Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/bba3fd-7890-4e40-9e99-3d39c3a7e2e5/1/fVPIvQzW-Msblt5r-sc5FgtjN_A.roa
File:                     fVPIvQzW-Msblt5r-sc5FgtjN_A.roa (raw, json)
Hash identifier:          6OZqCL2Td84/EMNAL++1KfSABXwZBG/Jc4SnD4onbTQ=
Subject key identifier:   7D:53:C8:BD:0C:D6:F8:CB:1B:96:DE:6B:FA:C7:39:16:0B:63:37:F0
Certificate issuer:       /CN=6fdbb04f552d847b02922beb284ab86805dbdcf4
Certificate serial:       01C60A
Authority key identifier: 6F:DB:B0:4F:55:2D:84:7B:02:92:2B:EB:28:4A:B8:68:05:DB:DC:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b9uwT1UthHsCkivrKEq4aAXb3PQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/bba3fd-7890-4e40-9e99-3d39c3a7e2e5/1/fVPIvQzW-Msblt5r-sc5FgtjN_A.roa
Signing time:             Sun 12 Jun 2022 02:08:02 +0000
ROA not before:           Sun 12 Jun 2022 02:08:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     132721
IP address blocks:        185.224.170.0/24 maxlen: 24
                          185.224.171.0/24 maxlen: 24
                          185.224.168.0/24 maxlen: 24
                          185.224.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116234 (0x1c60a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6fdbb04f552d847b02922beb284ab86805dbdcf4
        Validity
            Not Before: Jun 12 02:08:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7d53c8bd0cd6f8cb1b96de6bfac739160b6337f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ff:79:3b:59:01:fc:ef:70:f4:4c:a9:33:48:
                    00:97:c0:f6:50:90:ff:62:29:22:a4:bb:69:57:ec:
                    cc:cd:0c:c3:e9:78:47:b4:90:04:9a:05:26:7b:51:
                    73:c0:31:d8:38:94:e8:6b:c6:a9:a1:5d:39:ac:46:
                    05:d7:81:fd:86:df:11:02:39:ea:4f:fc:8b:77:12:
                    73:fa:d8:ce:6a:39:e2:76:b9:cc:7a:94:28:8a:81:
                    96:c3:66:59:6c:80:70:d5:72:1d:fe:80:79:cb:9d:
                    0b:6d:de:0f:74:21:e0:02:18:05:1f:7c:fd:e7:c3:
                    be:9c:82:db:18:15:6d:92:11:50:52:ec:fa:e4:25:
                    54:42:2e:65:d8:4d:fa:c9:5a:33:c9:54:be:b1:1b:
                    67:89:48:1f:12:27:ba:53:37:32:80:05:47:f2:1e:
                    20:42:2c:7b:c8:dd:f7:27:15:76:12:63:7e:3f:98:
                    c8:ac:e2:22:e4:f8:a6:2d:fd:9f:ad:e4:6c:e7:1f:
                    44:6c:38:89:7f:3e:b6:64:a0:57:f5:72:6b:52:0f:
                    4d:b1:69:1c:cd:7e:ee:34:72:c2:d1:4c:b7:8f:1c:
                    fc:79:b9:24:1b:0f:17:87:da:08:c9:ba:f7:95:18:
                    6a:5d:09:aa:00:d9:46:51:5a:7b:78:77:c7:72:15:
                    05:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:53:C8:BD:0C:D6:F8:CB:1B:96:DE:6B:FA:C7:39:16:0B:63:37:F0
            X509v3 Authority Key Identifier:
