Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/Hd7dzK6E08SmxWieyRb8w78F1nM.roa
File:                     Hd7dzK6E08SmxWieyRb8w78F1nM.roa (raw, json)
Hash identifier:          BHbZ0+/C6uNHvELq3swnHaPXAttRlLSx4CnbOF9UhfI=
Subject key identifier:   1D:DE:DD:CC:AE:84:D3:C4:A6:C5:68:9E:C9:16:FC:C3:BF:05:D6:73
Certificate issuer:       /CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
Certificate serial:       0C5D8E47
Authority key identifier: C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/Hd7dzK6E08SmxWieyRb8w78F1nM.roa
Signing time:             Sat 01 Jan 2022 07:53:44 +0000
ROA not before:           Sat 01 Jan 2022 07:53:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44942
IP address blocks:        185.114.116.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 207457863 (0xc5d8e47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
        Validity
            Not Before: Jan  1 07:53:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1ddeddccae84d3c4a6c5689ec916fcc3bf05d673
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d7:9c:31:bc:e0:c6:54:e8:72:30:03:e8:67:
                    fd:4a:99:ce:37:65:53:fb:aa:aa:f9:15:c3:e6:b7:
                    0c:75:ef:f7:e5:ba:9c:b9:04:8f:3a:71:28:ea:76:
                    a2:62:d8:fe:5b:46:69:40:51:80:3c:91:c3:8e:68:
                    68:23:d7:1e:86:d2:36:27:c5:1b:1b:50:59:ce:65:
                    a8:cb:b9:5f:6d:ab:e8:d2:31:56:7e:00:3a:a2:77:
                    88:86:75:23:2c:1c:66:90:dd:68:4b:71:b9:df:65:
                    f5:70:d7:28:29:7f:36:9b:74:01:b7:12:2a:07:ca:
                    2e:7f:b5:ab:cb:ee:fb:81:70:de:8d:a9:0d:3d:da:
                    d1:c1:1f:1c:8e:9b:11:e3:7a:30:86:99:75:bb:fc:
                    58:cf:b8:10:74:d2:36:16:9f:9a:92:93:dc:cd:52:
                    69:a1:97:0a:df:e8:3e:33:1f:fd:8d:5c:cd:96:ec:
                    db:37:b4:59:f9:f6:97:bc:45:d8:b6:2c:58:56:28:
                    64:3f:92:97:af:0d:6f:03:84:ef:83:b5:1e:36:e3:
                    8a:da:7b:2d:33:88:db:5c:3a:99:b3:59:a7:5d:20:
                    69:b5:1d:f4:73:27:a4:87:5c:96:a8:ae:4f:54:44:
                    a3:58:c3:68:8b:e5:ca:43:33:16:13:b4:75:fd:94:
                    c1:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:DE:DD:CC:AE:84:D3:C4:A6:C5:68:9E:C9:16:FC:C3:BF:05:D6:73
            X509v3 Authority Key Identifier:
                keyid:C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/Hd7dzK6E08SmxWieyRb8w78F1nM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/xqbiL04jll9sSgJcbJLvwLZi55M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.114.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:83:ef:e2:d9:7f:22:54:2f:c2:9a:92:58:89:c5:21:36:be:
         7a:86:fa:fd:99:ba:aa:12:e1:e6:bd:24:fa:eb:ab:df:f6:c0:
         16:bc:10:f1:ca:89:85:83:3f:bc:b4:b3:31:91:97:17:3c:e9:
         c4:d2:55:e4:a3:52:24:d2:26:4c:dc:06:19:a7:af:75:bf:42:
         f9:9b:d1:f9:3f:d4:99:3b:34:17:d1:5c:ed:96:1d:c1:39:47:
         29:a9:ae:d4:a5:12:e8:36:4b:b7:1e:ff:8f:b6:5a:a7:42:6c:
         e6:4a:02:eb:69:7c:ba:8b:47:fa:b5:2b:27:cf:43:c1:0f:94:
         33:be:d5:b6:96:80:9d:73:ce:26:8f:95:97:2d:a2:a9:48:32:
         da:c4:ef:5a:84:3b:20:f3:78:c9:00:0e:bb:21:4d:d5:7b:a4:
         d8:ed:e9:04:3c:ce:31:42:33:76:86:bf:d8:2e:53:0a:c9:ef:
         be:96:fe:48:78:17:9b:d1:b3:c7:ec:03:f2:c9:77:8d:81:0e:
         1b:f8:b6:63:38:ec:7d:a3:3f:ba:43:3b:8e:a8:66:8c:a3:68:
         8a:d0:e1:0f:d5:d6:4b:c5:14:e1:f2:91:6d:87:a8:9a:e5:7d:
         12:60:c0:d5:6f:a7:e8:60:1d:92:00:d2:01:be:0d:29:e7:37:
         13:6b:ea:a2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDF2ORzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NmE2ZTIyZjRlMjM5NjVmNmM0YTAyNWM2YzkyZWZjMGI2NjJlNzkzMB4XDTIyMDEw
MTA3NTM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRkZWRkY2NhZTg0
ZDNjNGE2YzU2ODllYzkxNmZjYzNiZjA1ZDY3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/XnDG84MZU6HIwA+hn/UqZzjdlU/uqqvkVw+a3DHXv9+W6
nLkEjzpxKOp2omLY/ltGaUBRgDyRw45oaCPXHobSNifFGxtQWc5lqMu5X22r6NIx
Vn4AOqJ3iIZ1IywcZpDdaEtxud9l9XDXKCl/Npt0AbcSKgfKLn+1q8vu+4Fw3o2p
DT3a0cEfHI6bEeN6MIaZdbv8WM+4EHTSNhafmpKT3M1SaaGXCt/oPjMf/Y1czZbs
2ze0Wfn2l7xF2LYsWFYoZD+Sl68NbwOE74O1Hjbjitp7LTOI21w6mbNZp10gabUd
9HMnpIdclqiuT1REo1jDaIvlykMzFhO0df2UwR8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQd3t3MroTTxKbFaJ7JFvzDvwXWczAfBgNVHSMEGDAWgBTGpuIvTiOWX2xK
Alxsku/AtmLnkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hxYmlMMDRqbGw5c1NnSmNiSkx2d0xaaTU1TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvZDMzNGVkLTM2YmQtNDE3MC1iNGQ2LTA2YWY2ZGJhMzRmNy8x
L0hkN2R6SzZFMDhTbXhXaWV5UmI4dzc4RjFuTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
ZDMzNGVkLTM2YmQtNDE3MC1iNGQ2LTA2YWY2ZGJhMzRmNy8xL3hxYmlMMDRqbGw5
c1NnSmNiSkx2d0xaaTU1TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlydDANBgkqhkiG9w0BAQsFAAOC
AQEAIYPv4tl/IlQvwpqSWInFITa+eob6/Zm6qhLh5r0k+uur3/bAFrwQ8cqJhYM/
vLSzMZGXFzzpxNJV5KNSJNImTNwGGaevdb9C+ZvR+T/UmTs0F9Fc7ZYdwTlHKamu
1KUS6DZLtx7/j7Zap0Js5koC62l8uotH+rUrJ89DwQ+UM77VtpaAnXPOJo+Vly2i
qUgy2sTvWoQ7IPN4yQAOuyFN1Xuk2O3pBDzOMUIzdoa/2C5TCsnvvpb+SHgXm9Gz
x+wD8sl3jYEOG/i2YzjsfaM/ukM7jqhmjKNoitDhD9XWS8UU4fKRbYeomuV9EmDA
1W+n6GAdkgDSAb4NKec3E2vqog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:53 2024 by rpki-client on console-ams.rpki-client.org