Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/wKaALvMwlG30uU98dG462XAdKOY.roa
File:                     wKaALvMwlG30uU98dG462XAdKOY.roa (raw, json)
Hash identifier:          2Vzls6gH3vYh4FdnXO2k6FGBM0JRG0zDGLBZnOmKgG4=
Subject key identifier:   C0:A6:80:2E:F3:30:94:6D:F4:B9:4F:7C:74:6E:3A:D9:70:1D:28:E6
Certificate issuer:       /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial:       041101A2
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/wKaALvMwlG30uU98dG462XAdKOY.roa
Signing time:             Mon 02 May 2022 09:42:53 +0000
ROA not before:           Mon 02 May 2022 09:42:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1299
IP address blocks:        185.232.206.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68223394 (0x41101a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
        Validity
            Not Before: May  2 09:42:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c0a6802ef330946df4b94f7c746e3ad9701d28e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:58:64:98:9c:3c:eb:3f:c2:74:52:95:57:7d:
                    40:39:bc:bc:4d:d0:9e:15:41:1e:d1:6c:cf:63:f3:
                    63:bb:77:c8:57:26:26:b6:ad:76:7a:2f:4c:d0:73:
                    e3:d6:2d:fe:6f:86:5d:a0:c3:29:fc:72:2c:d3:7c:
                    64:ee:de:a5:93:98:bc:4c:63:8f:e2:63:3e:b0:f6:
                    fd:a6:ca:51:bd:3b:b8:fb:60:f4:a3:30:03:d1:21:
                    31:5f:35:fa:a8:43:a6:85:84:f6:a4:33:12:29:13:
                    36:c9:29:63:a3:87:2f:a9:67:a6:53:b6:e6:b9:c3:
                    5f:a6:57:1e:6f:68:05:b4:5b:67:b1:70:c5:84:b1:
                    91:46:3c:bd:27:e9:3d:5e:e4:aa:e1:ca:fd:f1:9f:
                    bf:9d:f8:4c:e0:3b:2c:ca:28:d7:de:2e:89:2d:36:
                    36:20:b3:de:14:de:6f:8d:d4:0c:6c:ec:90:1f:f6:
                    75:e4:3a:b2:26:1b:f6:5b:91:9c:d7:11:42:1c:5b:
                    55:6b:8e:e2:a8:02:c1:9d:1a:99:ae:b9:db:ac:cc:
                    2e:7f:d3:b1:7c:a1:45:53:bc:25:de:d0:56:96:84:
                    ff:7e:4f:d2:ce:7d:40:1f:73:b3:21:16:04:93:2c:
                    3a:27:7a:7a:d8:03:47:a4:6d:0b:70:e6:67:cc:05:
                    5e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:A6:80:2E:F3:30:94:6D:F4:B9:4F:7C:74:6E:3A:D9:70:1D:28:E6
            X509v3 Authority Key Identifier:
                keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/wKaALvMwlG30uU98dG462XAdKOY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         74:2b:dc:82:bb:cb:75:55:86:7f:dd:17:c6:eb:0b:f4:ba:2a:
         6e:aa:fe:b6:44:21:74:98:52:df:c4:50:e5:24:dd:6f:33:74:
         d4:f3:6d:2d:bb:c9:8f:41:1b:58:77:5b:c4:17:1f:ec:ab:c8:
         09:5e:ca:5a:63:ed:3b:88:b3:d5:08:32:f0:a9:de:5a:30:1a:
         65:91:8f:16:63:5b:37:27:85:cb:fe:c9:15:31:a8:b7:30:19:
         4e:d6:73:2f:5d:23:11:d4:d3:43:2b:fc:2f:af:06:1f:4b:5b:
         c3:06:a1:e5:ad:4e:a7:9b:4f:fb:90:45:85:1f:27:c5:cf:e9:
         6e:66:f2:bc:5a:27:95:08:81:8a:78:7f:a9:bc:7c:74:73:21:
         46:0b:13:f8:e7:1c:9c:b3:c1:63:6e:3d:ac:8a:b6:52:9e:19:
         6c:5a:1f:34:b6:f9:2a:49:2e:15:e4:45:da:76:2c:1e:f7:2f:
         6c:f5:4b:73:89:69:25:f4:cb:bf:e0:18:38:66:c1:4b:62:f7:
         e0:4e:19:b4:2c:e7:00:7f:51:5f:dc:2b:dc:66:25:a9:71:63:
         08:ac:cd:46:3c:6e:93:0f:d1:f6:79:ad:b0:cd:3a:bc:6f:1d:
         72:1a:19:10:b6:9e:68:9f:9b:19:6f:06:c2:dd:f3:e5:22:23:
         3f:57:dc:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBBEBojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWVlY2Q3MWMxOTNlNGFjMzBlZDAzZDBiOWYwNWRhMTAxYzYwM2QyMB4XDTIyMDUw
MjA5NDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzBhNjgwMmVmMzMw
OTQ2ZGY0Yjk0ZjdjNzQ2ZTNhZDk3MDFkMjhlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5YZJicPOs/wnRSlVd9QDm8vE3QnhVBHtFsz2PzY7t3yFcm
JratdnovTNBz49Yt/m+GXaDDKfxyLNN8ZO7epZOYvExjj+JjPrD2/abKUb07uPtg
9KMwA9EhMV81+qhDpoWE9qQzEikTNskpY6OHL6lnplO25rnDX6ZXHm9oBbRbZ7Fw
xYSxkUY8vSfpPV7kquHK/fGfv534TOA7LMoo194uiS02NiCz3hTeb43UDGzskB/2
deQ6siYb9luRnNcRQhxbVWuO4qgCwZ0ama6526zMLn/TsXyhRVO8Jd7QVpaE/35P
0s59QB9zsyEWBJMsOid6etgDR6RtC3DmZ8wFXpsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTApoAu8zCUbfS5T3x0bjrZcB0o5jAfBgNVHSMEGDAWgBQR7s1xwZPkrDDt
A9C58F2hAcYD0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VlN05jY0dUNUt3dzdRUFF1ZkJkb1FIR0E5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvNGZkOTVhLTUxNTctNGExYi1iODY4LTEzODk5NWM5OWI5Ny8x
L3dLYUFMdk13bEczMHVVOThkRzQ2MlhBZEtPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
NGZkOTVhLTUxNTctNGExYi1iODY4LTEzODk5NWM5OWI5Ny8xL0VlN05jY0dUNUt3
dzdRUFF1ZkJkb1FIR0E5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnozjANBgkqhkiG9w0BAQsFAAOC
AQEAdCvcgrvLdVWGf90XxusL9Loqbqr+tkQhdJhS38RQ5STdbzN01PNtLbvJj0Eb
WHdbxBcf7KvICV7KWmPtO4iz1Qgy8KneWjAaZZGPFmNbNyeFy/7JFTGotzAZTtZz
L10jEdTTQyv8L68GH0tbwwah5a1Op5tP+5BFhR8nxc/pbmbyvFonlQiBinh/qbx8
dHMhRgsT+OccnLPBY249rIq2Up4ZbFofNLb5KkkuFeRF2nYsHvcvbPVLc4lpJfTL
v+AYOGbBS2L34E4ZtCznAH9RX9wr3GYlqXFjCKzNRjxukw/R9nmtsM06vG8dchoZ
ELaeaJ+bGW8Gwt3z5SIjP1fcBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:57 2024 by rpki-client on console-ams.rpki-client.org