Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Po4X0YW_k_nvCPrtXYIWel96a98.roa
File:                     Po4X0YW_k_nvCPrtXYIWel96a98.roa (raw, json)
Hash identifier:          b40uxRGJfzb/ZG51F8nVQJhnvdqm5leh/ghDokr0Wpo=
Subject key identifier:   3E:8E:17:D1:85:BF:93:F9:EF:08:FA:ED:5D:82:16:7A:5F:7A:6B:DF
Certificate issuer:       /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial:       0EEADD6F
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Po4X0YW_k_nvCPrtXYIWel96a98.roa
Signing time:             Sat 01 Jan 2022 14:59:33 +0000
ROA not before:           Sat 01 Jan 2022 14:59:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     174
IP address blocks:        185.201.19.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 250273135 (0xeeadd6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
        Validity
            Not Before: Jan  1 14:59:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3e8e17d185bf93f9ef08faed5d82167a5f7a6bdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:be:f2:7b:b2:10:fe:15:36:17:fe:89:ae:f6:
                    ea:6c:76:20:86:5f:f9:e2:26:88:60:e0:3e:8b:f6:
                    a2:9e:55:4f:a6:df:c9:43:8c:46:5c:92:0d:42:ee:
                    65:2b:d2:66:e2:06:70:b7:25:01:1c:aa:6d:ac:59:
                    f3:26:30:e1:7e:9f:3d:d2:ac:5c:e7:92:c2:10:e2:
                    ca:02:de:09:83:ab:4e:70:d1:79:08:9a:87:3c:fa:
                    11:8a:77:91:83:26:07:6a:32:a4:75:2b:fe:ff:44:
                    f6:25:38:01:57:32:0d:b7:8f:9c:c3:60:80:e9:49:
                    84:ce:37:e4:c0:a3:38:ed:86:b2:11:7f:35:26:02:
                    fd:30:ee:24:fe:60:de:47:08:78:69:2b:68:c1:97:
                    d2:52:eb:6b:cf:4e:f0:ce:28:bb:c3:25:89:a5:64:
                    bf:84:64:93:27:c5:aa:c1:89:d4:56:66:00:9e:3b:
                    fd:56:8d:22:d4:ec:bf:e2:fb:86:7e:4b:a0:46:a3:
                    e3:25:90:39:5c:23:37:d1:3c:75:2f:4a:f0:8d:0c:
                    55:c0:c2:c2:99:51:3b:da:60:ba:ec:ff:14:43:17:
                    46:2f:4b:e9:c2:6a:0a:f3:06:d5:60:18:a4:72:b2:
                    6c:67:74:0e:89:11:7b:a1:bf:57:b7:1a:14:ff:6f:
                    26:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:8E:17:D1:85:BF:93:F9:EF:08:FA:ED:5D:82:16:7A:5F:7A:6B:DF
            X509v3 Authority Key Identifier:
                keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Po4X0YW_k_nvCPrtXYIWel96a98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.201.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:d1:49:33:be:fb:10:a4:1f:0a:e1:00:40:c5:1a:dc:63:de:
         d9:13:e8:d9:5e:a6:26:0b:b2:37:cc:c8:53:4d:88:51:e1:9c:
         cf:44:49:a2:7a:24:b2:39:2a:30:dd:cc:82:c1:94:d4:00:39:
         8c:8d:3c:9f:a9:23:2c:dc:13:35:73:e6:05:b0:90:a2:6d:42:
         bb:70:05:e1:cc:5f:15:4f:93:6c:56:d1:7c:7c:96:ed:5b:08:
         7e:34:f3:e9:f9:ea:f9:0e:f1:7c:1d:30:0c:b2:60:76:95:a0:
         58:7a:0d:09:4d:da:f1:1d:20:c4:49:ac:88:d5:51:35:1c:2c:
         26:96:51:6a:d3:b3:08:61:7c:99:62:c9:f3:2b:5f:fe:70:45:
         d5:9c:83:dc:61:0a:c5:03:2e:d0:2b:9c:3b:8e:73:c1:17:d5:
         a0:0e:69:20:74:e6:58:30:80:52:98:3a:ff:19:6e:5a:b8:fa:
         be:fc:9c:07:46:99:b8:1b:e1:68:f2:ce:5f:42:20:df:60:22:
         5a:40:d3:80:25:a2:7c:51:ff:89:d0:94:b4:9f:49:c5:76:e2:
         cc:e9:1d:37:f8:8c:2d:af:06:09:bc:6e:8c:e1:a8:a2:f3:f9:
         81:7e:79:bc:62:3d:f3:3a:56:94:d4:8a:a3:08:4e:8f:0f:e3:
         71:b5:5a:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDurdbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmVlMjAxYzY1ZDY1NWVlOWNmZTI1MWY5NTFlYTkxYmJhMTU0NTY3MB4XDTIyMDEw
MTE0NTkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U4ZTE3ZDE4NWJm
OTNmOWVmMDhmYWVkNWQ4MjE2N2E1ZjdhNmJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJu+8nuyEP4VNhf+ia726mx2IIZf+eImiGDgPov2op5VT6bf
yUOMRlySDULuZSvSZuIGcLclARyqbaxZ8yYw4X6fPdKsXOeSwhDiygLeCYOrTnDR
eQiahzz6EYp3kYMmB2oypHUr/v9E9iU4AVcyDbePnMNggOlJhM435MCjOO2GshF/
NSYC/TDuJP5g3kcIeGkraMGX0lLra89O8M4ou8MliaVkv4RkkyfFqsGJ1FZmAJ47
/VaNItTsv+L7hn5LoEaj4yWQOVwjN9E8dS9K8I0MVcDCwplRO9pguuz/FEMXRi9L
6cJqCvMG1WAYpHKybGd0DokRe6G/V7caFP9vJtsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+jhfRhb+T+e8I+u1dghZ6X3pr3zAfBgNVHSMEGDAWgBSG7iAcZdZV7pz+
JR+VHqkbuhVFZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h1NGdIR1hXVmU2Y19pVWZsUjZwRzdvVlJXYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvMTNhNzM1LTNiMWMtNGQ5Yy04Y2ZhLWE4Y2E4ZTRjN2U3Ny8x
L1BvNFgwWVdfa19udkNQcnRYWUlXZWw5NmE5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
MTNhNzM1LTNiMWMtNGQ5Yy04Y2ZhLWE4Y2E4ZTRjN2U3Ny8xL2h1NGdIR1hXVmU2
Y19pVWZsUjZwRzdvVlJXYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnJEzANBgkqhkiG9w0BAQsFAAOC
AQEAU9FJM777EKQfCuEAQMUa3GPe2RPo2V6mJguyN8zIU02IUeGcz0RJonoksjkq
MN3MgsGU1AA5jI08n6kjLNwTNXPmBbCQom1Cu3AF4cxfFU+TbFbRfHyW7VsIfjTz
6fnq+Q7xfB0wDLJgdpWgWHoNCU3a8R0gxEmsiNVRNRwsJpZRatOzCGF8mWLJ8ytf
/nBF1ZyD3GEKxQMu0CucO45zwRfVoA5pIHTmWDCAUpg6/xluWrj6vvycB0aZuBvh
aPLOX0Ig32AiWkDTgCWifFH/idCUtJ9JxXbizOkdN/iMLa8GCbxujOGoovP5gX55
vGI98zpWlNSKowhOjw/jcbVayQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:18 2024 by rpki-client on console-fra.rpki-client.org