Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/PYASjuPHBquWwPdlSF-B6uAlQyw.roa
File:                     PYASjuPHBquWwPdlSF-B6uAlQyw.roa (raw, json)
Hash identifier:          fDa+fFgl8ZGOed3kjaYWGyfuUtcQ6+F/O30O87UckwE=
Subject key identifier:   3D:80:12:8E:E3:C7:06:AB:96:C0:F7:65:48:5F:81:EA:E0:25:43:2C
Certificate issuer:       /CN=9256ebf66b80f08135858d144ced6f785834f5f4
Certificate serial:       110FF7BE
Authority key identifier: 92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/PYASjuPHBquWwPdlSF-B6uAlQyw.roa
Signing time:             Sat 01 Jan 2022 09:01:18 +0000
ROA not before:           Sat 01 Jan 2022 09:01:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     4214120002
IP address blocks:        185.168.163.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 286259134 (0x110ff7be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9256ebf66b80f08135858d144ced6f785834f5f4
        Validity
            Not Before: Jan  1 09:01:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d80128ee3c706ab96c0f765485f81eae025432c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b2:9f:29:51:42:03:b8:e7:8d:8e:97:cd:ae:
                    75:84:b0:89:97:a0:96:d1:8a:0e:3c:c1:65:9a:31:
                    db:8b:b2:a7:99:33:a9:9b:ab:20:82:7a:af:af:0f:
                    f9:c3:ee:a0:c4:50:0e:f2:8e:c4:34:a9:85:ad:72:
                    aa:8b:35:63:12:7b:ee:e7:b1:24:0f:9b:02:1a:50:
                    28:f2:bf:f3:75:ba:0a:e4:af:c7:32:e9:42:ec:96:
                    65:ea:18:04:39:d4:6e:cd:be:10:fc:b9:8d:39:a3:
                    8b:ad:f8:5c:d0:f7:c6:e9:67:5c:f4:12:17:83:03:
                    dd:5a:40:9d:ea:e2:d7:bf:2e:4d:10:00:72:ff:55:
                    24:c0:39:3b:01:c5:cc:1d:f6:da:a8:d3:3a:ae:d2:
                    aa:0a:3e:6f:51:f9:56:ce:4f:d0:46:ca:1e:ff:ab:
                    b1:95:cd:3f:37:ed:6d:cc:65:6c:20:27:09:24:c6:
                    08:4d:09:c7:cf:b6:f9:07:45:53:83:1a:0f:29:44:
                    1f:7c:34:ca:09:35:dd:af:f9:8b:ca:fa:2c:16:61:
                    b8:91:2d:39:b6:63:67:1e:a9:20:ef:ef:3a:3a:4e:
                    b8:f7:e4:18:49:85:8d:c3:7f:b5:7b:91:62:b8:21:
                    29:83:9f:46:82:be:c4:be:dc:04:c5:58:e2:2b:73:
                    d2:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:80:12:8E:E3:C7:06:AB:96:C0:F7:65:48:5F:81:EA:E0:25:43:2C
            X509v3 Authority Key Identifier:
                keyid:92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/PYASjuPHBquWwPdlSF-B6uAlQyw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/klbr9muA8IE1hY0UTO1veFg09fQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.168.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:49:d5:3b:6e:f8:da:d4:9f:8c:af:b6:0d:3b:e2:40:fe:13:
