Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/RdrTqlVT-s2dbRMQvnMntiJXdJ8.roa
File:                     RdrTqlVT-s2dbRMQvnMntiJXdJ8.roa (raw, json)
Hash identifier:          QYU7arfk2AE7fbXNy8sozNf/LUQSnTdIkStT0Bd+QWM=
Subject key identifier:   45:DA:D3:AA:55:53:FA:CD:9D:6D:13:10:BE:73:27:B6:22:57:74:9F
Certificate issuer:       /CN=d3e8d4cb8e442ec38a6bc3fa400a2a517cee0d1e
Certificate serial:       1B937869
Authority key identifier: D3:E8:D4:CB:8E:44:2E:C3:8A:6B:C3:FA:40:0A:2A:51:7C:EE:0D:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0-jUy45ELsOKa8P6QAoqUXzuDR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/RdrTqlVT-s2dbRMQvnMntiJXdJ8.roa
Signing time:             Sat 01 Jan 2022 06:06:07 +0000
ROA not before:           Sat 01 Jan 2022 06:06:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60563
IP address blocks:        185.29.84.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 462649449 (0x1b937869)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3e8d4cb8e442ec38a6bc3fa400a2a517cee0d1e
        Validity
            Not Before: Jan  1 06:06:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=45dad3aa5553facd9d6d1310be7327b62257749f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f9:a1:72:ba:86:42:be:48:c2:f9:a9:0d:85:
                    b6:9f:6a:72:b7:4e:27:b7:3a:db:10:33:73:db:2b:
                    c6:a8:bd:95:62:fa:a6:5e:66:3b:f5:36:ae:6a:6f:
                    8e:7c:d2:7b:7d:bb:1b:42:71:55:17:a7:69:58:94:
                    9a:d0:b0:77:58:64:90:d7:0d:33:07:a7:ab:f0:78:
                    1e:d3:94:2e:21:03:8e:f2:e7:6e:e8:81:36:63:94:
                    c7:a9:12:0b:d8:3a:7f:0a:eb:f0:a3:f0:f7:dd:a3:
                    68:be:c0:03:09:2c:1c:35:dd:39:87:26:b4:60:40:
                    8e:dc:bc:d7:03:c0:0e:06:11:3c:46:9f:e1:5c:17:
                    8f:d8:49:d3:24:6a:04:0f:97:90:60:00:6b:e9:3c:
                    56:27:d6:04:24:52:28:28:d5:df:b1:c5:d0:e4:ab:
                    f7:10:0c:08:f0:89:cf:31:e2:9d:4c:62:bc:8b:99:
                    33:15:f4:2c:e6:9e:7e:a4:86:92:e1:04:ab:25:0b:
                    a2:cd:3c:35:64:0b:ec:d6:bc:6d:cf:e0:ad:42:46:
                    73:88:7a:a2:10:35:87:52:5a:2d:3d:ff:20:45:bb:
                    e1:86:30:5c:d1:97:11:a7:23:e2:9d:27:ae:07:1e:
                    9f:ce:df:83:12:89:42:f2:77:c8:84:dd:bf:6b:48:
                    08:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:DA:D3:AA:55:53:FA:CD:9D:6D:13:10:BE:73:27:B6:22:57:74:9F
            X509v3 Authority Key Identifier:
                keyid:D3:E8:D4:CB:8E:44:2E:C3:8A:6B:C3:FA:40:0A:2A:51:7C:EE:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-jUy45ELsOKa8P6QAoqUXzuDR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/RdrTqlVT-s2dbRMQvnMntiJXdJ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/0-jUy45ELsOKa8P6QAoqUXzuDR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.29.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:e2:e0:c6:5a:ed:8a:eb:07:82:b7:e6:11:f5:70:8e:85:b8:
         26:b7:5f:d3:07:42:8b:a5:01:f6:51:15:4d:62:81:4f:39:08:
         5f:b2:f2:7c:04:97:7a:f4:f2:50:88:80:98:1f:5f:d6:30:2e:
         83:ed:6f:e5:01:1a:56:78:f7:a5:2d:32:61:ce:45:f1:6d:94:
         0b:b9:6d:eb:f0:93:3a:ee:10:5e:e0:2b:ae:52:42:b7:e0:2b:
         9b:d5:d2:75:75:2b:5d:69:32:ca:46:21:a7:db:01:61:07:56:
         9c:e1:66:88:f0:3e:4d:67:69:32:6a:1f:22:9d:05:a4:c8:48:
         a1:27:41:60:f5:ea:0e:df:b0:56:aa:bb:c2:c5:ac:ea:10:ef:
         ee:9c:a9:1c:0c:6a:d1:65:21:d4:cb:2d:20:4c:99:e1:d2:c8:
         f4:99:7d:4d:63:2a:27:b9:e9:7d:df:af:a9:34:8c:aa:fd:1e:
         74:31:1f:06:35:3d:2c:f9:56:25:5b:ef:7b:87:eb:dd:29:b1:
         8c:82:4f:45:ea:99:5e:31:d4:22:e6:8a:f7:2b:c9:a3:9b:87:
         f6:52:2c:95:bf:9c:21:1c:70:30:8a:bc:01:ea:6f:36:07:5f:
         18:63:6a:9a:f1:27:e6:90:95:26:0f:53:fd:73:13:c7:27:b2:
         40:2b:ea:c4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG5N4aTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2U4ZDRjYjhlNDQyZWMzOGE2YmMzZmE0MDBhMmE1MTdjZWUwZDFlMB4XDTIyMDEw
MTA2MDYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDVkYWQzYWE1NTUz
ZmFjZDlkNmQxMzEwYmU3MzI3YjYyMjU3NzQ5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKT5oXK6hkK+SML5qQ2Ftp9qcrdOJ7c62xAzc9srxqi9lWL6
pl5mO/U2rmpvjnzSe327G0JxVRenaViUmtCwd1hkkNcNMwenq/B4HtOULiEDjvLn
buiBNmOUx6kSC9g6fwrr8KPw992jaL7AAwksHDXdOYcmtGBAjty81wPADgYRPEaf
4VwXj9hJ0yRqBA+XkGAAa+k8VifWBCRSKCjV37HF0OSr9xAMCPCJzzHinUxivIuZ
MxX0LOaefqSGkuEEqyULos08NWQL7Na8bc/grUJGc4h6ohA1h1JaLT3/IEW74YYw
XNGXEacj4p0nrgcen87fgxKJQvJ3yITdv2tICPUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRF2tOqVVP6zZ1tExC+cye2Ild0nzAfBgNVHSMEGDAWgBTT6NTLjkQuw4pr
w/pACipRfO4NHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAtalV5NDVFTHNPS2E4UDZRQW9xVVh6dURSNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvNmI4NTBhLTRmMTItNDIwNi1hNTBmLTVkNTg3MTFmMzY2Mi8x
L1JkclRxbFZULXMyZGJSTVF2bk1udGlKWGRKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
NmI4NTBhLTRmMTItNDIwNi1hNTBmLTVkNTg3MTFmMzY2Mi8xLzAtalV5NDVFTHNP
S2E4UDZRQW9xVVh6dURSNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkdVDANBgkqhkiG9w0BAQsFAAOC
AQEAcuLgxlrtiusHgrfmEfVwjoW4Jrdf0wdCi6UB9lEVTWKBTzkIX7LyfASXevTy
UIiAmB9f1jAug+1v5QEaVnj3pS0yYc5F8W2UC7lt6/CTOu4QXuArrlJCt+Arm9XS
dXUrXWkyykYhp9sBYQdWnOFmiPA+TWdpMmofIp0FpMhIoSdBYPXqDt+wVqq7wsWs
6hDv7pypHAxq0WUh1MstIEyZ4dLI9Jl9TWMqJ7npfd+vqTSMqv0edDEfBjU9LPlW
JVvve4fr3SmxjIJPReqZXjHUIuaK9yvJo5uH9lIslb+cIRxwMIq8AepvNgdfGGNq
mvEn5pCVJg9T/XMTxyeyQCvqxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:54 2024 by rpki-client on console-fra.rpki-client.org