Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/eb874a-892c-4c93-984a-c87ca9f2b95f/1/saVF1nDUrjo0iyi1qnOrZ4hDeAI.roa
File:                     saVF1nDUrjo0iyi1qnOrZ4hDeAI.roa (raw, json)
Hash identifier:          RhBwaBa8kZOSRRWTcPpDw3rwLeCZXnU0+/RurOr3bdQ=
Subject key identifier:   B1:A5:45:D6:70:D4:AE:3A:34:8B:28:B5:AA:73:AB:67:88:43:78:02
Certificate issuer:       /CN=0203616ca2f9aefa70c3914cce90dce09706cfbb
Certificate serial:       01B7C77F
Authority key identifier: 02:03:61:6C:A2:F9:AE:FA:70:C3:91:4C:CE:90:DC:E0:97:06:CF:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AgNhbKL5rvpww5FMzpDc4JcGz7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/eb874a-892c-4c93-984a-c87ca9f2b95f/1/saVF1nDUrjo0iyi1qnOrZ4hDeAI.roa
Signing time:             Sat 01 Jan 2022 04:58:56 +0000
ROA not before:           Sat 01 Jan 2022 04:58:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25885
IP address blocks:        185.249.164.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 28821375 (0x1b7c77f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0203616ca2f9aefa70c3914cce90dce09706cfbb
        Validity
            Not Before: Jan  1 04:58:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b1a545d670d4ae3a348b28b5aa73ab6788437802
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:7f:7e:57:b8:03:01:1c:8a:9e:f0:ef:a5:22:
                    5a:1d:ae:ba:45:d6:e2:26:94:19:91:ef:cc:a4:56:
                    a5:c2:51:84:78:da:c0:08:8f:9a:8a:27:a2:3f:f9:
                    eb:dd:e2:ba:08:53:4e:8c:cc:7c:27:51:f5:63:1a:
                    b4:3d:13:d5:2e:b6:46:19:3d:f8:dc:d8:d5:d4:08:
                    8b:fc:d8:1f:c4:d9:84:ac:e2:52:c8:c2:10:69:02:
                    93:a4:8a:75:15:38:34:3e:b9:c7:5c:41:31:ad:63:
                    62:01:98:5b:33:fe:8b:18:fe:8e:3d:dd:b7:99:2f:
                    5d:7c:5c:e3:5f:a8:9d:94:e0:64:85:78:60:7f:2d:
                    46:09:8e:e3:ad:a6:ef:a8:e3:6b:ab:80:04:41:1f:
                    cb:25:e2:5f:99:63:c2:b3:b0:d6:df:4b:f4:9d:40:
                    2b:78:b0:44:c2:35:f4:37:8f:fe:11:5d:0d:06:10:
                    d1:39:53:84:bb:b2:6e:ca:5b:bb:84:63:d4:03:7c:
                    dd:f2:3d:7c:3a:20:6d:b3:82:15:f3:73:da:56:3c:
                    c4:01:5b:4c:ee:f8:d4:fa:37:a0:66:0a:27:75:b8:
                    6f:b0:13:73:e3:46:4e:58:ab:74:cf:a3:0b:88:96:
                    66:5a:63:71:87:80:1a:8f:b2:c0:7f:46:5a:f4:9e:
                    5d:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:A5:45:D6:70:D4:AE:3A:34:8B:28:B5:AA:73:AB:67:88:43:78:02
            X509v3 Authority Key Identifier:
