Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/tbgDs4jns3DV9f1LYw_JkLaGDpU.roa
File:                     tbgDs4jns3DV9f1LYw_JkLaGDpU.roa (raw, json)
Hash identifier:          /aowrfwM43LQBcyYOnfrSlYCLlC3qtZBF14GqmMdtus=
Subject key identifier:   B5:B8:03:B3:88:E7:B3:70:D5:F5:FD:4B:63:0F:C9:90:B6:86:0E:95
Certificate issuer:       /CN=b19f07669e58ec32b9d9132e2ca6d19c2e949360
Certificate serial:       0F2A7DE3
Authority key identifier: B1:9F:07:66:9E:58:EC:32:B9:D9:13:2E:2C:A6:D1:9C:2E:94:93:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sZ8HZp5Y7DK52RMuLKbRnC6Uk2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/tbgDs4jns3DV9f1LYw_JkLaGDpU.roa
Signing time:             Sat 01 Jan 2022 09:58:51 +0000
ROA not before:           Sat 01 Jan 2022 09:58:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        185.141.252.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 254442979 (0xf2a7de3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b19f07669e58ec32b9d9132e2ca6d19c2e949360
        Validity
            Not Before: Jan  1 09:58:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b5b803b388e7b370d5f5fd4b630fc990b6860e95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:bf:f2:ca:9f:59:e2:70:7c:71:19:83:20:e8:
                    0e:32:43:c3:f2:84:dc:ef:a5:f5:3c:79:cf:2c:e9:
                    ed:62:3b:e2:22:48:1a:e1:28:60:cd:05:58:5d:6c:
                    d5:dc:30:3a:19:af:28:78:64:2e:ce:ef:27:21:8e:
                    79:6e:b6:4e:d9:55:d4:dc:1b:22:cf:6e:fc:a9:a2:
                    7c:03:12:bf:60:02:56:b4:f6:df:b5:15:70:c0:a9:
                    85:54:5b:ec:17:79:d5:b3:03:8c:f1:c2:63:3b:ac:
                    4f:62:bf:43:05:e4:d4:90:f8:3d:dd:5e:bb:de:80:
                    0a:74:82:cb:35:4b:d2:c6:68:2d:cf:53:59:11:26:
                    74:3a:b1:5e:91:b4:38:30:80:91:6b:95:7b:05:78:
                    b1:5f:13:e9:fc:9d:f0:37:da:5c:79:9b:12:f0:3e:
                    9a:38:7d:92:44:85:8d:a9:25:4e:c3:39:db:3e:30:
                    2e:1f:73:16:2d:b8:92:bd:26:ae:d0:1c:ad:8e:0c:
                    c5:f6:67:98:71:76:d3:96:1a:26:f4:39:54:d4:1b:
                    a4:48:45:08:49:1d:37:20:09:4d:8e:52:53:92:85:
                    49:50:b9:b9:e0:ca:23:5e:31:05:69:16:21:97:14:
                    ce:db:de:b2:9f:3e:b1:53:46:9a:30:ec:2b:ad:f3:
                    d1:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:B8:03:B3:88:E7:B3:70:D5:F5:FD:4B:63:0F:C9:90:B6:86:0E:95
            X509v3 Authority Key Identifier:
                keyid:B1:9F:07:66:9E:58:EC:32:B9:D9:13:2E:2C:A6:D1:9C:2E:94:93:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZ8HZp5Y7DK52RMuLKbRnC6Uk2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/tbgDs4jns3DV9f1LYw_JkLaGDpU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/sZ8HZp5Y7DK52RMuLKbRnC6Uk2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.141.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:31:16:c7:bd:f7:22:0e:45:f8:b3:58:59:82:cf:f1:e4:9e:
         25:0e:f6:75:94:8c:40:1e:cf:33:81:ef:11:7a:72:b5:1c:6d:
         38:a5:23:af:98:b7:8c:01:78:a1:24:87:6a:7d:af:3f:36:ad:
         3c:a9:d9:ec:e7:cc:b4:cd:23:9a:b6:f0:4e:5e:0b:91:63:69:
         66:c8:55:54:23:9f:1f:73:07:dc:78:2d:69:41:bb:cb:f6:3c:
         87:b3:b7:da:9f:d8:b7:08:ea:c9:52:ed:4c:e3:72:30:20:9c:
         6e:3e:87:8f:4e:a3:1c:6c:db:86:ec:39:c3:92:f0:b6:d4:83:
         f0:da:80:02:af:35:98:c0:dc:db:72:4a:3f:54:d4:e2:4e:46:
         b9:80:62:2c:6e:8a:04:67:b2:6a:c6:51:12:5f:a1:89:ff:af:
         a9:dd:83:df:38:99:b6:9f:e1:34:cf:a7:0d:a3:0c:94:2d:ab:
         8d:f4:76:51:d7:ea:d6:fc:f8:77:63:aa:84:be:b7:63:6d:4f:
         59:e2:0f:fe:19:12:33:5c:a6:7a:54:d9:db:bf:73:e0:53:e7:
         aa:ea:6f:a8:24:61:44:2f:60:7a:e4:42:d3:ce:c6:1d:22:29:
         af:9d:50:ea:98:4c:b5:c3:f3:32:85:08:b7:bd:8e:66:40:8d:
         bf:79:ef:72
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDyp94zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTlmMDc2NjllNThlYzMyYjlkOTEzMmUyY2E2ZDE5YzJlOTQ5MzYwMB4XDTIyMDEw
MTA5NTg1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjViODAzYjM4OGU3
YjM3MGQ1ZjVmZDRiNjMwZmM5OTBiNjg2MGU5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKS/8sqfWeJwfHEZgyDoDjJDw/KE3O+l9Tx5zyzp7WI74iJI
GuEoYM0FWF1s1dwwOhmvKHhkLs7vJyGOeW62TtlV1NwbIs9u/KmifAMSv2ACVrT2
37UVcMCphVRb7Bd51bMDjPHCYzusT2K/QwXk1JD4Pd1eu96ACnSCyzVL0sZoLc9T
WREmdDqxXpG0ODCAkWuVewV4sV8T6fyd8DfaXHmbEvA+mjh9kkSFjaklTsM52z4w
Lh9zFi24kr0mrtAcrY4MxfZnmHF205YaJvQ5VNQbpEhFCEkdNyAJTY5SU5KFSVC5
ueDKI14xBWkWIZcUztvesp8+sVNGmjDsK63z0dcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS1uAOziOezcNX1/UtjD8mQtoYOlTAfBgNVHSMEGDAWgBSxnwdmnljsMrnZ
Ey4sptGcLpSTYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NaOEhacDVZN0RLNTJSTXVMS2JSbkM2VWsyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvNjI2ZWVmLTEyZDAtNDdmYS1iNjMzLTY0MWRkNDI4OGM0MC8x
L3RiZ0RzNGpuczNEVjlmMUxZd19Ka0xhR0RwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
NjI2ZWVmLTEyZDAtNDdmYS1iNjMzLTY0MWRkNDI4OGM0MC8xL3NaOEhacDVZN0RL
NTJSTXVMS2JSbkM2VWsyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmN/DANBgkqhkiG9w0BAQsFAAOC
AQEALTEWx733Ig5F+LNYWYLP8eSeJQ72dZSMQB7PM4HvEXpytRxtOKUjr5i3jAF4
oSSHan2vPzatPKnZ7OfMtM0jmrbwTl4LkWNpZshVVCOfH3MH3HgtaUG7y/Y8h7O3
2p/YtwjqyVLtTONyMCCcbj6Hj06jHGzbhuw5w5LwttSD8NqAAq81mMDc23JKP1TU
4k5GuYBiLG6KBGeyasZREl+hif+vqd2D3ziZtp/hNM+nDaMMlC2rjfR2Udfq1vz4
d2OqhL63Y21PWeIP/hkSM1ymelTZ279z4FPnqupvqCRhRC9geuRC087GHSIpr51Q
6phMtcPzMoUIt72OZkCNv3nvcg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:44 2023 by rpki-client on console-ams.rpki-client.org