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8ad4687f3bd7eabdbaa3bf3d32ce9268e33461bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0f:60:ea:bd:fd:07:b8:03:07:c0:91:f0:55:
                    47:2b:72:b2:6b:9f:73:8e:0f:cb:bb:71:42:ee:02:
                    6a:bc:9c:79:e3:53:26:0b:31:be:2c:c9:94:60:8e:
                    5c:1f:94:6f:41:9e:a4:af:26:39:f5:f8:28:df:f5:
                    19:b9:fe:5b:7f:b4:9d:80:94:b8:a1:2b:92:4a:53:
                    db:7e:0f:2b:b9:35:f4:b4:67:a8:92:64:c9:ff:4c:
                    d8:a8:0f:6d:f8:9d:36:4a:22:d7:6b:6e:d7:17:02:
                    d2:a5:08:f0:79:5e:48:8e:42:d2:1e:ed:51:f8:de:
                    5c:fc:1e:88:57:0f:31:f8:a0:9d:4e:72:87:0c:c1:
                    f4:c8:1e:07:e8:c4:c0:01:e1:51:1a:47:c0:8b:13:
                    19:40:70:72:41:47:b2:3c:85:61:c9:55:75:f1:f0:
                    d0:34:20:5d:7e:10:ad:1b:30:fd:59:fa:38:e4:81:
                    48:e0:1a:3f:05:5c:77:29:2d:db:e0:98:cb:81:09:
                    4a:47:7a:d8:fe:83:a5:da:e9:85:97:32:7e:2a:88:
                    d7:66:78:8e:ed:a0:64:e7:9d:41:42:35:1b:cf:45:
                    f1:be:25:29:e2:a5:04:e1:d6:c3:40:6b:8e:a1:a3:
                    74:b7:6d:60:db:d6:3f:32:e6:7f:89:47:bc:c3:71:
                    0d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:D4:68:7F:3B:D7:EA:BD:BA:A3:BF:3D:32:CE:92:68:E3:34:61:BC
            X509v3 Authority Key Identifier:
                keyid:BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/itRofzvX6r26o789Ms6SaOM0Ybw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/u8VfskrVVuBCAmUfbVqLJ9W-35c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.168.228.0/22
                IPv6:
                  2a0b:f080::/32

    Signature Algorithm: sha256WithRSAEncryption
         8d:1a:f2:ba:ba:b9:29:6c:84:14:5b:d2:11:dd:e6:de:48:f0:
         22:49:d9:2e:f5:2b:bd:8a:0f:31:a5:23:ea:ed:a0:2f:52:4b:
         03:9c:94:7c:15:65:2c:8d:36:ab:11:f2:ae:33:d6:80:b4:1c:
         32:f5:26:a3:ab:65:51:d0:43:36:c9:cf:26:dd:56:1b:b2:b7:
         8f:43:d9:2d:5b:cf:1c:c4:23:1c:d2:c3:5a:6d:63:07:64:f4:
         9c:a1:87:f2:6d:c4:50:b4:18:27:c6:b8:56:ac:ca:c1:70:81:
         01:8f:5d:75:80:fa:4d:11:cf:ca:57:39:46:fe:1b:11:72:16:
         ce:f5:ad:43:13:3f:48:f6:4b:27:7c:c8:f7:8b:4e:d5:0f:c4:
         63:1f:24:1b:39:ef:ba:13:46:02:48:9f:2e:5f:ac:7d:1b:39:
         fc:99:d9:0c:63:38:ac:5a:cc:55:cb:04:34:d7:31:82:43:3a:
         50:d3:ec:1d:9d:2f:3b:38:83:b4:89:57:30:5e:4e:f1:9d:8e:
         4a:0f:a2:dd:5e:eb:49:07:09:f8:c7:fe:12:f7:07:10:7b:2b:
         73:7e:fb:12:59:4b:80:63:61:41:7b:1c:87:1d:50:13:59:52:
         d2:d7:c2:78:23:ad:6f:fe:c7:77:e1:d8:20:f0:e8:a9:5c:59:
         0f:bf:5f:59
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA39JgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmM1NWZiMjRhZDU1NmUwNDIwMjY1MWY2ZDVhOGIyN2Q1YmVkZjk3MB4XDTIyMDEw
MTAwNTQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFkNDY4N2YzYmQ3
ZWFiZGJhYTNiZjNkMzJjZTkyNjhlMzM0NjFiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEPYOq9/Qe4AwfAkfBVRytysmufc44Py7txQu4CaryceeNT
JgsxvizJlGCOXB+Ub0GepK8mOfX4KN/1Gbn+W3+0nYCUuKErkkpT234PK7k19LRn
qJJkyf9M2KgPbfidNkoi12tu1xcC0qUI8HleSI5C0h7tUfjeXPweiFcPMfignU5y
hwzB9MgeB+jEwAHhURpHwIsTGUBwckFHsjyFYclVdfHw0DQgXX4QrRsw/Vn6OOSB
SOAaPwVcdykt2+CYy4EJSkd62P6DpdrphZcyfiqI12Z4ju2gZOedQUI1G89F8b4l
KeKlBOHWw0BrjqGjdLdtYNvWPzLmf4lHvMNxDU0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSK1Gh/O9fqvbqjvz0yzpJo4zRhvDAfBgNVHSMEGDAWgBS7xV+yStVW4EIC
ZR9tWosn1b7flzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U4VmZza3JWVnVCQ0FtVWZiVnFMSjlXLTM1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNDY5MjJmLTVjYjYtNGQ5OC1iNGZjLTkzYmQ1ZTQwOGY5MS8x
L2l0Um9menZYNnIyNm83ODlNczZTYU9NMFlidy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NDY5MjJmLTVjYjYtNGQ5OC1iNGZjLTkzYmQ1ZTQwOGY5MS8xL3U4VmZza3JWVnVC
Q0FtVWZiVnFMSjlXLTM1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmo5DANBAIAAjAHAwUAKgvwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAjRryurq5KWyEFFvSEd3m3kjwIknZLvUrvYoPMaUj
6u2gL1JLA5yUfBVlLI02qxHyrjPWgLQcMvUmo6tlUdBDNsnPJt1WG7K3j0PZLVvP
HMQjHNLDWm1jB2T0nKGH8m3EULQYJ8a4VqzKwXCBAY9ddYD6TRHPylc5Rv4bEXIW
zvWtQxM/SPZLJ3zI94tO1Q/EYx8kGznvuhNGAkifLl+sfRs5/JnZDGM4rFrMVcsE
NNcxgkM6UNPsHZ0vOziDtIlXMF5O8Z2OSg+i3V7rSQcJ+Mf+EvcHEHsrc377EllL
gGNhQXschx1QE1lS0tfCeCOtb/7Hd+HYIPDoqVxZD79fWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:09 2024 by rpki-client on console-fra.rpki-client.org