                keyid:6F:DB:B0:4F:55:2D:84:7B:02:92:2B:EB:28:4A:B8:68:05:DB:DC:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9uwT1UthHsCkivrKEq4aAXb3PQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/bba3fd-7890-4e40-9e99-3d39c3a7e2e5/1/fVPIvQzW-Msblt5r-sc5FgtjN_A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/bba3fd-7890-4e40-9e99-3d39c3a7e2e5/1/b9uwT1UthHsCkivrKEq4aAXb3PQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.224.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:c6:04:21:f6:d9:f5:46:e3:fa:c7:1b:a6:e2:ef:af:93:52:
         6d:be:6b:9b:2b:fc:2c:48:f0:88:ef:41:e7:c6:99:b0:ce:46:
         68:4b:6e:c0:65:64:75:9f:da:39:4f:6a:1e:e4:6f:4b:22:08:
         b9:18:96:be:de:6c:18:14:e8:06:42:5b:75:64:00:f0:9b:63:
         73:18:36:3b:ec:a2:09:e4:1c:f8:fc:0a:c9:e2:14:71:e0:46:
         51:7f:e8:03:26:47:a3:09:6b:54:41:3f:fe:e8:46:d5:31:49:
         ab:81:bb:57:5d:36:d4:b7:10:ae:a2:ea:ef:89:d4:6f:2a:34:
         d0:03:d0:b5:03:06:d6:c3:ed:17:61:58:b5:87:6d:01:67:1f:
         a2:da:d9:e9:67:b7:21:02:1b:5c:d9:a0:83:62:25:3c:ca:9c:
         e6:58:95:14:72:8d:1d:59:15:08:d0:54:0e:c6:3a:64:56:5e:
         3b:c3:08:13:66:ff:59:8f:0b:dd:a8:aa:75:37:72:a3:70:37:
         a6:ed:41:67:b7:47:38:be:fd:6f:5b:19:2b:0d:dc:7c:f9:da:
         87:04:93:be:29:d4:84:fa:76:df:15:ea:1f:6f:75:ba:05:9b:
         b5:cb:b7:87:66:70:49:44:05:ab:d7:1c:1c:d0:11:98:09:f1:
         05:a8:56:dc
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAcYKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZm
ZGJiMDRmNTUyZDg0N2IwMjkyMmJlYjI4NGFiODY4MDVkYmRjZjQwHhcNMjIwNjEy
MDIwODAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ZDUzYzhiZDBjZDZm
OGNiMWI5NmRlNmJmYWM3MzkxNjBiNjMzN2YwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvf95O1kB/O9w9EypM0gAl8D2UJD/YikipLtpV+zMzQzD6XhH
tJAEmgUme1FzwDHYOJToa8apoV05rEYF14H9ht8RAjnqT/yLdxJz+tjOajnidrnM
epQoioGWw2ZZbIBw1XId/oB5y50Lbd4PdCHgAhgFH3z958O+nILbGBVtkhFQUuz6
5CVUQi5l2E36yVozyVS+sRtniUgfEie6UzcygAVH8h4gQix7yN33JxV2EmN+P5jI
rOIi5PimLf2freRs5x9EbDiJfz62ZKBX9XJrUg9NsWkczX7uNHLC0Uy3jxz8ebkk
Gw8Xh9oIybr3lRhqXQmqANlGUVp7eHfHchUF2wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFH1TyL0M1vjLG5bea/rHORYLYzfwMB8GA1UdIwQYMBaAFG/bsE9VLYR7ApIr
6yhKuGgF29z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Yjl1d1QxVXRoSHNDa2l2cktFcTRhQVhiM1BRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mYi9iYmEzZmQtNzg5MC00ZTQwLTllOTktM2QzOWMzYTdlMmU1LzEv
ZlZQSXZRelctTXNibHQ1ci1zYzVGZ3RqTl9BLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9i
YmEzZmQtNzg5MC00ZTQwLTllOTktM2QzOWMzYTdlMmU1LzEvYjl1d1QxVXRoSHND
a2l2cktFcTRhQVhiM1BRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueCoMA0GCSqGSIb3DQEBCwUAA4IB
AQAtxgQh9tn1RuP6xxum4u+vk1JtvmubK/wsSPCI70HnxpmwzkZoS27AZWR1n9o5
T2oe5G9LIgi5GJa+3mwYFOgGQlt1ZADwm2NzGDY77KIJ5Bz4/ArJ4hRx4EZRf+gD
JkejCWtUQT/+6EbVMUmrgbtXXTbUtxCuourvidRvKjTQA9C1AwbWw+0XYVi1h20B
Zx+i2tnpZ7chAhtc2aCDYiU8ypzmWJUUco0dWRUI0FQOxjpkVl47wwgTZv9Zjwvd
qKp1N3KjcDem7UFnt0c4vv1vWxkrDdx8+dqHBJO+KdSE+nbfFeofb3W6BZu1y7eH
ZnBJRAWr1xwc0BGYCfEFqFbc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:39 2024 by rpki-client on console-fra.rpki-client.org