                keyid:02:03:61:6C:A2:F9:AE:FA:70:C3:91:4C:CE:90:DC:E0:97:06:CF:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AgNhbKL5rvpww5FMzpDc4JcGz7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/eb874a-892c-4c93-984a-c87ca9f2b95f/1/saVF1nDUrjo0iyi1qnOrZ4hDeAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/eb874a-892c-4c93-984a-c87ca9f2b95f/1/AgNhbKL5rvpww5FMzpDc4JcGz7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.249.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:eb:bf:cc:20:f3:3e:4f:2f:2d:33:c5:85:60:e5:f6:37:60:
         9b:8c:34:21:c6:14:ea:a5:1a:0b:e5:c1:b7:35:0d:f2:9c:3f:
         e6:e5:f9:a9:a8:84:e4:53:d8:c5:5f:5f:b8:b0:06:d0:ea:28:
         51:66:6b:43:1c:a2:44:cd:a9:df:c5:a6:2e:25:4e:fd:aa:a1:
         86:3c:cd:f6:46:b1:b5:6c:6f:59:e1:ab:dd:73:be:c2:b5:62:
         cf:22:ee:4d:a4:48:ae:fe:86:76:5b:3f:9c:77:dd:4c:10:36:
         f6:16:32:89:8f:40:b5:dd:ee:fa:b6:d3:46:a1:3f:85:3e:29:
         01:3b:14:e9:d4:0d:4c:97:7e:6d:e8:fb:cb:7b:93:e8:35:6c:
         f6:0c:2d:a6:a8:42:46:2a:be:74:f8:0e:3d:45:08:1f:ee:b0:
         14:81:33:c0:89:17:bc:20:69:a4:39:44:f0:28:ec:86:d3:c2:
         fb:86:99:65:6c:ca:86:73:b8:40:82:1a:fd:f6:1c:c2:ca:dd:
         6d:73:59:02:4d:6f:15:1f:7f:33:80:30:fe:ef:62:0d:f2:81:
         13:c9:a2:54:64:8e:12:83:8c:db:9f:38:18:fd:b9:12:04:0c:
         79:73:e5:b7:7f:7f:f2:e9:8c:e2:73:ba:b3:ce:08:bd:4a:3e:
         91:70:6a:52
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAbfHfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjAzNjE2Y2EyZjlhZWZhNzBjMzkxNGNjZTkwZGNlMDk3MDZjZmJiMB4XDTIyMDEw
MTA0NTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFhNTQ1ZDY3MGQ0
YWUzYTM0OGIyOGI1YWE3M2FiNjc4ODQzNzgwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKd/fle4AwEcip7w76UiWh2uukXW4iaUGZHvzKRWpcJRhHja
wAiPmoonoj/5693iughTTozMfCdR9WMatD0T1S62Rhk9+NzY1dQIi/zYH8TZhKzi
UsjCEGkCk6SKdRU4ND65x1xBMa1jYgGYWzP+ixj+jj3dt5kvXXxc41+onZTgZIV4
YH8tRgmO462m76jja6uABEEfyyXiX5ljwrOw1t9L9J1AK3iwRMI19DeP/hFdDQYQ
0TlThLuybspbu4Rj1AN83fI9fDogbbOCFfNz2lY8xAFbTO741Po3oGYKJ3W4b7AT
c+NGTlirdM+jC4iWZlpjcYeAGo+ywH9GWvSeXd8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSxpUXWcNSuOjSLKLWqc6tniEN4AjAfBgNVHSMEGDAWgBQCA2Fsovmu+nDD
kUzOkNzglwbPuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FnTmhiS0w1cnZwd3c1Rk16cERjNEpjR3o3cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvZWI4NzRhLTg5MmMtNGM5My05ODRhLWM4N2NhOWYyYjk1Zi8x
L3NhVkYxbkRVcmpvMGl5aTFxbk9yWjRoRGVBSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
ZWI4NzRhLTg5MmMtNGM5My05ODRhLWM4N2NhOWYyYjk1Zi8xL0FnTmhiS0w1cnZw
d3c1Rk16cERjNEpjR3o3cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn5pDANBgkqhkiG9w0BAQsFAAOC
AQEAauu/zCDzPk8vLTPFhWDl9jdgm4w0IcYU6qUaC+XBtzUN8pw/5uX5qaiE5FPY
xV9fuLAG0OooUWZrQxyiRM2p38WmLiVO/aqhhjzN9kaxtWxvWeGr3XO+wrVizyLu
TaRIrv6Gdls/nHfdTBA29hYyiY9Atd3u+rbTRqE/hT4pATsU6dQNTJd+bej7y3uT
6DVs9gwtpqhCRiq+dPgOPUUIH+6wFIEzwIkXvCBppDlE8CjshtPC+4aZZWzKhnO4
QIIa/fYcwsrdbXNZAk1vFR9/M4Aw/u9iDfKBE8miVGSOEoOM2584GP25EgQMeXPl
t39/8umM4nO6s84IvUo+kXBqUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:55 2024 by rpki-client on console-ams.rpki-client.org