Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b314cb-62b5-4fa6-b445-cbfba459d8f7/1/T0K3tRGPaBLGlc6G5IfKAcjRLDw.roa
File:                     T0K3tRGPaBLGlc6G5IfKAcjRLDw.roa (raw, json)
Hash identifier:          vMGU3hp+RQhCGispSxyKfx6OTsgJNF5lphtcR2rBOxM=
Subject key identifier:   4F:42:B7:B5:11:8F:68:12:C6:95:CE:86:E4:87:CA:01:C8:D1:2C:3C
Certificate issuer:       /CN=741736f657221fc134316323b0740585a9c1b20c
Certificate serial:       1BA66ACC
Authority key identifier: 74:17:36:F6:57:22:1F:C1:34:31:63:23:B0:74:05:85:A9:C1:B2:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dBc29lciH8E0MWMjsHQFhanBsgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/b314cb-62b5-4fa6-b445-cbfba459d8f7/1/T0K3tRGPaBLGlc6G5IfKAcjRLDw.roa
Signing time:             Sat 01 Jan 2022 08:55:06 +0000
ROA not before:           Sat 01 Jan 2022 08:55:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61079
IP address blocks:        185.19.164.0/23 maxlen: 24
                          185.19.166.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 463891148 (0x1ba66acc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=741736f657221fc134316323b0740585a9c1b20c
        Validity
            Not Before: Jan  1 08:55:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f42b7b5118f6812c695ce86e487ca01c8d12c3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:37:63:9d:66:70:bf:7d:91:ce:26:24:b9:ce:
                    96:e2:3c:49:2b:f8:09:49:04:40:3a:72:0c:16:3e:
                    78:ee:a4:f3:b1:a1:a7:3d:3f:7e:4b:53:14:d1:19:
                    6b:dc:fc:ff:14:7d:28:f9:19:c4:58:02:75:b7:a8:
                    8e:88:e5:26:5e:58:5f:e9:60:20:82:c9:17:21:f9:
                    0a:c0:24:27:7d:59:de:20:f2:31:ce:dc:0f:b1:bb:
                    cc:2b:ff:f0:f0:a3:b1:e4:8a:64:ca:8f:21:1b:01:
                    1c:7d:9f:5e:ea:72:59:9b:f0:6c:af:aa:ae:57:b2:
                    b2:a9:ad:2a:75:37:21:5e:b4:cb:ff:28:8d:fd:3a:
                    cc:ef:f4:28:c0:2a:f3:c3:ff:5e:e4:e8:82:24:20:
                    0e:29:6c:40:42:0f:87:04:24:88:75:d3:95:af:7a:
                    fa:83:17:b9:d9:4b:29:bc:7f:04:9a:08:c2:ab:19:
                    9c:36:34:ef:a8:ed:ec:39:53:ce:05:56:35:32:c0:
                    9e:94:c0:0a:ee:3a:e4:ca:77:1d:7e:4e:d3:f1:76:
                    4d:90:30:1f:dd:3e:40:59:16:71:50:ee:5b:28:d5:
                    cd:72:ee:ba:37:a9:d0:ca:62:a2:ef:e7:63:0f:76:
                    42:db:23:1b:8c:a7:13:c5:e2:8f:7f:d5:ff:ac:60:
                    34:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:42:B7:B5:11:8F:68:12:C6:95:CE:86:E4:87:CA:01:C8:D1:2C:3C
            X509v3 Authority Key Identifier:
                keyid:74:17:36:F6:57:22:1F:C1:34:31:63:23:B0:74:05:85:A9:C1:B2:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBc29lciH8E0MWMjsHQFhanBsgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b314cb-62b5-4fa6-b445-cbfba459d8f7/1/T0K3tRGPaBLGlc6G5IfKAcjRLDw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b314cb-62b5-4fa6-b445-cbfba459d8f7/1/dBc29lciH8E0MWMjsHQFhanBsgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.19.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c5:91:31:f2:da:e6:e0:ea:f9:a6:51:a1:15:05:68:89:3d:5c:
         95:45:5f:26:29:3d:50:6d:2f:87:54:18:77:06:df:07:11:96:
         89:5e:42:42:9c:1f:19:8a:0d:c0:e9:33:31:8e:e2:8a:f0:5a:
         0a:e6:9f:dd:bf:13:56:ed:06:2f:dc:58:a7:ea:ab:95:0a:c0:
         4f:45:37:57:f8:5b:94:07:34:ec:12:0d:1d:1b:af:2e:6e:45:
         4b:5c:7d:c6:8f:e1:fc:10:e3:c3:d0:02:28:f1:07:64:3f:10:
         5d:9e:f9:7b:2a:e7:74:6c:9e:05:d1:8b:c9:33:96:b3:74:ee:
         38:66:1a:a7:60:52:53:9e:f9:ae:b3:5b:19:bc:8e:3e:66:31:
         3e:11:df:36:70:93:63:bd:13:44:ff:c9:10:64:52:3c:f7:3a:
         bf:b9:fb:20:35:78:10:e8:df:80:14:a8:33:db:40:f0:9b:0c:
         d9:31:c6:eb:ae:84:90:bd:a3:59:51:5c:4f:d7:54:6f:8b:af:
         2f:56:56:47:21:c0:8d:b2:e8:45:15:e3:b5:9e:34:ef:7e:bf:
         74:cb:50:50:ac:16:8e:d2:ea:84:43:8e:50:a2:a4:2f:3d:48:
         8c:c2:75:29:dc:f6:b1:8e:72:bd:5b:8e:8b:cf:92:46:39:58:
         d4:c7:37:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG6ZqzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDE3MzZmNjU3MjIxZmMxMzQzMTYzMjNiMDc0MDU4NWE5YzFiMjBjMB4XDTIyMDEw
MTA4NTUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY0MmI3YjUxMThm
NjgxMmM2OTVjZTg2ZTQ4N2NhMDFjOGQxMmMzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALY3Y51mcL99kc4mJLnOluI8SSv4CUkEQDpyDBY+eO6k87Gh
pz0/fktTFNEZa9z8/xR9KPkZxFgCdbeojojlJl5YX+lgIILJFyH5CsAkJ31Z3iDy
Mc7cD7G7zCv/8PCjseSKZMqPIRsBHH2fXupyWZvwbK+qrleysqmtKnU3IV60y/8o
jf06zO/0KMAq88P/XuTogiQgDilsQEIPhwQkiHXTla96+oMXudlLKbx/BJoIwqsZ
nDY076jt7DlTzgVWNTLAnpTACu465Mp3HX5O0/F2TZAwH90+QFkWcVDuWyjVzXLu
ujep0Mpiou/nYw92QtsjG4ynE8Xij3/V/6xgNBMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPQre1EY9oEsaVzobkh8oByNEsPDAfBgNVHSMEGDAWgBR0Fzb2VyIfwTQx
YyOwdAWFqcGyDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RCYzI5bGNpSDhFME1XTWpzSFFGaGFuQnNndy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvYjMxNGNiLTYyYjUtNGZhNi1iNDQ1LWNiZmJhNDU5ZDhmNy8x
L1QwSzN0UkdQYUJMR2xjNkc1SWZLQWNqUkxEdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
YjMxNGNiLTYyYjUtNGZhNi1iNDQ1LWNiZmJhNDU5ZDhmNy8xL2RCYzI5bGNpSDhF
ME1XTWpzSFFGaGFuQnNndy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkTpDANBgkqhkiG9w0BAQsFAAOC
AQEAxZEx8trm4Or5plGhFQVoiT1clUVfJik9UG0vh1QYdwbfBxGWiV5CQpwfGYoN
wOkzMY7iivBaCuaf3b8TVu0GL9xYp+qrlQrAT0U3V/hblAc07BINHRuvLm5FS1x9
xo/h/BDjw9ACKPEHZD8QXZ75eyrndGyeBdGLyTOWs3TuOGYap2BSU575rrNbGbyO
PmYxPhHfNnCTY70TRP/JEGRSPPc6v7n7IDV4EOjfgBSoM9tA8JsM2THG666EkL2j
WVFcT9dUb4uvL1ZWRyHAjbLoRRXjtZ40736/dMtQUKwWjtLqhEOOUKKkLz1IjMJ1
Kdz2sY5yvVuOi8+SRjlY1Mc3Fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:48 2024 by rpki-client on console-ams.rpki-client.org