Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/rNGY9DbU8D_vgdzLexzbZihf1fE.roa
File:                     rNGY9DbU8D_vgdzLexzbZihf1fE.roa (raw, json)
Hash identifier:          wqLyQWrc/gTfhQ/8o+oXJ0L8e+YU1n6JEzF6TPvtdlU=
Subject key identifier:   AC:D1:98:F4:36:D4:F0:3F:EF:81:DC:CB:7B:1C:DB:66:28:5F:D5:F1
Certificate issuer:       /CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
Certificate serial:       1B1CB979
Authority key identifier: B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/rNGY9DbU8D_vgdzLexzbZihf1fE.roa
Signing time:             Sat 01 Jan 2022 02:58:21 +0000
ROA not before:           Sat 01 Jan 2022 02:58:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61213
IP address blocks:        185.206.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 454867321 (0x1b1cb979)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
        Validity
            Not Before: Jan  1 02:58:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=acd198f436d4f03fef81dccb7b1cdb66285fd5f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:f7:f5:7a:bd:09:8b:ba:d7:1c:9f:6b:31:2d:
                    de:39:d9:e7:29:73:63:1c:fe:78:9f:c2:bc:70:a3:
                    8e:ee:50:81:f2:38:70:3c:45:68:e5:d5:c8:53:6c:
                    6e:36:86:1c:e3:b1:f9:72:3d:bd:7c:19:3e:9c:f0:
                    cb:24:ea:8b:5d:55:a0:e4:b7:8b:55:11:0a:99:f6:
                    f6:bf:0d:ff:ed:e0:2a:99:1b:61:68:48:8f:55:81:
                    6f:5e:36:b6:9f:71:fb:5e:27:8f:8d:8c:34:4c:9a:
                    d6:a6:b7:e3:97:83:f6:fa:d5:5d:8e:12:be:47:4c:
                    aa:f7:66:04:92:51:15:f3:fe:7d:aa:28:ce:15:c5:
                    49:40:a2:be:b9:0a:12:8a:6a:51:a6:91:be:10:81:
                    bd:d1:cc:7c:53:ab:8a:b8:ca:19:23:0c:65:5f:33:
                    92:02:6e:f4:b0:e6:da:d6:14:2e:70:59:f8:e0:b9:
                    df:4b:d6:06:1e:90:4b:95:d1:27:3b:90:c3:9e:88:
                    bc:d4:0e:3f:19:cf:16:52:1a:bb:84:72:57:25:73:
                    1e:e4:43:9c:cf:fc:5c:04:1f:c0:86:9b:c3:2b:25:
                    8d:3b:ae:b3:bb:3d:a3:52:6b:d1:9f:86:22:3f:0d:
                    02:1c:72:bd:58:48:fe:5c:b2:4f:48:b4:b6:66:ab:
                    79:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:D1:98:F4:36:D4:F0:3F:EF:81:DC:CB:7B:1C:DB:66:28:5F:D5:F1
            X509v3 Authority Key Identifier:
                keyid:B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/rNGY9DbU8D_vgdzLexzbZihf1fE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/t4OAtB43tXV9PU4u7N8G2TCnC50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         65:07:74:ea:60:1c:f6:5a:e2:93:fe:8c:56:18:88:98:32:2f:
         47:49:c4:5b:9b:49:db:1c:e2:31:2d:b6:ec:56:22:03:cb:50:
         71:6d:77:d1:3d:18:15:7c:41:46:12:55:5d:2d:35:0c:bc:5f:
         c1:d8:c6:f9:82:a0:65:c5:a9:71:2e:18:e5:2f:0d:e1:ca:56:
         1a:0d:16:86:a0:1e:a6:11:f7:08:72:1a:41:b9:bd:63:63:85:
         69:40:b7:5b:b5:8b:0a:b7:3b:0b:b9:03:71:bd:1d:11:c4:ca:
         b4:7c:63:20:91:1e:9e:31:fb:42:7f:48:ec:b9:9a:d3:ce:f1:
         ef:a3:22:64:bd:72:b3:af:69:33:59:c5:1a:52:33:59:c9:c4:
         95:8c:23:50:35:1b:23:e2:e0:2f:e8:67:57:f9:e2:fa:f2:87:
         07:f8:85:cd:cd:b4:c1:54:6e:ca:1e:92:d1:a4:91:5d:f9:a3:
         96:86:14:d4:3e:2a:ca:54:37:21:57:e5:ab:8b:9e:11:39:a9:
         b0:d5:22:6c:7a:28:4b:79:2b:c4:39:bc:ac:e4:88:6e:33:5b:
         d7:27:ec:12:c2:c1:90:8e:12:10:40:90:45:e5:a6:e0:95:ba:
         14:4b:b3:83:ac:19:d2:c7:c1:b3:4a:c9:69:63:8b:62:69:8d:
         49:07:33:b3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGxy5eTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzgzODBiNDFlMzdiNTc1N2QzZDRlMmVlY2RmMDZkOTMwYTcwYjlkMB4XDTIyMDEw
MTAyNTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNkMTk4ZjQzNmQ0
ZjAzZmVmODFkY2NiN2IxY2RiNjYyODVmZDVmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANP39Xq9CYu61xyfazEt3jnZ5ylzYxz+eJ/CvHCjju5QgfI4
cDxFaOXVyFNsbjaGHOOx+XI9vXwZPpzwyyTqi11VoOS3i1URCpn29r8N/+3gKpkb
YWhIj1WBb142tp9x+14nj42MNEya1qa345eD9vrVXY4SvkdMqvdmBJJRFfP+faoo
zhXFSUCivrkKEopqUaaRvhCBvdHMfFOrirjKGSMMZV8zkgJu9LDm2tYULnBZ+OC5
30vWBh6QS5XRJzuQw56IvNQOPxnPFlIau4RyVyVzHuRDnM/8XAQfwIabwysljTuu
s7s9o1Jr0Z+GIj8NAhxyvVhI/lyyT0i0tmareb0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSs0Zj0NtTwP++B3Mt7HNtmKF/V8TAfBgNVHSMEGDAWgBS3g4C0Hje1dX09
Ti7s3wbZMKcLnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Q0T0F0QjQzdFhWOVBVNHU3TjhHMlRDbkM1MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvMmU2NjEzLTQzMzItNGMxOS1hZGRmLWRlZGFmNzkzNTZjZS8x
L3JOR1k5RGJVOERfdmdkekxleHpiWmloZjFmRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
MmU2NjEzLTQzMzItNGMxOS1hZGRmLWRlZGFmNzkzNTZjZS8xL3Q0T0F0QjQzdFhW
OVBVNHU3TjhHMlRDbkM1MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnOBDANBgkqhkiG9w0BAQsFAAOC
AQEAZQd06mAc9lrik/6MVhiImDIvR0nEW5tJ2xziMS227FYiA8tQcW130T0YFXxB
RhJVXS01DLxfwdjG+YKgZcWpcS4Y5S8N4cpWGg0WhqAephH3CHIaQbm9Y2OFaUC3
W7WLCrc7C7kDcb0dEcTKtHxjIJEenjH7Qn9I7Lma087x76MiZL1ys69pM1nFGlIz
WcnElYwjUDUbI+LgL+hnV/ni+vKHB/iFzc20wVRuyh6S0aSRXfmjloYU1D4qylQ3
IVflq4ueETmpsNUibHooS3krxDm8rOSIbjNb1yfsEsLBkI4SEECQReWm4JW6FEuz
g6wZ0sfBs0rJaWOLYmmNSQczsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:25 2024 by rpki-client on console-fra.rpki-client.org