         cd:40:d1:6a:bf:74:15:75:ab:83:85:95:d6:f4:a9:8e:e8:b6:
         fa:22:c4:31:e2:03:46:58:52:e4:73:26:99:a1:c3:43:4e:58:
         a8:07:f0:65:6d:cf:6c:70:f3:32:6f:73:b4:0e:75:aa:b0:df:
         78:0b:66:5a:59:19:c7:56:e1:b8:66:a3:51:41:e8:d6:4d:58:
         58:52:39:60:09:85:68:ad:ee:e4:90:4d:fe:56:f8:82:8d:27:
         47:f6:2c:cf:0b:12:5c:65:37:04:54:1d:43:f5:bc:7a:79:55:
         ed:be:8e:d2:fd:be:f7:23:a5:b4:77:04:e5:c2:2c:9a:f3:54:
         0e:8d:81:c7:a6:ed:55:f1:43:c1:0a:1b:63:32:2c:3b:5d:a6:
         eb:ca:c2:b9:cb:4c:de:6e:f6:d4:97:7e:ae:7c:12:6c:e1:8d:
         67:1a:4f:90:43:d7:f9:1a:e2:3d:46:6f:ac:53:75:54:3a:2d:
         91:47:99:8d:1b:1c:23:54:43:b7:13:e0:ba:b6:b3:7c:04:19:
         27:f3:4d:bc:29:07:27:d6:93:63:a5:14:26:c9:a9:b1:fc:a3:
         ad:96:ab:b9:11:b8:28:09:3c:97:ee:64:9e:21:37:ae:5f:dc:
         b7:47:a2:af
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEQ/3vjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjU2ZWJmNjZiODBmMDgxMzU4NThkMTQ0Y2VkNmY3ODU4MzRmNWY0MB4XDTIyMDEw
MTA5MDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Q4MDEyOGVlM2M3
MDZhYjk2YzBmNzY1NDg1ZjgxZWFlMDI1NDMyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6ynylRQgO4542Ol82udYSwiZegltGKDjzBZZox24uyp5kz
qZurIIJ6r68P+cPuoMRQDvKOxDSpha1yqos1YxJ77uexJA+bAhpQKPK/83W6CuSv
xzLpQuyWZeoYBDnUbs2+EPy5jTmji634XND3xulnXPQSF4MD3VpAneri178uTRAA
cv9VJMA5OwHFzB322qjTOq7Sqgo+b1H5Vs5P0EbKHv+rsZXNPzftbcxlbCAnCSTG
CE0Jx8+2+QdFU4MaDylEH3w0ygk13a/5i8r6LBZhuJEtObZjZx6pIO/vOjpOuPfk
GEmFjcN/tXuRYrghKYOfRoK+xL7cBMVY4itz0pkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ9gBKO48cGq5bA92VIX4Hq4CVDLDAfBgNVHSMEGDAWgBSSVuv2a4DwgTWF
jRRM7W94WDT19DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tsYnI5bXVBOElFMWhZMFVUTzF2ZUZnMDlmUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvYjcxN2M1LWE2NGItNDQ3NS1iZTNlLTVkYThkNjc3ZDg0Ny8x
L1BZQVNqdVBIQnF1V3dQZGxTRi1CNnVBbFF5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
YjcxN2M1LWE2NGItNDQ3NS1iZTNlLTVkYThkNjc3ZDg0Ny8xL2tsYnI5bXVBOElF
MWhZMFVUTzF2ZUZnMDlmUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmoozANBgkqhkiG9w0BAQsFAAOC
AQEAT0nVO2742tSfjK+2DTviQP4TzUDRar90FXWrg4WV1vSpjui2+iLEMeIDRlhS
5HMmmaHDQ05YqAfwZW3PbHDzMm9ztA51qrDfeAtmWlkZx1bhuGajUUHo1k1YWFI5
YAmFaK3u5JBN/lb4go0nR/YszwsSXGU3BFQdQ/W8enlV7b6O0v2+9yOltHcE5cIs
mvNUDo2Bx6btVfFDwQobYzIsO12m68rCuctM3m721Jd+rnwSbOGNZxpPkEPX+Rri
PUZvrFN1VDotkUeZjRscI1RDtxPgurazfAQZJ/NNvCkHJ9aTY6UUJsmpsfyjrZar
uRG4KAk8l+5kniE3rl/ct0eirw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:09 2024 by rpki-client on console-ams.rpki-client.org